K-12 Educational Cybersecurity Scaling Program Designed to Meet Industry Needs

Thomas W. Brown III
Department Chair, Davis iTEC Cybersecurity Center, Forsyth Technical Community College, Winston-Salem, NC 27103, USA
tbrown@forsythtech.edu

Victoria Ferrell
Program Coordinator, IT-Cybersecurity and IT-System Security, Forsyth Technical Community College, Winston-Salem, NC 27103, USA

Abstract

 

The demand for trained cybersecurity professionals is paramount in securing digital assets at various levels, from individuals to organizations and even nations. The scarcity of cybersecurity talent is a critical concern across the United States, with over 663,000 unfilled cybersecurity positions reported in diverse sectors. The repercussions of this talent gap are evident, as cybercrime affects millions globally, costing an average of $3.86 million per global data breach incident. With the various initiatives around North Carolina, there was a gap in the cyber education of K-12 teachers, which has a direct pipeline to the students’ obtaining degrees and scholarships and participating in workforce development projects. To address this challenge, the Cyber Fellows program at Forsyth Tech was created to increase the number of cybersecurity professionals, enhance the expertise of cybersecurity faculty, and diversify the cybersecurity workforce in the Piedmont Triad region in North Carolina. The program also focuses on enhancing the cybersecurity skills of middle and high school teachers, aiming to increase the number of qualified adjunct faculty. This article highlights the program’s significant contributions to bridging the cybersecurity talent gap, fostering diversity, and equipping educators to cultivate a future generation of cybersecurity professionals.

Keywords: cybersecurity, high school, middle school, student, teachers, diversity

© 2024 under the terms of the J ATE Open Access Publishing Agreement

Introduction

Trained cybersecurity professionals are crucial for safeguarding organizations, individuals, and nations from threats in the digital landscape. Unfortunately, cybersecurity talent remains in critically short supply across the United States. According to cyberseek.org roughly 663,434 vacant cybersecurity positions must be filled across various industries, such as banking, energy markets, and military operations [1]. The consequences of not meeting the demand are far-reaching. In 2020, it was reported that roughly 906 million people worldwide were affected by cybercrime [2], and each time there is a global data breach, the average costs are $3.86 million globally [3]. The majority of the cyber attacks were from hackers around the globe, ranging from 17-year-old hackers to Chinese state-sponsored attacks [4].

In 2020, at least 38 states introduced legislation or resolutions to deal with cybersecurity. For example, California enacted the California Cybersecurity Integration Center, which monitored cybersecurity incidents and recorded whether the center’s investigations resulted in prosecution. Georgia used leftover Coronavirus funds to enhance cybersecurity technology. Indiana adopted laws that require counties to use cybersecurity companies for various tasks and qualified personnel who have access to the statewide voter registration system. Louisiana provided mandatory Cybersecurity training for all state and local employees [5].

Several states have adopted proactive measures to enhance cybersecurity training and allocate funding for a wide array of programs and staff. In contrast, Forsyth Tech has made a deliberate choice to facilitate the introduction of K-12 Career and Technology Education instructors to the field of cybersecurity. This initiative aims to equip educators with the necessary tools and knowledge to elevate cyber hygiene within their classrooms while empowering them to expand their expertise in the realm of cybersecurity.

In 2020, the North Carolina Department of Information Technology launched the NC CyberStart program, which teaches high school students cybersecurity skills through online challenges and games. This helped create a cybersecurity talent pipeline in the community college system [6]. The North Carolina General Assembly allocated $15 million in funding for the Cybersecurity Talent Initiative Fund to provide scholarships and grants for cybersecurity degrees [7]. The North Carolina Department of Commerce has awarded grants totaling almost $288,000 to support three innovative youth workforce development projects [8].

Despite these efforts, Winston-Salem/Forsyth County Schools (WS/FCS) and Stokes County Schools (about 5,800 students) raised concerns that there was a need for better teacher preparation in cybersecurity education. With the various initiatives around the state, there was a gap in the cyber education of K-12 teachers, which had a direct pipeline to the students obtaining degrees and scholarships and participating in workforce development projects.

