Author: Lanier Watkins
A miniature model of electronic devices, two men and a lock, on a micro chip,

What is Cybersecurity

It is hard to talk about cybersecurity today without discussing why we have a cybersecurity problem in the first place.

A lesson in modern history here. The issue of cybersecurity came about when the public was made aware of the power of computers and mal-intenders “put two and two together.” They soon figured out how advanced tech could be used to infiltrate the economy, government, and military. It became apparent that by hooking up computers to networks, huge (and loathsome) benefits could be made. 

Why are there flaws in computers? 

Computer flaws are due to the simple fact that they were made by humans. Computer assets like computer hardware, software, and networks have all been designed and implemented by imperfect humans. In other words, the existence of these vulnerabilities (c/o computers, software, and networks) is a natural and unfortunate side effect of human design and implementation. 

The end result is that every business in the modern world is left exposed. Unlawful users are thus able to tap into our computers, software, and networks. This is particularly a problem because the use of those assets are embedded into our nation’s 16 critical infrastructures. The role of cybersecurity then is to rectify these open gaps to prevent bad actors from exploiting them. 

According to the Cybersecurity & Infrastructure Security Agency, these “assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.” The importance of cybersecurity is simple then—it’s crucial for our country to run the way we expect it to. 

Cybercrime is on the Rise

Cybercrime is wide-ranging. There are many factors at play, and it can be challenging to pinpoint how these are correlated. That said, we do know that the more cyber-connected a country, state, or city, the greater the target and exposure to cybercriminals. 

Once upon a time, hackers ventured to access computers illegally in order to make a point. They found it “entertaining” to prove the weaknesses of a given system. However, this soon changed into something much larger in scope and prevalence. What was once deemed an illegal but “fun technical challenge” soon morphed into a profitable job. Some are ethical and many others are not. Among such computer hacker job titles are the Gray Hats, White Hats, and Black Hats.

  • White Hats are also called ethical hackers and are hired by companies to find flaws in their systems—before criminals do—so that they can be fixed. 
  • Black Hats are what you expect what you hear “hacker”—criminals who exploit code to steal information, money, or to cause turmoil. 
  • Gray Hats operate between the good guy White Hats and bad guy Black Hats. They will sometimes find flaws in systems and then charge companies fees in order to fix/restore access. They are not malicious necessarily like Black Hats, but not altruistic like White Hats. 

There are also hackers that spearhead exploits and build their own hacking tools. Given the available resources like these, cybercriminals no longer have to be experts in the “trade.” Script-Kiddies can purchase tools created by experts and move forward with the same level of stealth as the experienced pros. On the other end of the spectrum of crimes are ransomware attacks. These have proven to be very difficult to defend against and frequently make the news as a result.  

Key people from law enforcement, government, and academia have formed a team to stave off such attacks, but they are fighting a battle where the targets keep moving and lines in their defenses are always opening up. 

How Organizations Protect Themselves from Cyberattacks

Over the years, businesses have taken action to protect themselves from crimes in the cyberspace. Layers and layers of protective software and processes a.k.a. Defense-in-Depth are our best hope to fight the range of cyber-attacks that threaten the current marketplace. 

These serve as the best defense against known threats. Defense-in-Depth is no match for what’s referred to as “zero-day vulnerabilities.” Such tactics—often called Advanced Persistent Threats (APT)—are maliciously carried out by groups like Nation-State Hackers or other groups of hackers intent on making money or causing havoc. 

Due to advanced threats, what began as simple protective steps has evolved into highly complex ones.

To give you some context, there exists a black market in which nearly any zero-day vulnerability can be bought. This opens the gate for the vindictive owner to access computing, IoT, or industry control system software or hardware on the market. The only combatant is experimental and research-based security approaches. These use artificial intelligence (AI) and datasets or profiles (of malicious behavior).

The importance of cybersecurity in the world market cannot be under-stated. At the end of the day, our best defense against zero-day attacks is artificial intelligence (AI)-based tools to detect anomalies. 

Ways to Master Cybersecurity

The digital transformation has revolutionized business as we know it, thus, paving the way for a whole new world in education. The brightest minds on the planet can now choose careers in fields as diverse and inventive as cybersecurity. There are countless perks to the earning of a master’s degree or graduate-level certificate, in the field. Think growth, job opportunities, and the sheer knowledge.

It’s important for prospective students to know that cybersecurity master’s degrees offer more security training than the certificate, better preparing students for the challenges they’ll face upon graduation—or even now during their job. Because degrees demand more coursework, these are better regarded and awarded in the working world. 

Post-master’s certificates can help master’s holders refine their skills and refresh their knowledge in a rapidly changing space, but certificates alone are not a proper replacement for a master’s program. 

Careers in Cybersecurity

For those with an interest in all things cyber, the educational arena is vast. And the ways to advance your career have never been more accessible and exciting.

There are many types of jobs on the horizon for students fresh out of college or those who tout a master’s degree or higher in cybersecurity. Of course, there is a direct correlation between salary range and education level. The higher your degree, the higher the pay. Some of the hottest jobs within the larger cyberspace are: 

  • Security Analyst
  • Security Project Management
  • Security Incident Response
  • Development Security Operations
  • Data Science and Analytics
  • Security Application Development
  • Risk Management
  • Threat Intelligence
  • Security Compliance and Controls
  • Data Privacy and Security
  • Security Strategy
  • Governance or Health Information Security

With subject expertise in cybersecurity, you can take your pick of where and how you apply your background. Here are some of the leading areas and industries that utilize cybersecurity master’s degree the most:

  • Healthcare
  • Financial Services
  • Telecom
  • Technology
  • Construction
  • Energy

Enhance Your Career in Cybersecurity with Johns Hopkins EP

Now that you have a firm understanding of (1) why cybersecurity is important and (2) how criminal activity has infiltrated businesses on the global scale, it should come as no surprise that the greatest STEM brains want to take action. As shown, the best weapons against war in the cyberspace are education, experience, and preparedness. A cybersecurity master’s degree sets you up with all three.

Johns Hopkins University’s Engineering for Professionals programs allow students to get this experience and education while working—letting them apply what they learn the minute they learn it. 

Explore our Cybersecurity program in-depth, or reach out to admissions with any questions.

About the Author

Lanier Watkins is the Program Chair of Computer Science and Cybersecurity at Johns Hopkins University. Dr. Watkins is dedicated to the research and development of algorithms and frameworks to protect Critical Infrastructure (CI) networks and systems.