Columns » Technicalities

Closing the cybersecurity gap with military veterans


The SANS Institute's VetSuccess program is helping to close the gap between the available cybersecurity jobs and the number of qualified applicants to fill those important and high-paying positions. With a grant from the Daniels Fund, and a partnership with the Colorado Springs USO, the program will provide free training to qualified veterans that ends with industry certifications, and an opportunity for employment within cybersecurity fields.

Veterans interested in the program must take a qualifying exam and complete the application process, followed by an interview with the selection committee. Selectees then head to training, with hands-on exercises like intrusion detection and attacker identification to earn an industry-recognized GIAG (Global Information Assurance Certification) certification. Lastly, the program helps point vets towards employment opportunities, working with industry partners like Microsoft, Amazon and Raytheon looking to hire cybersecurity professionals, with a high rate of success.

The track record for SANS CyberTalent Immersion Academy is impressive: 93% graduation rate, 89% employment rate and an $80,00 Median Salary. Since VetSuccess started in February of 2015, 100 applicants have completed the programs, and 40 are currently enrolled. SANS runs the programs in cities with heavy military populations like San Antonio, San Diego, Washington D.C., St. Louis and, beginning in November, Colorado Springs.

Max Shuftan, Director of the CyberTalent Program, and his team at SANS Institute recognized a coming wave of transitioning military members. "To honor their service," Shuftan says, "we wanted to provide a program that would help those service members get into cybersecurity."

Shuftan says there are other benefits to recruiting former service members, too.

"Many of the security professionals in the industry had served in the military in the past," he says. "Military members have the critical thinking and dedicated mindset needed to succeed in information security. They have that sense of mission, in terms of protecting data, critical infrastructure and protecting the organization. Whether they go back into government, or work for a private organization, that sense of mission is always there." As for as closing the gap, Shuftan also added, "I think certainly we are on the right path. We are making a small dent in the talent shortage of cybersecurity professionals. We are always looking to improve our program and find ways to partner with industry organizations, private sector companies, government institutions and agencies to provide more scholarships and train more people."

Increasing the number of skilled cybersecurity professionals is paramount. The Center for Strategic and International Studies reported in 2016 that the cybersecurity shortage is impacting the industry around the world, and correlates the shortage of cybersecurity skills directly to damaging effects including lost proprietary data and personal/customer information breaches. Earlier this month, Scott Montgomery, the Vice President and Chief Technical Strategist for McAfee, testified for the U.S. House of Representatives about the challenges of recruiting and retaining a cybersecurity workforce. In his testimony, Scott cited the CSIS report and added that focus needs to be on changing the culture surrounded cybersecurity.

This cultural change starts with not only identifying the need for more cybersecurity professionals, but understanding their diverse skills and experience enabling them to tackle problems from a different perspective. In other words, cybersecurity is not just linear thinking and problem solving.

What else is wrong? How about the diversity gap among cybersecurity professionals. Women constitute only 11 percent of the cybersecurity workforce, according to a Women in Cybersecurity Report by the Executive Women’s Forum, and African Americans only comprise three percent of information security analyst, according to the Bureau of Labor Statistics figures. SANS CyberTalent runs the Women’s Immersion Academy, which provides opportunities for women to enter cybersecurity. The Women's Immersion Academy is open to U.S. citizens who are college seniors in computer or IT fields, or  college graduates and career changers with no former experience in information security. Nineteen women were enrolled in the first year (2016), but that number almost doubled in 2017. Next year, SANS's CyberTalent program plans to address the gap for African Americans.

According to Shuftan, the goal for the near future is to increase the number of cyber professionals by an additional hundred, and expand the programs to other cities. Shuftan realizes that this effort is a small part of fixing the problem of cybersecurity skill shortage as a whole, but it is a step in the right direction that will pay off in the future. Interested veterans can visit:

Thomas Russell is a high school information technology teacher and retired Army Signal Corps soldier. He is the founder of SEMtech (Student Engagement and Mentoring in Technology) and an Advisory Board Member of Educating Children of Color. His hobbies include writing, photography and hiking. Contact Thomas via Russell’s Room on Facebook, or email at, and his photography at

Add a comment

Clicky Quantcast