UMBC’s Cybersecurity graduate program director, Dr. Rick Forno, shared his insights on the cybersecurity industry in this interview. 

Why do you think there is a high demand in the cybersecurity field?

Cybersecurity touches every aspect of modern society. So cyber jobs are plentiful throughout the country and around the world. In fact, cybersecurity is no longer viewed as something exclusively in the computer science realm. Cybersecurity touches on business risks, national security risks, privacy, and technology. So there is a huge and sustainable demand for cyber professionals.

Being in the cybersecurity industry is exciting for one pretty important reason. There’s never a dull day. There’s always something happening somewhere that may affect you. Any cyber professionals need to be on point and aware of what’s going on to be able to adapt to respond accordingly.

Why is UMBC well-suited geographically to deliver cybersecurity education?

For years, Maryland has been unofficially termed the epicenter of cybersecurity.  As our former governor, Martin O’Malley, once said, “We are the epicenter of cybersecurity. We have government agencies surrounding us like the National Security Agency, DISA, Cyber Command Centers for Medicare and Medicaid, and the National Institute of Standard Technology.”

Government agencies and contractors like Northrop Grumman and Lockheed Martin, help support these organizations. They also help support startup companies, governments, local governments, utilities, and banks.

In fact, the DC, Virginia, Maryland region is really ground zero for American cybersecurity. There is a wealth of opportunity here in education and training, and certainly an employer demand. At any given time, there are probably about ten to twelve thousand unfilled cybersecurity vacancies in this area. So we are truly blessed by geography here at UMBC.

How critical is advanced education in this field?

Education in any field is critical. To learn the fundamentals through advanced education when you become a specialist in a field like cybersecurity is more important. Advanced education reinforces not just the technical things that you may have learned through training or in your undergraduate years, but also provides you with the context of the real world. National security and corporate security aspects of cybersecurity are just as important as the technical.

If you think about advanced education as a ladder, as an entry-level employee, you’ll have an undergraduate degree and a specialty in a discipline in computer science or cybersecurity. With an advanced degree, such as what we offer at UMBC, will give you the knowledge to build on that technology foundation. It will arm you with the tools to put all that into context to be effective as a practitioner as you go through your career.

What kinds of skills are cybersecurity employers seeking in employees?

Currently, employers are looking for a combination of skills. Just being a cybersecurity geek is not good enough. You also have to be knowledgeable and competent and have soft skills that allow you to be a team player and work well with others in a corporate or an enterprise environment. Also, you need to write well and think critically. All of these skills are important to be a truly well-rounded and effective cybersecurity practitioner who is poised for success throughout his or her career.

What kind of background is ideal for the cybersecurity industry?

For those entering cybersecurity, whether you’re just starting off as a recent graduate or you’re transitioning into the cybersecurity field, keep an open mind about what cybersecurity is. It’s not just hands-on keyboard geek stuff. Certainly, cybersecurity is rooted in technology. But you could be an English major or have a business or a criminal justice background and there’s still a place for you in the cybersecurity profession. It is truly interdisciplinary.

What does a day-in-the-life of a cybersecurity professional look like?

For entry-level people starting out in cybersecurity, a typical day will be fairly routine. An entry-level person may perform simple things like configuring firewalls, looking at log analyses and responding to helpdesk problems for viruses or malware. Though these tasks are basic, they help shape you to grow in your profession. With this foundational experience behind you, you’ll likely start taking on more responsibility, which is where the professional skills come into play. You have to be a good leader to manage a cybersecurity team that is responding to the cybersecurity threats and risks that are out there.

How can a person stand out in the cyber job market?

To stand out in the job hunt in a fairly competitive field like cybersecurity, you must show commitment. The important thing is not to just have a degree or credentials after your name or on your resume. It’s also important to show the depth of your commitment to the discipline and profession. So the degree and certifications are great, but what are you doing beyond that?

Are you attending conferences? Do you have a blog where you’re discussing cybersecurity, privacy issues, or technology? Are you helping to run conferences? Have you participated in extracurricular work? Adding these extras into your life will go a long way towards making you stand out at the undergraduate level.

Companies are looking at students who have been involved in cyber competitions, capture-the-flag competitions, or regional or national cyber challenges. They are pretty much-guaranteed jobs because companies know they have a commitment to cybersecurity, and to learning and growing that extends far beyond just the classroom.

How can someone best get started?

I advise students to think very broadly when looking for cybersecurity jobs. Even if you’re starting off in the field, you should not limit yourself to just jobs with cybersecurity in the title. Look at broader things like networking and risk, and then see if those can be ways to get you in the door. Then, you can begin doing more cybersecurity activities and start your career from there.

Something to keep in mind, even though there’s a heavy defense component in the DC, Virginia, Maryland area, if you work for a private company or certain government agencies, you don’t need to be a US citizen or have clearance to work in cybersecurity. Certainly, you do if you’re going to work for the US government.

Cybersecurity is exciting, dynamic, and always interesting. It is one of those disciplines that really is a protector for a modern way of life, so there is a great purpose in the work.

Ready to Extend Beyond?

Check out UMBC’s graduate programs in Cybersecurity.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.