Coherent Cyber Education

"We just want to give students a little exposure to cybersecurity. If they like it, they can pursue it in college."

While it is fantastic for districts to provide students the chance to engage with different career fields to gauge their interest and direct their education, it is a disservice to all to stop there.

There are almost half a million unfilled cyber jobs in the United States. Many of these do not require a degree. Expecting students to go to college to enter jobs that don't require a degree adds unnecessary financial burden and robs students of the ability to start earning now. It also robs the workforce. We don't need cyber professionals in 2-4 years.

We need them now.

Our curriculum prepares students in high school for the Security+ exam, making them employable immediately after graduation. It also generates weighted funding that both sustains the program and generates revenue on top of that!

So what's stopping you?

- Small businesses don't need to worry about cybersecurity.

This could not be more false. While larger enterprises may have the agility to respond to a cyberattack, many small businesses cannot afford even a temporary pause in operations. It could shut them down completely. Knowing this, cyber threat actors will often target small businesses with ransomware in hopes that they will have no choice but to pay up to stay in business.

experts weigh in: how would you direct a small business owner to begin securing their company?

Today is National Bike to Work Day. Just like you would lock your bike to prevent someone from stealing it, you should protect your information. Here's to getting some exercise, reducing our carbon footprints, AND promoting strong cybersecurity.

This article is exactly why we need a cyber workforce that is not only up-to-date on the latest threats, but we also need cyber professionals capable of communicating this information to the rest of us.

Remember the teacher or professor you had that was brilliant? Who clearly knew his or her stuff better than anyone else? But who struggled to make that content relatable enough for the class to understand? That's what it's like when the cyber-literate speak to the rest of us.

As we shared Monday, though, it's critical for everyone in an organization to contribute to its security. Having a cyber team that can communicate well is a non-negotiable.

This is why our curriculum focuses on both technical AND non-technical skills (like communication, persistence, problem-solving, etc.) to equip learners who are immediately employable.

So, what's stopping you from reaching out?

https://krebsonsecurity.com/2024/05/why-your-vpn-may-not-be-as-secure-as-it-claims/?utm_source=tldrinfosec

Only the IT department needs to worry about cybersecurity.

False! While the IT security personnel are responsible for developing the systems and procedures to ensure an organization's security, EVERYONE is responsible for implementation.

This is so important, in fact, that Microsoft is now tying their executive pay to security.

https://arstechnica.com/information-technology/2024/05/microsoft-ties-executive-pay-to-security-following-multiple-failures-and-breaches/?utm_source=tldrnewsletter

Not only does everyone need cyber; everyone is responsible for its impact on an organization. To ensure a workforce that can communicate this message, we have to equip enough people to fill the talent pipeline.

Call to Action!

This week, we've shared the benefits of youth apprenticeships for all parties involved.

It only takes 1 apprentice to start a program. Where can your cyber organization expand to train an apprentice to contribute to your work long-term?

Reach out and let us help!

This is one of a number of articles recently highlighting the shift to skills-based hiring.

What is skills-based hiring, exactly? It's the focus on a candidate's skillset, rather than on specific degrees or experience level.

This tactic goes hand-in-hand with apprenticeships because apprenticeships are also skill-based. Upon completing a registered apprenticeship, the apprentice will have documentation of their acquired skills that can be provided to potential employers.

Youth apprenticeships not only benefit the younger candidates, but they benefit employers as well by providing a better-trained workforce.

Reach out so we can help you implement a youth apprenticeship for cyber today!

https://federalnewsnetwork.com/hiring-retention/2024/05/we-have-to-find-talent-cyber-leaders-push-for-skills-based-hiring/

Ok, but how beneficial are apprenticeships really?

Consider the cost of onboarding a new employee. According to the Society for Human Resource Management, onbording a new hire can cost as much as $4,700.

Now consider that 90% of apprentices remain employed at their organization once completing an apprenticeship. Where else can you find that level of retention?

Apprenticeships don't just benefit the apprentice; they are valuable for the employer too. In fact, employers get an average of $1.47 returned for every $1 spent on apprenticeship programs.

So, what's stopping you?

Think back to when you were 16 years old. You were maybe starting to drive, likely enjoying newfound freedoms, and dying to enjoy all the opportunities of adulthood. (And probably neglecting to consider all the responsibilities of adulthood.) You were considering what you wanted to do and be in your adult life.

Does your career today match those teenage ambitions? Would firsthand experience in those roles have changed your mind about your goals?

This is why Youth Apprenticeship experiences matter. Early exposure to a variety of careers helps students consider what they could do, but actually spending time in those roles helps them determine whether it's what they want to do.

Now think about your current organization. Where can you engage youth apprentices? How could you help create opportunities for young professionals to contribute while learning valuable career skills?

