What Do You Learn in a Cybersecurity Program?
KSA 1: Technical Tools and Software
Developers debut cybersecurity technology tools all the time, and there's never a guarantee that the platforms you use in one job will translate to the work you'll do in the next. This is why cybersecurity degree programs tend to emphasize broad technical aptitude and adaptability. You'll learn particular software for some classes, and you may even use it for the duration of your degree, but your ability to pick up new tools and processes quickly is more important.
Below, we've listed some of the more common types of tools that cybersecurity faculty cover in their courses.
Antivirus software detects viruses, malware, ransomware, and other harmful programs infecting an employer's computer systems. Bitdefender and Norton are popular choices for learning.
Encryption software converts data into forms that are unreadable to anyone without the proper authorization. Examples include AxCrypt and Folder Lock.
Network intrusion detectors scan for malignant actors on a network and alert administrators of their findings. You may learn to use Security Onion, Snort, or SolarWinds Security Event Manager.
Penetration testing tools help you understand your system's weaknesses by attempting a harmless attack. You may learn tools that security professionals often use, such as Damn Vulnerable Web Applicable, Metasploitable, and Wireshark
Programming languages form the basis of computer programs, including those used to defend against hackers. You will likely work with C++, JavaScript, Python, and SQL during your studies.
KSA 2: Cloud Security
As the (ISC)2 survey notes, many professionals had a tough time securing their employers' networks when the COVID-19 pandemic forced many workers to unexpectedly work remotely. But corporations and governments had been concerned about cloud security well before 2020; many organizations adopted a distributed workforce model in recent years, but even then couldn't always be sure who was on the other end of a network.
Cybersecurity professors recognized these concerns and developed classes on cloud security. These courses typically cover the following topics:
- The architecture of major cloud services, such as Amazon Web Services and Microsoft Azure
- The various vulnerabilities of software-as-a-service, infrastructure-as-a-service, and platform-as-a-service systems
- Account hijacking and challenges to remote access authorization
- Data leakage and abuse
KSA 3: Threat Intelligence and Analysis
Cybersecurity professionals try to protect sensitive data from prying eyes in order to safeguard their employers' operations. Threat intelligence and analysis form an important role in this process: If you understand the cyber threats an entity faces, you can plan to counter or mitigate them.
Courses in this KSA focus on practicing intelligence collection and analysis techniques rather than covering current threats in depth. This is because hackers develop new methods just as quickly as security experts can identify them. Professors want to ensure that you have the critical thinking and analytical skills necessary to identify and counter threats that don't exist yet.
If you understand the cyber threats an entity faces, you can plan to counter or mitigate them.
KSA 4: Risk Assessment and Management
This KSA is closely related to threat intelligence, but it refers to the potential consequences of cyberattacks rather than the forms they might take. For example, how might a newly identified malware program allow cybercriminals to steal customers' bank information?
As a student, you might take several courses on vulnerability assessments, penetration testing, ethical hacking, red team analysis, and risk management frameworks. Regulatory compliance is a related topic that is featured in some of these classes — government agencies and publicly traded companies must disclose certain information to regulators or shareholders, so they need to conform to security regulations and reporting requirements.
KSA 5: Computer Forensics
Not every cyber defense succeeds, and sometimes you need to figure out what happened after an attack. Computer forensics experts collect digital evidence from computers, systems, and networks to aid investigators and prosecutors in criminal proceedings.
Most degree programs include an introductory survey of this discipline that covers the chain of evidence, electronic document recovery, hash values, and forensic copies. If your program includes a concentration in computer forensics, you'll also study relevant legislation and case law, investigational ethics, and courtroom procedures.
KSA 6: Non-Technical Skills
Beyond technical knowledge, a cybersecurity major also emphasizes a skillset of adaptable abilities that you can apply to new situations. Below, we've listed the soft skills most highly prized by cybersecurity recruiters, according to the (ISC)2 survey and data from the analytics company Burning Glass Technologies. We also note possible assignments that might help you practice these skills during your degree program.
Problem-solving: Identifying the source of a distributed-denial-of-service attack, patching a vulnerability in a cloud-based network, running remote diagnostics on an operating system
Curiosity: Digging deep into digital forensics by examining files for digital fingerprints, running Metasploitable to find network security vulnerabilities, designing a new penetration test
Communication: Presenting a red team analysis to classmates and faculty, formatting a written regulatory report, using guided questioning to elicit information when troubleshooting
Strategic thinking: Analyzing strengths, weaknesses, opportunities, and threats after a penetration test to identify a virus's effects on a company's profitability, planning a system upgrade to minimize latency
Is Cybersecurity the Right Choice For Me?
Going by the numbers alone, cybersecurity is a great profession to enter — information security analysts earn high median salaries and the field is growing at a dizzying rate. In fact, this major continued to offer one of the best returns on investment during the tumult of the pandemic.
But the question is about more than numbers: Is cybersecurity the right career for you specifically? One way to approach an answer is to examine your existing strengths and abilities. Do you have an aptitude for learning programming languages, complex information technology software, and computer science concepts? Do you find yourself wondering how hackers pulled off a major breach of a retailer's firewall? Have you run a free penetration testing tool to check the strength of your own passwords? If you answered yes to these and related questions, then a cybersecurity career might suit you.