Universities that have an expansive sense of cybersecurity, offering programs that go beyond just teaching code, may be better positioned to help their graduates find jobs and help the country thwart costly or deadly attacks. Following are some of the institutions that have developed such programs:
The U.S. Naval Academy, given its clear career focus, has a set template for undergraduates who study cybersecurity: They learn technical skills in the early years, then apply those skills more broadly later by taking courses in policy, law, and other fields. It’s an important balance, says Martin C. Libicki, a visiting professor of cybersecurity studies at the academy. “We’re not talking about people who are going to be looking at zeroes and ones their entire lives,” he says.
Northeastern University, which is known for experiential learning, has a goal of creating “cyberliaisons,” says Ryan C. Maness, a visiting fellow in political science and security and resilience studies. (The term “resilience” refers to specialists who know enough about both computers and a specific field to be able “to talk to the boss” about any cyber-related issue a company may face.) In its first two years of producing graduates, the Northeastern program has had a 100-percent hiring rate, Mr. Maness says.
Harvard University teaches a course aimed at people already in real-world jobs — marketing executives, managers, lawyers, and others — who want to learn the basic issues involved in cybersecurity. Interest in the course has boomed, says one of its instructors, Benoit Gaucherin, who is the head of IT and security for campus services at Harvard. Some 226 students enrolled last semester, up from about 60 just two years ago, he says.
Le Moyne College, in Syracuse, N.Y., features “Cybersecurity for Future Presidents,” a course aimed at budding corporate leaders. It was created by a visiting professor, Carl E. Landwehr, a veteran government-computer expert who is now a cybersecurity research scientist at George Washington University. He designed the course to give policy leaders essential cybersecurity concepts.
Indiana University is adding cybersecurity content to programs like law and business, to better integrate security into specific contexts where computers are used. In many cases, says Fred H. Cate, Indiana’s vice president for research, experts understand secure computer practices, and the challenge lies mostly in getting them to put them in place. “At heart,” Mr. Cate says, “cybersecurity is not a technical problem.”
Columbus State University teaches an “Introduction to IT” course that draws 300 to 400 students each semester from fields like nursing, the arts, and business. But even with a strong push from above, not all departments are jumping in yet, says Wayne Summers, a professor and chair of computer science at the university. “It’s going to take some time to get everybody on board.” he says. Those already benefiting from the change include Justin L. Sewell, a Columbus State undergraduate from Georgia who is pursuing a double major in accounting and computer science. He envisions a career in auditing at a public accounting firm, and sees Columbus State giving him a good background in coding as well as in more open-ended problem-solving. For him, the balance is critical: “Technology continues to grow, and the bad guys are always figuring out new ways to do bad things,” he says.
Paul Basken covers university research and its intersection with government policy. He can be found on Twitter @pbasken, or reached by email at paul.basken@chronicle.com.