Cybersecurity has rapidly become a key concern in every industry and every organization across the globe. The incredible connectivity and technological innovations that we enjoy today in our personal and professional lives, that have made possible new, more efficient forms of commerce, communication, and entertainment, have also brought a host of emerging threats and risks, the scope of which we have only just begun to grasp.
A recent Distributed Deny of Service (DDoS) attack to Dyn, a domain name service provider, caused a massive east coast Internet outage. The culprit was millions of Internet connected (IoT) devices that formed a botnet and conducted a coordinated attack to the target.
Many advanced persistent threat attacks are initiated with phishing emails with attachments or embedded URL links to explore weaknesses in human users. The breach of the DNC email account last year was caused by a malicious email. Many organizations have suffered financial losses from ransomware that are often delivered via emails. It is often said that the weakest link in cybersecurity is the human user, and for a long time to come, human users will be the prime target for attackers to establish a foothold inside networks and infrastructures.
How to Protect Yourself and Your Data
Here are some basic tips that can benefit everyone in a corporate or home environment.
1. Examine email content very carefully, especially those with attachments or embedded URL links. If it seems too good to be true, it usually is.
2. Use your business email for business only, and use a private email for personal use.
3. Create two personal email accounts. Reserve one for important tasks and use another for online registrations or other less important applications.
4. Use a good password manager to store your strong passwords even for those accounts you might think are not important.
5. Enable two-factor (or two-step) authentication for your important accounts such as your email, banking, and social media, etc.
6. Create two accounts on your desktop: one with administrative privileges, the other for a regular user. Always use the regular account for your daily tasks. Use the privileged account for installation, updates, or settings only. If cost permits, reserve a laptop or desktop for banking, tax, or other sensitive tasks only.
7. Always use the latest version of application software and operating systems.
The Growing Demand for Cybersecurity Professionals
With the cybersecurity industry growing at a rapid pace, it’s no surprise, then, that cybersecurity professionals are in demand everywhere—at banks, retailers, hospitals, universities, law firms, media organizations, and government agencies. Every sector that relies on digital data and networked communication needs people who will help them assess the risks they face, the ways in which their data and networks could be compromised, and—most importantly—how those assets can best be protected.
According to National Institute of Standards and Technology (NIST), there are 350,000 cybersecurity open positions currently in USA alone. We just don’t have enough qualified cybersecurity security professionals to fill those positions. And the gap will grow. It is estimated there will be over 1 million cybersecurity jobs unfilled by 2020.
Working in cybersecurity is never boring and never static. It is a field that requires people to be constantly updating their knowledge, their defenses, and their ideas about their adversaries, as new vulnerabilities are discovered and new threats emerge. Aspiring cybersecurity professionals need to be conversant in a wide range of skill sets, from computer science fundamentals, such as encryption and networking, to organizational tools, including risk assessment and management, to legal and regulatory issues, including compliance rules and technological standards. Cybersecurity professionals need to be able to talk to and work with technical experts, managers, and lawyers within their organizations—and they need to be comfortable explaining the importance and relevance of what they do to a wide range of audiences.
Many people working in cybersecurity come from a background in computer science, but increasingly, people from other fields—including law, policy, security studies, political science, and finance—are applying their own expertise to the area and becoming more involved. Since cybersecurity requires the combination of skills from many different disciplines, it is an ideal area for people with diverse backgrounds and different interests to engage with and develop their skills.
RIT’s Cybersecurity MicroMasters credential program is intended to help people from all different backgrounds prepare for careers in cybersecurity by providing them with expert instruction in a range of different relevant skill sets, including forensics, risk management, and networking.
The first course in the Cybersecurity MicroMasters program, Cybersecurity Fundamentals, starts March 21.