Professor who specializes in security says we often treat a breach like a home break-in, adding security after the theft. More students are choosing security as a career, she adds.
TechRepublic's Karen Roby spoke with Dr. Pauline Mosely, professor at the Seidenberg School of Computer Science at Pace University, about cybersecurity and the career opportunities it's launching. The following is an edited transcript of their conversation.
Pauline Mosley: Unfortunately, many times companies and corporations are compromised and hacked, and it's then after the fact that their data has been breached and compromised, they realize the value of their business and the data. Then they want to bring in security and they want to pump it in. It's not something that. It's like your house, you think you're fine until it's robbed. Once it's robbed and you've had that feeling of lost data, then you want to secure everything.
SEE: Cybersecurity: Let's get tactical (free PDF) (TechRepublic)
I think companies and corporations moving forward, if they had cybersecurity experts to let them know that, "Your data is at risk or there are parts of data or your organization could be at risk. We need to secure this, and how do we secure this and how do we police this? And what are security policies?" Then I think the companies would be in a better position, not to say that we're going to eliminate that because it's just like your house. But the thing is we want to lessen the risk. Lessen the risk of securities, lessen the risk of data being breached and data being compromised and being vulnerable.
I think yes, if there were voices at the table to express the importance of this, it would reshape and impact how companies and organizations really handle their data and really implement policies throughout. I know most people don't like to change their passwords and they put them on little sticky notes and they have 'em all around, but if you had a chief security officer, someone who was really vigilant on mandating and implementing policies, and educating employees on the importance of security, then this would definitely secure the overall organization. And on certain institutions, certain industries, I should say, like healthcare and finance, security is very, very critical. That's not something that needs to be taken lightly because the information is very sensitive.
If the information becomes more and more sensitive and more critical, then there does need to be additional measures of security. And that's why it's important to have a breadth of perspectives, not just a male perspective, but also a female perspective as well, to bring in that dimension of how security should be enforced and how it should be ... What the procedures are and how it should be disseminated and how it should be implemented throughout. It's very, very important.
SEE: Professor creates cybersecurity camp to inspire girls to choose STEM careers (TechRepublic)
Karen Roby: For somebody like you who works with students on different levels, are you starting to see that they're starting to realize more, "Wow, I have a lot of opportunity ahead of me if I pursue this and can stick with this"?
Pauline Mosley: Oh, absolutely. The field is growing, and I think our students see, they read every day in the paper, some company got breached or something got stolen or some phone was hacked. They realize the need for securing these devices. We've had an explosion of technology of all different types of devices, more devices coming out. And even now we're doing remote training and the fact that we need to secure these communications and we need to secure the interchange of information and data over these various data streams is critical, is very critical. There is a huge need on how to do this and how to design this and how to always improve them more. So there's a market there, and I think the students see that. And we're happy, at the university, we're happy to have this wonderful program where we can train students to be cyber practitioners and professionals in this field as such. This is a very exciting time for all of us.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)
- Shadow IT policy (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- All the VPN terms you need to know (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)