BLOG

Cybersecurity is the key to keeping nefarious actors from accessing a network. We teach the skills necessary for students to take what they have learned in the classroom into the real world where they can, hopefully, apply their new skills in an effective manner. Professors have a tough job; students all come with different levels of understanding, and sometimes the prerequisite courses have not prepared them to do well in more advanced courses. It is important when structuring a cybersecurity program to build a solid foundation that enables students to be successful not only in the classroom but also in the real world.  

Real-world application is where the rubber meets the road. We do not want to just graduate students. We want to graduate cybersecurity professionals who are capable of protecting against any attack sent their way. This requires intentionality in the way we train. If we are honest, we know we are falling short in some areas. As one professor to another, I suggest you consider bolstering lessons on the following four topics where we are falling short of making sure our students are competent. 

Teaching the Basics
Software installation should be a common task for anyone working in the computer science field. It is a core skill that anyone with a computer science degree should be able to do well. The challenge is that many students who are required to install virtual machines, packet analyzers, or similar cybersecurity tools are unable to install and configure the software. Professors need to ensure this skill is included in earlier classroom education, so students are fully prepared for the more difficult tasks that come in later coursework. Without these skills, students will waste a valuable amount of time trying to troubleshoot the problem instead of completing assignments. 

Troubleshooting problems with software, hardware, and networks is another core task for Computer Scientists. A cybersecurity professional will be poorly prepared to defend a network or test the security of a system if they do not understand how those systems function, what configuration is needed to keep the system secure, and how to identify and resolve common vulnerabilities. A detailed understanding of how to troubleshoot is necessary for students to recognize potential security breaches and to be able to pinpoint what changes a hacker may have made on the system. This is a skill they will need in real-world environments and professors should help them master it in the classroom. This is directly related to understanding the different types of common operating systems. 

Most students are familiar with Windows at the user level but need to understand it and other operating systems from the position of an administrator. After a hacker successfully penetrates a system, they usually start looking for ways to elevate their privileges and access sensitive information. A good hacker knows where to look for password files on many different operating systems. They know which processes need to be shut down to disable logging, antivirus, and other security applications. They understand how the applications interact with each other and the services they provide because they have spent a lot of time learning about each of the elements. Cybersecurity students need these same skills. Investigating a hacking incident requires a student to follow the activities of the hacker to determine what actions were taken. This is only possible if they have a detailed understanding of how the operating systems work individually and within a network environment. 

Building from the Ground Up
The best way to understand how a network works is to design one from the ground up. Students should have familiarity with where network devices should be located, how traffic flows through a network to each individual system, the protocols that enable common applications to communicate, and how each of these can be disrupted. Monitoring traffic flowing in and out of the network will not make much sense if one does not understand how the different devices work and what normal traffic looks like. Designing a network gives students practical experience with routers, switches, and firewalls, and how each device can be used as part of a larger security architecture. Professors need to prepare their students to know more than the hacker they will face in the future.  

It can be said that the best hacker was first a system administrator. It can also be said that the best network defender is someone who knows how to attack systems. There are many interconnected areas of this field, and we need to accept the reality that most cybersecurity professionals work in analytical roles that monitor network traffic to defend a particular network. Only a small percentage of students go on to be part of a red team that tests a network’s defenses. But the skills of a hacker are needed to be a great defender, and the skills of a system administrator are needed to understand the intricacies of working through a network once it is successfully penetrated. 

I never want to graduate a student who has not learned the skills needed to be successful in the field. If I do, I have failed them. Every student who passes a course should be able to put what they have learned into immediate practice. Some of the skills listed above are taught in undergraduate computer science courses, but many schools have begun offering undergraduate cybersecurity degrees which leave out many of the traditional skills computer science students have learned for decades. This shift has left a gap in knowledge and robbed graduates of the well-rounded skills they need to critically think through the technical challenges they will certainly encounter. We need to keep teaching all the fundamentals of cybersecurity and at the same time make sure our students have the foundational knowledge they need to understand the full picture of computer network defense.