On 29 January, Virtual Routes Co-Director Max Smeets attended the certificate ceremony for the first-year cohort of Johannesburg Business School (JBS) students taking part in the Google.org Cybersecurity Seminar Program, alongside the program’s annual hackathon.
The seminar at JBS was designed with a very concrete challenge in mind: South Africa’s shortage of cybersecurity professionals. Rather than focusing on prior technical background, the program lowers the barrier to entry and emphasizes hands-on learning. The goal is simple and pragmatic – build local capacity, strengthen economic resilience, and widen access to cybersecurity skills.
At JBS, students work primarily with small and medium-sized enterprises and non-profit organizations in the surrounding community. These organizations are frequently among the most exposed to cyber threats, not because they are uniquely attractive targets, but because they rarely see themselves as targets at all. Limited budgets and limited awareness mean cybersecurity is often postponed until after something goes wrong. The program intervenes earlier, pairing students with real-world problems and real constraints.
The goal is simple and pragmatic – build local capacity, strengthen economic resilience, and widen access to cybersecurity skills.
A key part of the seminar’s strength comes from volunteer practitioners from the private sector, including Orange Cyberdefense, Geekulcha, and Mustard Technologies. These contributors help teach applied skills such as network scanning, service enumeration, web application testing, and safe exploitation techniques – exactly the kind of knowledge students will need in professional practice.
The hackathon put those skills to the test. Student teams were asked to assess a fictitious fast-food restaurant website, working through common but critical vulnerability classes. This included testing authentication and session management (from weak passwords to improper session handling), checking authorization and role-based access controls, probing input validation issues such as SQL injection and cross-site scripting, assessing data handling and encryption, and examining business logic for exploitable flaws.
The winning team presented a clear, structured assessment report during the final showcase, demonstrating not only technical competence but also the ability to communicate findings in a way that a real organization could act on – an often overlooked but essential skill.
Looking ahead, the program will continue to grow. Next year’s cohort aims to include up to 90 students drawn from multiple departments across University of Johannesburg. If this first year is any indication, the impact will not just be measured in certificates awarded, but in stronger local organizations and a growing community of practitioners equipped to deal with the cybersecurity challenges close to home.
