Solving the cybersecurity skills gap is difficult – but as an industry, we have a responsibility to educate the next generation who grew up with technology that wasn’t necessarily designed for security!
In July, Cisco partnered with the Texas Advanced Computing Center (TACC), to host a cybersecurity summer camp for twenty-four diverse high school students on the University of Texas campus. The program introduced them to what cybersecurity means to their daily lives and could mean for their professional futures.
A year in the planning, this five-day-four-night experience brought together learning and skills development in multiple domains that these students will need to conquer when becoming part of tomorrow’s cybersecurity workforce: technology foundations, cybersecurity concepts, and career development—even including how and why to use LinkedIn.
Security can be an intimidating subject for most outside of the field; even more so for teens who have little context for the subject matter. So it was important for our curriculum to convey concepts in interesting ways – like using pop culture! For example, we found that the movie Ant-Man and the Wasp, which the students saw as part of their week with us, also made for a great exercise in threat modeling. Students identified assets, risks and consequences before finally evaluating the likelihood of each threat based on the villian’s abilities. They had fun, and we could see it was an impactful lesson as they created personal threat models later in the week.
We also wanted the student experience to combine traditional camp activities with some fun aspects of the industry culture, such as the phenomenon known as “Badgelife.” Badgelife involves the creation of unofficial electronic badges embedded with interactive puzzles; it’s particularly widespread at DEF CON, one of the largest hacker conferences. Thanks to the dedication of my colleague Greg Franson, Badgelife came to our camp! Despite the limited components – a microcontroller, three multi-color LEDs, and capacitive touch buttons – we were able to create five different games that were entertaining and educational at the same time. For example, one taught the concept of brute-forcing a password while another demonstrated how different colored lights mix together.
Other curriculum content was presented through peer discussions and computer lab experiences, tailored to accommodate different learning styles and levels. Much of the lab work was completed on Raspberry Pi computers, which the students took home to extend their learning after the camp. To help set the students up for success, we gave them professional headshots for their LinkedIn profiles and brought in local college representatives to assist with admissions and cybersecurity class selection.
We also had a capstone entrepreneurial project in which teams of three students created a cybersecurity business solution to a problem of their choosing under the guidance of an industry mentor. The variety and depth of the projects presented (in professional slideshow form!) to the audience of fifty people, including the review panel, demonstrated really impressive achievement across the board.
It was very personally rewarding for me to drive this project for Cisco over the past year. To see the enthusiasm build over the week as the students became more confident in their cybersecurity abilities was energizing. Now, I’m more passionate than ever about educating young people in this field. Solutions in cybersecurity benefit from creativity, and that’s something young people have in abundance. It’s important to associate their imaginations and creative ideas with security issues before they get into a highly-structured STEM classroom situation that will box their thinking. That way, they can combine these two different kinds of skills and apply them to cybersecurity problem-solving.
From the response we got, this experience was a big win for the student attendees, and also for Cisco. The highly experienced Education and Outreach team from TACC was a great partner in this venture. I’m also very grateful to the Security & Trust Organization’s SVP Greg Akers, and to all the contributing business units (Sales, Advanced and Technical Services, Corporate Social Responsibility) for their financial sponsorship of this initiative. It was a great way to combine Cisco’s commitment to giving back with seeding the ground for our future interns and recruits.