Microsoft launched a training program for community college students on Thursday in an effort to fill 250,000 cybersecurity jobs by 2025.

The company will make its cybersecurity curriculum available for free to all public community colleges across the country and offer 25,000 scholarships. It will also train faculty at 150 community colleges through a grant and partnership with the National Cybersecurity Training and Education Center at Whatcom Community College in Bellingham.

Many data breaches companies and organizations have suffered “could have been prevented or substantially mitigated … if they had applied cybersecurity best practices,” Brad Smith, president and vice chair of Microsoft, said in a news conference. But one of the biggest problems is that institutions “don’t have the people they need to fill the jobs they’ve created.”

For every two people in America who work in cybersecurity, there is a third position that is unfilled, according to CyberSeek, which collects data on cybersecurity employment. With 464,000 cybersecurity jobs open nationally, Microsoft’s goal is to help fill half those positions with this campaign.

It adds to a growing list of investments the company has made to combat cybersecurity threats. In August, the company said it would invest $20 billion over the next five years to add further protection for its customers. And the company will invest $150 million to help government agencies boost protections for the public as part of a White House campaign to partner with the private sector to improve cybersecurity.

Smith said the average cybersecurity professional earns a salary of $105,800. He said this campaign is not only an opportunity to get more people into these high-paying jobs but also a way to make the profession more diverse. More than 80% of cybersecurity professionals are white, and 80% are male, but 40% of community college students are Black or Hispanic, and 57% of students are women, Smith said.

Advertising

The initiative comes just days after Microsoft flagged that Russian-backed hackers have been targeting government and corporate computer networks since the summer. The company said these hackers are the same actors that in 2020 targeted customers of SolarWinds, a Texas-based IT company, which led to significant federal government data breaches.

In March, Microsoft suffered a cyberattack of its own when Chinese hackers breached the company’s Exchange email server. Unlike the SolarWinds hack, which primarily affected large companies and organizations, small and medium-sized businesses were most significantly affected by the breach.

“We’ll probably … never get to the point where we have enough workers in the field” given how fast technology is changing, said Kathi Hiyane-Brown, president of Whatcom Community College, in the news conference. She said that’s what makes cybersecurity training for new and existing workers so important. “It is an occupation or career that really promotes lifelong learning.”

Microsoft Philanthropies underwrites some Seattle Times journalism projects.