Company pushes to close skills gap by partnering with academic institutions worldwide
SAN FRANCISCO — HP today announced that it will grant $250,000 to the Scholarship for Women Studying Information Security (SWSIS) program, and will work closely with academic institutions worldwide to develop course content to help students learn the fundamentals of IT security.
The IT security jobs market will be 40 percent vacant in 2014, according to a new IT Security Jobs Study conducted by the Ponemon Institute and sponsored by HP Enterprise Security Products.(1) This gap in the talent pool is expected to grow, compounding today’s reality that the adversary is innovating faster than the market can keep pace.
This new scholarship effort is part of HP’s larger academic initiative to enhance IT security education and training, and contributes to the company’s goal to address the industry’s urgent need for highly skilled security professionals. HP also will develop security-centric course content and extend product accessibility—spanning HP ArcSight, HP TippingPoint, HP Fortify and HP Atalla technology—to university classrooms,.
More than 60 accredited universities have signed up for HP’s program, including the University of California Berkeley, the University of Michigan and the University of North Carolina Charlotte.
“The security industry has a pressing need for skilled security talent that can function fluidly in today’s environment,” said Art Gilliland, senior vice president and general manager, Enterprise Security Products, HP. “With the new scholarship program for women in information security, as well as the expansion of HP’s academic program, HP will support security career growth and introduce new talent to the field.”
SWSIS scholarship details
The SWSIS program was founded by the Applied Computer Security Associates (ACSA), a nonprofit organization dedicated to improving the understanding, theory and practice of cybersecurity. The SWSIS scholarship program will be a joint effort between HP, the ACSA and the Computer Research Association’s Committee on the Status of Women in Computing Research (CRA-W).
HP funds will be allocated to the ACSA over a four-year period.
While there is no preset scholarship amount, students will be eligible for scholarships in the amount of $5,000-10,000 per individual each year, and can be awarded up to $20,000 total over a two year period.
For each individual, the scholarship is effective for two years, but the student must reapply after the first year to confirm continued interest in the security domain.
Scholarship winners will have the option to intern at HP, although it is not a mandatory requirement.
To apply, candidates will need to provide a statement of interest in the field of information security, a transcript and a statement of their current educational status.
CRA-W will review applications and recommend one or more outstanding candidates to the ACSA to receive scholarship funding.
Applications will be accepted during the spring, and scholarships will be awarded for the fall term of the following academic year.
Addressing the skills gap(1)
The evolving threat landscape is driving the need for increased security support and protection within organizations, as highlighted by the IT Security Jobs Study. To gain a clear understanding of what the IT security jobs landscape looks like moving into 2014, and to identify the key challenges the industry is facing in filling and maintaining security roles within organizations, the Ponemon Institute surveyed more than 500 human resources and IT security specialists. Key findings from the study include:
The IT security jobs market will be 40 percent vacant in 2014. Furthermore, 58 percent of jobs at the supervisory level remain unfilled, with 56 percent of organizations surveyed reporting that they do not have a chief information security officer (CISO) as part of their C-suite.
IT security professionals don’t have a clear professional development track. Only 32 percent of organizations view IT security as a career path, which may discourage candidates from entering the field.
Degree programs are important for IT security candidates. The completion of a recognized college or graduate-level degree program is important to the hiring process for 84 percent of organizations—and essential to 14 percent.
Hiring packages may be missing features needed to attract quality candidates. Fifty-one percent of IT security employees are paid more than other IT employees—yet 43 percent of respondents indicated that the main reason for high vacancy rates in security is the inability for organizations to offer a competitive salary.
Senior IT security jobs are difficult to fill, leaving organizations with a lack of highly skilled security professionals. On average, it takes five months to fill a staff-level position, but it takes nine months to a year to fill a senior-level position.
On average, women only make up 20 percent of the information security workforce. The Ponemon Institute has tracked female IT security survey respondents since 2005, and has only seen an 8 percent increase.
The Ponemon Institute also conducted a survey among approximately 2,000 certified IT security professionals to develop an objective rankings list for universities that offer cybersecurity courses and degree programs. The University of Texas San Antonio, Norwich University and Mississippi University ranked in the top three.(2)
HP will be addressing the latest trends in enterprise security at the RSA Conference 2014, taking place Feb. 24-28 in San Francisco. Additional information about HP’s keynote and speaking engagements at this year’s conference is available here.
HP’s premier Americas client event, HP Discover, takes place June 10-12 in Las Vegas.
(1) “IT Security Jobs Study,” The Ponemon Institute, February 2014.
(2) “University Study,” The Ponemon Institute, February 2014.
This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance, market share or competitive performance relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include the need to address the many challenges facing HP’s businesses; the competitive pressures faced by HP’s businesses; risks associated with executing HP’s strategy and plans for future operations; the impact of macroeconomic and geopolitical trends and events; the need to manage third-party suppliers and the distribution of HP’s products and services effectively; the protection of HP’s intellectual property assets, including intellectual property licensed from third parties; risks associated with HP’s international operations; the development and transition of new products and services and the enhancement of existing products and services to meet customer needs and respond to emerging technological trends; the execution and performance of contracts by HP and its suppliers, customers, clients and partners; the hiring and retention of key employees; integration and other risks associated with business combination and investment transactions; the execution, timing and results of restructuring plans, including estimates and assumptions related to the cost and the anticipated benefits of implementing those plans; the resolution of pending investigations, claims and disputes; and other risks that are described in HP’s Annual Report on Form 10-K for the fiscal year ended October 31, 2013, and that are otherwise described or updated from time to time in HP’s Securities and Exchange Commission reports. HP assumes no obligation and does not intend to update these forward-looking statements.