Author: Bob Violino / Source: CSO Online
The shortage of cyber security professionals is well documented, and this lack of expertise can keep organizations from bolstering their security programs. CISOs and CSOs should be heartened by the fact that more colleges and universities are offering academic programs and degrees in cyber security specialties. They are also doing their best to place young professionals into the workforce.
Dozens of institutions have launched undergraduate and graduate security programs. Many provide both technical and management skills to help students become well versed in the latest security technologies, threats, vulnerabilities and management strategies.
Here’s a look at a few of the leading programs in the United States.
Carnegie Mellon University, Heinz College
A hallmark of the Heinz College Master of Science in Information Security Policy & Management (MSISPM) program is that it “covers the technology, management, and policy aspects of information security,” says Andrew Wasser, associate dean of the School of Information Systems & Management at Heinz College. “Unlike most of our competitors, we are not training our students to work as ‘eyes on glass’ in a security operations center, but rather to interact with senior management, suppliers, and policy makers.”
[Related: –>6 reasons to study security in college (and 7 reasons not to)]
Many of the instructors are industry experts in the university’s Software Engineering Institute’s CERT Division. “They work closely with private sector and government agencies in addressing real-time threats,” Wasser says.
“We have a highly engaged Career Services team that works with students in finding leads, negotiating offers, mock interviews, cover letters, resumes, etc.,” Wasser says. “Our students and faculty go to industry conferences and complete capstone security projects with the private and public sector.” This past semester included projects on blockchain technology, vendor risk, and insider threat. “We have no problem helping our students find internships and full-time positions post-graduation,” says Wasser.
Degrees: A two-year, full-time Master of Science in Information Security Policy & Management (MSISPM), a part-time, Distance Master of Science in Technology in Information Security & Assurance (MSIT), and an executive education hybrid face-to-face/distance program for CISOs.
Curriculum: Classes in the core program cover topics including introduction to information security management, privacy in the digital age, risk management, software and security, cryptography, network and Internet security, cyber security policy and governance, and a Capstone Project working with organizations implementing best practices in information security. Technical and management elective courses include network and Internet security, network situational awareness, ethical penetration testing, applied threat analysis.
Full-time students may pick both technical and non-technical elective courses, while the core has both. Required managerial classes include professional speaking and writing, economics, statistics, decision making under uncertainty, and managing disruptive technologies.
Placement: The two-year MSISPM program has a required internship. A career services team works with students to find leads, negotiate offers, perform mock interviews and write cover letters or resumes.
Johns Hopkins University, Information Security Institute
The Johns Hopkins Master of Science in Security Informatics (MSSI) makes numerous security-management and core management courses available to students. “The MSSI program provides a holistic approach to information security education, including courses on privacy, ethics and policy, and it has a specialization dual degree option in healthcare security,” says Tony Dahbura, executive director of the institute.
It gives students a means to perform original research in the cyber security field. “Students are required to complete a capstone project under the supervision of faculty and external mentors,” Dahbura says. “These projects often lead to conference publications and other recognition.”
A policy and management track is designed for students who plan to go into consulting, policy-making or technical management, he says.
More than 25 companies and government organizations each year participate in a seminar series for students, in which they discuss cyber-related technical topics, provide information on their organizations, and make contact with interested students for career opportunities.
The organization partners with multiple companies and government agencies in a…
Click here to read more
