The stakes are high for cybersecurity in higher education: college email addresses are at high risk for cybertheft, and data breaches cost more in education than in other fields.
Contributing to this problem is the shortage of skilled cybersecurity workers. More than 75% of candidates applying for unfilled cybersecurity jobs are unqualified, according to a recent report. And by 2021, an estimated 3.5 million cybersecurity jobs will be left unfilled, another report predicts.
So the Texas A&M University System is hiring students to work in its Security Operations Center—not only to train these students for future jobs in cybersecurity, but also to solve its own cybersecurity labor shortage, reports Erin Winick for MIT Technology Review.
And Texas A&M is having no trouble filling these jobs. “We have never posted a job,” says Daniel Basile, executive director of the Security Operations Center. “All of [the students] have heard about us through side channels.”
That includes Benjamin Cervantes, a technology management major, who was previously working at an auto repair shop to help cover tuition costs before starting with the Security Operations Center. Cervantes hopes to enter a cybersecurity role in the military after graduation, and his role within the center allows him to use his coding skills up to 30 hours a week to gain experience in the field.
Students like Cervantes employed by the Security Operations Center work alongside professional staff and AI software to detect and contain the more than one million hacking attempts on the university system each month.
Each day, AI pulls and prioritizes potential threats, and it’s up to the students to determine whether the threats are genuine. “We try the best we can to get all agencies to zero alerts,” says student security analyst Jennifer Allen. “Then if we do, we do a second review to look at what people may have missed.”
Help student employees develop the skills they need for success in the workforce
AI software helps even inexperienced students evaluate threats quickly, writes Winick. The software is adept at detecting anomalies, but relies on students to act upon its findings.
“Looking ahead, I think we’ll get to the point where the software will become predictive, sense very early stages of attack, and act to contain the attack,” says Hitesh Sheth, CEO of Vectra, an AI software company. But for now, cybersecurity relies on humans, and jobs in the field are safe from automation, writes Winick.
In fact, the greatest threat to cybersecurity jobs is burnout—not automation, Winick adds. Nearly 40% of security executives say the skills shortage is causing high rates of burnout and turnover, according to a recent survey.
Texas A&M works to mitigate stress for student employees by hiring a surplus of cybersecurity workers. “We’re all looking through thousands of threats,” Cervantes points out. “It does get a little frustrating, but because there are so many [students], we can keep up with the numbers and do some side projects and training to prevent that burnout” (Winick, MIT Technology Review, 10/18).