Headline January 06, 2018/ '' 'CYBER AGHAST SECURITY' ''

'' 'CYBER AGHAST SECURITY' ''

THINKING LIKE CRIMINALS..............

BETWEEN September 2017 and August 2018, employers in the United States pasted 313,735 job  openings for cyber security professionals.

Filling those jobs would mean increasing the country's current cybersecurity work force of 715,000  people by more than 40 percent, according to data presented at the National Initiative for  Cybersecurity Education Conference.

With the number of unfilled cybersecurity jobs worldwide projected to multiply into the millions in the next three years, it's no surprise that governments, companies and schools are racing to pour more resources into cybersecurity training and education programs.

As someone who teaches in a rapidly growing computing security program at Rochester Institute of Technology, this is good news for me  and my students. I think we are doing a good and responsible job of training our students, who will be snapped up by recruiters.

But I've watched as the field of cybersecurity has become formalized through a flurry of new degrees, certificates and curriculums, and I worry that some fundamental components of what makes people really good at security - namely, the instincts to look at systems in unconventional ways and quickly identify possible ways to cause trouble - are being lost along the way.

The idea of degree programs focused solely on cybersecurity is still pretty new. At R.I.T, the bachelor's degree in security was introduced in 2007, and the dedicated Computing Security department wasn't formed until 2012.

That means we haven't had a lot of time to debug these programs, especially since, in academic settings, every significant curricular change typically requires several meetings followed by extensive paperwork and and committee approval.

The field is so new that nearly every cybersecurity professional over the age of 30 does not have a degree in cybersecurity - many of them don't even have a college degree at all.

Cybersecurity has been a field that embraced people with nontraditional backgrounds.

Following the Equifax breach last year, some critics slammed the company for hiring a chief security officer who majored in music, prompting a considerable backlash from security professionals who took to Twitter to flash their own liberal arts degrees or lack of formal education.

The poster child for unconventional path to a cybersecurity job is Kevin Mitnick, who was convicted of illegal computer hacking and spent five years in prison before establishing a career as a highly sought after security consultant.

It's not a coincidence that someone good at cybercrime would also be good at cybersecurity. After all, many cybersecurity jobs involve trying to to think like a criminal to test the security of a software program, computer network or hardware devices.

Many of my students go to work for red-teaming or penetration-testing firms, where they try to probe and attack computer systems from the outside to identify potential vulnerabilities.

Some of these skills can be taught in the classroom, through checklists of where to look for possible weaknesses and tools that can be used to help conduct those assessments.

But the most effective red teams, like the most effective attackers, find vulnerabilities that no one has ever thought of before - much less included in on a course syllabus.

The Honor and Serving of the latest Operational Research on Cybersecurity and Criminals continues. The World Students Society thanks author and researcher, assistant professor Josephine Wolff at the Rochester Institute of Technology.

With respectful dedication to the Students, Professors and Teachers of the world.

See Ya all prepare and ''register'' for Great Global Elections on The World Students Society : wssciw.blogsspot.com.... and
Twitter-E-!WOW! - the Ecosystem 2011:

''' Cyber & Control '''

Good Night and God Bless

SAM Daily Times - the Voice of the Voiceless