If you're interested but don't know where to begin, there are many resources to help. In Texas, your local Workforce Solutions office is a great resource!

We interrupt our regularly scheduled programming to celebrate the first day of Youth Apprenticeship Week!

We've talked about the value of apprenticeships before, so how are youth apprenticeships different? These are opportunities for youth, aged 16-24, to gain valuable work experience at the early stages of their careers.

To learn more, visit https://www.apprenticeship.gov/youth-apprenticeship-week

In honor of World Password Day yesterday and Star Wars Day tomorrow, we're wondering: What would your favorite character's password be?

- Obi-wan Kenobi: PasswordObiWan2345
- Darth Vader: LukeLeia #1
- Han Solo: Chewy12
- Yoda: i$notry
- R2D2: beepboop$
- Luke Skywalker: Light$aberM@ster

Using names of pets, children, significant numbers, etc. makes for easily guessable passwords. To ensure more security for your accounts, make sure to use a combination of capital and lowercase letters, special characters, and refrain from using information people could learn about you on social media.

Now it's your turn - most creative Star Wars password wins! (Special shoutout to Jason Newman for being the first to solve last week's Rebus puzzle.)

"We can't offer cybersecurity because there isn't a relevant curriculum."

We hear this often. In fact, it's one of the struggles our CEO dealt with while working in a district. We have talked to teachers who piecemeal curriculum from free resources they can find online. We've even spoken to some who admitted, "I just Google 'How to teach cyber.'"

Our curriculum developers are active cybersecurity practitioners, regularly refreshing content based on what they encounter in the field. We are committed to keeping curriculum up-to-date so students are prepared for today and tomorrow, not for threats of the past.

We also have a team of educators who ensure that our curriculum meets district needs. We understand that teachers don't have time to create content for multiple classes a day, especially when outside their areas of expertise. Our four courses:

- include all lessons, labs, and assessments
- prepare students for the CompTIA Security+ certification
- ensure students are ready for college AND career upon graduation

In other words, we have the total package. So, what are you waiting for? Reach out and let us know how we can support you!

Cybersecurity is just for IT.

When we think about cybersecurity and consider the hacks that get the most press, the first thing that comes to mind is big business: healthcare, finance, etc. In fact, any computerized system is vulnerable to attack. Take, for example, the cyber attack on the City of Dallas last year. In addition to the release of personal information for a number of city employees, the attack impacted city emergency management (911 dispatch services, fire station alerts and police/fire mobile computers), police surveillance, as well as the court system and city libraries.

Think about all the other systems you know are automated, and imagine if they were shut down or even halted by a breach. We learned in 2020 the impact that a disruption to supply chain has.

So what can we do about this? We must equip more cybersecurity professionals to defend our systems. Current cyber experts are overworked and burned out, and we aren't training the next generation quickly enough.

We at Coherent Cyber Education are working to establish the educational infrastructure to equip the next generation of cyber defenders, but we need your help. We need educators to advocate for cybersecurity pathways in schools, and we need industry voices to ensure that training is aligned to workforce needs. Together, we can create a more secure future!

For a little fun today, see if you can interpret this Rebus puzzle (source: eslvault.com). The first person to guess correctly gets bragging rights and a shoutout on all our social media. If we may offer some unsolicited __________, if your local high school isn't offering a pathway for students yet, now is the time! Please encourage your local administrators to offer students this option so we can secure our communities. If they don't know where to start, send them our way!

(Last week's cryptography challenge was pretty difficult, so for the Friday Night Lights-unfamiliar, the cryptogram spelled Coach Taylor's famous "Clear eyes, full hearts, can't lose.")

"Funding is tight, and our district can't afford a new program of study right now." Sound familiar?

You aren't alone. This is one of the reasons districts tell us they haven't implemented a cybersecurity program of study yet.

What if we told you that our program of study would not only self-sustain but actually generate revenue for your districts within 3 years? In fact, the cost to put a student through our four-year program of study is only 43% of the weighted funding generated for the district. That means it not only pays for itself, but it leaves money in your proverbial pocket for teacher training, refreshing equipment, and any other needs your CTE program may have.

So tell us: what's stopping you?

Misconception Monday: cybersecurity professionals need a college degree.

False! While this has certainly been true in recent years, the need for cyber professionals is so urgent that much of industry has waived the requirement. In fact, US National Cyber Director Harry Coker recommended in January that degree requirements be reconsidered, instead favoring experience and certifications, in order to protect our country.

That is why our curriculum prepares students for the Security+ certification, widely recognized as the minimum standard for entry-level cyber jobs. Upon graduation from high school, a student in our curriculum will be prepared to enter the workforce directly, or to enter college or the military for further training and specialization. Anyone on those trajectories would be eligible to return to 2-year, 4-year, or post-secondary study later on to advance their career as well.

