With cyberattacks on the rise, so too is the need for experts to protect companies, government agencies and individuals from those attacks and the damage they can cause.

That need has prompted Ivy Tech Community College student Dave Houchin to pursue a degree in cybersecurity/information assurance at the colleges Terre Haute campus.

It is an exponentially growing career choice, said the 34-year-old, who will earn his degree later this year. Demand for services, such as securing and maintaining networks, will only increase, as will job opportunities, he said.

Many cybercrimes go unreported, he said, often because businesses are worried news of such crimes could hurt their reputation.

The internet as we know it is still a wide-open frontier filled with lawlessness much as was seen in the early days of pioneers and cattle drives of the wild west, he said, and cybercriminals are taking advantage of the security lapses.

While one of his goals is career advancement, he also believes being educated in cybersecurity is important to protect our economy from theft, our citizens from harm and our nation from discord, he wrote in an email. His I.T. internship is with ThyssenKrupp Presta, where he has worked production for several years.

Ivy Tech has offered a two-year degree in cybersecurity/information assurance since 2013 and it offers a number of related certificate programs.

Purdue and Indiana universities have several well-established programs and research initiatives, and now, Indiana State University is working on a cybersecurity program that focuses on the human missteps that can lead to security breaches.

Indiana State faculty member Bill Mackey has a cybersecurity firm that employs ISU interns.

A growing need

According to the National Security Agency, The newest threats we face, and perhaps the fastest growing, are those in cyberspace. Cyber threats to U.S. national and economic security increase each year in frequency, scope and severity of impact. Cyber criminals, hackers and foreign adversaries are becoming more sophisticated and capable every day in their ability to use the internet for nefarious purposes.

The issue came to the forefront with Russias hacking of Democratic National Committee emails, an act intended to influence the U.S. presidential election.

The FBI websites describes the collective impact of cybercrime as staggering. Billions of dollars are lost every year repairing systems hit by such attacks. Some take down vital systems, disrupting and sometimes disabling the work of hospitals, banks, and 9-1-1 services around the country.

Who is behind such attacks? It runs the gamut from computer geeks looking for bragging rights to businesses trying to gain an upper hand in the marketplace by hacking competitor websites, from rings of criminals wanting to steal your personal information and sell it on black markets to spies and terrorists looking to rob our nation of vital information or launch cyber strikes, according to fbi.gov.

Earlier this month, the NSA and the Department of Homeland Security designated Ivy Tech as a National Center of Academic Excellence in its cyber defense education program. According to NSA, its goal is to reduce vulnerability in the countrys information infrastructure by promoting higher education and research in cyber defense.

The recognition is kind of a big deal, said Charles Peebles, department chair, School of Computing and Informatics at Ivy Techs Wabash Valley Region.

The two-year program is pretty thorough, he said. It covers all major areas you need to know to prevent a hack.

Students must know networks, software and server administration. They have to know a little of everything to be a good cyber agent, he said.

The program is a popular one, especially with all the breaches weve had that are getting publicized and with all the Ransomware, where people are clicking on links that end up taking control of their network and they have to pay someone money to get access back to their files and information, Peebles said.

Everybody should be concerned, with todays criminals out there, he said. Everybody should have some kind of protection on their computer.

Those who earn the degree, can do just about anything, he said. They work as a network or server administrator, he said. The average mean salary for cyber information analysis in Indiana is about $37.50 per hour, which translates into about $78,000 annually, he said.

On average, there are 629 annual job openings in cybersecurity in Indiana, according to the 2014-2024 Department of Workforce Development/Bureau of Labor Statistics Occupational Demand Report.

New offering at ISU

At Indiana State, a new cybersecurity studies program is in the works that focuses on the human missteps that can lead to security breaches; it will be offered through the Department of Criminology and Criminal Justice.

Faculty member Bill Mackey said the new program will be human behavior focused.

We already have a lot of people that know how to work with computers and code and create and analyze viruses and malware, he said. But reports from recent years show us that human exploits are 90 percent plus of the actual cybercrime intrusion.

Rather than trying to infiltrate a companys expensive computer technology systems, hackers find its easier to just get the administrative assistants name and password ... Then they dont need to hack into the system, he said.

Students in the future ISU program will learn to analyze employee behavior, determine who is vulnerable and look at training programs to change the behavior so those employees are not the weak leak that ends up creating a security breach. Were teaching them how to be a human anti-virus, he said.

For example, if some employees are vulnerable to phishing emails, How do we train employees to not click on things? Mackey said.

Four ISU students have interned at his cybersecurity business, called Alloy Cybersecurity.

Everyone in every workplace needs to be concerned about cybersecurity because it takes just one person to not care and its all gone, Mackey said. This is not slowing down. This is not going to stop. Its getting worse every year.

The average person should be concerned, but not paranoid, he said. He suggests people can do a lot to protect themselves by taking five seconds before responding to an email if they are not sure who it came from, and taking 10 minutes once a year to learn about new frauds and scams out there.

Madison Meyer, an ISU senior and criminology major, has been working with Mackey for about six months on cybercrime research and with Alloy.

Prior to that, she had no experience with cybersecurity. What shes learned has been eye-opening, she said.

At Alloy, students created phishing emails to assess a businesss employee vulnerabilities. We were more successful than we expected, she said. Students monitored what happened but never actually hacked the system.

The Sellersburg native said her career interests include law enforcement and the FBI.

Sue Loughlin writes for the Tribune-Star in Terre Haute and can be reached at sue.loughlin@tribstar.com.

See the article here:
Training the cyber Sherlocks - The Herald Bulletin