Everything You Need to Know About Studying Cyber Security at Degree Level

Everything You Need to Know About Studying Cyber Security at Degree Level

You’re interested in pursuing a career in cybersecurity, but aren’t sure where to start. What does a career path look like? Compared to other established industries, cybersecurity is still in its infancy in the civilian sector, which means there isn’t a clearly defined path to enter this growing sector. Unlike other industries, however, this isn’t one where you get your degree, land a job and then coast through it. We’ve mentioned previously on Axiom Cyber how jobs in this field require you to be driven and constantly on top of the latest technology and trends.

As with all computer science related degrees, cybersecurity studies are heavily math-intensive, and as such require strong analytics and statistical analysis skills. Cyber security degrees that are offered are associate, bachelor’s, master’s and doctoral levels. An associate degree will prepare you for entry-level positions related to support, programming, help-desk IT, and basic network administration. A bachelor’s degree will build on that knowledge to open up mid to upper level positions by providing you with skills in software development, network security, as well as forensics and tactics to defeat cyber-crime. Cyber Security Degrees website reveals that with a master’s degree you will be prepared for more senior level positions, or able to step into mid-level roles with less experience.

While it’s possible to find entry or mid-entry level positions with an associate or bachelor’s degree, many employers, like government agencies and established corporations, will require candidates to have a master’s degree in cybersecurity. In their feature on cybersecurity career paths, Learn How To Become notes that a master’s degree provides advanced instruction on protecting computer networks. While it will take an extra one or two years to complete, it does provide you with better skills to tackle network security defense techniques and countermeasures. A master’s degree also allows you to specialize in areas like cryptography, digital forensics and risk analysis among others.

Degree programs are available both in class or exclusively online, with the latter a convenient option adaptable around work and family schedules. Online degrees also allow you to work at your own pace without the need to attend classes every day. Maryville University breaks down how a master’s degree in cybersecurity also has a big return on investment, with top earners receiving six-figure salaries. Therefore, a master’s degree in cybersecurity can help you land management level or even C-suite positions, with companies offering better sign-on bonuses, relocation pay, and free medical insurance. You can later further your education by pursuing a doctoral degree, which will prepare you for leadership roles and allow you to innovate new solutions.

Even if you’re not in a tech position currently, VP of cybersecurity at IT security firm Infoblox, Rod Rasmussen recommends that you should start learning IT fundamentals on your own. Self-directed learning and experimentation are critical. Once you have that, build on that knowledge by applying for a degree program and complete certifications. Many established cybersecurity analysts got their start working in entry-level IT jobs and amassed experience in positions like network administration or programming. They studied on their own, then went on to complete degree programs and various certifications, to allow them to learn new skills and stay abreast of new technologies and security measures.

Article intended only for the use of axiomcyber.com

Submitted by HackersAway18

7 Cybersecurity Threats Every K-12 School Faces

7 Cybersecurity Threats Every K-12 School Faces

Ransomware. DDoS. Phishing. Identify theft.

Sadly, schools across the United States are becoming very familiar with these terms. In fact, recent research indicates that K-12 institutions will have the highest rate of ransomware attacks of any industry in the coming years.

For example, the release of sensitive student and teacher information can lead to identity theft. A hacker’s encryption of students’ grades and teachers’ lesson plans can lead to loss of productivity (especially if they are not backed up) and thousands of taxpayer dollars being spent to replicate data that is gone.

As you to turn to the 2018-19 school year, this is your opportunity to make cybersecurity a budget priority. Here are seven reasons why it’s important:

