To help tackle the skills deficit in cloud security, the SANS Institute and Google have launched a new academy focused on providing scholarship-based training for underrepresented groups. Credit: NDAB Creativity / Shutterstock SANS Institute has launched the SANS Cloud Diversity Academy (SCDA) in partnership with Google, to help provide training and certifications to women, ethnic minorities, Indigenous people and other groups that are currently underrepresented in the cybersecurity sector.A 2022 report by Cybersecurity Ventures found that women make up only 25% of the cybersecurity workforce globally, while an Aspen Digital Tech Policy report from the same year found that only 9% of cybersecurity experts are Black, about 8% are Asian, and 4% are Hispanic.In order to reach potential students, SANS Institute conducted extensive media outreach in the tech industry as well as diversity-focused publications, while also working with over a dozen community partners, such as Women in Cybersecurity, Black Girls Hack, Women’s Society of Cyberjutsu, and Cyversity, to help spread the word, according to Max Shuftan, director of mission programs and partnerships at SANS Institute He said that the institute also uses social media, partnerships, and has a referral process in place to reach potential students. SANS academy focuses on cloud securityWhile the (ISC)² professional cybersecurity association estimates that the overall global cybersecurity workforce gap currently stands at around 3.4 million people, SANS and Google have designed this academy specifically to focus on providing participants with the skills to secure cloud infrastructure and sensitive data.“SANS Cloud Diversity Academy will be placing a particular emphasis on developing skills related to the unique threat landscape of the cloud,” Shuftan said. “While we recognize that there are many important skills needed to succeed in cybersecurity, we believe that a deep understanding of cloud security is critical given the increasing reliance on cloud computing and the unique challenges it presents.” He said that the academy will be focused on providing scholarship-based training programs of up to three SANS courses and the associated GIAC certifications. These will specifically address the challenges of securing cloud environments, such as those related to cloud architecture, identity and access management, and data protection.Applicants can currently be employed in an entry-level IT or STEM role, but priority may be given to those unemployed, underemployed, or interested in a career change. Applicants must also be able to demonstrate an aptitude and passion for security, currently reside in the US and be authorized to work there.The core curriculum for SCDA provides training for GIAC Cloud Security Essentials (GCLD) and GIAC Public Cloud Security (GPCS) certifications and successful program particpants must first pass the GCLD exam before proceeding.“[The GCLD] course covers real-world lessons using security services created by Google Cloud Platform, Amazon Web Services (AWS), and Microsoft Azure, as well as open-source tools,” Shuftan said, adding that each section of the course features hands-on lab exercises to help hammer home the lessons learned.After passing the GCLD Examination, students will then take the GPCS Certification exam, which provides cloud security practitioners, analysts, and researchers with an in-depth understanding of the most popular public cloud providers, including Amazon Web Services, Microsoft Azure, and Google Cloud Platform.In total, SCDA plans to offer a minimum of 25 scholarship places. The announcement comes just as the White House unveiled its National Cybersecurity Strategy. The strategy is the result of months of discussions among more than 20 government agencies and consultations with private sector organizations and ultimately outlines a number of fundamental changes in how the US will allocate “roles, responsibilities, and resources in cyberspace.”The fourth pillar of the strategy calls for a strengthening of the US’ cybersecurity workforce, to tackle the lack of diversity among cybersecurity professionals through the implementation of a National Cyber Workforce and Education Strategy.Shuftan said that SCDA directly supports the US government’s objective of developing a national strategy to strengthen the country’s cybersecurity workforce and tackle the lack of diversity in the field head-on.“We are committed to reducing the talent shortage and driving greater diversity, equity, and inclusion, ensuring careers in cybersecurity are well within reach for all Americans,” he said. Related content feature Low-tech tactics still top the IT security risk chart USB-based attacks, QR codes for phishing and social engineering continue to be some of the most effective, now more dangerous with the help of AI. By Rosalyn Page May 14, 2024 9 mins Cyberattacks Social Engineering Data and Information Security how-to Download the SASE and SSE enterprise buyer’s guide From the editors of our sister publication Network World, this enterprise buyer’s guide helps network and security IT staff understand what SASE (Secure Access Service Edge) and SSE (Secure Service Edge) can do for their organizations and how t By Neal Weinberg May 13, 2024 1 min Remote Access Security Network Security Enterprise Buyer’s Guides news IntelBroker steals classified data from the Europol website The agency said core operations remain unaffected even as IntelBroker claimed to possess classified, law enforcement data. By Shweta Sharma May 13, 2024 3 mins Data Breach Hacker Groups feature Ridding your network of NTLM The path to eradicating this ancient protocol and security sinkhole won’t be easy, but the time has come for its complete eradication. By David Strom May 13, 2024 8 mins Authentication Windows Security Network Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe