Degrees Without Borders: Online Programs in Information Security

According to a study sponsored by IBM Security, the average data breach costs a U.S. company $7.9 million and takes 196 days to detect. With numbers like that, it’s clear why the jobs for information security analysts is expected to grow by 28 percent between 2016 and 2026, according to the Bureau of Labor Statistics. Information security skills are at a premium, and employers are willing to pay a high price to retain top talent.

Information security analysts work to secure systems and mitigate threats across a full spectrum of applications. More than 16 million Americans were the victim of identity theft in 2017, amounting to nearly $17 billion in financial damage, according to research firm Javelin. Meanwhile, nation-state cyber espionage is one of the most contested front-lines of geopolitics, and the 2019 United States budget accordingly earmarked $15 billion for cybersecurity-related activities, a 4 percent increase over the previous year.

Information security as a discipline stretches across every connected device and application, and the need for skilled talent is dire. Those looking to build their skills in an in-demand, high-reward industry should read on to learn more about how to get the proper training to become an information security analyst.

• Job Opportunities. A recent survey by CyberSeek revealed that there are more than 300,000 cybersecurity job openings in the U.S. According to the BLS, jobs for information security analysts are projected to grow 28 percent (2016-2026), about four times faster than the national average. Getting skilled now likely means a fertile landscape of job opportunities.
• Flexible Learning Options. Information security is a field for digital natives, and educational options in the subject are well-suited to online delivery and widely available. A motivated learner could go from total novice to certified expert without ever stepping foot in a traditional classroom.
• Competitive Salaries. The average information security analyst makes more than $95,000 a year, which is 10 percent higher than the average of all other computer-related occupations. With a growing need nationwide for qualified information security analysts, upskilling now could make for a healthy payday in a relatively short amount of time.
• Competency-Based Hierarchies. In information security analysis, it is less about where you learned and what you learned, and more about what you know and how fast you can implement it. This is an industry that measures success in results, and it is possible to obtain a well-paid position without breaking the bank with traditional on-campus educational options.

Mark Heckman, PhD – University of San Diego

Dr. Mark Heckman is a professor at the University of San Diego, where he teaches master’s-level courses in the cybersecurity engineering and cybersecurity operations and leadership programs. He is both a certified information systems auditor (CISA) and a certified information systems security professional (CISSP).

Dr. Heckman has spent more than 30 years working in information security. He has researched and developed multi-level secure systems for the military and government, built intrusion detection and security event management systems, and performed general IT security and compliance for private sector companies in the financial and healthcare industries. In addition to consulting, teaching, and researching, Dr. Heckman is a personal dynamo of scholarly work, with his writing being published in the United States Cybersecurity Magazine, the ISSA Journal, and Information, among others.

Dr. Heckman earned his master’s and doctoral degrees in computer science from the University of California, Davis. He has a bachelor’s degree in computer engineering from the University of California, San Diego.

Donald McCracken, PhD – Purdue University

Dr. Donald McCracken is a professor at Purdue Global University, where he teaches undergraduate courses in IT and cybersecurity. Dr. McCracken holds industry certifications from Cisco Systems, Microsoft, Novell, and CompTIA.

A former active-duty member of the Navy, he worked in cybersecurity positions at Wachovia Bank and Lowe’s before joining academia. Dr. McCracken takes an active role in the cybersecurity program at Purdue Global, overseeing innovations in curriculum assessments and competency-based programs while collaborating with colleagues and vendors to find ways to improve student interaction and learning.

He received his master’s degree in IT and network architecture, his doctorate in business administration and management of information systems from Northcentral University, and his bachelor’s degree from Appalachian State University.

Eric Rosenbach, JD – Harvard University

Eric Rosenbach is a lecturer of public policy at Harvard University’s Kennedy School, as well as the convener of Harvard’s online cybersecurity course. He is also co-director of the Belfer Center for Science of International Affairs and the director of the Defending Digital Democracy Project, which aims to develop tools and strategies to protect democratic processes from cyber attack.

Rosenbach is a former Army intelligence officer and commander of a telecommunications intelligence unit who once served as Pentagon chief of staff and assistant secretary of defense for global security, where he was responsible for all aspects of the Department of Defense’s cyber activities. In the private sector, he has worked both as the chief security officer for a large European telecommunications firm and a leader of a global consulting firm’s cybersecurity practice, where he advised Fortune 500 companies on strategic risk mitigation services.

Rosenbach has a Juris Doctor (JD) from Georgetown University, a master of public policy from Harvard University, and a bachelor’s degree in political science from Davidson College.

