There’s no denying that education, whether through a professional or autodidactic medium, is important in cybersecurity. While it’s not always the case, organizations like to hire people with a formal education. The problem in this case is that most educational institutions do little to foster an understanding of actual cybersecurity.
For the purposes of this blog, let’s take a look at how traditional university Computer Science programs focus on cybersecurity, and why it’s a problem.
The Current State of Cybersecurity in Education
Undergraduates require a certain number of credits from various disciplines in order to earn a college degree. Depending on the major, these requirements will vary. However, the top 10 computer science programs in the United States don’t require a single course in cybersecurity to fulfill graduation requirements. CloudPassage analyzed data from several high-end universities and came to the conclusion that most fail to provide a quality cybersecurity education to their students. As explained by CIO:
CloudPassage assigned a grade to each university, and found that out of the top 50 schools on Business Insider's list, not a single university earned an A for its cybersecurity efforts and only three earned a B -- beyond that, 11 universities earned a C, 28 earned a D and eight earned an F.
In other words, it’s likely that cybersecurity is often neglected, unless a student is specifically pursuing a career in cybersecurity. This means that others, like web developers and programmers, won’t be getting the education required to build a computing system with security in mind.
Universities Have Antiquated Views of the Subject
The problem is that there are still many universities that are reluctant to adopt new practices or alter their curriculum. Consider this; when many colleges and universities were founded, how big of a problem was cybersecurity? Compare that to nowadays, when threats can be found pretty much anywhere in an online environment, and the amount of damage that they can do has dramatically increased (think ransomware). Understanding the basics of cybersecurity is as important in today’s world as knowing how to read and write.
The important thing to remember about cybersecurity is, whether you like it or not, it’s a subject that spans far beyond the realms of computer science. Anyone who uses a computer, tablet, smartphone, or any online device, needs to be aware of the dangers that lurk just below the surface web. It shouldn’t matter which major a student pursues; they need to be taught how to avoid common online threats, as well as how they work and why.
Whether or not your team has a formal education in cybersecurity or not, it’s still your responsibility to educate your employees on security best practices, including how to avoid potential hacking attacks and what to do if they encounter a dangerous situation. Don’t give them a reason to think they’re the exception to your business’s security policies. Remember, nobody is going to care as much about the security of your business as you. Make sure to foster a security-minded workplace, and you can’t go wrong.
Do you think cybersecurity should be required in some way, shape, or form, in all forms of higher education? Should it be the next subject to enter the general education requirements? Share your thoughts in the comments.
Comments