How Do You Get Students to Think Like Criminals?

The skills needed for cybersecurity jobs aren’t easy to learn in the classroom.

Between September 2017 and August 2018, employers in the United States posted 313,735 job openings for cybersecurity professionals. Filling those jobs would mean increasing the country’s current cybersecurity work force of 715,000 people by more than 40 percent, according to data presented at the National Initiative for Cybersecurity Education Conference this month. With the number of unfilled cybersecurity jobs worldwide projected to multiply into the millions in the next three years, it’s no surprise that governments, companies and schools are racing to pour more resources into cybersecurity training and education programs.

As someone who teaches in a rapidly growing computing security program at the Rochester Institute of Technology, this is good news for me and my students. I think we are doing a good and responsible job of training our students, who will be snapped up by recruiters.

But I’ve watched as the field of cybersecurity has become formalized through a flurry of new degrees, certificates and curriculums, and I worry that some fundamental components of what make people really good at security — namely, the instincts to look at systems in unconventional ways and quickly identify possible ways to cause trouble — are being lost along the way.

The idea of degree programs focused solely on cybersecurity is still pretty new. At R.I.T., the bachelor’s degree in security was introduced in 2007, and the dedicated Computing Security department wasn’t formed until 2012. That means we haven’t had a lot of time to debug these programs, especially since, in academic settings, every significant curricular change typically requires several meetings followed by extensive paperwork and committee approval.

The field is so new that nearly every cybersecurity professional over the age of 30 does not have a degree in cybersecurity — many of them don’t even have degrees in computer science, and several don’t have college degrees at all.

Cybersecurity has long been a field that embraced people with nontraditional backgrounds. Following the Equifax breach last year, some critics slammed the company for hiring a chief security officer who majored in music, prompting a considerable backlash from security professionals who took to Twitter to flash their own liberal arts degrees or lack of formal education.

The poster child for the unconventional path to a cybersecurity job is Kevin Mitnick, who was convicted of illegal computer hacking and spent five years in prison before establishing a career as a highly sought after security consultant.

It’s not a coincidence...

To read the full article, and to access many more fascinating news items, please refer to the source.

Source: The New York Times

Topics: Speaking Engagements, penetration-testing firms, Rochester Institute of Technology, Bruce Schneier, cryptography, cybersecurity job, Equifax breach, hacking, increased cybersecurity employment, red-teaming, security consultant, security mind-set, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

Mitnick Security: Ransomware Awareness Training

Ransomware is a type of malware that prevents accessibility to either a single computer or an entire network until a ransom is paid. This can result i..

Read more ›

Mitnick Security: Phishing Awareness Training

Phishing emails are one of the most common social engineering techniques used by threat actors today due to such high success rates. About 3.4 billion..

Read more ›

Mitnick Security Training: QR Code Cybersecurity Test

Nearly 90 million smartphone users in the U.S. alone have used QR codes on their mobile devices. By 2025, that number is projected to grow to 100 mill..

Read more ›
tech-texture-bg