As technology increasingly integrates with almost every aspect of our lives, the opportunity for criminals to access computer networks, disrupt the day-to-day business of a wide range of organizations and steal valuable personal and commercial data becomes an ever-present danger. To counterbalance this threat, there is a growing demand for IT security experts who have the skills to protect computer networks against cyberattacks. For those up for the challenge, a cyber security degree from Troy University could be their first step to a fast-moving, high-tech career in computer security.
Dr. Bill Zhong, Department Chair and Associate Professor in TROY’s Computer Science program, developed his interest in cyber security after initially studying electrical engineering and computer science. According to Dr. Zhong, this indirect route into cyber security is fairly common among his industry peers and many of his students in the cyber security degree program.
“I had my Ph.D. in computer science,” says Dr. Zhong. “My research area was in fiber-optic networks, so it had very little to do with cyber security, but over the years, things started to change. I began to realize that we were facing many more security threats than used to be the case. Improving computer security became a priority and a lot of people, including me, started moving in that direction.”
What is Cyber Security?
Cyber security professionals protect computer networks from cyberattacks that seek to disrupt the commercial activities of a business, steal valuable commercial and personal data and exploit organizations that rely on the secure flow of data across computer networks.
According to Dr. Zhong, you don’t need to look deeply into the news to see how cybercrime affects us all.
“Cyber security is a problem for everyone,” says Dr. Zhong. “It doesn’t only affect large-scale organizations — it’s increasingly a problem for small business owners and even individuals.” In fact, one study found that 68% of business leaders feel their cyber security risks are increasing.
Citing recent examples of cyberattacks to hit the headlines, Dr. Zhong refers to a reported “ransomware attack” on Universal Health Services (UHS) — one of the largest health care providers in the U.S., and a “Distributed Denial of Service (DDoS) attack” on the popular flight-tracking website, Flightradar24.
While the nature of these attacks differed, they essentially prevented both organizations from operating their business as normal by preventing staff from accessing business-critical and potentially highly sensitive data. Ultimately it led to both companies having to take their services offline. In any business, this downtime costs money and can potentially damage a business’s reputation.
The motivation behind these cyberattacks is often the opportunity to extort money from the organization before allowing them to resume business activities. Surprisingly, Dr. Zhong admits that many organizations’ only line of defense is to actively engage with their attackers and pay these ransom requests.
“Resources are often limited,” says Dr. Zhong. “Many organizations don’t have the expertise to look into this issue, so they weigh the costs and benefits of paying these ransoms. Often, these are not extraordinary amounts of money. The hackers could say, ‘If you pay us $50,000, we’ll let you get your network back,’ so companies just pay the money.”
Dr. Zhong admits this approach is problematic and may actively encourage cybercriminals to be more proactive in their attempts to breach security networks.
“From a professional viewpoint, companies shouldn’t do it,” says Dr. Zhong. “This just gives criminals an incentive to be even more aggressive the next time. However, I do understand if I was in their shoes, and in that situation, I might have a different opinion.”
Unquestionably, the financial impact of escalating cyberattacks can be considerable for a business or organization. A study of over 350 companies found that the average cost of cybercrime for each company was over $13 million in 2018, an increase of 72% over the previous five years.
Cyberattacks: The New Front Line
There are no doubt innumerable benefits to living in a world connected by technology, but that interconnectedness is also a source of danger — from far and near. According to Dr. Zhong, the front line in the war against cyberattacks is continuously moving. Attacks can come from anywhere on the planet but they are just as likely to come from a source closer to home.
“In this day and age, the biggest challenge we face is from ubiquitous devices,” says Dr. Zhong. “Computing is everywhere. It’s on your cell phone, it’s in wearables like your iWatch, it’s everywhere. The amount of technology available to just about everyone today was not imaginable 10 years ago.”
With so many devices capable of connecting to computer networks, Dr. Zhong warns that network owners need to be constantly on their guard.
“Obviously there needs to be a policy governing what kind of devices you can use in an organization, what kind of storage devices you can plug into devices and who can access the computers,” says Dr. Zhong. “However, the most sinister threat is an employee acting maliciously within the system. You can use software to detect many external threats but if you have a mole in the system, that’s so hard to detect and becomes a big problem.”
Dr. Zhong believes it is getting easier for those with malicious intent to attack a network. Software scripts used by hackers can easily be purchased and even rented on the dark web.
“It’s getting easier for someone that’s perhaps not so well-versed in computer science to be a hacker now,” says Dr. Zhong. “A high school student who knows their way around a computer and has exposure to one of those sites can become a hacker.” The problem is often compounded by the fact that many organizations simply don’t know when their security networks have been breached. And some organizations seek to hide a breach in their security networks when they occur. Globally, governments are introducing regulations, such as the European Union’s General Data Protection Regulation (GDPR), which addresses this issue and demands greater transparency from organizations following a breach. Dr. Zhong believes the U.S. is moving in that same direction.
With the threat of cyberattacks coming from near and far, and data sources spanning international borders, cyber security professionals need to be equally well versed in the use of technology to defend their networks and the laws and regulations that govern how data is managed. There is also an element of criminal justice involved when cyber security professionals are tasked with preserving digital forensic evidence following cyberattacks.
Defense Against Cyberattacks
Dr. Zhong believes the first step any organization should take to defend against cyberattacks should be to hire an expert who can help fend off potential security breaches. This could be on an ad hoc consultancy basis or as a full-time position.
