Nanyang Polytechnic

Nanyang Polytechnic Trains the Next Generation of Cybersecurity Professionals with Tenable Nessus

According to the 2022 (ISC)2 Cybersecurity Workforce Study, the cybersecurity industry is experiencing a global shortage of 3.4 million workers.

Despite staffing shortages, organizations continue to deploy and adopt software at an accelerated pace. Ideally, organizations scan applications for vulnerabilities early in the software development lifecycle when they are easier and less costly to remediate. Unfortunately, teams that are short staffed may not have the resources, so applications are pushed to production with vulnerabilities that put sensitive data at risk. Organizations that are lucky enough to increase headcount need new employees who can hit the ground running.

Nanyang Polytechnic (NYP) is doing its part to train the next generation of cybersecurity professionals, and NYP’s educators have incorporated industry-standard tools that learners are likely to encounter in the workplace. One of those is Nessus® from Tenable.

“Nessus is one of the leading tools used by the security industry for vulnerability assessments,” says Tin Aung Win, Lead Specialist of Cybersecurity, School of Information Technology, Nanyang Polytechnic. “Its comprehensive solutions help users better understand the situation and identify workable solutions to fix these vulnerabilities.”

Vulnerability Management is Central to Singapore’s Security

The less time required to train new hires on the technology stack and tools an organization uses, the faster new employees can deliver value. This is particularly true of cybersecurity professionals who are early in their career and have not had the time to acquire experience with enterprise-grade tools.

To ensure that learners are trained with the relevant skills for the workforce, NYP offers two cybersecurity pre-employment training (PET) programs, as well as customized Continual Education and Training (CET) programs for local enterprises that want to upskill or reskill their existing workforce. As part of their cybersecurity training, learners from NYP’s School of IT will be taught to use Nessus. Nanyang Polytechnic began teaching Nessus in CET courses in 2022 and included Nessus for the PET curriculum starting in 2023, as it is a fast-growing area in cybersecurity.

At NYP, CET learners are exposed to real-life vulnerability management scenarios and tasked to use Nessus to uncover these vulnerabilities. Nessus ranks the risk level of each relevant hazard and offers recommendations for remediation. Learners can then prepare customized reports for their instructors or executive summaries for organizational leaders in real-world learning situations.

The software's capabilities resonate with the learners. Given the successes from the academic partnership with Tenable, NYP plans to incorporate Nessus into its three-year cybersecurity diploma program.

“Using a leading commercial tool like Nessus in the classroom enables our learners to have actual hands-on, practical training in skills relevant to the actual role they’ll perform at the workplace,” says Win.

Nanyang Polytechnic Prepares Learners To Face Tomorrow’s Cybersecurity Challenges Today

Entering the job market with hands-on experience with Nessus will help NYP’s cybersecurity program graduates stand apart from other candidates.

“To ensure that our learners are equipped with in-demand skills, we rolled out the Nanyang Polytechnic Professional Competency Model (NYP-PCM) in 2020. Through the NYP-PCM, we work with leading industry partners to co-develop and co-deliver curriculum and co-certify our learners with industry certification. This allows them to be immediately productive at the workplace," says John Lim, Manager, School of Information Technology, Nanyang Polytechnic.

Learners are also aware of the value of using enterprise-grade tools in the classroom. “Adult learners looking to upgrade their cybersecurity skills increasingly ask what tools we use in our courses. With the addition of Nessus to the training tool set, we believe more learners will be keen to join our cybersecurity courses,” says Win.

Using Nessus in the classroom also improves the learning experience itself. Learners preparing for a job in cybersecurity have a lot to learn in a finite amount of time — just as cybersecurity professionals on the frontline have a limited time to find and remediate security vulnerabilities. Built for security practitioners by security practitioners, Nessus was designed with a single focus of providing a streamlined experience for security professionals to find and fix vulnerabilities faster and more confidently.

The intuitive approach to navigation and user experience means learners pick up on it easily, and educators can focus on what’s important — the fundamentals of vulnerability assessment — rather than the mechanics of how to use a tool. As a result, learners graduate with a firm foundation that will serve them and their employers well, regardless of how the threat landscape changes in the future.