To GAP instructor John Sands, the next generation is everything. He has dedicated his career to teaching and creating programs that fill the cybersecurity education gap that persists today. His work has propelled the cybersecurity field forward by decades.
In addition to his role as GAP instructor, Sands is also the department chair for Computer Integrated Technologies at Moraine Valley Community College and co-founder for the National Center for Systems Security and Information Assurance (CSSIA), a GAP member since 2014. Early in his career, he recognized that schools and universities were lacking cybersecurity programs, let alone offering programs that could produce students who are equipped to meet the dynamic cybersecurity needs of the real world.
Nearly 20 years ago, Sands and his colleagues conducted studies to find out what was preventing schools from adopting security programs. They applied those findings to the curriculum at CSSIA and implemented hands-on labs throughout the program, and today, over 250 schools have duplicated their model. “To see the impact of our program is profound,” he reflects.
Despite all his impressive strategic work at the program level, he still loves teaching. “I love watching the first time students recognize what can be done with the tools (such as penetration testing) to their systems. Most people have no idea as to the level of risk we’re actually at. To take over a machine and interpret the data and do forensics helps students appreciate the seriousness of the situation. Once students grasp that, their whole approach to the class changes.”
A vocal ambassador for experiential learning, Sands has made it a priority to incorporate this element into his programs. He is a believer in the blended education-certification approach and talks to students constantly about the benefits of this holistic view. His is also a big advocate of outside measures that validate skills and of common benchmarks that students must live up to. He feels these things better prepare students for real jobs and gives them an advantage in the workplace.”
Regarding advice for the next generation, Sands teaches an orientation course in which he exposes students to all of the kinds of jobs that exist and the requirements for each, and he believes this kind of introduction to the field is essential. Most organizations want practitioners who can hit the ground running, so he counsels students to get experience in their classes. He says, “You need to be able to do things – not just talk about them. You also need to be able to demonstrate your knowledge.”
At CSSIA, they conduct a third-year student survey, and many students report that the key to their success is the amount of hands-on experience they leave the program with.
Sands asserts, “This is an extremely important field to get into. This is an important message to get out, especially to high school students. The opportunities in this field are just as good as in the medical and legal fields, and while there are many more lawyers than jobs, information security is suffering from a dire shortage of qualified professionals. We need bright minds to help protect our critical assets.”
So, what’s left for someone so driven and accomplished to do? A member of the U.S. Navy for six years, John is passionate about reaching out to underrepresented groups in the industry, especially veterans. He has created a one-year intensive program for veterans returning from Iraq and Afghanistan. They work with local companies, such as Cisco and Linux, who offer free vouchers for exams and guarantee jobs after veterans complete the program.
Sands comments, “If we just invest in veterans, the profession will benefit immensely. They bring so much to the table. I am amazed by how quickly we’ve been able to bring them through advanced training. We work closely with the Illinois Department of Veterans Affairs, which provides additional services to help veterans transition to a civilian career. It’s my favorite project.”
Through the Global Academic Program (GAP), (ISC)²® collaborates with an ever-expanding network of university partners to establish a joint framework for delivering essential skills to support the growth of a qualified information security workforce. For more information on the (ISC)2 Global Academic Program, please visit https://www.isc2.org/global-academic-program/default.aspx.