Let's have a little fun today, shall we? Cryptography is a branch of cybersecurity that involves encoding messages to secure them. While the codes used in securing our information today are highly complex, the earliest versions were created by swapping out letters with other letters. See if you can decode the message pictured for a shout out on our social media!

"We can't offer cybersecurity because it's too difficult to find a teacher." Sound familiar?

This is one of the most common reasons district report not offering cybersecurity as a program of study for students. And while a valid concern, it's no longer a barrier.

Our curriculum is written by cyber experts and continually refreshed by current industry practitioners to ensure the most relevant, up-to-date information for students. It's also housed in a learning management system with modular units and includes all lessons, labs, slides, and assessments. The teacher doesn't need to create ANYTHING.

In the worst case, our curriculum could be delivered asynchronously with just a facilitator in the classroom. The educators on our staff know that students do better with high-quality, Tier 1 instruction. That's why we provide teacher training, ongoing support, and pop-up workshops as needed throughout the year.

So tell us: what's stopping you?

- Apprenticeships and Internships are the same.

Inspired by a question we got last week after the Workforce Solutions Greater Dallas Apprenticeships Accelerator, we want to shed light on the differences between apprenticeships and internships. Internships are typically short (summer or semester-long) experiences that vary in structure according to the employer. Some companies provide robust internship programs, giving interns a chance to gain real-world experience in an industry. Others limit intern duties to making coffee and copies for the full time employees. While nice to put on a resume, these don't adequately prepare interns for the world of work. While there are exceptions, in most cases internships are unpaid.

Apprenticeships, however, are programs registered with the US Department of Labor and are highly structured. These are often 1-2 year programs that include both curriculum and on-the-job training, with specified benchmarks along the way. Unlike many internships, apprenticeships are paid positions, with wages increasing as the apprentice masters new skills along the way.

Apprenticeships are available across a wide variety of industries - everything from cosmetology and construction to healthcare and IT. Not only are they an excellent opportunity for the apprentices to gain experience, but the return on investment for employers is huge as well: for every $1 spent on apprenticeship programs, companies receive $1.47 in average ROI. Additionally, 90% of apprentices continue to work for the employer after the apprenticeship ends.

Does your company offer apprenticeships? If so, tell us how they are working! If not, what more would you like to know about starting one?

We're launching a new series called Misconception Mondays. While most have heard the term , there are a lot of misconceptions about what cyber actually means. For instance, last week we shared that many cybersecurity programs of study in high schools are actually computer science pathways. While similar, the two are not the same, and equipping someone with a solid computer science foundation does not prepare him or her for a cybersecurity job.

This week, we want to focus on the idea of who needs cyber. It's a common misconception that only large enterprises need to worry about cybersecurity. In fact, small businesses may be at even greater risk because one attack could be enough to completely shut them down. So how to answer the question "Who needs cybersecurity?" Everyone!

For more information on how and why to protect your business, visit https://www.sba.gov/business-guide/manage-your-business/strengthen-your-cybersecurity

One of the biggest misconceptions we have found is regarding the difference between Cybersecurity and Computer Science. Are they the same? Surely there's some overlap, right? Many districts advertise a cybersecurity program of study that is rooted in 3+ computer science classes, followed by a cybersecurity capstone.

As we talk to more industry partners we have learned that, while there is some overlap, these two fields are not the same. Consider Marketing and Finance: while there is absolutely foundational knowledge shared by both concentrations, they are distinct specializations. This is the case with Cybersecurity and Computer Science, too.

Confused? Overwhelmed? You're not alone. We want to help! We can sit down with you to develop a program of study that not only prepares your students for immediate employment in cybersecurity upon graduation, but that also creates a workforce pipeline of cyber professionals ready to protect the businesses and organizations in your community. Reach out to us at [email protected] to schedule an intro call.

Cyber experts, what would you add?

I was the student who always asked "why" we needed to learn something. When it came to math, the answer was often "because you won't always have a calculator with you."

Fast forward... well, more years than I'd like to share, and I'm never without a calculator on my smartphone. Ironically, I grew up to become a math teacher, imparting much of the knowledge I fought against learning as a student. In doing so, I learned that a calculator doesn't magically eliminate the need to learn math. Instead, it is a tool that can be used to increase efficiency or aid in more complex problem-solving.

In the same way, AI is a valuable tool. One that isn't going away. As educators, we can fight it or teach students how to harness its power and use it responsibly and ethically. This article provides excellent insight into how students can use AI in specifically to help prepare for careers: https://www.edutopia.org/article/teaching-cte-students-use-ai

What does storytelling have to do with cybersecurity?

