“I think it’s a fascinating field. Jobs are plenty, they’re not going away. This is an industry that’s growing exponentially.” – Scott White, Associate Professor & Director of Cybersecurity, George Washington University, on the field of cybersecurity
While a lot of colleges aren’t properly creating cybersecurity specialists, the George Washington University is facing the concern head-on with a certification program in Computer Security and Information Assurance, with the possibility of applying this to a Master’s in Cybersecurity if a student decides to pursue a master’s. And Scott White is directly involved with this program.
Scott White began his career in cybersecurity in military intelligence, after which he got a doctoral degree in clinical criminology, where he worked in the fields of behavioral analysis and profiling. After working for a government intelligence security service, he then entered academia, where he taught about criminology, psychology and behavior. He then entered the cybersecurity industry around seven years ago, and while none of his degrees were technical in nature his skill set places him in the right position to analyze human factors and adversarial aspects of computing.
Scott notes that the cyber industry is so wide-ranging that any discipline applicable to the non-cyber world has some bearing with the work conducted within the cyber industry. For those who are seeking a change of career and entering the cyber industry, Scott recommends taking a master’s program in either computer science or cybersecurity at a reputable institution. He also notes that learning about the software isn’t enough, given the speed at which change takes place within the industry, which means that such aspects as analysis, critical thinking and critical reasoning are more important.
Scott remarks that skill sets are more important than actual titles and degrees where cyber work is concerned and gives the example of an auditor taking up cyber auditing, as the skill sets used in both types of auditing are similar. Scott expounds on this by noting that that someone interested in cybersecurity may need to deconstruct their existing skill set to see how applicable their existing skills already are for cybersecurity. One example is of fine arts majors going into security, “One of the things I’m constantly surprised by is when I meet people in cyber security, the range of disciplines they have. I’ve met people who were in fine arts, in dance, and you say to yourself how does a fine arts major who studied dance, how is that relevant to cybersecurity? Well when you really think of how a dancer moves, how they train. The almost arithmetic quality to dance, you can understand how that thinking can apply to the cybersecurity world when we’re looking at adversaries, how they think and construct their particular attack scenario.”
Where George Washington University’s academic curriculum is concerned, Scott notes that he looked at three different forms of accreditation – National Security Agency, the industry standard CISSP and the national initiative for cybersecurity education – and made sure that the underlying pillars from all three are represented in the curriculum to make it easier for their students to receive accreditation. The classes themselves are a balance of theory and critical thinking, and laboratory and live experimentation.
When asked about people looking to transfer from another profession, Scott says this, “I think the greatest thing I would want to convey is that, look at your skills set that you possess today. See what you do in your workplace, and then take the time to find out how your skill set is applicable to this industry. Because I think a lot of people, a lot of the people will ask themselves how their job title fits. And with that job title, they will not see how that is connected to our industry. And the fact of the matter is it very well may be. So take some time, deconstruct what you do and the skills that you have. Speak to [a recruiter, career coach or someone in HR]…and see how that skill set is applicable in this industry.”
Renee Brown Small is the author of Magnetic Hiring: Your Company’s Secret Weapon to Attracting Top Cyber Security Talent and CEO of Cyber Human Capital, an HR consultancy that specializes in innovative ways companies hire and keep cybersecurity talent. Download a free copy of her book here. Brown Small is contributing editor of the CyberCapital.us blog.