6 answers
Ethan
Student
Grundy Center, Iowa
3
Questions
Asked
613 views
What is the school path look like for someone interested in cyber security?
#cyber-security
Login to comment
6 answers
Christopher O'Brien
Sales and Customer Success
12
Answers
Belchertown, Massachusetts
Updated
Christopher’s Answer
Cyber Security is an area of specialty under Computer Science. Colleges and universities that offer a CS degree will included coursework addressing cyber security. Having a mathematics background can help, especially with encryption. It's a very strong job market for Information security specialists, and it's a critical area of focus for all organizations that use IT. A good path is to obtain an undergraduate degree in CS, then get your masters in IT security.
Alex Nasca
Security Consulting Engineer Intern
5
Answers
Rochester, New York
Updated
Alex’s Answer
Hi Ethan,
I would say there is no substitute for a school with a dedicated cyber security undergraduate program. Schools such as the Rochester Institute of Technology, and Purdue have great undergrad programs specifically designed for cyber security. In these courses you will learn coding, network security, application security, reverse engineering, etc. If the schools you are looking into don't have a cyber security program, I would recommend computer engineering or software engineering. Computer science is very good too but much more theoretical. In cyber security you won't be doing much coding unless you are in software security. In this case software engineering classes focus more on team work and code review which are heavily seen in the workforce. If you are doing network security or consulting, or even malware analysis, there is very little actual coding other than scripting. It really depends on the school and program but try and pick the most hands on and practical coursework you can find. Hope this helps, and good luck!
Best,
Alex Nasca
I would say there is no substitute for a school with a dedicated cyber security undergraduate program. Schools such as the Rochester Institute of Technology, and Purdue have great undergrad programs specifically designed for cyber security. In these courses you will learn coding, network security, application security, reverse engineering, etc. If the schools you are looking into don't have a cyber security program, I would recommend computer engineering or software engineering. Computer science is very good too but much more theoretical. In cyber security you won't be doing much coding unless you are in software security. In this case software engineering classes focus more on team work and code review which are heavily seen in the workforce. If you are doing network security or consulting, or even malware analysis, there is very little actual coding other than scripting. It really depends on the school and program but try and pick the most hands on and practical coursework you can find. Hope this helps, and good luck!
Best,
Alex Nasca
Hannah Anderson
Cloud Security Engineering Product Manager
5
Answers
Stephenson, Virginia
Updated
Hannah’s Answer
School path can look so many different ways. My undergrad is in Marketing. My Masters of Professional Studies (MPS) is in Homeland Security with an Information Security and Forensics option. The HLS courses were light and I would say the InfoSec was the main focus of learning for this degree. I also started with courses at my local community college as park of a Network Security certificate. Pursue your interests and you can find some well-rounded programs and opportunities!
Ana Wu
Consultant
7
Answers
New York, New York
Updated
Ana’s Answer
Ethan,
Cyber Security is a wide field that incorporates many many facets. You will find out that obtaining certifications is very common in this industry, but does not mean that an individual is skilled at said certification. It actually functions as a door opener for many candidates to get an interview. Obtaining a degree is great to learn the basics in technology and it does open many doors for opportunities as well as enables you to build a network of contacts with peers, alumni, professors, and organizations that target your school to hire their entry-level employees.
With that being said, different schools have different curriculums regarding their take in cyber security. Some are more technical and may teach classes closely related to Networking, Cloud, Incident Response, Penetration Testing, Computer Programming basics/advanced, Digital Forensics, etc.
Other schools might have a curriculum closer to Information Security(InfoSec), Assurance, IT Compliance, business focused in cyber security.
I went to a school that mixed technical classes and non technical subjects - but, personally, I wish I had way more focus on the technical side.
Either or, there is many resources online to develop skills you are interested in as well as projects to put those skills to practice. (Platforms such as Coursera, Cybrary, Udemy, etc)
My recommendation is to understand your interests within the field and pick someone's brain about what it feels like to work in the field, day to day tasks and responsibilities, benefits, and anything that is important to you in your career. From there you can find schools that better align with your interests in their curriculum.
Good luck!
Cyber Security is a wide field that incorporates many many facets. You will find out that obtaining certifications is very common in this industry, but does not mean that an individual is skilled at said certification. It actually functions as a door opener for many candidates to get an interview. Obtaining a degree is great to learn the basics in technology and it does open many doors for opportunities as well as enables you to build a network of contacts with peers, alumni, professors, and organizations that target your school to hire their entry-level employees.
