There is a philosophical divide between academics and those in the workforce as to the value of taking security classes in college.As the pace and scale of information security breaches accelerate and the threat landscape becomes ever more sophisticated, cybersecurity leaders must better prepare their organizations and security personnel to withstand the unknown. Today\u2019s leaders must strengthen corporate capacity to mount comprehensive responses to high-impact security events by incorporating economic, human, legal, organizational, technological and socio-political factors into their plans. \u00a0While you hear a lot about the skills gap in technology. And nowhere is that gap wider, many say, than security. Some companies are taking matters into their own hands. For example, Facebook is trying to teach middle schoolers how to hack so it might raise a generation savvy in security.To gain the security skills most needed at many companies, students and graduates will have to take a counterintuitive approach to their education and career, said Shawn Burke, Global CSO, Sungard AS. To counter that argument, Alan Usas, director of Brown University's Executive Master in Cybersecurity program, believes these skills and knowledge can be best learned on a college campus.Stay in schoolUsas discusses why it is beneficial to learn about security in a controlled setting like college.1. Building resilient IT systems that limit cyber riskLeaders need practical skills to meet the challenges of building and managing agile, resilient information technology systems and combatting cyber risks. This means juggling the costs and risks that are part of every security and privacy decision, and effectively competing for the internal corporate resources essential for security. \u00a0The best leaders must deepen their understanding of global security best practices and heuristics, apply their security and business knowledge and expertise to strategic planning as well as on-the-ground decision-making, and hone their leadership and operational skills.2. Factoring in that troublesome human element \u00a0Security is not solely, or even primarily, a technical problem. Major security concerns stem from the ways people interact with technology so the human factor is central in the risk and response equation. Proactive cybersecurity leaders consider the strengths and weaknesses of human agents by learning how human behavior exposes the organization to cyber risks; how to deploy nimble, knowledgeable teams to address them; and how to increase security awareness in all users. Leaders and their teams must consider workflows, tradeoffs between usability and security in how systems are designed and how corporate policies are established, ways to deter and detect intentional and accidental insider threats, and other human factors. \u00a03. Leveraging law, policy and governance structures Cybersecurity leaders leverage law, policy and governance practices related to information sharing within and across the private and public sectors, the protection of critical infrastructure, the defense against cybercrime, Internet governance, and the complexity of international law to privacy, security and to\u00a0cyber conflict. Accomplished cyber leaders address the challenges of network and computer insecurity across organizational, national and international boundaries while upholding civil liberties and other fundamental values.4. Securing privacy and data protection globallyWith the world going digital and humans surpassing machines as the preferred target of cybercriminals, protecting personal data and privacy has become a critical security issue. \u00a0Cybersecurity leaders can no longer rely solely on familiarity with HIPAA and other US consumer protection laws - today they need to understand privacy protection and legislation around the world. The privacy and autonomy of the individual in relation to the state as well as the corporation, the concept of privacy by design, and the emerging privacy and data protection challenges that arise from technological advances such as drones, driverless cars and the Internet of Things are just the tip of the iceberg as cybersecurity leaders seek to ensure privacy and data protection.5. Getting results by influencing others with effective communicationCybersecurity no longer operates in the IT silo but is an organizational drama in which every employee has a role in protecting critical assets, managing risk and achieving business goals. Cybersecurity leaders have to translate the impact of cyber attacks into compelling business terms such as lost revenue, productivity or profitability to ensure that all stakeholders, including employees, board members and shareholders, understand the risks and potential impact of security vulnerability. Being a persuasive communicator, change manager, negotiator, conflict resolver and champion of ethical action are the soft skills that today\u2019s cybersecurity leaders need at their fingertips.6. Anticipating the future of technology and its security challengesImportant technological and societal security challenges are coming in the next three to five years as new cyber threats emerge, network-connected devices form the \u2018Internet of Everything\u2019, and legal frameworks and social norms about cybersecurity evolve. Cybersecurity leaders must anticipate and plan for the legal, policy, economic and human challenges of emerging technologies and be ready to implement socially acceptable, defensive strategies that guarantee business success.A waste of timeBurke counters says studying security in school is not the best use of your time. He gives these reasons why.1. Don\u2019t study securityYou can be more valuable to an organization if you\u2019re well versed in networking or development or some other discipline and are able to apply security logic to that. It\u2019ll help you better understand and anticipate vulnerabilities than simply chasing the latest threats with \u201cbest practices.\u201d2. Don\u2019t over-specializeWhen you look for your primary discipline, avoid getting too specific. Let\u2019s say you\u2019re a Check Point expert \u2013 that\u2019s great, but what if your future employer uses Cisco firewalls? Instead, be a firewall expert and know all the different technologies that might apply.3. Know your discipline inside and outPerhaps this goes without saying, but the better you know your field, the better you\u2019ll grasp its security issues. If you\u2019re studying firewalls, for example, understand packet flow, where to place equipment, how to analyze raw data, and how to better prevent threats.4. Find the security path in your fieldIf you\u2019re great at coding, you can go to the application side of the house and figure out how to make apps secure \u2013 a valuable service to many organizations. If you\u2019re in network engineering, you can help figure out how to orchestrate solutions to denial-of-service attacks. For every discipline, there\u2019s a security need.5. Pick up leadership skillsYears ago Burke was looking for someone to run a vulnerability management program, and during interviews, he asked different candidates how they\u2019d position the team, organize and delegate the work, and manage the employees. From some of the answers it was clear that the person had no idea what they were doing. And that\u2019s for a pretty fundamental position. Hone your leadership skills for the higher-level positions later in your career.6. Gain experience at the right companyIn general, you\u2019re better off at a service provider helping multiple, different organizations than working in-house at one company. Security policies are easier to apply for company employees by simply preventing users from engaging in a certain behavior. Those rules don\u2019t always work when you need to accommodate complex solution requirements from various clients that stretch the boundaries of security policy. Instead of saying \u201cno,\u201d you are challenged to become more creative in figuring out ways to implement different infrastructures that keep a company running and secure.7. Keep your skills freshTechnology evolves too fast to focus on the same technologies for an entire career. The best employees keep their skills sharp, get involved with peer groups, and continue learning new technologies and practices relevant to their area of specialization.\u00a0You know you\u2019re working for a good company if it incents you to expand your knowledge base.