With cyber attacks on the rise, so too is the need for experts to protect companies, government agencies and individuals from those attacks and the damage they can cause.
That need has prompted Ivy Tech Community College student Dave Houchin to pursue a degree in cyber security/information assurance at the college’s Terre Haute campus.
“It is an exponentially growing career choice,” said the 34-year-old, who will earn his degree later this year. “Demand for services, such as securing and maintaining networks, will only increase,” as will job opportunities, he said.
Many cyber crimes go unreported, he said, often because businesses are worried news of such crimes could hurt their reputation.
“The internet as we know it is still a wide-open frontier filled with lawlessness much as was seen in the early days of pioneers and cattle drives of the wild west,” he said, and cyber criminals are taking advantage of the security lapses.
While one of his goals is career advancement, he also believes being educated in cyber security is important “to protect our economy from theft, our citizens from harm and our nation from discord,” he wrote in an email. His I.T. internship is with ThyssenKrupp Presta, where he has worked production for several years.
Ivy Tech has offered a two-year degree in cyber security/information assurance since 2013 and it offers a number of related certificate programs.
Purdue and Indiana universities have several well-established programs and research initiatives, and now, Indiana State University is working on a cybersecurity program that focuses on the human missteps that can lead to security breaches.
Indiana State faculty member Bill Mackey has a cybersecurity firm that employs ISU interns.
A growing need
According to the National Security Agency, “The newest threats we face, and perhaps the fastest growing, are those in cyberspace. Cyber threats to U.S. national and economic security increase each year in frequency, scope and severity of impact. Cyber criminals, hackers and foreign adversaries are becoming more sophisticated and capable every day in their ability to use the internet for nefarious purposes.”
The issue came to the forefront with Russia’s hacking of Democratic National Committee emails, an act intended to influence the U.S. presidential election.
The FBI websites describes the collective impact of cybercrime as “staggering. Billions of dollars are lost every year repairing systems hit by such attacks. Some take down vital systems, disrupting and sometimes disabling the work of hospitals, banks, and 9-1-1 services around the country.
“Who is behind such attacks? It runs the gamut — from computer geeks looking for bragging rights…to businesses trying to gain an upper hand in the marketplace by hacking competitor websites, from rings of criminals wanting to steal your personal information and sell it on black markets…to spies and terrorists looking to rob our nation of vital information or launch cyber strikes,” according to fbi.gov.
Earlier this month, the NSA and the Department of Homeland Security designated Ivy Tech as a National Center of Academic Excellence in its cyber defense education program. According to NSA, its goal is to reduce vulnerability in the country’s information infrastructure by promoting higher education and research in cyber defense.
The recognition “is kind of a big deal,” said Charles Peebles, department chair, School of Computing and Informatics at Ivy Tech’s Wabash Valley Region.
The two-year program is “pretty thorough,” he said. “It covers all major areas you need to know to prevent a hack.”
Students must know networks, software and server administration. “They have to know a little of everything to be a good cyber agent,” he said.
The program is a popular one, especially “with all the breaches we’ve had that are getting publicized and with all the Ransomware, where people are clicking on links that end up taking control of their network and they have to pay someone money to get access back to their files and information,” Peebles said.
“Everybody should be concerned, with today’s criminals out there,” he said. “Everybody should have some kind of protection on their computer.”
Those who earn the degree, “can do just about anything,” he said. They work as a network or server administrator, he said. The average mean salary for cyber information analysis in Indiana is about $37.50 per hour, which translates into about $78,000 annually, he said.
On average, there are 629 annual job openings in cyber security in Indiana, according to the 2014-2024 Department of Workforce Development/Bureau of Labor Statistics Occupational Demand Report.
New offering at ISU
At Indiana State, a new cybersecurity studies program is in the works that focuses on the human missteps that can lead to security breaches; it will be offered through the Department of Criminology and Criminal Justice.
Faculty member Bill Mackey said the new program will be “human behavior focused.”
“We already have a lot of people that know how to work with computers and code and create and analyze viruses and malware,” he said. But reports from recent years “show us that human exploits are 90 percent plus of the actual cybercrime intrusion.”
Rather than trying to infiltrate a company’s expensive computer technology systems, hackers find it’s easier to “just get the administrative assistant’s name and password ... Then they don’t need to hack into the system,” he said.
Students in the future ISU program will learn to analyze employee behavior, determine who is vulnerable and look at training programs to change the behavior so those employees are not the weak leak that ends up creating a security breach. “We’re teaching them how to be a human anti-virus,” he said.
For example, if some employees are vulnerable to phishing emails, “How do we train employees to not click on things?” Mackey said.
Four ISU students have interned at his cyber security business, called Alloy Cybersecurity.
Everyone in every workplace needs to be concerned about cyber security because “it takes just one person to not care and it’s all gone,” Mackey said. “This is not slowing down. This is not going to stop. It’s getting worse every year.”
The average person should be concerned, but not paranoid, he said. He suggests people can do a lot to protect themselves by taking five seconds before responding to an email if they are not sure who it came from, and taking 10 minutes once a year to learn about new frauds and scams out there.
Madison Meyer, an ISU senior and criminology major, has been working with Mackey for about six months on cybercrime research and with Alloy.
Prior to that, she had no experience with cybersecurity. What she’s learned has been eye-opening, she said.
At Alloy, students created phishing emails to assess a business’s employee vulnerabilities. “We were more successful than we expected,” she said. Students monitored what happened but never actually hacked the system.
The Sellersburg native said her career interests include law enforcement and the FBI.
Sue Loughlin can be reached at 812-231-4235 or at firstname.lastname@example.org Follow Sue on Twitter @TribStarSue.