The shortage of cyber security professionals is well documented, and this lack of expertise can keep organizations from bolstering their security programs. CISOs and CSOs should be heartened by the fact that more colleges and universities are offering academic programs and degrees in cyber security specialties. They are also doing their best to place young professionals into the workforce.
Dozens of institutions have launched undergraduate and graduate security programs. Many provide both technical and management skills to help students become well versed in the latest security technologies, threats, vulnerabilities and management strategies.
Here’s a look at a few of the leading programs in the United States.
Carnegie Mellon University, Heinz College
A hallmark of the Heinz College Master of Science in Information Security Policy & Management (MSISPM) program is that it “covers the technology, management, and policy aspects of information security,” says Andrew Wasser, associate dean of the School of Information Systems & Management at Heinz College. “Unlike most of our competitors, we are not training our students to work as ‘eyes on glass’ in a security operations center, but rather to interact with senior management, suppliers, and policy makers.”
Many of the instructors are industry experts in the university’s Software Engineering Institute’s CERT Division. “They work closely with private sector and government agencies in addressing real-time threats,” Wasser says.
“We have a highly engaged Career Services team that works with students in finding leads, negotiating offers, mock interviews, cover letters, resumes, etc.,” Wasser says. “Our students and faculty go to industry conferences and complete capstone security projects with the private and public sector.” This past semester included projects on blockchain technology, vendor risk, and insider threat. “We have no problem helping our students find internships and full-time positions post-graduation,” says Wasser.
Degrees: A two-year, full-time Master of Science in Information Security Policy & Management (MSISPM), a part-time, Distance Master of Science in Technology in Information Security & Assurance (MSIT), and an executive education hybrid face-to-face/distance program for CISOs.
Curriculum: Classes in the core program cover topics including introduction to information security management, privacy in the digital age, risk management, software and security, cryptography, network and Internet security, cyber security policy and governance, and a Capstone Project working with organizations implementing best practices in information security. Technical and management elective courses include network and Internet security, network situational awareness, ethical penetration testing, applied threat analysis.
Full-time students may pick both technical and non-technical elective courses, while the core has both. Required managerial classes include professional speaking and writing, economics, statistics, decision making under uncertainty, and managing disruptive technologies.
Sign up for CIO Asia eNewsletters.