Cyber security are you prepared? It is a hot I.T. career with a big "coolness factor," but training such as that offered by Osu-Okmulgee is needed to produce the highly skilled professionals needed in the field of cyber security.
Employer responses to OSU-Okmulgee's initial cyber security course far exceeded the institution's expectations. Within months, OSU-Okmulgee had developed and implemented additional cyber security-related offerings. As graduates and interns who had taken those courses entered the workforce, the program's reputation for producing technical professionals with cyber security skills and knowledge began to flourish.
By the next academic year, the institution had implemented a cyber security concentration into its Associate in Applied Science (AAS) in Information Technologies degree. In 2004, OSU-Okmulgee become one of the first associate-degree-granting institutions in the United States to have its curriculum certified by the National Security Agency's National Information Assurance Education and Training Program as meeting its standards for the preparation of cyber security professionals. The same year, OSU-Okmulgee implemented an application-focused, bachelor of technology degree in cyber security. Since that time, the program has continued to evolve as online and blended versions of its security courses are developed to meet the growing demand for them.
Know Your Market ... Well
OSU-Okmulgee has a long tradition of working closely with practicing technical professionals in the creation and revision of its academic programs and services. In collaborating with industry advisers on the development of the cyber security bachelor's degree, two themes were consistently present. First, the advisers charged OSU-Okmulgee with preparing technical professionals with basic management skills--as opposed to management professionals with basic technical skills. Apparently, the former are in high demand and low supply; the latter are in high supply and low demand.
Second, the advisers charged OSU-Okmulgee with sustaining the application-focused, workforce-oriented nature of its associate degrees--well-known throughout the region for producing highly skilled, ready-to-work graduates--into the new bachelor's program. The general consensus among employers is that graduates of traditional, baccalaureate-level computing programs--which tend to hold theory at a premium--typically require roughly 18 months of on-the-job experience and additional training before they are able to make a noteworthy contribution to an organization. Not surprisingly, this is a trend that the vast majority of employers find unacceptable.
As one of the IT professionals OSU-Okmulgee works with stated: "My company doesn't need someone who can explain the mathematics behind encryption. We need someone who can apply encryption technologies in a business environment today."
Supply and Demand
Every workforce sector--banking, energy, health care, etc.--faces enormous challenges with respect to securing their IT systems. Increasingly, organizations are realizing that the individuals currently on their payrolls do not have the specialized knowledge and skills to meet their existing and future cyber security needs. As a result, organizations are seeking to improve the skills of their existing personnel and to employ individuals who are specifically prepared to work in cyber security.
Colleagues, prospective students and their parents often inquire about where the graduates of OSU-Okmulgee's cyber security program go to work. The short answer is: "Everywhere." To date. program interns and graduates have embarked on careers in virtually every workforce sector and any type of organization imaginable.
Quality Preparation and Differentiation
One of the major attractions of the IT field is the staggering array of roles that an IT professional can fulfill, and the myriad of contexts in which he or she can perform them. Want to install wireless networks in fast-food restaurants? Not a problem. Want to develop software for PDAs? There's a career for you! But what is the best way to prepare someone for a career in a field that presents such a wide range of professional opportunities?
Educators must constantly look for new and innovative ways to increase the skill and knowledge levels of graduates to ensure they are as well prepared as possible to enter the job market. At the same time, educators must facilitate learning experiences that differentiate their graduates from alumni of other programs. Committed industry advisers ensure that OSU-Okmulgee's cyber security program is accomplishing both objectives.
Experience has demonstrated that no two students have identical educational and career goals. It is the responsibility of educators to provide students with learning opportunities that position them as closely as possible to where they eventually want to be professionally.
Many programs attempt to accomplish this by offering a range of advanced courses on specialized topics. On a certain level, this makes sense. Most human beings are hardwired to like options and appreciate opportunities to influence their own destinies. However, educators must be careful to not merely provide students with a smorgasbord of disjointed courses. Instead, educators must assist students in making meaningful connections between as many of their educational experiences as possible. Ultimately, a student's total educational experience should be greater than the sum of its parts.
Ideally, educators would provide students with opportunities to customize their experiences within courses--or even projects. Without question, facilitating individualized learning experiences for several students simultaneously presents real challenges for faculty. Nevertheless, such a student-centered approach represents the best means for addressing the growing needs of employers while meeting the educational and career goals of students.
Fundamentals, Fundamentals, Fundamentals
Unfortunately, many computing programs overlook the importance of ensuring that students acquire a solid, technical foundation in the core IT disciplines (e.g., computer and network infrastructure, software development, etc.). This means that too many individuals are entering the workplace with inadequate skills and knowledge in areas of IT beyond their respective specializations.
The Information Technologies Division's faculty, staff and advisers have come to view the learning experiences in the program's core coursework as serving two key functions. First, these early experiences provide students with opportunities to develop a relatively sophisticated level of understanding of the core information technologies and how they interact--an attribute highly valued by employers. Second, these experiences grant students with insights useful in determining whether a career in IT is right for them--and, if so, which area(s) of IT they will specialize in. Often, when career exploration opportunities are not adequately incorporated into the early stages of academic programs, students spend two, three or sometimes four years figuring out what they don't want to do.
