markn.ca
Archive 5 min read

University for Cybersecurity

I am often asked what a good undergraduate program is to take if someone is aiming for a career in cybersecurity. There are plenty of fantastic options but ironically, one I'm not a fan of is an undergraduate focused purely on cybersecurity!

University for Cybersecurity

Watch this episode on YouTube.

Reasonably Accurate 馃馃 Transcript

This is Mornings with Mark episode 57. Thanks for sticking along uh with me along this journey. Um uh really uh excited to talk to you today um about something other than GDPR. I will give you a break from the endless GDPR rant. So we'll get back to that later in the week in a future episode today.

What I want to talk to you about was university and cybersecurity. I've gotten a lot of questions um on a video, I did a while back for National Cybersecurity Awareness Month about how to get started in cybersecurity. And one of the common questions that keeps coming up is at the university level or college level for our friends in the States who are on Memorial Day today.

Um And the question is really what should I be taking? Um If I want to be focusing on cybersecurity in college. Now, again, this is just my opinion. I had a very different route than what most of you are going to take because I've been in this for a very, very long time.

Um And things were different 25 years ago. So, um here's the thing at the end of the day, what you choose for university does not have as big of an impact. I think that you expect once you get your career rolling, it will have a very big impact early on because there's a lot of programs that are targeted at computer science graduates, um, or software engineering graduates to help them bridge into the industry.

Um, now I know there are some cybersecurity specific four year or three year degrees. I'm wary of them. And the reason for the that is this not that they're bad programs, not that they're not offered from reputable institutes. The challenge is simple from a cybersecurity perspective.

You need a breath of knowledge, cybersecurity, um technologies are always going to change, you're going to uh you know what the threat is today is going to be a different um threat. At least the implementation of that threat is gonna change day to day what you need for.

Cybersecurity is a core ability um to think from a risk perspective to sort of flush out the edge cases and a broad technical understanding, not of cyber security, but of it solution delivery, a business systems delivery, you need this breadth of understanding. So that means if you are in university for business, some flavor of business with a strong computer science, maybe a minor in computer science, computer science, software engineering, all of these things are going to give you the basic fundamentals in how it systems and ot systems eventually how these systems work.

And this is a really important thing because then you can apply cybersecurity thinking into these different structures. And this is the fundamental problem I have with how we do cybersecurity today is that we've separated cybersecurity from the rest of the business, from the rest of it delivery and it solution creation.

Now, that's not how we should be doing it. We need to build security in by design. We need to build in privacy by design and you can't do that by slapping it on at the end and sort of bolting it on. That's not how it works.

So when people say I'm going to take a four year degree in cybersecurity or in forensics, that worries me. Um Of course, I say that having a master's in, in uh information security systems of the specialization in forensics. Um but that's a master's, that's a finishing, that's more of a polishing degree.

I think you go for breadth first. You're not going to go wrong with a strong business degree with a minor in one of the um engineering or in computer science, you can't go wrong with computer science, with computer software engineering. You can't go wrong with any type of engineering or really any type of science.

They all give you that same type of mentality. Um And keep your options open, you can take courses you can get experience in cybersecurity, specific things later on down the road. So even if you have a full intention in cybersecurity, I would suggest more of a generic program with a specialization.

I was talking to a young student here in Canada a couple of weeks ago and they were in a generalized computer systems course and they had the opportunity to specialize in cybersecurity, network architecture and a number of other things. And I suggest that, well, that makes sense, specialize in cybersecurity because you're in a generalized program that's giving you that breadth of knowledge.

And you're going to dive a little bit deeper on cybersecurity. That's a great thing. But remember, we've talked about this before on the show, the key principles for cybersecurity are more mental, they're more your approach than anything because the day to day implementation is going to change just as rapidly as technology changes.

So you need that puzzle solving approach. You need that ability to learn rapidly, need that ability to think out of the box. And more importantly to sort of pivot to the left a little bit to look at the problem from a different angle. You need to be able to ask what if now educational formal educational course isn't necessarily going to teach you that outside of fundamentals like the scientific method or some basic engineering approaches.

But what you can get from an undergraduate degree is that persistence that ability to learn that practice in rapidly um acquiring new information, rapidly learning new points of view and get that breadth at university, you're exposed to a wonderful amount of different um thought processes of different um areas of study, whether that's within sciences, within engineering or in the arts or in other areas.

Um I think that's really important and I would strongly advise anybody taking any sort of um post-secondary undergraduate degree to take as much variety as you can just because you want to focus on engineering. Now, I know in engineering tracks, there's not that much room for electives, but take something outside, take something in the arts, take something in music, take something in literature.

Um You want to have that variety and that breadth because the more different points of view, you understand the better uh cybersecurity professional, you will eventually end up being remember early on, you need to focus on the principles because what I started applying cybersecurity to now no longer exists today.

That's just the nature of technology. It moves so fast. Getting those core principles ingrained showing that ability to be persistent, to look from different angles to solve those puzzles, to rapidly learn. That's going to take you a really long way and you can get that in a lot of different degrees.

So just because you might have taken a business degree, doesn't mean you're excluded from cybersecurity. You may in fact be better at it than some other folks. That's my perspective on uh university. Hit me up online at marknca let me know what you think.

Um Hit me if you're watching this on youtube um or on the soon to becoming podcast. Um Hit me in the comments below or email me uh me@markn.ca. Um Let's keep this conversation going. Uh A lot of this content is being fueled from your questions.

Um And I think it's wonderful. I think there's uh no wrong path to cybersecurity. Um But I think we, we can do better and shift where cybersecurity is today by taking different paths, different points of view and coming together in the end. So I hope you are set up to have a fantastic Monday.

Uh I look forward to talking to you online throughout the day as well as tomorrow, coming back to you. Hopefully with more GDPR free content for a couple of days. We'll keep focusing on the topic of education and getting started in cybersecurity. Take care.

We'll talk to you soon.

Share Tweet Share Share Email

Read next