When you have a difficult question, it’s always best to turn to a subject matter expert for answers. In our blog series, Ask An Expert, National University faculty take turns answering challenging questions in their areas of expertise.
In this post, we put the focus on cybersecurity. We asked Professor Bill Reid, the Academic Program Director for the Bachelor of Science in Cybersecurity degree, to share his thoughts on how cybersecurity can be improved.
Today’s cyber landscape is replete with evolving threats. From spam emails to high-profile security breaches, users today face a wide variety of risks any time they go online.
As cyberthreats evolve, they are also becoming more expensive. According to the IBM-sponsored 13th annual Cost of a Data Breach study, the global average cost of a data breach in 2018 was $3.86 million, an increase of 6.4 percent over the previous year.
For industry professionals and casual internet users alike, this begs an important question: How can cybersecurity be improved? According to National University Professor Bill Reid, the answer lies in understanding today’s threats — and correcting user error.
Q & A
Q: What are the biggest cyber threats facing organizations and individuals today?
If you talk to anybody in the field, one of the top threats they’ll mention is social engineering — which is where a user is tricked into revealing personal information, usually through a fraudulent email. Second to that would be ransomware, which is malicious software used to target a lot of big organizations.
In the past, hackers sat at home and tried to break into networks. They don’t do that anymore. They use phishing campaigns and other forms of social engineering. If they send out a phishing campaign to a thousand people, they’re going to get at least 100 people to respond to it.
Q: Why are these threats so effective?
Part of it is that organizations aren’t training their employees as much as they should. New threats are coming out monthly — even daily. So companies need to be more diligent. And the fact that the organizations are allowing individuals to work on mobile devices doesn’t help. A company’s last line of defense used to be its firewall, but now their employees can access work emails and documents on a mobile device, away from that boundary.
Q: How can cybersecurity be improved?
People are spending more money on equipment to keep hackers from coming into the network, but you have to assume that someone is already there. You’re going to get breached, so you need to pay attention to links and attachments and verify where they’re sent from. Always keep in mind that banks and other financial institutions will never ask for your information in an email.
Ultimately, how can cybersecurity be improved? It comes down to training, training, training. With phishing emails, for example, companies need to invest time training staff to identify these messages. If you receive a link that’s supposedly from a coworker, just verify that he or she actually sent you the attachment before you open it. You will always have a number of users in an organization who are not security conscious, so you need to be continually training staff. Users are the weakest link and your biggest vulnerability.
Q: How does National University’s Bachelors in Cybersecurity online program prepare students to combat these threats?
We’re a National Center of Academic Excellence in Cyber Defense, a designation granted by the National Security Agency and Department of Homeland Security. What that ultimately means is that we’re teaching what the NSA and Homeland Security believe students need to know in order to work in the field. We’re recertified every five years, so our curriculum is continually updated with the latest information.
In addition to our cybersecurity classes, students gain hands-on experience through their capstone. During this three-month assignment, they find a real company to do a project with, whether it’s a vulnerability assessment, a penetration test, or overall security improvements. It’s a practical opportunity to put their knowledge into action.
Getting Your Bachelor’s in Cybersecurity Online
Ready to launch — or advance — your career in cybersecurity? Consider joining Reid and other cybersecurity experts at National University. Through our Bachelor of Science in Cybersecurity online program, you can gain the skills and knowledge you need to help organizations and individuals protect themselves against online threats.
You can request information about National University’s cybersecurity online degree on our program page or contact us with questions at [email protected]
ABOUT OUR EXPERT
After retiring from a more than two-decade career in the U.S. Navy, Professor William Reid turned to a longtime hobby: computers. Working as a government contractor, he led a team managing Naval Special Warfare information, where he developed an interest in cybersecurity. Professor Reid went on to earn his master’s degree in Project and Information Systems Management, after which he began his teaching career at the University of Phoenix. Prior to joining National University in 2013, he was Dean of Education at Coleman University, Today, Professor Reid leads the National cybersecurity degree programs as the Academic Program Director.