The top cyber security myths CISOs and security professionals fall victim to. Empower yourself with persistent training and skill building instead.
The internet has changed rapidly since its inception in 1983. The way we communicate, consume news and media, shop, and collect data are just a few examples of the way the internet has changed the world. A term you may have heard crop up in recent years is IoT, or The Internet of Things. IoT is about extending the purpose of the internet from use in day to day devices like smartphones and computers to use as a host of connected “things.”
So why would we want to do that? When something is connected to the internet and able to send and receive information, it makes the device smart. The more smart devices we have, the more connected and controllable our environment will become. IoT provides important insights to businesses and people that allow them to be more connected to the world and to do more meaningful, high-level work.
While the Internet of Things holds incredible potential for the world, it also means opening up more avenues of vulnerability for hackers to tap into our infrastructure, our homes, and our businesses. On a large scale, the development of “smart cities” are cropping up, promising better usage of resources and more insights from data among other things. On the other hand, this could allow hackers higher access to critical infrastructure leading to potentially crippling instances of national and industrial espionage. On a smaller scale, things like parking meters can be hacked in order to cheat the system for free parking.
The rise in IoT security must match the explosive growth rates for these devices, which means that a new era of cybersecurity is being ushered in. Nearly half of U.S. companies using an IoT network have been hit by a recent security breach, and spending on IoT security will reach more than $6 billion globally by the year 2023.
Where does this leave us in a world with a seemingly bright technological future that holds such dark potential? As IoT continues to grow and evolve, it’s hard to say what specifics need to be put in place in order to keep it secure. However, there are some good general practices that can mitigate your personal and professional risk of being a victim of a breach.
- Do your research before you buy. Smart devices collect a lot of personal data. Understand what’s being collected, how it’s being stored and protected, and the manufacturer’s policies regarding data breaches.
- It seems obvious, but use strong and unique passwords for your device accounts, Wi-Fi networks, and connected devices (and update them often).
- Use caution when utilizing social sharing features that can expose your location information and could let people know when you’re not at home. This can lead to cyberstalking and other real-world dangers.
- Install reputable security software on your devices and use a VPN to secure data transmitted on your home or public Wi-Fi.
Eventually, there is hope that the IoT industry is able to revolutionize cybersecurity for itself, as compliance and regulation never seem to catch up to the pace required by cyber defense technologies. Since this is still such a new industry and constantly evolving, utilizing the aforementioned tips and tricks will help you stay safe while IoT security gets its footing. There is a lot to look forward to as IoT continues to revolutionize the way the world works, it’s just a matter of time before cyber teams are ready to take on this new wave of security needs.
The statistics are dismal. An estimated 3.5 million unfilled cyber positions by 2021 and today, we have over 300,000 openings in the U.S. alone. According to a New York Times article, “filling those jobs would mean increasing the country’s current cybersecurity workforce of 715,000 people by more than 40 percent,” according to data presented at the National Initiative for Cybersecurity Education Conference. If you’re a student in cyber or are just undeclared, there hasn’t been a better time to consider cybersecurity as a professional career. The field has come a long way from the stereotypical hoodie-wearing, Mountain Dew sipping worker in a dark room performing tedious coding tasks.
Cybersecurity is so much more than that—and it’s exciting! Don’t believe us? At Divergence Academy, we are preparing the next generation of cyber professionals to enter the workforce and alleviate the skills gap through gamified learning. If more institutions adopted such an approach, we as educators would be more successful at not just engaging our students in teaching relevant concepts and theory, but successful at helping them build skills needed in today’s workforce.
Cyber Teaching and Learning Challenges
But before we get into the “hopeful” part of this article, we need to understand the challenges in teaching cyber in the first place. The way that cybersecurity has been taught throughout the years often include lectures, PowerPoint presentations or online models that students complete on their own. Inherently there is nothing wrong in teaching new information in this way. However, the opportunity exists to help students learn how to apply this knowledge to a real-world setting. The act of doing and creating the needed experience is the single most important quality job candidates can bring to an employer and this is the gap Divergence Academy is hoping to close.
When students sit in a classroom, information can be presented in a systematic way, where in real life this may not always be the case, especially in the world of cybersecurity.
When you think of teaching someone how to think like a hacker, you are fundamentally teaching them how to be creative in how they approach a situation.
The concept of teaching someone to think like a hacker is easier said than done, which is why diversifying the way students can process information is crucial. Not every student learns in the way same.
