Skills gap in cybersecurity creates job opportunities for DCCCD students
By Dallas County Community College District
Jul 6, 2016
Print this page
Email this article

Dallas – Thieves who stole $101 million from the Bangladesh Bank earlier this year didn’t use guns to threaten bank tellers or drive a stolen vehicle for their getaway. Instead, they used their sophisticated computer networking knowledge to hack into the bank’s system and escape with one of the largest thefts in recent criminal history. The cyber thieves would have stolen $1 billion, but they misspelled the word “foundation” in one of the transactions, which alerted the bank’s cybersecurity personnel. (The bank eventually was able to recover $20 million after the initial theft.) 

The hacking of the Bangladesh central bank is only one of the latest in a series of breaches by cyber criminals. In 2015, hackers broke into the U.S. Office of Personnel Management system and stole the identities of more than 21 million people, including current and former federal employees and others who either had security clearances or who had applied for them. 

Those incidents highlighted what many cybersecurity experts have known about for some time: There just are not enough skilled professionals to defend the computer networks of government agencies and private industry. 

The cybersecurity jobs outlook: HOT 

IT consulting firm Enterprise Strategy Group estimates that 46 percent of organizations say they have a “problematic shortage” of cybersecurity personnel. In 2015, that figure was 28 percent, which points to the growing shortage. 

“The industry is booming because the threat exists in every single business sector,” said Jason Alvarado, digital forensics instructor at Richland College. “It’s the place to be in tech right now because it’s all about cybersecurity these days.” 

Alvarado, who teaches cybersecurity as part of the digital forensics program at Richland, said organizations have to go beyond “box checking” when it comes to cybersecurity. “They need to keep investing and thinking about their security,” he added.  

PriceWaterhouseCoopers (www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/2015-us-cybercrime-survey.pdf) found in a 2015 study that 79 percent of firms acknowledged they had experienced a cybersecurity incident during the previous 12 months. In addition, 76 percent of executives and security experts in private and public organizations said they were more concerned about cybersecurity threats than they were the year before. 

The situation is not much better at the federal level. A study from research firm Vormetric (www.vormetric.com/company/newsroom/press-releases/us-federal-it-security-professionals-90-percent-report-agencies-vulnerable-to-data-threats-61-percent-experienced-a-data-breach) found that more than 60 percent of federal agencies have suffered a data breach, and 90 percent of federal organizations consider themselves vulnerable to attacks. 

New threats are emerging 

Rod Lamb, lead faculty member for the computer information technology program at the Dallas County Community College District, said organizations which possess valuable personal information now need to be concerned about ransomware, a type of cyber extortion in which hackers take control of an organization’s computer systems and then demand payment in exchange for the release of the data. Lamb said several hospitals recently were paralyzed by cybercriminals who hacked into their computer systems and hijacked patients’ records. The hackers then extorted thousands of dollars from those hospitals before relinquishing control of the information.  

“The case in a Kentucky hospital was unusual because they only demanded $1,700 to unlock the computer system. The one in Los Angeles [California] was $17,000. What’s to stop them from asking for a half million dollars next time?” Lamb asked.  

DCCCD students offer insights 

Alvarado said the Dallas area always has been a hub for high-tech companies, and the threat of cyberattacks has elevated the need for security specialists. He added that Richland has a comprehensive, hands-on program that gives students who want to enter the industry a distinct advantage. He added that jobs in that part of the industry not only are plentiful but also pay very well. 

According to the latest data from the U.S. Bureau of Labor Statistics, cybersecurity jobs are expected to grow by 18 percent through the year 2024, much faster than the average growth rate for all other occupations in the U.S. The BLS data also show that entry-level jobs pay an average of almost $58,000 a year. In North Texas, the average annual pay for an information security analyst is more than $90,000.  

Statistics like those have attracted Richland student Christine Earl to the college’s computer information technology program. Earl, who earned a bachelor’s degree in philosophy in 2015, said she recognized that the industry is growing in Dallas, and she could apply her analytical skills in a high-tech career.  

“I decided I wanted to get real skills that I can use,” she said. “I have soft skills, too. But the thing about a philosophy major is that you have to read a lot, and you have to know how to pull out information without wasting a ton of time. I think that (skill) definitely helps me. I know how to parse a document, which is incredibly useful.”  

Earl said people in the cybersecurity field need to learn to think like hackers to be able to trace the breaches. She said most people hear about the hacks that have already occurred, but no one ever hears about the successful defense that companies do. “Organizations don’t want to disclose that type of information, such as how many times they successfully warded off people. We hear the bad stuff but never the good stuff. The number of hacks are only going to get more frequent, especially with the increasing complexity of our technology,” she added. 

Richland College's Christine Earl hopes to work in cybersecurity.

Mason Toubs, who plans to graduate with an associate degree in December, said he hopes to gain comprehensive knowledge of networking, hardware and system administration to get a job in cybersecurity. “It’s a very broad field, and there are a lot of different jobs out there. It’s only going to grow,” he said. 

“A lot of new technology is being released these days. Every new technology and every new tool that is invented needs to be researched to figure out their vulnerabilities,” Toubs said. “Otherwise, you will never know what the weaknesses are.” 

Toubs added, “Intrusions are often very simple. Companies will spend millions in equipment, but they may put in bad configurations, or an administrator will put a yellow sticky with their password somewhere.” 

Duy Vo, a 33-year old student from Vietnam, already worked as a cybersecurity analyst at a bank in his native country. He has a bachelor’s degree in physics and hopes to earn an associate degree in computer networking to bolster his career. 

“I’m studying for a career for the rest of my life,” Vo said. “After I graduate, I want to transfer to the University of Texas at Dallas and eventually get a job where I can focus on network vulnerabilities and prevent hacks.” 

Cybersecurity offers opportunities for career changes  

Lamb said he’s not surprised that people who have bachelor’s degrees are showing interest in joining the cybersecurity industry. “I just had a student who had earned a bachelor’s degree in biology who found out he needed at least a master’s (degree) in order to get a job,” Lamb said.  “He explored job opportunities and came here specifically because he thought the job market in IT was better than anything he could do with a master’s in biology.” 

Alvarado said he has taught students who are still in high school, graduate students and even people with doctorates. “I had a student who was a chemical engineer, founded his own company and retired at 34. He came here looking for the next big thing. He’s now taking CISCO networking courses,” he added. “People are coming here to shore up their education.” 

The skills gap in cybersecurity likely will not abate any time soon. But even if a company or government agency spends record amounts of money and hires the best people to improve its cyber defenses, a chance always exists that someone on the inside will get away with highly-guarded data. Lamb said Edward Snowden and Bradley Manning both stole top-secret, sensitive information from the National Security Agency and the Department of Defense, respectively. 

For more information about the cybersecurity and digital forensics program at Richland College, email Jason Alvarado at JAlvarado@dcccd.edu.