Bachelor of Science in Cybersecurity at Purdue Global University

Purdue Global University’s online bachelor’s degree in cybersecurity gives students the foundational skills they need to prepare for industry certifications. It also provides them with options to pursue an internship or integrate with the school’s master’s degrees in information technology or cybersecurity management.

Course topics in the cybersecurity program include certified ethical hacking, network security concepts, computer forensics, Linux security, routing and switching, intrusion detection and incident response, and cybersecurity policies. The program consists of 180 credits and may be completed entirely online.

• Location: West Lafayette, IN
• Accreditation: Higher Learning Commission (HLC)
• Tuition: $371 per credit
• Program length: Two to four years

Master of Science in Cybersecurity Operations and Leadership at the University of San Diego

USD’s master’s program focuses on three learning outcomes: cybersecurity strategy (how to help an organization to prepare for operations in a contested environment), cybersecurity business services (acquisition, procurement, policy, HR, and budgeting), and cybersecurity management (decision-making, team-building, and other human factors).

Students take courses in applied cryptography, secure systems architecture, cybersecurity risk management, cybersecurity operational policy, network design, vulnerability detection, cyber intelligence, and computer network forensics and incident response. The program consists of 31 credits.

• Location: San Diego, CA
• Accreditation: Western Association of Schools and Colleges University Commission
• Tuition: $925 per credit
• Program length: 20 months

Certificate in Cybersecurity at Harvard VPAL

Harvard University’s Office of the Vice Provost for Advances in Learning (VPAL) offers an online certificate program in cybersecurity that teaches students about the different types of cyber attacks and how to develop a mitigation strategy for each.

Convened by a former Pentagon chief of staff and director of the Defending Digital Democracy Project, the program is aimed at tech specialists pursuing leadership roles and security experts looking to upskill and stay current with emerging trends. Modules cover cybersecurity risk as a business risk, threat identification, the role of leadership in managing cyber risk, incident response and accountability, and designing and implementing a mitigation strategy. The program consists of eight-course modules, which may be completed entirely online.

• Location: Cambridge, MA
• Accreditation: N/A
• Tuition: $2,800 for the full program
• Program length: Eight weeks

Information security is a and rapidly evolving field for digital natives, which makes it a natural fit for online, do-it-yourself skill-building. Motivated learners can find a plethora of resources on the subject, from the niche to the general.

Whether you’re looking to upskill and gain industry certifications, or you’re just curious about what’s out there, consider checking out some of the DIY resources on offer below.

State of the Hack

A monthly podcast hosted by Christopher Glyer and Nick Carr of FireEye, a cybersecurity firm, “State of the Hack” explores cybersecurity trends and current events in the space. They go over recent cases of cyber attacks, with an in-depth analysis and investigation into who committed an attack and how. They also highlight new techniques used to profile victims and bring in industry experts to discuss the current challenges and best practices in information security. Covering everything from nation-state espionage to lessons learned from critical breaches, “State of the Hack” brings listeners up to speed on the rapidly evolving landscape of information security.

InfoSec Institute

The InfoSec Institute was founded in 1998 with the purpose of offering the best possible training in information security. Its Security+ boot camp does just that. The Security+ boot camp teaches students about information security theory through hands-on exercises and prepares them to pass the CompTIA Security+ exam—a valuable first credential in an information security analyst’s career.

The courses, much like the exam, cover network security, compliance, operational security, threats, vulnerabilities, data, host security, access control, identity management, and cryptography. The five-day boot camp costs $3,057 and is targeted at IT professionals who are looking to build a foundational knowledge of security topics. The boot camp may be completed online or at one of several host locations.

Cybrary

Cybrary’s online learning platform acts as an ecosystem for more than 1.8 million IT and cybersecurity professionals to learn, teach, network, and advance. Launched in 2015, it has already made an impact. Employees from most Fortune 1000 companies have used or currently use Cybrary to develop their skills and careers.

Cybrary offers MOOCs at the beginner, intermediate, and advanced level. What started as 18 offerings has exploded to more than 400 entirely online and free courses. On top of its course offerings, Cybrary also provides practice tests, assessments, apps, forums, job listings, micro-certifications, and even business-level solutions.

Matt Zbrog

Writer

Matt Zbrog is a writer and freelancer who has been living abroad since 2016. His nonfiction has been published by Euromaidan Press, Cirrus Gallery, and Our Thursday. Both his writing and his experience abroad are shaped by seeking out alternative lifestyles and counterculture movements, especially in developing nations. You can follow his travels through Eastern Europe and Central Asia on Instagram at @weirdviewmirror. He’s recently finished his second novel, and is in no hurry to publish it.