Growing the Cybersecurity Workforce Through Cybersecurity Career Awareness Professional Development for Academic Advisors and Career Counselors

Introduction 

The first cyberattack was executed in 1834, when thieves successfully hacked the French Telegraph System to steal financial market information [1]. Since then, the rapid convergence of physical and virtual domains, increased sophistication and expanded access to tools, and society’s ever-increasing dependence on technology have all contributed to the exponential growth in cyber-related threats. As threats to national security increased, President Reagan signed the Computer Security Act of 1987 into law. The law empowered the National Bureau of Standards to implement security guidelines developed by the National Security Agency (NSA) for federal computer systems [2]. In 2000, President Clinton released the first national cybersecurity strategy, calling for cooperation between government and private sectors to enhance security of the U.S. computer systems [3]. In 2003, responding to failures exposed by the 9/11 attacks, President George W. Bush released the first-ever National Strategy to Secure Cyberspace. For the first time, the strategy called on the U.S. government to establish cybersecurity education and workforce training programs to address the declining enrollment in engineering degrees [4]. In 2021, Congress established the Office of the National Cyber Director (ONCD) to advise the President of the United States on cybersecurity policy and strategy. On July 31, 2023, the ONCD released the National Cyber Workforce and Education Strategy which provided information on how the U.S. government plans to develop, recruit, and retain cybersecurity talent across the nation [5]. 

As cybersecurity gained attention from private industry, public institutions, and policymakers, new initiatives and organizations emerged to address the cybersecurity workforce shortage. In 1990, multiple civilian and military agencies established the National Security Telecommunication and Information Security Committee (NSTISSC) to develop operational guidance for the protection of national security systems [5]. One of the committee’s key outcomes was the proposal of foundational standards for assessing the quality of education institutions’ information assurance and information system security (INFOSEC) programs. In 1998, the National Security Agency (NSA) established the National INFOSEC Education and Training Program (NIETP) to provide products and services to Information Assurance and INFOSEC education and training programs and launched the Centers of Academic Excellence in Information Assurance Education (CAE-IEA) [6]. This program was designed to a) reduce vulnerabilities in the U.S. information infrastructure by promoting higher education programs and b) increase the number of professionals with expertise in information assurance.  

The primary goal was to address the cybersecurity workforce gap by encouraging students to pursue cybersecurity programs of study, supporting cybersecurity research, and helping private and public entities improve the U.S. cybersecurity posture [7]. The Department of Homeland Security became a co-sponsor of the CAE community in 2004, and the program was expanded to address the growing need for qualified cybersecurity professionals. The National Centers of Academic Excellence in Cybersecurity (NCAE-C) community of practice includes more than 450 two-year and four-year institutions across three designations: Cyber Defense (CAE-CD), Cyber Operations (CAE-CO), and Cyber Research (CAE-R). These initiatives helped the U.S. to build a cybersecurity workforce that currently exceeds 1.2 million workers [8]. However, despite significant investments, the demand for skilled workers continues to outpace supply, leaving an average of 440,000 unfulfilled openings annually over the past decade [1].  

Research suggests that students’ career choices are affected by three main factors: intrinsic, extrinsic, and interpersonal. Intrinsic factors include personal interest, self-efficacy, outcome expectations, and professional development opportunities, while extrinsic factors include job security, availability, financial compensation, and prestige. Interpersonal factors include family and peer influences, social responsibilities, and interactions with educators, mentors, counselors, and advisors [9].  

Academic advisors and career counselors play a pivotal role in the student’s academic and career choices, serving as crucial intermediaries between students and potential career pathways [10]. A study by Owens et al. found that nearly 60 percent of high school students prefer receiving college and career information from admissions and high school counselors (34 percent and 25 percent, respectively), with an additional 16.1 percent looking to their parents for guidance [10]. The Center for Community College Student Engagement reports that students who participate in ‘in-depth discussions’ during advising sessions show higher engagement [11]. The key role of advisors and counselors is especially important for first-generation college students who often lack support from parents and guardians [12].  

As cybersecurity transcends traditional technical boundaries, impacting virtually every discipline, including manufacturing, business, science, and engineering. With digital systems increasingly integrated into every aspect of modern life, the risks and challenges associated with cyber threats demand not only technical expertise but also legal, administrative, and human-centered approaches to protection and resilience [13, 14]. This study particularly focuses on guiding students towards cybersecurity technician pathways, recognizing the critical role that technical cybersecurity professionals play across sectors from manufacturing to healthcare to finance and energy infrastructure [15]. Unlike other STEM fields, cybersecurity’s rapid evolution and complex ecosystem make it particularly challenging for advisors and counselors to provide effective guidance.  

