“Young people…are growing up in an environment where peer pressure to connect and share is much greater than concern about their information ending up in the wrong hands.” – Susan Puglia, IBM VP of Global University Programs
Leslieanne John, P-TECH student and IBM CAI intern, conducted a series of executive interview posts exploring topics such as the technical skills necessary for business today and preparing students for the future. She also looked into technical skills gaps and how technology integrates with education. In this post, she revisits her first interview with Susan Puglia, IBM Vice President of Global University Programs & Vice Chair of the IBM Academy of Technology Board of Governors, to focus on the topic of cybersecurity.
My interview with Susan Puglia, IBM Vice President of Global University Programs & Vice Chair of the IBM Academy of Technology Board of Governors, included so much great information that I was unable to fit it all in my blog post. I decided to dedicate an additional post to the most fascinating topic we discussed, cybersecurity.
I noticed that you were a part of a discussion called “Where do you see yourself in five years?” and the issue of cyber security came up several times. In your opinion, is cyber security taught enough in universities?
The sophistication of cyber threats, attackers and motives is rapidly escalating. The average midsized or large company must filter through 1,400 cyber attacks weekly to identify the 1.7 incidents that might do harm.
There is a gap in cybersecurity-ready hires versus the number of job openings. An IBM study found that ninety-two percent of security decision makers say that their staff contributes to heightened levels of risk. Thirty-seven percent say that staff lacks thought leadership to help them deal with new threats and issues. Thirty-three percent say staff lack sufficient experience to manage risks effectively.
Organizations are currently seeking forward-thinkers who have an appreciation for taking a more proactive, integrated and strategic approach to security. Colleges are expanding and enhancing their cybersecurity curriculum, and several that I have seen firsthand during the past year are leading the charge. Cybersecurity professionals require systems thinking and skills. As universities examine their programs for necessary cybersecurity training, they need to look at it holistically. It’s not just about the cybersecurity technology; it also needs to include training on how to: assess risk in your institution’s business processes, put proactive and reactive plans in place, govern, set policies and regulations, approach data privacy and track security metrics.
Do you think people my age are cautious enough with how they portray themselves on social networks? Do you see this as in issue? Do you have any personal experience?
I hope that college training has become savvier to the security and privacy risks that online and social forums present. I do believe that today’s younger generation, born and bred on the Internet, is less concerned than my generation about exposing their private information. I see teenagers, and I’m horrified by the lack of understanding they have about who is reading the information they are posting. I believe, as with most new technologies, that security policies and governance will evolve, but I hope it’s very soon.
Are young people adequately informed about the Internet and cybersecurity?
Unfortunately, no. Our middle school holds Internet security sessions for students and parents, but unfortunately every access and path to an individual is an exposure of some form. Some are more secure than others, but frankly, we just don’t know how secure they are. Look at the recent personal information breaches at several companies, even if your information is secure today, it may not be tomorrow. Young people today are growing up in an environment where peer pressure to connect and share is much greater than their concern about their information ending up in the wrong hands.
When should education concerning cybersecurity begin? Elementary school? High School? College?
Elementary school and even pre-school. My fourth grader uses the Internet for some of his homework.
How is IBM aiding in educating future young professionals about cybersecurity?
We are working with more than 50 universities to:
1) Enhance cybersecurity programs. We assisted in expanding their degrees from a network security or cryptography focus to include data security, application security, security intelligence and security management.
2) Define new programs. We are assisting these institutions with curriculum advice, teaching content, education sessions and letters of support, and we’ve acted as a curriculum champion of the Association for Computing Machinery Associate-Degree Curricular Guidance for Information Technology. We have also worked with the National Science Foundation, National Institution of Standards and Technology, Intel and various universities to provide changes to the Computer Science curriculum, adding critical security topics and learning outcomes
3) Assist with mature security programs. We have also taken advantage of topical discussions across our existing relationship base by positioning security strategy and capabilities in the minds of faculty and students, leading to access to approximately 5,000 recent graduates who have a good foundation in security principles. Among the most notable universities are Georgia Tech, Purdue University, NYU Polytechnic School of Engineering, Rochester Institute of Technology, University of Maryland-College Park, University of Maryland-Baltimore County, Southern Methodist University, University of Texas at Dallas, University of Southern California, Auburn University, UNC Charlotte, University of Washington, and over 150 institutions designated by National Security Agency/Department of Homeland Security as National Centers of Academic Excellence in Cybersecurity. There are fewer programs overseas, yet there are renowned programs at Royal Holloway University of London, Technical University of Darmstadt, National University of Singapore and others. Our work with these universities is focused on promoting security intelligence and security management as new teaching topics and the use of teaching assets in the form of lectures, reports and videos available through the IBM Academic Initiative.
About Susan Puglia
As the Vice Chair of the IBM Academy of Technology’s Board of Governors, Susan provides direction to members and the Academy Leadership Team who dedicate time to leading the innovative projects and initiatives of the Academy. The IBM Academy of Technology is a society of the top IBM technical leaders organized to advance innovation and thought leadership in key technical areas, improve the development of IBM’s global technical community, and engage clients in technical pursuits that create business value. In her University Programs role, Susan leads a global team that works across IBM to build relationships of mutual value with targeted universities in areas of collaborative research, skills readiness, recruiting, community responsibility and regional economic development. Susan is committed to developing technical and business talent, and has established and leads three IBM-wide global programs that aim to attract, develop and progress women in technical career paths.
- ‘Don’t underestimate your abilities‘ – Susan Puglia on IBMblr
- Building skills in Africa – IBM Insights blog post by Susan Puglia
- Big Brains, Small Films – Susan Puglia IBM Technologista video interview featured on The Greater IBM Connection blog
- Connect with Susan on LinkedIn
About the IBM Center for Applied Insights
The IBM Center for Applied Insights introduces new ways of thinking, working and leading. Through evidence-based research, the Center arms leaders with pragmatic guidance and the case for change.