Businesses, government agencies, and organizations such as hospitals are reaping the rewards of digital transformation, thanks to the Internet and more recent advances such as 5G networks, artificial intelligence (AI), and the Internet of Things (IoT). Yet, as the world grows more interconnected, threats to the systems that run our communication networks, transportation hubs, healthcare facilities, and infrastructure increase.
Enter cybersecurity, a specialized discipline focused on ensuring safe and effective transmission of data by defending against cyberattacks. Effective cybersecurity helps businesses, governments, and other organizations prevent, detect, and respond to attacks. The ultimate aim of cybersecurity is to keep information safe and confidential, while ensuring the integrity and availability of data, technology, and systems critical to business continuity and uninterrupted operations.
Companies are impacted by thousands of cyber incidents on a monthly basis, and government agencies and other organizations are also constantly at risk. But while those risks are increasing, the current cybersecurity skills gap is making it hard for employers to find the talent to protect their data and systems. There was a shortfall of about 314,000 cybersecurity professionals in the U.S. as of January 2019, based on data from the National Initiative for Cybersecurity Education (NICE) as reported by the Center for Strategic and International Studies (CSIS).
Why Cybersecurity Matters
Thanks to digital trends powered by the Internet and advanced technologies, the need for cybersecurity is universal across industries. “Every business is in the cybersecurity business,” says Ralph Russo, program director of the Information Technology Programs Departmentant at Tulane University. Some of the world’s largest companies invest as much as a half a billion dollars in cybersecurity, according to a 2018 McKinsey report. And CNBC reports that CEOs consider cybersecurity the top threat to the global economy.
Cybersecurity matters because a breach can impact the operations of government agencies, businesses of all sizes, and critical organizations. Maintaining the trust of those affected by a breach, whether citizens, consumers, or patients, is another reason why investments in cybersecurity are critical. The following are examples of how cyberthreats impact different institutions.
According to CSO, a data breach inside U.S. Office of Personnel Management (OPM) systems that spanned two years was among the biggest in recent history. Sensitive information on 22 million current and former federal employees, including security clearances, fingerprints, and foreign travel data, was accessed by hackers suspected to be operating from within China. State government agencies have faced challenges as well. For example, a recent report revealed that more than half of the systems used by state election commissions are outdated, making them prime targets for cybercrime.
The number of records affected by high-profile data breaches is staggering: 885 million for First American Financial, 540 million for Facebook, and 412.2 million for Friend Finder Networks. These businesses differ, but the breaches share a common root: poor security. As giants in their industries, these businesses have the resources to invest in the best cybersecurity tools, but cyberattackers successfully broke through their systems. Small companies are being targeted at increasing rates as well. In September 2019, the Associated Press reported that a business coach and motivational speaker received a call supposedly from an information technology service she had used. Assuming the claim was legitimate, she shared identifying information, and her business computer was locked; she had become victim to a ransomware attack. She hired a security company to unlock her computer instead of paying, but the hackers accessed financial account information and stole money from her bank accounts. This is just one example of cyberthieves’ evolving tactics.
Greater accessibility to patient data provides opportunities for improved delivery of health care. At the same time, access increases the risk of cyberthreats. In 2018 alone, 15 million patient records were breached. From malware that puts system integrity and patient data at risk to disruption of critical patient services via denial of service (DDoS) attacks, cyber incidents can threaten hospital security. In a recent example, a cyberattack brought down the network of a trauma center in the Erie County Medical Center for six weeks. Their computer screens went black and the hackers demanded thousands of dollars in ransom to restore their systems. The hospital did not pay the ransom and, instead, went back to pen and paper processes, resulting in financial losses. In this case, the hospital was fortunate. A cyberattack on a healthcare facility can extend beyond economic consequences; it can place patients’ lives at risk.
The Cybersecurity Skills Gap
Cybersecurity has never been more important, and the numbers speak for themselves. CSO reports that 61 percent of organizations have faced an IoT security event, and ransomware attacks cost a company an average of $5 million. According to a McKinsey report, 120 million malware variations are created by hackers every year.
Today, the digital world demands stronger cybersecurity controls for government, businesses, and organizations. In addition to investing in cybersecurity tools and aligning systems and processes with security standards and best practices, employers need cybersecurity experts to handle existing challenges and prepare them for the future, as cybercriminals continue to change tactics.
There is, however, a cybersecurity skills gap that is putting consumers and employers at risk. This is why in 2016, the U.S. government launched TechHire, a program to promote cybersecurity education, training, and workforce development. But demand still outstrips supply; CSIS reports that 82 percent of employers indicated that they are currently facing a cybersecurity skills shortage. Job growth for skilled cybersecurity professionals is projected to increase 32 percent from 2018 to 2028, much faster than the average for all occupations, according to the Bureau of Labor Statistics.
Preparing Students for the Cybersecurity Workforce
The Tulane University School of Professional Advancement offers its Online Master of Professional Studies in Cybersecurity Management to prepare students to help fill this cybersecurity skills gap. Students learn critical skills that allow them to identify security risks, develop preventive security controls, and create security budgets based on risk modeling. The following are among the courses offered:
- Security and Cyber Threats for IT Managers: Students explore types of attacks including exploitation methods and vulnerabilities, and the motivations and aims of attackers. Emerging technologies such as blockchain, IoT, and quantum computing are investigated from the standpoint of threat and security.
- Cyber Incident Response and Forensics: Students gain skills in securing cyber incident scenes, preserving digital evidence, establishing and maintaining a chain of custody, safeguarding evidence, and using forensic analysis and tools. Students are exposed to decision matrices useful for working with government and law enforcement agencies.
- Cryptography: Students get an in-depth understanding of ciphers, cryptology, and encryption. They learn encryption skills including access control, authentication, data application security, and virtual private networking, and study laws regarding encryption, privacy, and civil liberties.
Embark on a Career Defending Against Cyberthreats
Cybersecurity is a demanding, rewarding field that will put you at the leading edge of tech innovation. Discover how Tulane University’s Online Master of Professional Studies in Cybersecurity Management can prepare you with the skills and knowledge to succeed.
Cybersecurity vs. Computer Science: A Look at Two Key Tech Career Paths
Securing Your Future: Is a Master’s in Cybersecurity Worth It?
Students More at Risk of Identity Theft: Tips and Resources to Stay Protected
Associated Press, “Cybercriminals Manipulate Their Way into Company Computers”
Bureau of Labor Statistics, Occupational Outlook Handbook, Information Security Analysts
CBS News, “Inside the New York Hospital Hackers Took Down for 6 Weeks”
Center for Internet Security, "Cyber Attacks: In the Healthcare Sector"
Center for Strategic and International Studies, "The Cybersecurity Workforce Gap"
CNBC, "5 of the Biggest Data Breaches Ever"
CNBC, “Cybersecurity Is the Biggest Threat to the World Economy Over the Next Decade, CEOs Say”
CSO, “Top Cybersecurity Facts, Figures and Statistics for 2018”
CSO, "The 18 Biggest Data Breaches of the 21st Century"
CSO, “What Is Cyber Security? How to Build a Cyber Security Strategy”
Department of Homeland Security, "What Is Cybersecurity?"
McKinsey & Company, "A New Posture for Cybersecurity in a Networked World"
Obama White House, "Investing in the Cybersecurity Workforce of Tomorrow"
Politico, "States Still Not Up to Snuff on Election Security, Researchers Warn"
Reuters, "FBI Director Wray: Russia Intent on Interfering with U.S. Elections"