“There are basic things organizations can do to boost their network security, such as installing firewalls and making sure software is kept up to date,” says Dr. Zhong. “A medium-sized business should preferably have its own in-house cyber security specialist. This person will look at their network and online traffic and constantly fend off malicious threats. Often you are dealing with small data breaches. In that situation, a typical in-house specialist will be able to handle the situation.”
Lacking in-house security expertise, many companies have to hire outside specialists in the event of a large-scale attack. These attacks may also lead to a reassessment of security priorities for some organizations. “Many organizations don’t have an in-house person, that’s the reality of it,” says Dr. Zhong. “Given the increasingly widespread nature of cyberattacks, it becomes more and more tenable for business owners to look into this and say ‘OK, maybe I should have someone in-house to tackle these issues.’”
As cyberthreats impact more small businesses and even individuals, Dr. Zhong suggests that the computer securityindustry will have to develop new business models to offer an affordable and scalable IT security solution — even perhaps, a “cyber doctor” on call.
“Most small businesses wouldn’t be able to afford or justify hiring a dedicated cyber security professional to protect them against cyberattacks,” says Dr. Zhong. “However, they may be persuaded to share the resources of a professional who can look at their network security every few months and be ‘on-call’ should anything happen.”
With the right business model, the sizable small business market presents a significant opportunity for the already buoyant computer security industry, creating job opportunities for those with the right cyber security training.
Who Should Study for a Cyber Security Degree?
TROY’s cyber security degree program is designed for professionals who will work within the world of information technology (IT) and provide crucial protection to future clients and organizations.
As you work your way through TROY’s cyber security degree program, you will learn from seasoned faculty members who are dedicated to providing you with the understanding and skills you’ll need to help others protect important (and sometimes classified) information and digital assets. Upon graduation, you’ll possess the professional tools for a career in computer science and the ability to craft organized methods of detection, prevention, countering, and recovery methods for your future clientele.
“If you have a military background, this is an industry that is particularly suited for you,” says Dr. Zhong. “There is a great deal happening in the U.S. military that deals with cyber defense. Many who work in this field during their military careers eventually become a practitioner in the civilian field. They know there is a big threat out there.”
According to Dr. Zhong, ex-military personnel are highly attractive to recruiters due to their experience in working on projects requiring top-level security clearance. This is particularly important when you consider cyber securityprofessionals have access to incredibly sensitive data, inside knowledge of potential vulnerabilities in a computer network, and potentially may be called on to work with law enforcement to preserve evidence and identify potential cybercriminals.
“Many military service personnel have top-secret security clearance and that’s a real benefit in some areas of cyber security,” says Dr. Zhong. “If you are a civilian, it can be difficult to get that same kind of security clearance.”
While specific courses vary from year to year, the curriculum covers cybercrime, computer forensics, cryptography, ethical hacking, secure software development, and cyber security techniques and practices.
TROY also offers a cyber security minor for undergraduates as well as a graduate degree program for those seeking to advance their education and careers in the field. Both thesis and non-thesis tracks are offered in the graduate program along with a flexible format. Students can choose between traditional campus classes or a blended online program to fit their own schedule.
Employment Opportunities in Cyber Security
Given the increase in the number, sophistication and scale of cyberattacks, it’s no wonder that “the job market is good,” says Dr. Zhong. “Anecdotally, I just did a quick search on Indeed.com and currently there are more than 13,000 openings listed in the cyber security area.”
Dr. Zhong’s online research is supported by Bureau of Labor Statistics (BLS) data. The BLS reports the national median wage for an Information Security Analyst currently stands at $99,730. Job openings in the field are projected to increase by upwards of 31% over the next decade.
“The job market, I would say, is only going to get better because of the never-ending cybersecurity attacks,” says Dr. Zhong. “I don’t think the cyberattack situation is going to get better.”
Cyber security professionals are not done with their professional training at graduation. As with any technology-related field, Dr. Zhong warns his students they must be committed to lifelong learning if they want to work in cyber security.
“We have to update our software and our knowledge constantly just to keep up,” says Dr. Zhong.
Dr. Zhong believes there are many reasons students should choose to study for a cyber security degree at TROY. First and foremost, he highlights how TROY’s faculty continuously adapt and optimize the curriculum to meet the demands of the rapidly-changing cyber security landscape.
“We have an excellent curriculum, and it’s constantly evolving,” says Dr. Zhong. “We look at our curriculum, we look at some of the other leading curriculums in the country, we look at the job market, and we look at the cyber security threat — and we modify our curriculum based on what we see.”
Dr. Zhong also highlights the “close family ties” TROY’s faculty have with their students. Beyond making sure assignments are completed on time, faculty take the time to understand a student’s needs and concerns.
“The faculty has the mindset of treating students as family members,” says Dr. Zhong. “If you have an issue relating to your work, your family, or your studies, we will work on a solution with you. If you are in the military and deployed and don’t have access to the internet, we’ll give you the flexibility you need to complete your studies. This is what we do at Troy University. When you have a good program, good people to execute that program and the flexibility offered by online education — and you piece those things together — that’s how you build an excellent program.”
To learn more about how a cyber security degree from TROY can help you develop critical network security skills and build your cyber knowledge base, visit the bachelor’s degree in cyber security page on our website.