To fill this gap, the Cyber Fellows program was built for K-12 Career Technical Education (CTE) teachers to integrate cyber hygiene directly into their instructional lessons throughout the year. We accomplished this by providing CTE teachers in the Winston-Salem Forsyth County School and Stokes County schools with the opportunity to complete a one-year Cybersecurity certificate program at Forsyth Technical Community College. In addition to earning their certificates, teachers had the opportunity to prepare for and complete the CompTIA Security+ exam. Armed with this expertise, they could return to their classrooms equipped with enhanced cybersecurity instructional resources to instill better cyber hygiene practices among their students. Furthermore, teachers who successfully completed the certificate program became eligible and were hired as adjunct instructors at Forsyth Tech.

Methods  

The Cyber Fellows program aims to achieve objectives that will measure the success of the project: increase the number of cybersecurity professionals, improve the expertise of cybersecurity faculty at both secondary and post-secondary levels, and diversify the cybersecurity workforce in the Piedmont Triad region as seen in Figure 1.

Figure 1: Three project goals and the end result. 

Recruitment and Enrollment 

To increase rates of persistence and retention in our cybersecurity programs and increase the number of students who are dual enrolled in our cybersecurity courses, were recruited from 18 high schools and career fairs, hosting summer camps:  

  • Crosby Scholars 
  • African American Males Pursuing Educational Dreams (AAMPED) 
  • Hispanic Latino Male Success (HLMS) 
  • Show, Help, Empower (SHE)  
  • Summer GenCyber camps 
  • Winston-Salem Girl Scouts 
  • FOCUS events 
  • Forsyth Tech Science Technology Engineering and Math (STEM) events 
  • GEAR Up events with Winston-Salem State University 

With these events, we introduced potential students to cybersecurity concepts through interactive and informative activities such as the RING Project activities, Trycyber.us, Raspberry Pi activities, drone activities, and Kahoot quizzes. To increase retention rates, we introduced new curriculum resources into our program, such as the EC-Council Essential Series with CyberQ, Jones and Bartlett Learning, Cellebrite UFED Touch and Physical Analyzer, and VMWare. We offered free cybersecurity certification vouchers funded by various grants, access to cyber ranges, tabletop exercises, and competitions. We also offered one-on-one mentoring for students in the program. 

Recruitment and Process with Cyber Fellows Teacher

Nineteen high school and middle school teachers were recruited to participate in the first two cohorts. Goal two’s objectives were to increase the cybersecurity skills, knowledge, and abilities of 24 middle and high school teachers. We also wanted to increase the number of qualified adjunct cybersecurity faculty at Forsyth Tech. We advertised the Cyber Fellows program through the North Carolina Department of Instruction (NCDPI), the WS/FCS CTE Department, and the Stokes County Schools administration. We were able to work with NCDPI through previous relationships in collaboration with the Carolina Cyber Network, the WSFCS, and Stokes County School systems.

Using the online signup form sent via NCDPI, we recruited eight qualified teachers for Year 1 and eight qualified teachers for Year 2. Throughout the program, we had monthly meetings with the cohorts and introduced a K-12 Cybersecurity curriculum that they could use in their classrooms. We also had speakers during Cybersecurity Awareness Month who introduced faculty to the 2D and 3D Cybersecurity Career Exploration Program and the Ring Project. Cyber Fellows completed the Forsyth Tech IT-Cybersecurity Certificate program. These courses allow the students to gain foundational cybersecurity skills. This certificate is also part of the K-12 Career and College Promise pathway. This certificate includes four classes:

  • CCT-110 – Introduction to Cyber Crime. Students worked with the EC Council Ethical Hacking Essentials Curriculum [9].
  • SEC 110 – Security Concepts. Students work with the CompTIA Security+ Certification Curriculum [10].
  • CCT 112 – Cybersecurity Ethics. Students learn about ethical issues that cybersecurity professionals encounter.
  • SEC 160 – Security Administration I. Students work on the Cisco Cyber Ops Curriculum.

Once the Cyber Fellows complete the IT Cybersecurity certificate, they participate in a 2-day, six-hour boot camp on the CompTIA Security+ Certification, which is an industry-recognized credential. Participants are provided a voucher to take the CompTIA Security+ Exam. Once the certificate courses are completed, the Cyber Fellows receive a $250 stipend. When they complete the Security+ exam, they receive another $250 stipend. Lastly, fellows have the opportunity to attend cybersecurity conferences nationally (3CS, HI-TEC, NICE/K-12).

Results and Discussion

Over the initial two phases of our Cyber Fellows project, progress can be summarized as follows: significantly boosted diversity in the cybersecurity sector, going from three underrepresented individuals/minorities on staff in 2021 to a 10-member team by 2023, as seen in Figure 2.

