Matt Zbrog
In 2009, President Obama called cybersecurity one of the most important challenges facing the nation. Ten years later, it’s a clear and present danger. Major cyber attacks have hit government offices in Atlanta, Baltimore, and New Orleans. Four billion records have been breached in 2019 alone, according to Norton, a cybersecurity firm.
The world is more connected than ever before, but developments in technology are progressing faster than our ability to secure them. That’s one reason why the Bureau of Labor Statistics projects that the job market for cybersecurity practitioners (information security analysts) will grow 32 percent nationally between 2018 and 2028—a rate that’s over six times the national average for all professions. But what threats will tomorrow’s cybersecurity professionals face and what skills will they need to combat them?
“Cybersecurity threats and attacks have advanced at scale with the progressions of technology,” says Dr. Michelle Hansen, professor of cybersecurity and digital forensics at the University of Maryland Global Campus (UMGC). “With every new device and emerging telecommunications development come new vulnerabilities for exploitation.”
Whenever a new smartphone is rolled out, new hardware and platforms come with it, ripe for cyberattack. As the Internet of Things enters the mainstream, the most innocuous of appliances can become a point of vulnerability, especially when a manufacturer may cut security features in the name of reducing costs. A chain of connected devices is only as strong as its weakest link. A cheap consumer drone might sell on the basis of fun and convenience, but cybersecurity professionals know that it can also represent the ability to launch distributed denial-of-service (DDoS) attacks, to present advanced persistent threats (APTs), and to deploy ransomware that can harm both the public and the private sector.
“Today’s cybersecurity professionals need to include the technologies that organizations are embracing into their security infrastructure,” Dr. Hansen says. “Cloud storage, mobile devices, telecommuting, and virtualization are now part of many business models and therefore need to be part of any security plan. Organizations must adopt integrated security solutions to capture all gaps in defense and aggressively launch offensive methods to mitigate cyber attacks.”
Cybersecurity professionals live in a vigilant cycle of prevention, detection, and response—and that cycle has sped up. Cyber attacks have become more sophisticated than ever, compromising not just individual data, but national infrastructure. Even cybercrime itself is evolving from the work of a lone individual into the endeavor of organized criminal enterprises. This professionalization of cybercrime is one of the top emerging threats in cybersecurity, according to Dr. Valorie King, program chair for cybersecurity management and policy at UMGC.
“Cybercrime has become CaaS or Cybercrime-as-a Service,” says Dr. King. “Exploit packages (pre-written applications used to attack systems and networks) have transitioned towards a Platform-as-a-Service model where attackers can rent time on computing infrastructures that support and deliver attacks. This adoption of a services-driven business model for cyber attacks makes it possible for anyone to enter into the cybercrime arena.”
But there’s a more insidious threat emerging, one from within the cybersecurity industry itself. As individuals become better trained in cybersecurity practices, it’s possible that some of those individuals will leverage their training for either criminal or terrorist ends. When so much importance is placed on working quicker, faster, and smarter, there’s precious little time spent on hammering home ethical decision-making and moral reasoning. And if people are going to be trained to use technologies that, in a cybersecurity practitioner’s capable hands, are able to deal far more damage than a single gun ever could, the issue may need to be addressed more closely.
“Given the influence of moral reasoning upon individual’s decisions to cause harm or loss to an organization from the inside, it is necessary that we pay increased attention to the moral and ethical foundations of those who are given inside access to information, information systems, and information infrastructures,” Dr. King says. “The alternative is to always operate in a zero trust mode of operations where everyone and every action is monitored and analyzed. One needs to ask if this is the type of society in which we wish to live. Or, put another way, which is the greater threat: trusting someone whose morals and ethics are insufficient, or operating in an environment where there is no trust that the behaviors of cybersecurity practitioners will be ethical and moral?”
Combating the proliferation of sensitive information, intellectual property, and dangerous weapons has always been complex. Cybersecurity tools mimic these in several ways, but enforcement and defense are in some ways even more sophisticated. At present, there are concerns of American-educated cybersecurity professionals selling their trade to autocratic governments who may use that capability indiscriminately.
A cyberattack could come from practically anywhere. The process for response, however, is often quite consistent, and similar to that of first responders in other fields. As outlined by the National Institute of Standards and Technology (NIST), this process can be divided into four phases: preparation; detection and analysis; containment, eradication, and recovery; and post-incident activity. Higher education programs, like the one Dr. King runs at UMGC, reinforce this process through tabletop exercises, live exercises, and other forms of training that reinforce technical skills, business skills, and soft skills.
“You cannot defend what you do not understand,” Dr. King says.