There’s Hope for Cybersecurity: Continuous Skills Acquisition and Application
As cyber educators and instructors, we know there is no “one-way” to teach and that’s the good news! While certifications and technical degrees are a starting place for cybersecurity readiness and workforce development, instructors must think of new methods that provide persistent access to cyber education.
This statement can best be described with an analogous story. If an aspiring baseball player was training for the major leagues and went to practice to hone his/her skills, they would certainly learn something. However, if that aspiring baseball player then applied for the major leagues a year or so later, without attending training leading up to that point, he/she would be a little rusty, wouldn’t you say? The same situation can be applied to cybersecurity. You wouldn’t attend a class or even complete a full degree in cybersecurity and then apply for a job and say you were a “seasoned cybersecurity professional,” would you? Of course not. There is no “final inning” in cybersecurity signaling a professional’s peak of learning and skills acquisition.
Threats evolved day by day and if a student graduates thinking about phishing or malware detection one way and ends up in a work environment where that knowledge isn’t applicable anymore, we won’t be able to help the next generation of cyber pros be successful in their jobs. To keep current students and alumni actively engaged in critical learning, persistent access to cybersecurity training must be employed. In this industry, the only constant in cybersecurity is change, and for that reason (in addition to the multitude of attacks businesses every day), educational institutions can be vigilant in putting learning to work for the businesses and workplaces we rely on to support our daily functions.
As technology and interconnectivity evolve with each passing day, steps must be taken immediately to adopt a pedagogy that values and emphasizes continuous learning to best prepare our students for the career they want. With gamified learning at the helm of a new teaching approach for cybersecurity, we can be on our way to minimizing the cyber skills gap and empowering today’s students in a more effective way.
For more information about our gamified learning cyber courses, visit https://divergenceacademy.com/.
What is immersive, gamified cybersecurity learning? The term was originally coined in 2002 by a British computer programmer named Nick Pelling. The term hit the mainstream when a location-sharing service called Foursquare emerged in 2009, employing gamification elements like points, badges, and “mayorships” to motivate people to use their mobile app to “check in” to places they visited. The term hit buzzword fame in 2011 when Gartner officially added it to its “Hype Cycle” list. But gamification is more than a buzz word. Companies have seen gamification work for them in cyber team training—so we thought it wise to take what is working and apply it at the earlier stages of career development—in the classroom.
At Divergence Academy, we are proud to offer a curriculum that embraces blended cyber learning to cultivate students and transitioning professionals who are ready to enter the workforce and stop today’s cyber threats.
We offer data science, cybersecurity, and cloud computing immersive learning programs that enable students to gain the knowledge and skills needed to work in any of those fields. Many of our courses offer a mix of concept-driven learning and application-driven learning so that students understand new knowledge and, in turn, apply that knowledge in skill building, project-based activities. Through working with messy, real-world data and scenarios, students gain experience across the entire technology spectrum.
Studies find when learners engage in active learning, hands-on activities, their information retention rates increase from 5% (with traditional, lecture-based methods) to 75%. The millennial generation presents radically different learning preferences than previous generations. Thus, educational institutions across the country should consider gamification as a pedagogical technique in the classroom. A study from the University of Limerick notes:
Gamified learning activities could become an integral part of flipped teaching environments. Their social, asynchronous nature can be used to prompt students to engage with pre-prepared content, while gamified learning activities can be used in the classroom to prompt student interaction and participation.
In watching our students engage with gamified activities, we see team-building blossom before our eyes. We see instant collaboration and problem-solving and critical thinking emerge. Those kinds of soft skills can’t always be taught in a traditional lecture-based setting and because of that, it is critical that we continue to offer a healthy mix of concept-driven learning with gamified learning opportunities to our students so that they can enter the workforce with a more holistic understanding of the industry.
Cybersecurity has become a captivating and engaging subject matter for students, which is fantastic as those words aren’t typically associated with the technical field.
“Wow, today we were introduced to Project Ares. Captivating is the best description I can think of. It is like ‘Call of Duty’ for cybersecurity.”
~ Divergence Academy Student, 24 years old
Fellow professors and instructors are looking for ways to make cybersecurity more interesting and attractive to students and we believe at Divergence, the gamified learning approach can help. It is an approachable way for students to engage with a field they may be completely unfamiliar with and it supports instructors by offering a course that students WANT to take.
“We notice an increase in student engagement in the classroom with the introduction of Project Ares. Gamification brings an element of intrigue and satisfaction to the learning experience.”
~ Beth Lahaie, Program Director
We hope our adoption and proven success of a blended learning approach is the nudge other institutions around the globe need to consider its power in building the next generation of cybersecurity professionals.