If you can play and win at Star Trek 3-D chess, you just might be a cybersecurity professional.
One challenge in cybersecurity work is that the playing field is constantly changing, and not just in a binary way. That can make training and certification, like a Klingon Bird of Prey, a moving target. Piedmont Technical College (PTC) Computer Technology Instructor Henry Ecker says that people interested in the profession need to be good at time management and willing to constantly learn more to keep abreast of rapid technological expansion and innovation.
“It can be intensive,” he said. Employment for people qualified in cybersecurity is strong, but even the companies doing the hiring can be challenged to refine their job descriptions. “Not everyone knows what they need. So it’s a challenge to get the right people in the right positions. That has always been the problem with computer technology.”
The challenge to stay current is real. Industry author Jack Koziol recently noted that skills in the cybersecurity field have about a two-year half-life. “So everything I know in 2019, if I could know everything there is to know, (only) half of it would be useful in 2021,” he said in an interview.
Job postings for cybersecurity professionals rose by an estimated 7 percent last year. Currently there are approximately 2 million unfilled cybersecurity jobs in the United States, yet there are not enough qualified applicants to fill them. The need is expected only to grow, to an estimated 3.5 million by 2021, according to Cybersecurity Ventures. So the demand is robust for those who are up to the challenge.
“Every single thing that we do runs on a program. All of that is programmed by a programmer,” Ecker said. In everything from banking and retail to health care, communications, and even cars, computers play a critical role. “A lot of what we do when we secure something online is we buy into a concept known as ‘authentication by presentation.’ When you log into an account, you present a username and password, and the assumption is that you are the only person who knows that information. The ‘presentation’ goes towards verifying the identity of the online entity. The problem with using the same username and password for every account is that if someone obtains that information to gain access to one account, they now have access to all.”
One development poised to make a powerful impact on the industry right now is quantum computing, which employs the tiniest, atomic-scale spin transistors to simultaneously encode data in multiple states or levels (qubits versus bits). If you could visualize it in the abstract, it might look kind of like 3-D chess on steroids. Greatly expanding a computer’s capacity and speed, quantum computing on a mass scale, many experts say, remains far in the future.
“It solves so many problems significantly faster than binary computing. That can disrupt everything now in place,” Ecker said. “New development is all over the place. There are so many ways to solve problems, and everyone is trying to find their own way.”
Ecker noted that the cybersecurity concentration program covers many topics on the Certified Ethical Hacker (CEH) exam, a professional certification that can qualify those who pass for job titles like information security analyst, cybersecurity analyst and security engineer. Part of the coursework is taught using the exam’s preparatory material, and Ecker says that the most ambitious students may consider taking the exam.
The average salary for a cybersecurity analyst in South Carolina is more than $70,000 a year. An “ethical hacker” is defined as a non-malicious person who penetrates a computer network for the purpose of evaluating its security, basically using their skills with good rather than criminal intent.
“The U.S. government encourages degree programs in cybersecurity to include an ethics component because we are basically giving you the keys to the kingdom,” he said. “You need to have an understanding of the consequences and impacts of your actions.”
The PTC program is rigorous and comes with reams of content. Three thick books cover content over two semesters; one is a textbook, and two are lab books. “Security tends to be in a league of its own in terms of the amount of content that is covered,” he said.
Christopher Amey, a student who will finish with the program this summer, is not at all daunted by the amount of material covered and the knowledge that he may never be finished learning about it.
“The technology changes on the fly. What’s secure today in just 32 hours can become completely obsolete. It’s a very fast-moving field,” Amey said. “You are never done learning. That is something I enjoy. Learning something new is kind of what we should all strive to do every day.”
Computer technology students in the cybersecurity concentration emerge with a new understanding of the enormous scope their efforts can influence. According to an April 4, 2019, article in Forbes magazine, within the next couple of years, 27 billion devices will be connected around the world. “Any device, on any network, is only as safe as the least-protected device connected to it,” the article states. Clearly, the potential to wreak criminal cyber-havoc in a 5G world is vast.
“I love the courses. I think the curriculum is perfect, and the professors are very responsive,” Amey said. “The material towards the end, like computer forensics, is really hands-on. That is what I think makes the program that much better than others. You are seeing how to do things for yourself in a controlled environment. … I am above and beyond excited to take these classes with these instructors.”
Experts agree that keeping data systems safe will take a village, and that means everyone, not just IT workers. Every employee of every company connected to the internet shares in the responsibility to maintain good information hygiene. Training cannot be emphasized enough. Employees can leave their companies vulnerable to hacking and malware by using company devices on unsecured networks (including home, coffeehouse, or airport Wi-Fi), connecting infected devices to the company network, storing company data on unsecured devices such as thumb drives and laptops, using the same username and password for multiple accounts, and clicking suspicious links or opening email attachments from unknown external sources.
The global cost of a data breach increased 6.4 percent in 2018, to $3.86 million, according to IBM’s Annual Cost of Data Breach Study. Cybersecurity professionals are a company’s first line of defense against potentially crippling losses. Shields up.
For more information about Piedmont Tech’s computer technology program, visit www.ptc.edu/computer.