Help Wanted: Cybersecurity professionals. Must have detective-like instincts, be able to identify cyber threats and protect computer systems against knowledgeable, well-equipped foes. Rewarding career with excellent starting pay.
“Help Wanted” signs like these should be plastered at every university and high school in the land to let students know how strong the demand and need is for cybersecurity professionals, says Vance Saunders, director of the cybersecurity program in Wright State University’s College of Engineering and Computer Science.
“Cybersecurity is just busting out all over the place,” said Saunders. “It is being advertised as the first discipline with a zero unemployment rate.”
There are currently an estimated 210,000 unfilled cybersecurity jobs in the United States and 1 million worldwide. Every university on the planet would have to graduate 50 cybersecurity students every year to meet the demand.
Wright State is the only public institution in Ohio that offers a technical master’s degree in cybersecurity. Since Saunders arrived as director in 2014, the university has added an undergraduate and graduate-level certificate in cybersecurity. And it is in the process of adding a curriculum that will result in an undergraduate degree in information technology and cybersecurity thanks to Mateen Rizki, professor and chair of computer science, and Karen Meyer, program director.
“To walk out of Wright State with an undergraduate degree in computer science and computer engineering with a cybersecurity certificate, you will go to the head of the line,” said Saunders.
One reason to go into cybersecurity is the relatively high salaries. And its ability to make a difference in the world appeals to Generation Z, those born from 1995 to 2010 and who currently constitute a large segment of U.S. college students.
“The other reason is how much fun it is,” said Saunders. “What cyber is really about is digging in and tearing things apart and figuring out how they work — figuring out how the bad guys are doing bad things to computer systems and figuring out how to stop them.”
Saunders acknowledges that thwarting hackers is an unfair challenge because the attack surface of computer systems has so many access points.
“As the good guy, I’ve got to protect a virtually infinite number of ways you can attack my system,” he said. “And the bad guys just have to find one way. And they are just as good, skilled and well-equipped as we are.”
Computer hackers result in an estimated loss of $750 billion a year worldwide. And these aren’t teenagers sitting on their basement couches stumbling and bumbling their way into computer systems. For the most part, these are sophisticated teams of computer experts making up what is called an “advanced persistent threat.”
“These are the guys that keep the cybersecurity professionals awake at night,” said Saunders.
He likens them to people who live in your house, sleep in your bed, wear your clothes, eat your food, and you have no idea they are even there.
“They’re stealing your data, and you don’t know it,” he said.
Saunders doesn’t even like the word “cybersecurity” because it implies that a computer system can be made completely secure. He prefers the phrase “risk management.”
“We have to change this cultural mindset that says we can be 100 percent safe,” he said.
He said the first step is for computer users to have good cyber hygiene.
“Most people are waiting for a cybersecurity professional and/or technology to come solve their cybersecurity problem,” he said. “There will never be enough cybersecurity professionals. We have to start transferring ownership to each individual that wants to ‘live’ in cyberspace, the same way the medical profession transferred part of our health responsibility to us.”
Saunders said users should change their passwords frequently, always update their software and never put their Social Security numbers on the internet.
Saunders grew up in Zanesville, Ohio, the son of a civil engineer father. Three days after graduating from Zanesville High School, Saunders enlisted in the Air Force for what would be a 20-year career.
In 1982, he enrolled at Wright State on an Air Force scholarship and earned his bachelor’s degree in computer science. Four years later he returned to Wright State, again on an Air Force scholarship, and received his master’s in computer science.
He worked at the Air Force Research Laboratory at Wright-Patterson Air Force Base and in 1993 was hired by Ball Aerospace and Technology Corp. in Dayton, where he became the chief technology officer for one of the company’s four business areas.
In 2014, he was named director of the cybersecurity program at Wright State’s College of Engineering and Computer Science.
Saunders is working on getting the program certified by the National Security Agency and Department of Homeland Security. The two federal agencies are collaborating in establishing centers of cybersecurity excellence.
In addition, Wright State’s cybersecurity program has a strong internship component.
“The opportunity to get hands-on experience at the same time you are getting your degree is amazing,” said Saunders. “I get calls from my peers in industry wanting my best students all the time.”
Cyberspace is not just about the internet. It can also affect the control of so-called “cyber physical systems” such as aircraft, trains, automobiles and satellites. Academia is behind in training students to protect these systems from being hacked, but Wright State has started to teach it.
“What does computer science know about the avionics of an airplane?” said Saunders.
The university’s graduate certificate enables engineers who work in areas such as physical plants and aircraft maintenance to get a technical understanding of cybersecurity and apply it in their fields. It is offered completely online and features videos of lectures from a cybersecurity classroom in the Russ Engineering building.
Saunders does not advocate staying off the internet or turning one’s back on the benefits of cyberspace technology.
“It’s wonderful. There’s lots of cool, awesome stuff about it,” he said. “We just haven’t done a good job of educating everybody about it.”