Cyberattacks are surging in all categories of the digital sphere and are likely to become more frequent and damaging, says Alexander Perez-Pons, associate professor in the Department of Electrical and Computer Engineering.
With high profile attacks on network management company SolarWinds; the Colonial Pipeline; meat processing company JBS; and software firm Kaseya the urgency for professionals who can counteract, contain and even prevent network breaches has moved to the forefront, highlighting the great need for graduates with a master's in computer engineering, which focuses on network security and takes just 10 months to complete.
“If you look at the horizon, there will be what looks like an explosion in IoT devices—more devices everywhere recording, monitoring, gathering information,” says Perez-Pons. “These devices make our lives easier, but how can security now not be a major factor?”
When looking at the past 30-plus years of devices and programming, Perez-Pons points out that decades ago, the main push was the functionality and capability of a product. Security for devices was not a main component.
“Consumers assume that companies are doing their due diligence to protect their data with security measures,” cautions Perez-Pons, who admits he does whatever possible to keep his exposure limited.
One common security measure that is taken to limit data exposure is using two-factor identification. Information is a commodity that can be traded even when there are security measures in place—there are privacy concerns today that question how much control you have over your data, he explains. There’s always a possibility that somebody may try to gain access to your devices and this is why two-factor identification is a good thing because it protects the network.
“Minimizing your digital ‘surface’ or exposure is a good way of thinking,” says Perez-Pons, and it starts with cybersecurity that considers network security. “So, if the networks are safe, good communication can take place and anything that is suspicious or could have malicious intent can be identified and stopped before it goes further.”
This was the case in the Kaseya breach. Kaseya is an IT and security management solutions provider for managed services providers and small to medium-sized businesses. The company responded quickly to a ransomware attack on its network infrastructure that was launched over the Fourth of July holiday weekend. The company found the network breach and was able to limit the effects to about 50 of its 35,000 customers, provide a decryption key and avoided paying a ransom.
“Cyberattacks are on the rise, and it’s no longer a question of if, but when. Network security is here to stay as companies need to be diligent about their security posture,” says Fred Voccola, CEO of Kaseya. “There is an untapped gold mine of professional opportunities in this area, which comes with job security for the long-term.”
The urgency to help stop the breaches has the current federal administration moving to boost critical infrastructure. Collaborative work is being initiated across agencies to ensure new methods are used to prevent attacks. This is an evolving industry, however, insists Perez-Pons. One where professionals in the field need to be many steps ahead of criminals and be prepared with the latest methods and knowledge because it’s a shifting surface. It’s not static—he stresses that what we secure today may not be secure tomorrow—it’s ongoing.
Because of the shifting nature of the field, many professionals are seeking education and training in the latest techniques with higher education and certifications, such as with the master’s degree in computer engineering, notes Perez-Pons.
M.S. in Computer Engineering: Network Security
The fully online M.S. in Computer Engineering, which focuses on network security, offers students exposure on how to configure firewalls and how to be able to secure whole networks for organizations, Perez-Pons says. In addition, the program provides preparation for valuable certifications including Network+, Security+, and Certified Ethical Hacker (CEH).
“It covers what's involved with when you communicate and how you need encryption, to make sure that if somebody is sniffing or doing a man-in-the-middle attack, they're not going to see that information has been transmitted in plain English,” says Perez-Pons, who describes the forensic techniques that are used, including reverse engineering needs to limit or neutralize ransomware or malware attacks.
Many of Perez-Pons’ students are professionals already working in the field, looking for an “uptick” in their careers to specialize and move into a higher earning bracket. The fact that the degree is offered online offers a great advantage to those who work, he notes.
The National Security Agency (NSA) and the Department of Homeland Security (DHS) have designated FIU as a National Center of Academic Excellence in Cyber Defense Education. The designation, pioneered by Perez-Pons, helps FIU meet the growing demand for professionals with network and cybersecurity expertise in various disciplines.
“We have to be 100 percent right all the time. If we just have one small weak link, and an attacker finds that, they only have to be right once,” says Perez-Pons. “As you can see, the demand is huge.”