This study examined how targeted cybersecurity career awareness professional development can enhance academic advisors’ and career counselors’ ability to guide students effectively and confidently toward cybersecurity careers, with particular attention to technician pathways. The research objectives were to (1) assess advisors’ and counselors’ baseline understanding of cybersecurity careers and pathways, (2) develop and deliver professional development workshops, and (3) evaluate the workshops’ effectiveness in improving advisors’ and counselors’ self-efficacy to discuss and guide students toward cybersecurity career opportunities and pathways.  

Methods  

This research aims to address the persistent cybersecurity workforce gap by exploring and analyzing the effect of targeted professional development for academic advisors and career counselors on their self-efficacy regarding the cybersecurity career landscape and their ability to provide effective guidance to students about available cybersecurity pathways. This study involved 65 participants from K-12 institutions, community colleges, and four-year institutions. Participants were recruited through targeted invitations to academic advisors and career counselors at K-12 institutions, community colleges, and universities with established partnerships with the N-CAE Education Pathway National Center’s (EPNC) Educational Partner Institutions (EPIs).  

Participants in the workshop were informed of the purpose of the study, and their participation was entirely voluntary. The study collected data only from these voluntary participants. The survey instruments were carefully reviewed to ensure they did not collect any personally identifiable or sensitive information, and all data collected focused solely on evaluating general educational practices and workshop effectiveness.  

Research Design 

This study used a quasi-experimental design to evaluate the impact of targeted cybersecurity career awareness professional development for academic advisors’ and career counselors’ perceived ability to effectively engage with and guide students toward cybersecurity career pathways. The study was implemented in three stages: 

1. Pre-Workshop Survey: An online survey was conducted to gather quantitative baseline data on the current knowledge, attitudes, and perceptions of cybersecurity careers. The survey included questions designed to assess their familiarity with cybersecurity roles, understanding of industry demand, and perceived barriers to providing cybersecurity career guidance.  

2. Cybersecurity Career Awareness Professional Development Workshop (Intervention) –Academic advisors and career counselors participated in a three-hour, in-person workshop introducing tools and resources for guiding students toward cybersecurity pathways. Workshop topics included cybersecurity job roles, industry demand, salary trends, academic cybersecurity programs of study, professional cybersecurity certifications, scholarship opportunities, and extracurricular activities. Participants received handouts, access to various online materials, and breakout activities to learn about cybersecurity careers. They were required to complete the hands-on activities and engage in productive discussions about various aspects of career counseling, academic advising, and cybersecurity.  

3. Post-Workshop Survey: A follow-up online survey was conducted to evaluate changes in participants’ knowledge, attitudes, and self-efficacy in providing cybersecurity career and pathway guidance. The survey also measured the workshop’s effectiveness in enhancing advisors’ and counselors’ ability to discuss cybersecurity career opportunities and pathways with students. The survey was identical to the pre-workshop survey, allowing direct measurement of knowledge and confident gains.  

Data Collection Tools 

An online survey was administered to collect pre- and post-workshop data on participants’ demographics, knowledge of cybersecurity programs and career pathways, and self-efficacy in providing cybersecurity career guidance. The pre-workshop survey established baseline data that was later used in comparative analysis with post-workshop responses to measure the workshop’s effectiveness in enhancing participants’ knowledge and self-efficacy. The survey instrument was validated through review and pilot testing by a panel of five experts in cybersecurity education and academic advising.   

The survey instrument consisted of four main sections: 

1. Demographic and professional background – researchers wanted to know the current composition of the advising and career workforce. 

2. Current knowledge of cybersecurity careers and pathways – given the persistent academic and career gap, researchers expected to find a lack of understanding of cybersecurity careers and pathways. 

3. Previous professional development experiences – researchers wanted to assess the availability of professional development specific to cybersecurity career exploration.  

4. Self-efficacy in providing cybersecurity career guidance – given the complexity of the field, researchers expected low self-efficacy pre-intervention and a consequent increase in self-efficacy post-intervention. 

The knowledge and self-efficacy assessment sections used a five-point Likert scale to measure participants’ levels, while the demographics and professional development section used multiple choice and yes/no questions.   