We know that it takes more than technical skills to be successful in a career. Researching the non-technical (read: "soft" skills) needed for a career in , we expected some of the usual suspects - time management, collaboration, perseverance, etc. We were surprised, however, to see charisma included on the list. As we've spoken with industry partners, they have shared the same thing over and over again: "Nobody wants to think about cybersecurity. Everyone wishes we didn't exist."

What we've learned is that it takes a level of charisma and persuasion to effectively impart the importance of cyber on an organization. On , we want to highlight storytelling as a means to communicate with the rest of an organization. It's easy to breeze past facts and figures, even when they're related to your own security. Storytelling allows you to bring the same scenario to life in a way that sticks with your audience. How have you used storytelling to bring importance and urgency to your organization?

Continuing our series spotlighting , we are delighted to introduce you to Jasmine M. Jackson. Jasmine () is the Founder and Executive Director of The Accelerated Training Program, a nonprofit aiming to remove systemic barriers to cybersecurity education for marginalized groups and make cybersecurity education accessible to all. We are so grateful for her work and for sharing her time with us.

How did you become interested in cybersecurity as a career path?

I stumbled upon a Cryptography group on Yahoo! Groups during high school. I was fascinated by how a message can be turned into gibberish and reverted to its original form. After discovering the group, I studied Computer Science, hoping to become a cryptologist. During graduate school, I learned about pe*******on testing. As a teenager, I knew little about penetrating testing as I watched hacking movies such as Swordfish and TV shows such as CSI. After graduate school, I became a developer, and I would test my colleague's code, where I would find bugs in their code. I was so good at finding bugs my colleagues did not want me to test their code. I used my developer background to get into Application Security.

How can companies better support female employees in cyber?

Be inclusive and open to diverse trains of thought. When I say inclusive, I mean every aspect of a woman’s career. Provide actionable mentorship. People generally tend to succeed when they see someone who looks like them because they know the goal is possible/achievable.

Visit our LinkedIn page to read the rest of Jasmine's insights!

While you catch some zzz's, cyber threat actors are after your information. You'll be able to rest easier knowing that your data is in good hands. That's why Coherent Cyber Education is committed to preparing a cyber talent pipeline that is ready for today and tomorrow.

To celebrate , we're highlighting some of the amazing , beginning with Donna Woods. Donna teaches in Moreno Valley, California, and we are grateful for her contribution to training the next generation of cyber defenders!

How did you become interested in cybersecurity as a career path?
While in college, I pursued Aerospace and gained experience via paid internships through the summer. During that time period, technology, specifically led by companies like IBM, Dell, Apple and Microsoft, were experiencing increased growth with emergent technology innovations. It was the innovations that sparked my curiosity as to how the vast technology infrastructures would be secured, especially since we were experiencing a global cold war in the nuclear arms race. Considering the evolution of technology, and the associated risks, it became clear that we needed to develop a strong, ethical workforce to handle the plethora of cybersecurity idiosyncrasies. As the technology evolved, so did my journey into the field and particularly into educating future ICT/Cybersecurity specialists.

How can educators support female students pursuing an interest in cyber?
Encourage and help develop the natural aptitudes and innate curiosity in students. Share how personalized aptitudes play an important role in the vast cybersecurity work landscape. Each of the seven NICE Cybersecurity Framework work roles and 11 new competency areas rely on a workforce of individuals representing a diversified brain trust, skill sets, and cultural and educational backgrounds. https://www.nist.gov/itl/applied-cybersecurity/nice

Check us out on LinkedIn to see the rest of what Donna had to share about this important work!

In honor of , let's talk about

Right now, there are over 3.5 million cyber job openings globally, with no sign of a decrease in sight. Worldwide, only 25% of cyber positions are currently held by women. In order to fill the open positions, we need to recruit the brightest minds. This means including female students in recruitment from early education.

For more information, see: https://cybersecurityventures.com/women-in-cybersecurity-report-2023/ #:~:text=Women%20held%2025%20percent%20of,to%2035%20percent%20by%202031.

One of the biggest challenges for cyber teachers is staying relevant. Curriculum is quickly outdated as new trends emerge, and we are committed to helping teachers stay up-to-date and prepare their students for employability today and tomorrow!

Join us for our March 21st workshop, and you will walk away with tools and scenarios to use in your classroom immediately. Seats are limited, so don't wait to register!

Last week, our team was discussing our "why" - the driving force behind the work we do. One team member summarized: "If I had a nickel for every adult who hears what we're doing and says 'I WISH something like that was around when I was in school!'" (She later adjusted this nickel to a dollar for inflation.)

This is what CTE is about: creating opportunities for students to explore and gain access to careers.

Today, we want to know: what career opportunities or advice do you wish was available for you in school? How would it have changed your trajectory?