SANS Institute has partnered with Google to launch the SANS Cloud Diversity Academy (SCDA), which will provide training and certifications to Black, Indigenous, and People of Color (BIPOC), women, and other underrepresented groups. The SCDA aims to reduce the skills gap in the industry, with a particular focus on cloud security, while also creating a more diverse and inclusive workforce. The academy will provide scholarship-based training of up to three SANS courses and the associated Global Information Assurance Certification (GIAC) certifications, the gold standard in the industry.
“SANS over the past eight years has been involved, both as the lead and sometimes as a partner, on what we would call re-skilling efforts or talent pipeline efforts to grow and diversify the cybersecurity workforce,” says Max Shuftan, director of mission programs and partnerships at SANS Institute. SANS has partnered with Google on several of those programs, with good success, according to Shuftan. The two organizations began a conversation over the past year to build on that success, but to focus on cloud security specifically.
“There's now obviously this overall skills gap, but there's a more acute gap with respect to cloud security,” Shuftan says. “There's not as much training and education out there with cloud security as there is with, say, your general information security.”
The program is open any individuals from underrepresented groups who is “seeking to reskill or upskill into the field, who has aptitude and passion for doing so … and sees cloud security as a path for them in the future,” Shuftan says. SANS has reached out to community partner organizations such as Women in Cybersecurity, Black Girls Hack, Women’s Society of Cyberjutsu, and Cyversity, and others to help spread the word about the academy.
Applicants can be currently employed in an entry-level IT or STEM role, but priority may be given to those unemployed, underemployed, or interested in a career change, according to SANS Institute. In addition, applicants must be currently living in the U.S. and have work authorization as a U.S. citizen or permanent legal resident. Applicants do not need a college degree.
“If anything, I think this is part of that movement of ‘you don't need a four-year degree to get a job in cybersecurity.’ And I know Google, many of the leaders there, feel the same way,” Shuftan says.
The SCDA application window opened March 1 and ends April 14, 2023. Shuftan expects the first cohort to have a minimum of 25 participants. They will have roughly seven months to complete the program. While students can earn up to three certifications, even those who earn one GIAC certification, “especially in Cloud Security Essentials, they're absolutely employable in an entry role,” Shuftan stresses.
As part of SANS’ mission, participants who complete the program will have access to the career center “and a team that focuses on placing students going through these types of programs, so that they will have career services support … in finding job opportunities, engaging employers, webinars, building a resume, [and] getting it reviewed.”