When the Fordham Center for Cybersecurity was created, said director Thaier Hayajneh, Ph.D., he and his colleagues “built it from the ground up.”

Now, thanks to a $3 million grant from the National Security Agency (NSA), Fordham will be leading the charge to help Historically Black Colleges and Universities and Minority-Serving Institutions build their own cybersecurity programs, as well as gain access to established programs.

Fordham will serve as the lead institution for the Cybersecurity Education Diversity Initiative Coalition (CEDI), which aims to help address the “severe shortage” of cybersecurity programs at these institutions.

“It has been known nationwide that there is a shortage in resources and expertise and opportunities for these minority institutions,” Hayajneh said. “And the NSA wants to shorten that gap.”

Hayajneh and Amelia Estwick, Ph.D., director of the National Cybersecurity Institute at Excelsior College, will serve as the co-chairs of the CEDI Coalition.

About half of the grant will be given to “subawardees”—other institutions with established cybersecurity programs. They will come up with innovative solutions to help minority-serving institutions (MSIs) develop cybersecurity programs. Fordham’s Center for Cybersecurity and the two co-chairs of CEDI will oversee their plans and ideas, which could include turning existing cybersecurity clubs into full programs, inviting students from MSIs to join competitions, hosting workshops for faculty, and allowing for students to transfer from MSIs to colleges with a cybersecurity degree program.

“We will supervise them; we will make sure they deliver what they have promised to serve the minority institutions and historically black colleges and universities,” he said.

Hayajneh said with the other half of the grant, CEDI will reach out directly to HBCUs and minority institutions to provide funding for them to either establish a cybersecurity program or support an existing one. The coalition will then help these programs earn designation as a “Center for Academic Excellence in Cybersecurity Education,” which Hayajneh described as “the ultimate goal.” The Fordham Center for Cybersecurity received its CAE designation in 2017.

“We will provide them with whatever they need in terms of curriculum and we will allow other universities to share their curriculum,” Hayajneh said. “We will share faculty online or as guest lecturers. We’ll hire faculty from CAE institutions that are located, geographically at least, close to the universities.”

They will also provide advisers and mentors to minority students and support their participation in competitions or cybersecurity activities, he said.

Hayajneh said he’ll draw from his experience in developing hands-on, practical curriculum.

“We try to teach the students how to do things and how to actually get the job done when they are hired,” he said. “We focus a lot on how to tackle problems that they will face in their real life out in the real world.”

Hayajneh said that often when people, particularly those from underrepresented communities, think of cybersecurity they think it only involves computer science and programming.

“That was one of the obstacles that faced most of the students, and in particular children from underrepresented communities—they wouldn’t be confident to come and study cybersecurity,” he said. “They feel that they will be overwhelmed or they will not have a chance. So we’re trying to change that nature and bring more diverse backgrounds and more diverse students into cybersecurity.”

One of the ways to address that misconception and attract a more diverse workforce to cybersecurity is to attract students from other disciplines, including business, criminal justice, and political science, Hayajneh said.

“The NSA and other agencies have realized that there’s a huge shortage in the cybersecurity workforce, so they are trying to encourage more of what we call the ‘soft side of cyber’ and encourage students from other disciplines to come to cyber,” he said. “Cybersecurity is way beyond just malware detection or operating system security.”