With that being said, different schools have different curriculums regarding their take in cyber security. Some are more technical and may teach classes closely related to Networking, Cloud, Incident Response, Penetration Testing, Computer Programming basics/advanced, Digital Forensics, etc.
Other schools might have a curriculum closer to Information Security(InfoSec), Assurance, IT Compliance, business focused in cyber security.
I went to a school that mixed technical classes and non technical subjects - but, personally, I wish I had way more focus on the technical side.
Either or, there is many resources online to develop skills you are interested in as well as projects to put those skills to practice. (Platforms such as Coursera, Cybrary, Udemy, etc)
My recommendation is to understand your interests within the field and pick someone's brain about what it feels like to work in the field, day to day tasks and responsibilities, benefits, and anything that is important to you in your career. From there you can find schools that better align with your interests in their curriculum.
Good luck!
Kevin Lam CISSP, PMP, ITIL
Sr. Manager, Incident Response
35
Answers
Santa Clarita, California
Updated
Kevin’s Answer
Schooling/education can be formal or informal. It will depend on what appeals to you and how much rigor you would like to have.
Academically, pursuing a computer science degree or business degree with an emphasis on information systems (IS) would be foundational experience. A computer science is better aligned with security engineering whereas the business/I.S degree supports governance, compliance, security operations, and or a entry level security role. I would also couple the degree with technical certifications: ITIL, CompTIA Security+, CISM, CISSP, and or SANs certifications for additional exposure and experience. These can you do as self study and or via a class.
After some work experience, a Masters in IT Security could support additional career advancement.
Academically, pursuing a computer science degree or business degree with an emphasis on information systems (IS) would be foundational experience. A computer science is better aligned with security engineering whereas the business/I.S degree supports governance, compliance, security operations, and or a entry level security role. I would also couple the degree with technical certifications: ITIL, CompTIA Security+, CISM, CISSP, and or SANs certifications for additional exposure and experience. These can you do as self study and or via a class.
After some work experience, a Masters in IT Security could support additional career advancement.
Mike Wilson, CPA, CISSP, CISA, CHCO
IT Security
3
Answers
Hendersonville, Tennessee
Updated
Mike’s Answer
There are many paths that lead to CyberSecurity. It is very useful to have a foundation in computers, computer engineering, business information systems, or other technical underpinnings. For Cybersecurity most of the job is learned by doing the work. Our field has a lot of opportunity for people who are interested in working and learning. So this career is one of constant learning and growth. As technology changes we need to be willing to continue to learn and grow to keep up.
Realize that there are many flavors of cybersecurity. There are many types of cybersecurity professionals (networking engineers, database administrators, auditors, white hat hackers, and many others). From auditing and assessing to validate that security is appropriate, to the application of cyber security knowledge to protect systems. Your path for education will probably depend on the avenue you would want to pursue.
As others here have noted security certifications are useful to obtain; and so the certification requirements are really what you would need to know if that was your avenue. I can speak to the CISA, and CISSP. Formal education reduces the amount of practical experience that you have to have to obtain the certifications. Fundamentally, those kinds of certifications are based on the practical experience and knowledge that you gain by working in the field. Additionally, you still have to study and take the tests separately. Those tests in effect are the same thing as going to school; as they teach fundamentals you will need to know to perform the work.
Check Google for information about certifications: CISA, CISSP, CRISC, CEH and professional societies (ISACA, ISC2).
Realize that there are many flavors of cybersecurity. There are many types of cybersecurity professionals (networking engineers, database administrators, auditors, white hat hackers, and many others). From auditing and assessing to validate that security is appropriate, to the application of cyber security knowledge to protect systems. Your path for education will probably depend on the avenue you would want to pursue.
As others here have noted security certifications are useful to obtain; and so the certification requirements are really what you would need to know if that was your avenue. I can speak to the CISA, and CISSP. Formal education reduces the amount of practical experience that you have to have to obtain the certifications. Fundamentally, those kinds of certifications are based on the practical experience and knowledge that you gain by working in the field. Additionally, you still have to study and take the tests separately. Those tests in effect are the same thing as going to school; as they teach fundamentals you will need to know to perform the work.
Mike recommends the following next steps: