SANS Institute has partnered with Google to launch the SANS Cloud Diversity Academy (SCDA), which will provide training and certifications to Black, Indigenous, and People of Color (BIPOC), women, and other underrepresented groups. The SCDA aims to reduce the skills gap in the industry, with a particular focus on cloud security, while also creating a more diverse and inclusive workforce. The academy will provide scholarship-based training of up to three SANS courses and the associated Global Information Assurance Certification (GIAC) certifications, the gold standard in the industry.
“SANS over the past eight years has been involved, both as the lead and sometimes as a partner, on what we would call re-skilling efforts or talent pipeline efforts to grow and diversify the cybersecurity workforce,” says Max Shuftan, director of mission programs and partnerships at SANS Institute. SANS has partnered with Google on several of those programs, with good success, according to Shuftan. The two organizations began a conversation over the past year to build on that success, but to focus on cloud security specifically.
“There’s now obviously this overall skills gap, but there’s a more acute gap with respect to cloud security,” Shuftan says. “There’s not as much training and education out there with cloud security as there is with, say, your general information security.”
The program is open any individuals from underrepresented groups who is “seeking to reskill or upskill into the field, who has aptitude and passion for doing so … and sees cloud security as a path for them in the future,” Shuftan says. SANS has reached out to community partner organizations such as Women in Cybersecurity, Black Girls Hack, Women’s Society of Cyberjutsu, and Cyversity, and others to help spread the word about the academy.
Applicants can be currently employed in an entry-level IT or STEM role, but priority may be given to those unemployed, underemployed, or interested in a career change, according to SANS Institute. In addition, applicants must be currently living in the U.S. and have work authorization as a U.S. citizen or permanent legal resident. Applicants do not need a college degree.
“If anything, I think this is part of that movement of ‘you don’t need a four-year degree to get a job in cybersecurity.’ And I know Google, many of the leaders there, feel the same way,” Shuftan says.
The SCDA application window opened March 1 and ends April 14, 2023. Shuftan expects the first cohort to have a minimum of 25 participants. They will have roughly seven months to complete the program. While students can earn up to three certifications, even those who earn one GIAC certification, “especially in Cloud Security Essentials, they’re absolutely employable in an entry role,” Shuftan stresses.
As part of SANS’ mission, participants who complete the program will have access to the career center “and a team that focuses on placing students going through these types of programs, so that they will have career services support … in finding job opportunities, engaging employers, webinars, building a resume, [and] getting it reviewed.”
While Google may hire some from the cohort, Shuftan says, “they do not intend to hire the bulk of them. They’re [Google] definitely doing this because it’s core to their mission and values as well, not just for their own hiring purposes.” While discussions on the future of the SCADA beyond this first seven-month program are still underway, “we anticipate that there will be a second cohort following soon after the first,” Shuftan says.
SANS’ commitment to diversity, equity, and inclusion, along with its mission to help close the cybersecurity skills gap, dovetail with the SCADA.
“Diversity, equity, and inclusion’s extremely important to SANS. It’s how we got into kind of this mission program/reskilling space and we want to have the biggest impact we can there,” Shuftan says. “And at the same time, we are hearing from both SANS’ customers on the commercial side as well as our own curriculum team that cloud security is so important and it’s evolving constantly. And for an industry to evolve in the best way possible, you need diversity in it, people who come from different backgrounds and think in different ways to solve problems. And there’s lots of challenges cloud faces as things evolve. So, we see them as really tied together. [With] cloud security evolving and the focus on DEI really coming to the forefront, it naturally felt right, and to work with an org like Google to bring a solution to that or hopefully a model of a bigger solution.”
Have a good works in the channel/paying-it-forward or not-for-profit story to share? Email me at email@example.com.