VIDEO: The Importance of Cyber Security Education
Why do you think that cybersecurity education is so important in the world today?
Cybersecurity education is very important because it allows the individuals that are going into the discipline to be able to get educated about the various topics related to cybersecurity, and cybersecurity itself is connected to our civilization as a whole. The education aspect is to become that scholarly practitioner and researcher in a discipline itself. So once that person leaves that educating environment, they can go out and become a true expert in the field. So that is why it’s so important for them to be educated in cybersecurity.
Do you feel that Americans are doing enough to protect themselves from common cyber threats like ransomware or denial of service attacks? If not, what more can they do?
The answer is actually no. The individuals that are assisting Americans to do this are the providers of the application or the technical devices that are used by Americans. There is a sort of a first-line defense for that from most Americans. And so it has become sort of a second nature, but at the same token, technology is never perfect, never 100 percent perfect. So Americans could do more and take action, proactive action such as not to give their information out to sources and to also be aware of things like phishing e-mail and micro devices, the computer e-mail, or to the Web site that they surf, to be aware of things like…there are fake sites up there as well. So one would need to be very, very careful about going to locations that sort of quote-unquote a dirty environment for them to be in, but the consciousness is not as at the level that it needs to be. I’ve often thought about what role does the government has to play in this or individual has to play in this. But public awareness education, I think it definitely will be a great focus for that.
What do you think is the best path for someone interested in a career in cybersecurity?
There has to be some sort of an introduction to that, that is best probably instilled in maybe in the grade school so that you understand that if you are going into this environment, you’re going to be a natural part of your life. As a user you should be concerned about the dangers that are lurking in that environment. So just the simple users themselves, and then you’ve got individuals that are responsible for creating that environment. What is their role? What is their role in order to create a safer environmental…You know the situation for the users? Again, I often look at our civilization and our communities. We have got law enforcement. We’ve got medical individuals. We’ve got rules of the road, driving rules of the road, et cetera.
But we don’t have that in a virtual space. So if we start introducing those as great as basic subjects in our great schools, we could start to create this environment that we have created by default. So we need to get it into the grade school and for a specific career path. You’ll be at the core of knowledge, just as the basic knowledge of math, English and languages, culture. Those can be introduced into grade school. That would be a phenomenal path for cybersecurity.
In your experience, how important are certifications like Net+, Security+ or CISSP when applying for a career in cybersecurity?
This certifications themselves are major,of competence and measure of skills. The employers today want to have some sort of validation of the competence of individuals that [they] employ and that the only measure at this point is those skill sets that are tied to commercially verified and recognized certifications. So there’s a little bit of that academy between an educational approach and a certification approach.
The certification approach came before in the cybersecurity and IT disciplines, where commercial entities were not there and created a certification that was recognized by the employers. So the level of confidence and certifications are very high as it compares to the degree path today. Until that becomes sort of normalized, we’ll look at certifications as the true measure of a cybersecurity skill set. And that’s what they see as the initial go-in. So in order to get into the field, you’ll be competitive, you’ve got certifications over other non-certifications paths. So that is why is so very important to have that at this point.
You have been in IT for many years. How are the cybersecurity challenges different today than they were 10 years ago?
I started actually 35 years ago in a discipline in IT, and IT and cybersecurity has evolved. It has been defined and it still continues to be redefined today. Initially, there wasn’t any need for security because we weren’t connected to other systems. Like, for example, I started my career in the U.S. Army, and we carried around all our IT systems ourselves. So we didn’t connect to anywhere else. We sort of kept this this bubble within ourselves where information didn’t flow to pipes….commercial pipes or any commercial entities and and weren’t open to someone getting and taking out information.
Well around the turn of the century, we changed our model where we are, we started to use other systems, commercial systems for example, to port information through, and those we didn’t design ourselves. So the knowledge or the danger and vulnerabilities associated with those systems now became our issues, and became a vulnerability for us.
So that caused security to be more important in our model in a way that we do our business basically, and everyone now became you know connected or concerned about the same vulnerabilities that exist out there. So that is what caused the evolution of cybersecurity and became everybody’s business really. It was not everybody’s business 10, 15 years ago, but it has come to that point now that look, all of our information is out there. All of our information is vulnerable and exposed to different dangers. So now this becomes an entire population business in order to be concerned about it.
Children and the elderly are perhaps the most vulnerable among us when it comes to cybersecurity threats. How do you think we should approach cybersecurity education for children? Perhaps mandatory classes in elementary school? Or is it the parents’ responsibility?
As far as the education for children is concerned, I think we should get them into a play-and-learn environment, because as humans, we still like to play. We still like to have fun. So I have a child right now in the 11th grade that was introduced to software programming, and in his eighth grade-ninth grade level. And he finds it’s fun for him…versus his parents saying you know go, do this. Let me play a game. Let me enjoy myself and surreptitiously learn a process because software programming and technology it’s rote learning where you learn what’s called syntax.
So we get them into an environment where they think this is their world. That’s the advantage of it. This is their world, is the virtual world. They’ll be so accustomed to all of the nuances of that world itself and will become an natural education. Of course, we’re getting them from a physical to virtual environment. So there [are] disadvantages that as well. But the world that we are creating and we have created it with our technology is virtual. And so that’s the place that we need to get them into, and we could create an ecosystem of education around that and we will be able to solve this…again this evolution or this environment that we’ve created for ourselves, and we’re going to have for the rest of our lives. So we need to shape our education curriculum to meet that. As early as possible.
Get started on your cybersecurity degree at American Military University.