Looking for a Few Good Students--with Clean Records
Many prospective students are drawn to cyber security because of the field's coolness factor. The popularity of movies and television shows, such as the "Crime Scene Investigation" series (however many versions there are now), have undoubtedly contributed to the number of students interested in the cyber security field.
Once the institution's security offerings had extended beyond a few courses, the Information Technologies Division's faculty and staff implemented a program-specific admissions process, which requires students to obtain and submit a state-level background check, disclose any past criminal activity, and sign an ethics agreement regarding their use of the skills and knowledge they acquire. Institutional liability and programmatic integrity were the primary concerns initially. After all, the last thing OSU-Okmulgee wanted to develop was a reputation for preparing the next generation of cyber hooligans.
Since that time, the faculty and staff have come to recognize that the true importance of the background review process lies in the fact that it yields information needed to provide prospective students with the best advisement possible. Unfortunately, some individuals simply have no real chances of being hired into the cyber security industry due to past criminal activities. Such cases, though rare, underscore the importance of both the program's admissions process and the availability of quality career counseling.
It's about the Journey AND the Destination
In 2003, a handful of career technology centers and postsecondary institutions in Oklahoma, including OSU-Okmulgee, founded the Oklahoma Center for Information Assurance and Forensics Education, which later became the Cyber Security Education Consortium (CSEC). Since that time, CSEC, a National Science Foundation ATE Regional Center of Excellence, has expanded to include institutions throughout Oklahoma and the surrounding region.
The most important CSEC accomplishments have been the development and dissemination of a core, cyber security curriculum, and the creation of an educational and career pathway model that facilitates the acquisition of a wide variety of academic credentials: from a career technology center certificate to a Ph.D. in computer science. No matter which educational credential(s) an individual's ultimate career goals may require, the CSEC career and educational pathway can get them there.
Over the next several years, educational institutions of all kinds will continue to implement security programs in response to the growing demand for cyber security professionals. However, in time, many of the principles, techniques and technologies presently addressed in security-specific courses will be distributed throughout more general IT offerings (e.g., networking, e-commerce, etc.)--a development that will allow for the implementation of coursework directed to new and emerging areas of cyber security. Of course, this is all conjecture. However, one thing is certain: the need for cyber security professionals with high-quality, applied skills is a trend that shows no signs of reversing anytime soon.
What is "Cyber Security," Anyway?
Essentially, cyber security has to do with the protection of information. Ever wonder why computing is referred to as information technology (IT)? It's because computers are used to access, store, transmit and process information OSU-Okmulgee approaches cyber security from two primary perspectives: information assurance and digital forensics.
Information assurance refers to the techniques and technologies Used to protect computers and other IT systems from threats such as viruses, Worms, hackers, etc. Digital forensics involves the use of investigative methods and tools in the identification, collection and preservation of electronic data. Most often, digital forensics investigations are conducted with the intent of garnering information on some computer-related conduct (e.g., counterfeiting money orders).
If you have difficulty recalling the difference between the two, just remember that information assurance is about trying to keep cyber problems from happening; digital forensics is abaft investigating them when they do.
Viruses, Hackers and Worms ... Oh My!
Right now, wherever you are, stop and think about the role that computers play in your daily life--especially the amount and nature of information they currently store about you. Not concerned? You should be.
Today, computers and Internet connectivity are ubiquitous, and many people have grown accustomed to being able to manage financial accounts, book airline tickets and file their taxes from virtually anywhere. However, increased connectivity begets increased vulnerability.
The daily news is peppered with articles and exposes on cyber terrorists, the latest viruses and phishing schemes. Estimates of the negative financial impact of illegal cyber activities vary widely and, for several reasons, are nearly impossible to accurately assess. Nevertheless, virtually all individuals or organizations that choose to actively participate in the cyber economy are affected by illicit cyber activity--whether they know it or not.
Cyber Security Outsourcing?
Numerous workforce sectors (e.g., accounting and customer support) have been significantly impacted by outsourcing. IT (e.g., software development) is certainly among the areas affected. However, recent studies show that the vast majority of organizations have resisted outsourcing cyber security functions. Moreover, the relatively small percentage of organizations that choose to do so typically outsource functions that are fairly low level in nature.
For more information on the OSU-Okmulgee Information Technologies Division and the Cyber Security Education Consortium, the following Web sites will provide a useful start.
OSU-Okmulgee Information Technologies Program www.osu-okmulgee.edu/IT
Cyber Security Education Consortium www.cseconline.org
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||SAFETY SENSE; Oklahoma State University-Okmulgee's Information Technologies Division|
|Date:||Apr 1, 2007|
|Previous Article:||Studying in the shadow of 9/11: a new domestic preparedness and security program is the first in the nation for high school students.|
|Next Article:||A National Partnership for careers in public safety and security: leading the law, public safety, corrections and security cluster is an organization...|