The Texas A&M University System | YouTube

Computing / Cybersecurity

A cyber-skills shortage means students are being recruited to fight off hackers

Students with little or no cybersecurity knowledge are being paired with easy-to-use AI software that lets them protect their campus from attack.

Oct 18, 2018
The Texas A&M University System | YouTube

There aren’t enough cybersecurity workers out there—and things are getting worse. According to one estimate, by 2021 an estimated 3.5 million cybersecurity jobs will be unfilled. And of the candidates who apply, fewer than one in four are even qualified. 

That’s why many large corporations are investing in longer-term solutions like mobile training trucks and apprenticeship programs. But the Texas A&M University System has found a way to solve its labor shortage in the short term. It’s pairing student security beginners with AI software.

The college’s Security Operations Center deals with about a million attempts to hack the university system each month. While the center does have some full-time employees, the majority of its security force is made up of students. Ten students currently work alongside AI software to detect, monitor, and remediate the threats.

This setup both trains students for roles at other companies and serves as cheap cybersecurity staff for the college. And unlike many other organizations, Texas A&M is having no trouble filling the positions. “We have never posted a job,” says Daniel Basile, executive director of the Security Operations Center. “All of [the students] have heard about us through side channels.”

The Texas A&M University System | YouTube

When the students come in for the day, they’re presented with a whiteboard displaying different areas of the university, noting how many potential threats each is facing. The AI has already pulled out these “events” and helped to prioritize them. The students then look at each abnormality and check to see if it looks like suspicious activity. They do so by comparing them with past attacks, looking at things like IP addresses, and analyzing data provided by the software. “We try the best we can to get all agencies to zero alerts,” says student security analyst Jennifer Allen. “Then if we do, we do a second review to look at what people may have missed.”

And while that additional look may seem like overkill, Allen says one of her proudest moments actually came during a secondary review. She identified a large amount of data being moved across the school network as illicit BitTorrent activity.

Benjamin Cervantes, a senior majoring in technology management, came to work at the center a year and a half ago with the hope of getting experience to prepare him for a cybersecurity role in the military. Before starting this job, he was working at a local auto repair shop to help pay for university. Now, instead of working on cars, he supports his schooling by using his coding skills 20 to 30 hours a week to analyze threats and work on AI software that can further automate the process of dealing with them.

But just attracting people to work in cybersecurity isn’t the whole challenge. A recent survey found that almost 40% of security executives said the skills shortage was causing high rates of burnout and turnover (see “Cybersecurity’s insidious new threat: workforce stress”). “No matter how much revenue you have, you can’t find the people,” says Hitesh Sheth, CEO of Vectra, which makes the AI software the university uses. “People leave in 12 months because someone else will give them a 30% bump in pay.”

Courtesy of Texas A&M cybersecurity threat center

This article first appeared in Clocking In, our newsletter covering the impact of emerging technology on the future of work. Sign up here—it’s free!

The Security Operations Center isn’t immune to the stress issue but attempts to combat it with sheer quantity of workers. “We’re all looking through thousands of threats,” says Cervantes. “It does get a little frustrating, but because there are so many [students], we can keep up with the numbers and do some side projects and training to prevent that burnout.”

AI serves as a crutch to help even inexperienced students begin to evaluate threats quickly. For now, the software just detects anomalies and provides some context. But it can’t act upon its findings, making humans a necessity for dealing with threats. “Looking ahead, I think we’ll get to the point where the software will become predictive, sense very early stages of attack, and act to contain the attack,” says Sheth.

But increased adoption of artificial intelligence for mitigating attacks could be a dangerous gamble. Hackers can learn to circumvent security algorithms and attempt to contaminate training data. Therefore, automation isn’t the only answer. Humans have an important role to play as well. And they are desperately needed.