By 2nd Lt. John Johnson, Department of Computer and Cyber Sciences
/ Published November 02, 2018
The creation of the Internet has opened a world of possibilities for communication and the distribution of information. It’s allowed for unprecedented coordination and research and spread to every corner of the globe. The benefits can be seen with the wide variety of services available online, such as social media, search engines, ecommerce and more. But, ease of connection often comes with an overlooked price.
As we connect more pieces of our lives to this enormous digital puzzle, we open ourselves to losing control over who has access to our personal information. Cyber criminals constantly seek methods to steal identities, banking credentials, and personal information from victims with little agency or ability to ensure the security of their sensitive online data. The threats to the U.S. loom large, as critical infrastructure connected to the Internet is a target with increasing surface area. There is no shortage of examples of devastating effects from such attacks.
This year, the City of Atlanta’s government offices were held hostage by ransomware for five days. Last year in the UK, a targeted attack on hospitals severely hindered patient care and the hospital staff was unable to access medical records. An attack against Facebook compromised the information of 50 million users in September. And the list grows.
Luckily, members of the cyber security community work tirelessly to protect and mitigate the frequency of successful attacks. These experts perform a variety of tasks, from implementing network security controls to protecting computer systems, finding vulnerabilities, tracking criminals, responding to intrusions and managing enterprise networks. There’s just one problem: there are not enough of them.
In 2015, an estimated 209,000 cyber security positions in the U.S. and 1 million worldwide went unfilled. More surprising is this number of unfilled positions is expected to increase to 1.5 million in 2019. Increasing demand has led to dramatic rise in salaries; entry-level positions have reached an average salary of $65,553 and many positions now pay six figures. So the question is: how do students enter this emerging career field?
The cyber security field can be a great fit for anyone interested in computer systems, or programming or who enjoys creative problem solving, critical thinking, or crisis response. There are multiple specific tracks within the field to choose from, so students can find something that aligns with their interests.
Security architects and system administrators are experts in network defense who design, implement and monitor the security of a network. They are essential to the defense of an organization’s computer systems. Students interested in design or creative thinking may enjoy this particular branch. It requires being vigilant and constant learning to keep up to date with the details of new attack methods and how to defend against them.
Security analysts and penetration testers look for vulnerabilities by checking the security implementations of system architecture. Analysts implement policies to react to potential intrusions. This would suit people who are methodical, organized and good at planning ahead. Cyber security is reviewed by actively testing the network defenses. Penetration testers perform assessments by mimicking a threat and trying to gain unauthorized access to a network. This is a great career field for students who are able to think “outside-the-box”.
Computer forensics experts determine the method of attack, the extent, and attribution. Forensics is an incredibly important skill in the aftermath of an attack. However, dealing with intrusions is mainly the responsibility of subject matter experts trained in mitigating lasting effects from attacks and returning to normal operations. Forensics is great for those who enjoys performing investigations, legal processes, and law enforcement.
Along with the rise in career openings in the field, there has been an increase in cyber security programs at the undergraduate level. The degree programs have a few different names, among them information security; information assurance; cyber operations; network security; information system security and cyber security. Students should focus on a program matching their interests and the specific career path they want to pursue. For students interested in a college with a cyber security program, there are several, readily accessible lists online. One lesser known but fantastic resource is a group of schools designated by the National Security Agency as Centers of Academic Excellence in Cyber Defense and Centers of Academic Excellence in Cyber Operations. These institutions meet criteria for the NSA to accredit them as top-tier programs in the field. There are several programs to choose from on this list and provide a great starting point for finding an institution that meets a student’s needs.