Section 1: Demographics 

1. Gender: male, female, prefer not to disclose 

2. Age group: 18-24, 25-34, 35-44, 45-54, 55 or over 

3. Institutional type: K-12, Junior /Technical/Community College, University 

4. Work role: Academic Advisor, Career Counselor, K-12 Faculty, Other (specify) 

5. Years of experience 

Section 2: Knowledge Assessment  

Likert-Scale: No Knowledge/Novice, Basic/Beginner, Competent, Proficient, Expert 

1. Understanding of cybersecurity career landscape  

2. Understanding of cybersecurity work roles  

3. Understanding of cybersecurity academic programs 

4. Understanding of cybersecurity career pathways 

5. Understanding of Center of Academic Excellence in Cybersecurity Programs 

6. Understanding of cybersecurity certifications  

7. Understanding of transfer agreements for cybersecurity majors 

Section 3: Professional Development (only for pre-intervention survey) 

1. In the past 12 months, have you received training regarding cybersecurity career advising and/or counseling? Yes, No 

2. In the past 12 months, have you had opportunities (academic or industry) to learn more about cybersecurity careers? Yes, No 

Section 4: Self-efficacy Assessment 

Likert-Scale: Not Confident at All, Slightly Confident, Somewhat Confident, Confident, Very Confident 

1. How confident are you in advising students about academic pathways into cybersecurity? 

2. How confident are you in advising students about various careers in cybersecurity? 

3. How confident are you in counseling students about the knowledge, skills, and abilities required for cybersecurity work roles?  

Intervention Design 

The intervention consisted of a free, three-hour Cybersecurity Career Awareness workshop for academic advisors and career counselors from participating high schools, community colleges, and four-year colleges and universities across selected regions of the nation.  

The workshop was developed and delivered by a team from the National Center of Academic Excellence in Cybersecurity (NCAE-C) Education Pathway National Center (EPNC). It covered the current cybersecurity career landscape from both the national and local perspectives, utilizing publicly available resources such as Cyberseek.org [14] to highlight industry demand, trending industry certifications, and required tasks, knowledge, and skills (TKS). Participants examined various cybersecurity job roles defined in the National Institute of Standards and Technology (NIST) Workforce Framework for Cybersecurity (NICE Framework), which standardizes cybersecurity work roles and competencies. The workshop included the exploration of academic programs, an introduction to the National Center of Academic Excellence (NCAE) community, and discussions about cybersecurity certifications. Additionally, participants learned about available scholarships, transfer agreements, and extracurricular activities available to students. The workshop concluded with an overview of the Cybersecurity Career Awareness Workbook, an EPNC-developed career exploration tool designed to complement the resources provided to advisors and counselors.  

Results  

Analysis of responses from 65 participants in the pre-workshop survey provided insights into academic advisors’ and career counselors’ self-efficacy regarding cybersecurity career awareness and guidance.  

Key Demographic Findings 

To understand the composition of the participant group, demographic data was collected across dimensions: age, institutional affiliation, and professional experience. The demographics confirmed that the workshop participants represented the target population.  

Age Distribution. Demographic data revealed that participants were predominantly in the mid-to-late stages of their careers. As shown in Fig. 2, the majority of participants (60 percent) were over 45 years old. Participants under 45 years old were between the 25-34 and 35-44 age ranges (20 percent each).  

Institution Representation. Nearly two-thirds of participants (63%) were from K-12 institutions, while about one-third (32%) represented junior, technical, or community colleges. A small fraction represented 4-year institutions (3.1%) and consultants/researchers (1.5%). This distribution aligned with the workshop’s intended target population (Fig. 3).  

Years of Experience. The professional experience of study participants spanned between new to highly seasoned professionals in their roles. As shown in Table 1, the majority of participants (55.3%) had more than ten years of experience, with (32.3%) having over 20 years of experience in their roles. This suggests that participants had substantial experience in academic advising and career counseling, though not necessarily cybersecurity-specific guidance.  