Tech skills will remain a critical asset for cybersecurity professionals in the next five to ten years. Cloud architectures and cloud deployment strategies that are important today will stay important as they move from emerging, to mature, to legacy in the technology life cycle. Data science and data analytics will continue to trend upwards in their importance. But business skills and soft skills will be needed, too, as new business models emerge and marry with technological innovation.
“Defending a business enterprise requires that you understand how that enterprise operates,” Dr. King says. “As new business models emerge, the cybersecurity professional needs to become aware of them, and learn how businesses operate under these previously unknown models.”
The future of cybersecurity isn’t singular. One person can’t specialize in everything. Core skills in Java and Python give a good start, and graduate education builds on a broad foundation, but different employers and professional certifications will splinter off into different niches. With more frequency, aspiring cybersecurity professionals will have to pick a lane early on.
“Are you seeking this career out of a desire to protect and serve?” asks Dr. King. “Or, are you seeking this career to make a better life for yourself and your family through financial rewards and benefits? Or, are you motivated by some other goal or desire? There are no right answers to these questions, but understanding your motivation will help you find the right organizational fit for yourself. Focus your studies on the types of skills and knowledge that are needed and valued by the organizations whose cultures align with your goals for yourself and your career.”
Dr. Valorie King is the program chair for cybersecurity management and policy at the University of Maryland Global Campus, where she also teaches as a professor. She earned both her MS in information technology and her chief information officer certificate from UMGC’s graduate school. Her PhD is in IT organization and management.
Dr. King brings over 30 years of experience as an executive level IT consultant, strategist, project manager, and software/systems engineer. Five of those years were spent with the Department of Defense as a senior IT policy analyst. She also is a senior member of the IEEE professional technical society and she holds the CISSP, CISA, CISM, PMP, and PSEM certifications.
Dr. Michelle Hansen is a professor at the University of Maryland Global Campus, where she teaches graduate courses in cybersecurity and cyberoperations. She received her PhD in computer information systems and cybersecurity at Nova Southeastern University. Her doctoral research into steganography (concealing a file, message, image, or video within another file) led to the development of a “stego” tool that runs in conjunction with an internet browser to detect hidden threats.
Prior to joining the faculty at UMGC, Dr. Hansen worked as an independent network security consultant, performing risk analyses, penetration and vulnerability testing, and comprehensive security assessments for small and medium-sized businesses. At UMGC, Dr. Hansen’s played a critical role in revising the curriculum, achieving program accreditation, and earning the cybersecurity program the distinction of a Center of Academic Excellence by the NSA.
Headquartered between the Department of Defense’s Cyber Command in Maryland and the Cyber Corridor in Virginia, UMGC has one of the most diverse collections of targeted cybersecurity degrees available in the nation. Cybersecurity isn’t a mere division of computer science here; it’s the main event. Students can choose from three bachelor’s degrees, five master’s degrees, and four certificate programs that all share a cybersecurity focus.
Maryland itself is an epicenter for cybersecurity, and UMGC draws on the state’s 12 major military installations, 400 research centers, and 50 federal agencies. But the degree and certificate programs take into consideration the working professional and the evolution of education by administering the curriculums online.
The school’s bachelor of science in computer networks and cybersecurity program lays the foundation. Students learn to design, implement, and administer local-area and wide-area networks, and then apply relevant policies and procedures to secure them. Three- to four-course modules allow students to add a focus in an area like network security or digital forensics. Graduates of this program will be prepared to pass over a dozen industry certification exams.
The master of science in cybersecurity technology program at UMGC explores how cybersecurity technology underpins the success of both private enterprises and national infrastructure. This is a constantly evolving program, and the faculty is advised by a board of industry leaders and employers to ensure the curriculum is covering emerging areas of interest. Core classes include advanced cyber exploitation and mitigation methodologies; prevention of cyberattack methodologies; digital forensics technology and practices; and communicating, problem solving, and leading in cybersecurity.
UMGC has been designated as a National Center of Academic Excellence in Information Assurance and Cyber Defense Education by the NSA and DHS, and as a National Center of Digital Forensics Academic Excellence by the Defense Cyber Crime Center Academic Cyber Curriculum Alliance. The school also hosts the Center for Security Studies, which provides educational resources, networking, and career training opportunities for working professionals pursuing cyber security education.
Matt Zbrog
Matt Zbrog is a writer and researcher from Southern California. Since 2018, he’s written extensively about the increasing digitization of investigations, the growing importance of forensic science, and emerging areas of investigative practice like open source intelligence (OSINT) and blockchain forensics. His writing and research are focused on learning from those who know the subject best, including leaders and subject matter specialists from the Association of Certified Fraud Examiners (ACFE) and the American Academy of Forensic Science (AAFS). As part of the Big Employers in Forensics series, Matt has conducted detailed interviews with forensic experts at the ATF, DEA, FBI, and NCIS.