[jjav]

Absolutely. Cybersecurity is not a field you can (well of course you can, but not with legitimate effectiveness) approach as an isolated field of study. To be effective you must have a reasonable experience and skill in programming, and in operating system internals, and in the network stack from the highest to the lowest level. You'd do well to also have experience in hardware and QA and you really need aptitude and hands-on experience actually breaking into things, not just in making things work. The last one is often hardest, plenty of brilliant people know how to build things but lack the mindset to break them.

So in this sense it is true there is a significant shortage of qualified cybersecurity people to fill the roles.

The mistake is that institutions try to fill that shortage with some undergrad program (or worse, certification) which of course can't build expertise in all the above fields in a few years. So that graduate is nearly as unqualified after graduation as before.