Table 1. Distribution of Participants by Years of Experience (N=65) 

Age Range	Percentage (%)
Less than 1 year	6.2
1-5 years	24.6
6-10 years	13.8
11-15 year	9.2
16-20 years	13.8
Oveer 20 years	32.3

Knowledge Assessment 

Pre-workshop. The knowledge assessment revealed insights into participants’ understanding of cybersecurity education and career pathways before and after the workshop intervention, as shown in Table 2. Pre-workshop assessment revealed knowledge gaps across all cybersecurity domains. Participants self-identified as having basic or no understanding of the cybersecurity career landscape (78.6%), cybersecurity work roles (72.6%), academic programs (76.2%), and certifications (75%). Awareness of the NCAE-C programs was particularly low, with 46.8% reporting no knowledge, while transfer agreements showed the greatest gap with 57%. Reporting no knowledge, indicating a gap in awareness of cybersecurity academic pathways.  

Post-workshop. Survey results revealed improvements across all knowledge cybersecurity domains. The greatest improvements were seen in certifications, academic programs, and career landscape understanding. Knowledge gaps were dramatically reduced, with NCAE-C programs showing a 31.4 percentage point decrease in the “No Knowledge” responses. The increases in competency levels ranged from 20.1 to 33.5 percentage points across all domains, with certifications showing the highest gain. All domains shifted from “No Knowledge / Beginner” toward “Competent” levels, with the percentage of participants identifying as “Proficient” approximately doubling. Participants who identified as “Expert” remained relatively the same. Even though there were notable improvements, transfer agreements remained the most challenging domain post-workshop, with 58.5 percent of participants still at a beginner-level or lower understanding.  

Table 2. Pre- and Post-Workshop Knowledge Assessment Levels (N=65) 

Knowledge Domain	Pre/ Post	Knowledge Assessment Scale (%)					Increase in Competency – percentage points
		None	Beginner	Competent	Proficient	Expert
Cybersecurity Career Landscape	Pre	25.0	53.6	13.6	6.4	1.4	30.9
	Post	15.4	32.3	38.5	12.3	1.5
Cybersecurity Work Roles	Pre	23.8	48.8	19.6	6.4	1.4	23.4
	Post	16.9	32.3	36.9	12.3	1.6
Cybersecurity Academic Programs	Pre	26.2	50.0	16.2	6.2	1.4	31.6
	Post	13.8	30.8	41.5	12.3	1.6
NCAE-C Programs	Pre	46.8	25.8	19.8	6.2	1.4	24.9
	Post	15.4	32.3	38.5	12.3	1.5
Cybersecurity Certifications	Pre	25.0	50.0	17.4	6.2	1.4	33.5
	Post	12.3	29.2	43.1	13.8	1.6
Transfer Agreements	Pre	57.0	21.6	13.8	6.2	1.4	20.1
	Post	20.0	38.5	30.8	9.2	1.5

Professional Development 

Survey results revealed that less than half of the participants (43.1%) received training in cybersecurity career advising in the past year, while a majority (60%) reported having opportunities to learn about them. These findings suggest a potential gap between learning opportunity availability and participation rates. Barriers beyond availability, such as time constraints, competing priorities, or institutional factors, may influence participation in these types of workshops. These findings highlight potential gaps in motivation, outreach, or accessibility that could be addressed to improve participation rates.  

Table 3. Participant Distribution of Training and Learning Opportunities in Cybersecurity Careers (N=65) 

Category	Yes (%)	No (%)
Received training regarding cybersecurity career advising in the past year	43.1	56.9
Had opportunities to learn more about cybersecurity careers in the past year	60.0	40.0

Self-Efficacy 

The Cybersecurity Career Awareness workshop significantly improved participants’ confidence in guiding toward and advising students about cybersecurity pathways, careers, and required knowledge, skills, and abilities, as seen in Table 4. Prior to the workshop, over 70% of participants reported feeling “Not Confident at All” or only “Slightly Confident” in advising students about academic pathways (70.2%), careers (71.4%) and required knowledge, skills, and abilities for cybersecurity roles (72.6%). Post-workshop results revealed substantial gains, with over 60% of participants feeling “Somewhat Confident” or higher in advising students about cybersecurity programs of study (66.2%), careers (61.5%), and required knowledge, skills, and abilities (60%). Confidence levels increased by 36.4 percentage points for academic pathways, 32.9 percent points for cybersecurity careers, and 32.6 percent points for required knowledge, skills, and abilities. This demonstrates the effectiveness of the workshop in equipping advisors and counselors to better guide students into cybersecurity pathways.  

