In today's technologically dependent society, there are an increasing number of ways that information can be stolen and greater need for security.
Cybersecurity analysts at ASU are working to keep students' data safe from the dangers of online hackers.
Adam Doupe, an assistant professor and associate director for the Center for Cybersecurity and Digital Forensics, said that technology users' data is always at risk of being exploited for the profit of criminal hacking groups.
“People, organizations (and) companies are constantly under attack,” Doupe said. “What we've seen over the last 10 years is the shift to more and more kinds of crime based cybersecurity where people are trying to monetize things.”
Doupe said these attacks can happen at any time and it is the goal of cybersecurity professionals to keep data and information safe.
“I kind of always like to conceptualize it and think about defending a castle,” Doupe said. “So, if you're in charge of defending a castle, you have to defend every possible way that somebody could break into your castle, but the attacker only needs one (entry). If there's one break that the attacker can pull and the wall falls down, then all of your other defenses were worthless.”
A part of Doupe’s job at ASU is to teach students the fundamentals of cybersecurity, of which offense is a critical component.
“To have a really good defense, you need to understand what the offense is capable of,” Doupe said. “So you're never going to be a great person defending a network if you don't understand the capabilities of the best hackers in the world; and so because of that, you have to teach offense.”
ASU cybersecurity professionals said the need for people in the field has grown dramatically in the last 10 years.
According to the U.S. Bureau of Labor Statistics, the cybersecurity field currently has a 0 percent unemployment rate, compared to the 4.3 percent national rate.
Nadya Bliss, director and professor of practice for ASU’s Global Security Initiative, said this statistic, as stunning as it is, is in line with the truth.
“I think it would be accurate to say that the need for cybersecurity expertise outpaces the amount of people in that field.” Bliss said.
Bliss said she attributes the harsh demand for more cybersecurity personnel to the lack of students, particularly females, joining the field due to a warped stereotype of what a cybersecurity programmer is.
“We often think about hackers (as) someone who is trying to take the system down, when in reality, a hacker could be a white-hat hacker, and his job is actually to protect computer systems and identify vulnerabilities in those systems,” Bliss said.
Bliss said she also finds that the job tends to discourage many people from going into the field of either computer science or information technology.
"(This is) because those images often tend to be mostly men, and I think for us to actually build secure systems and build security we need a diversity of people in the field, and all kinds of diversity from gender and race diversity to disciplinary diversity," Bliss said.
The cybersecurity field is not limited to simply programmers, but also individuals specializing in business, law and physical security.
“You need people that understand and can interact very well with users," Bliss said. "You absolutely need legal and policy aspirants and you need to certainly focus in the business community that understand things like writs.”
Victor Benjamin, an assistant professor at the W.P. Carey Department of Information Systems and co-director of the Actionable Analytics Lab, said that because of the new technologies that are being developed and designed daily, the need for safety is only going to grow more important.
“I think it’s just going to develop into an integral way of life just like social media has and how computers in general have been, and security is going to be part of that domain as well,” Benjamin said.
Benjamin said the potential for damage that criminal hackers can create will only increase exponentially, especially as technology for the human body, such as prosthetics and pacemakers, becomes more and more commonplace.
The harm that users could suffer can, as technology progresses, eventually transform outside the realm of personal information and into physical or psychological harm.
“(Cybersecurity) has definitely evolved from being nerds in a basement to a real team effort, and it’s drawing from people of all different backgrounds,” Benjamin said. “So, it’s a great time to get into it, and it’s is going to be a problem for the foreseeable future. It’s not going to be a job that goes away.”