With the increasing frequency of ransomware attacks and data breaches alongside advances in artificial intelligence, the field of cybersecurity is rapidly evolving. From developing advanced real-world skills to continuously learning, today’s graduates heading into the cybersecurity field need to be ready to protect businesses and society.
What types of cybersecurity issues could we see in the next five years (software, infrastructure, IoT and embedded)?
Ransomware attacks and data breaches are likely to increase in frequency and sophistication. Health care, financial services and critical infrastructure will continue to be prime targets for cybercriminals seeking financial gain through extortion and theft of sensitive data. Nation-states may also ramp up state-sponsored attacks for espionage or to disrupt adversaries’ critical systems. As more devices like appliances, vehicles and medical devices become internet-connected, this will expand the attack surface vulnerable to exploitation. Cloud services will also be a growing security concern as organizations rely more on cloud storage and computing.
Artificial intelligence could be weaponized to automate and scale attacks for maximum impact through personalized social engineering, targeted phishing, network worm propagation and intelligent evasion of defenses. The cybersecurity skills gap could worsen and hamper defenses if more people are not trained in cybersecurity and more hiring initiatives do not materialize. Organizations will need to prepare for these emerging threats through security awareness training, robust technical controls, monitoring for new attack patterns, and fostering a resilient cyber posture across business units.
What effects could these breaches have on businesses and society?
For businesses, data breaches can lead to significant financial damage and reputational harm. The costs associated with investigation, recovery, legal liabilities and loss of customer trust can be immense, especially for major breaches involving sensitive customer data. Intellectual property theft through cyberespionage also erodes competitive advantage. Attacks that disrupt normal business operations can lead to huge productivity losses and costs to rebuild compromised systems.
For society, effects include potential threats to public health and safety if critical infrastructure like power grids, transportation systems or hospitals are successfully attacked. Ransomware campaigns against government agencies and schools can cause major disruption of public services. Mass personal data leaks from big companies or government databases can undermine consumer trust and enable identity fraud and financial crime. Cyber-enabled influence operations that spread misinformation can exacerbate political divisions and undermine democracy. Overall economic productivity may be hindered as well.
What high-level skills are needed beyond basic tech support knowledge to prevent the rise of these types of cybersecurity crimes?
- Advanced understanding of network architectures, operating systems and application vulnerabilities. Security experts need to know where the weaknesses lie in an organization’s IT infrastructure and how adversaries can exploit them. This requires keeping up with the latest threats and research.
- Proficiency in security tools like intrusion detection and prevention systems, firewalls and endpoint protection platforms. Experts need to use these technologies proficiently to monitor networks, detect anomalies, analyze threats and respond quickly.
- Governance and risk management expertise. Developing comprehensive policies, compliance frameworks and risk mitigation strategies tailored to the organization's needs and aligned to industry best practices.
- Ongoing learning mindset. The technology and threat landscape evolves rapidly. Cybersecurity experts must continuously expand their knowledge and skills through training, certifications and hands-on experience.
The University of St. Thomas is offering a graduate certificate in cybersecurity. How is it different from what’s previously been offered?
Our new graduate certificate in cybersecurity provides comprehensive training for the next generation of cybersecurity professionals through a curriculum designed to develop real-world skills. Students are immersed in hands-on labs and exercises that ground them in the latest techniques for ethical hacking, threat detection, incident response, risk management and security operations.
The courses move beyond theory to build the technical expertise required in areas like penetration testing, digital forensics, firewall and intrusion systems, and security information and event management. Students assess vulnerabilities in their own closed environments, gaining critical experience from an attacker’s point of view. Important concepts like networking protocols, operating system architectures, and securing cloud infrastructure are covered to round out foundational knowledge. Our faculty are experienced cybersecurity practitioners who guide students through developing holistic skills in governance, policy and risk strategy.
How will the certificate help set up future generations of graduates heading into cybersecurity fields for success?
Our hands-on, comprehensive approach makes this graduate certificate an excellent pathway for launching or leveling up a fulfilling cybersecurity career. The program develops multifaceted skills beyond basic tech support that organizations desperately need – providing a pipeline of qualified talent ready to architect robust defenses across public and private sector enterprises. Our students graduate workforce-ready, with the latest cutting-edge knowledge for defending organizations on Day 1.
Manjeet Rege is a professor and chair of the Department of Software Engineering and Data Science at the University of St. Thomas. Rege is an author, mentor, thought leader, and a frequent public speaker on big data, machine learning, and artificial intelligence technologies. He is also the co-host of the “All Things Data” podcast that brings together leading data scientists, technologists, business model experts and futurists to discuss strategies to utilize, harness and deploy data science, data-driven strategies and enable digital transformation. Apart from being engaged in research, Rege regularly consults with various organizations to provide expert guidance for building big data and AI practice, and applying innovative data science approaches. He has published in various peer-reviewed reputed venues such as IEEE Transactions on Knowledge and Data Engineering, Data Mining & Knowledge Discovery Journal, IEEE International Conference on Data Mining, and the World Wide Web Conference. He is on the editorial review board of Journal of Computer Information Systems and regularly serves on the program committees of various international conferences.