Table 4. Pre- and Post-Workshop Self-Efficacy Levels (N=65) 

Self-Efficacy Domain	Pre/Post	Confidence Level Scale (%)					Increase in Confidence – percentage points
		Not at All	Slightly	Somewhat	Very	Extremely
Academic Pathways	Pre	38.4	31.8	21.4	7.0	1.4	36.4
	Post	12.3	21.5	49.2	15.4	1.6
Cybersecurity Pathways	Pre	39.6	31.8	20.2	7.0	1.4	32.9
	Post	13.8	24.7	46.2	13.8	1.5
Knowledge, Skills, and Abilities	Pre	40.8	31.8	19.0	7.0	1.4	32.6
	Post	15.4	24.6	44.6	13.8	1.6

Discussion 

Pre-workshop data highlighted notable gaps in career counselors’ and academic advisors’ knowledge and confidence across all cybersecurity areas:  

• Knowledge gaps were identified across the cybersecurity career landscape, industry certifications, academic programs, and transfer agreements.  

• Over 70% of participants reported “Not Confident at All” or only “Slightly Confident” in advising students about cybersecurity pathways.  

• NCAE-C program awareness was particularly low, with 46.8% reporting no knowledge.  

• Transfer agreements showed the greatest knowledge gap, with 57% reporting no knowledge. 

The workshop significantly improved participants’ knowledge across cybersecurity domains: 

• Understanding cybersecurity certifications improved by 33.5 percentage points. 

• Academic programs understanding improved by 31.6 percentage points. 

• Career landscape understanding gained 30.9 percentage points.  

• Awareness of NCAE-C programs also improved dramatically, with “No Knowledge” responses dropping from 46.8% to 15.4%.  

• Transfer agreements remain a challenge, as 58.5% of participants were still at beginner level post-workshop. This finding suggests that transfer pathways in cybersecurity may be less developed or more complex than other fields, and institutions may need to strengthen documentation and formalization of these critical articulation agreements.  

• 60% of participants reported opportunities to learn about cybersecurity careers in the past year, and only 43.1% had participated in the training. This reveals a gap between availability and participation that requires further exploration.  

• Participant’s confidence in providing cybersecurity guidance increased across the board: 

• Advising students on academic pathways by 36.4 percentage points. 

• Cybersecurity pathways by 32.9 percentage points. 

• Knowledge, skills, and abilities by 32.6 percentage points. 

The workshop significantly improved participants’ understanding of cybersecurity technician roles and the technical skills required across diverse industries and sectors, addressing a critical need in the development of the cybersecurity technical workforce pipeline.  

These improvements are particularly significant given that most participants (95.4%) were from K-12 and community colleges, which serve as key entry points for cybersecurity education. The improvements across all domains, even among experienced counselors (55.3% with over ten years of experience), demonstrate that targeted professional development can effectively enhance cybersecurity guidance skills, regardless of prior counseling experience. 

Conclusion  

The results of the study are encouraging and demonstrate that targeted professional development can enhance career counselors’ and academic advisors’ ability to guide and advise students toward cybersecurity careers. Pre-workshop data revealed knowledge gaps and low confidence among participants and highlighted the need for training. Post-workshop data shows that the workshop successfully enhanced participants’ understanding across cybersecurity domains, with significant gains in both knowledge and confidence.  

Gaps in transfer agreement knowledge and a disparity between the availability of professional development opportunities and participation were also revealed. These findings suggest the need for improved documentation of transfer agreements and pathways as well as strategies to address participation barriers. In cases where transfer agreements do not exist, research is needed to identify effective strategies for establishing and implementing these critical pathway connections.  

Based on the results, strengthening transfer agreement documentation and relationships, as well as flexible training formats for participants is recommended. Additional funding is needed to develop and deliver online modules, create comprehensive resources, and provide participation stipends for broader reach. The long-term impact the training has on student enrollment and retention in cybersecurity programs should be further researched, and best practices for developing and maintaining transfer agreements between institutions should be explored. 

Overall, this study demonstrates the value of professional development workshops as a scalable and impactful solution to empower career counselors and academic advisors, particularly in the K-12 and community college setting, in addressing the national cybersecurity workforce shortage. Continued efforts to refine and expand these workshops and resources are necessary to meet the growing demand for cybersecurity professionals as well as to build a pipeline of diverse talent in this critical field.  

Acknowledgements. This research was supported by National Security Agency under the grant  number H98230-22-1-0312. 

Disclosures. The authors declare no conflict of interest.