Gender equity has led to substantial growth, with the number of female adjuncts and full-time faculty increasing from just one in 2021 to a team of eight by 2023. Our Cybersecurity and Systems Security programs have flourished, expanding its adjunct faculty from six members in 2021 to a dynamic group of thirteen in 2023.

Figure 2: Minority Employment Increase in a 3 Year Period

In the project’s inaugural year, we hosted five Cyber Fellows. In the second year, we elevated our participation to six individuals, and by the third year, we had successfully expanded our capacity statewide to accommodate a cohort of 23 Cyber Fellows, as seen in Figure 3. Notably, the cumulative Grade Point Average for our Cyber Fellows in the years 2022 and Spring 2023 stood at 3.8.

Figure 3: Cyber Fellows in a 3 Year Period 

Through our recruitment techniques and processes beyond the college campus, we achieved remarkable results in the Center of Academic Excellence Outreach Competition. In 2021, we proudly secured the 2nd position nationally, and in 2022, we maintained our excellence, clinching the 6th spot. It’s worth noting that among the top 10 contenders, we stood as the sole community college, competing against over 400+ schools nationwide.

Our enrollment in our Cybersecurity and Systems Security programs in 2021 was 163 Career and College Promise students (High School CCP) and adult learners in our Associate’s Degree and certificate programs. In 2022, enrollment increased to 193 students. As of August 2023, our current enrollment numbers are 275 combined adult learners and CCP students, as seen in Figure 4.

Figure 4: Curriculum and CCP Enrollment in a 3 Year Period

Even though we’ve had successes, there have been challenges along the way. Staffing challenges and the need for key personnel have highlighted the importance of proper preparation and resource allocation. Collaborations with state agencies and curriculum governing bodies have been instrumental in streamlining the educational journey for students, ensuring they receive the necessary course credit, and promoting a seamless transition from high school to higher education.

Conclusion

The Cyber Fellows program’s success is evident in the significant improvements in diversity and gender equity within the Forsyth Tech cybersecurity faculty pool, with eight new adjunct instructors and enrollment in the cybersecurity programs, which has risen from 163 students to 275 students in two years. Additionally, the program’s participation and achievements in national competitions showcase its effectiveness in cybersecurity education. The CTE instructor’s willingness to participate and the approval and support from the North Carolina Department of Instruction have made this program flourish and allowed the project to expand throughout the state of North Carolina in its third year.

The Cyber Fellows program represents a significant step in addressing the shortage of cybersecurity professionals by empowering K-12 teachers, diversifying the cybersecurity workforce, and helping K-12 students establish a pathway from high school to community college via Cybersecurity. It serves as a model for similar initiatives, demonstrating the potential for improving cybersecurity education and the pipeline of qualified professionals.

Acknowledgements. This work was supported by the National Science Foundation (NSF) Advanced Technological Education DUE #2055253.

Disclosures. The authors declare no conflicts of interest.

[1] “Cybersecurity Supply And Demand Heat Map,” https://www.cyberseek.org/heatmap.html.

[2] Sonicwall Cyber Threat Report (SonicWall, 2021), pp. 1–70.

[3] J. Firch, “10 Cyber Security Trends You Can’t Ignore In 2021,” https://purplesec.us/cyber-security-trends-2021/.

[4] E.-C. University, “Top Ten Cyberattacks of 2020-2021,” https://www.eccu.edu/blog/cybersecurity/top-ten-cyberattacks-of-2020-2021/.

[5] “Cybersecurity Legislation 2020,” https://www.ncsl.org/technology-and-communication/cybersecurity-legislation-2020#:~:text=Cybersecurity%20remains%20a%20focus%20in.

[6] “CyberStart America | NCDIT,” https://it.nc.gov/cyberstart.

[7] “Senate Bill 105 / SL 2021-180 (2021-2022 Session) – North Carolina General Assembly,” https://www.ncleg.gov/BillLookUp/2021/S105-CCS.

[8] P. Bethea, “N.C. Commerce awards grants to three local workforce boards for Youth Initiatives | NC Commerce,” https://www.commerce.nc.gov/news/press-releases/nc-commerce-awards-grants-three-local-workforce-boards-youth-initiatives.

[9] “EC-Council Learning,” https://codered.eccouncil.org/course/ethical-hacking-essentials?logged=false.

[10] CompTIA, “Security+ (Plus) Certification | CompTIA IT Certifications,” https://www.comptia.org/certifications/security.