  1. Clickbait.
    The email may look legitimate but unfortunately, it is not. Embedded in the text is a hyperlink that sends you to a malicious site. This link has now taken down your school’s system.Solution: Ensure every employee has the highest email filter settings for spam, phishing and executable files. Employees should also be trained on what suspicious emails look like and always report suspected emails to the IT department.
  2. Outdated Technology.
    Your school may feel they need to hold onto computers and tablets until they break. The problem with this plan is they may not support the current operating system, which opens you up to a cybersecurity breach.Solution: Do a complete inventory of all your computer equipment. Make certain it runs iOS 11.3.1 for iPhones/iPads, macOS 10.13.4 for Mac computers and Windows 10 for PCs. For all devices that do not support these versions, disengage them from your network today. Purchase new devices to replace them before or during the next fiscal year.
  3. Not Paying Attention to Patches.
    All operating systems require patches from time to time.Solution: When your computer tells you updates are needed, complete them within a few hours. It will require a restart however, many patches have security updates within them.
  4. User Error.
    When users are allowed access to sensitive and/or confidential data, there is always a risk for exposure.Solution: Partition student, administration and public networks. Practice whitelisting which allows only a handful of individuals into the classified information, blocking nonessential personnel from that data.
  5. Allowing Weak Passwords and not having a Change Policy.
    Passwords less than 14 characters are problematic and/or not enforcing changes of the passwords can lead hackers right to your data’s door.Solution: Make strong passwords a norm, along with two-factor authentication. Provide an automated system that requires password change every 60- to 90-days.
  6. No tools.
    Its time to think of your school network, more like a bank. These financial institutions have a vault, security guards and cameras – different methods to keep your money safe. The same goes for cybersecurity. You need the right tools to keep all the data out of the hands of hackers.Solution: From Mobile Device Management to cybersecurity audit and monitoring, speak to a cybersecurity expert for a full understanding of the best tools for your school system.
  7. Vulnerability testing is nonexistent.
    Without continuous checking, hackers will continue to try and access your data. 

Solution: Initially, you need a cybersecurity organization to analyze the vulnerabilities in your network and recommend fixes. Once those solutions are in place, its vital to have 24/7 monitoring of your network to ensure your data is safe.

Start a Conversation with Axiom Cyber Solutions

We can protect your school from cyberthreats at a very reasonable cost! Give us a call at (800) 519-5070 today to learn more about our offerings!

S.T.E.M Careers: Growing Towards the Future

S.T.E.M Careers: Growing Towards the Future

S.T.E.M. Education

Many people have heard of the STEM program but not everyone knows exactly what it entails. STEM is a curriculum based on the idea of educating students in four specific and critical areas — science, technology, engineering, and math — however, STEM does not separate these subjects to be taught individually, rather they are integrated into a cohesive program that teaches the subjects together as compliments to one another. One key point that the program is praised for is its use of real-world applications to train these students for their future careers — making it one of the most successful programs resulting in some of the best-prepared students facing the workforce upon graduation.

More often than not58, people think of high school or even college as the starting point for such technical and complex education to begin, but many schools have incorporated STEM into classes to some degree from kindergarten on up through high school! Of course, it is much more basic at the lower grades, but by including it in the curriculum in students’ education from the beginning and adding to it incrementally as they grow, students will be much more interested in the subjects included in STEM. In addition to this, they will be able to notice the correlation between these subjects, which will possibly result in higher numbers of these individuals choosing STEM-related careers. As you can see to the left, 58% of people currently working in STEM decided on this career path prior to graduating high school, meaning that early teaching is critical in creating future workers interested in STEM.

 

S.T.E.M. Careers

STEM is the second fastest-growing industry, second only to healthcare, with an expected 8.6 million jobs available in the field by 2018. Not only are graduates of STEM-related majors some of the highest paid young professionals right out of college, but they also get those high-paying jobs rather quickly following graduation. While these facts may be enticing, it is important for individuals to know about some of the potential successful careers they could have in their main area of interest when it comes to STEM.

Science & Engineering

Science and engineering careers are the most related when it comes to the workforce and make up 6 of the top 10 careers in STEM including civil engineering, environmental engineering technology, nuclear engineering technology, computer engineering (also related to technology), petroleum technology, and marine sciences. Among the requirements for these careers are strong problem solving skills, chemistry, basic math skills, and deductive and mathematical reasoning.

Mathematics

Mathematics itself, while an integral element in each of these careers, is not well represented in this top 10 list, making up only one of the listed STEM jobs. Despite this face, Mathematics encompasses a multitude of industries such as statistics, actuarial sciences, economics, and more that differentiate it from its fellow STEM categories. Required skills for mathematically related jobs include deductive and mathematical reasoning, problem solving skills, and facility with numbers. If you love numbers and are interested in STEM, this might be the career path for you.

While science, engineering, and mathematics combine to make up the majority of the top jobs in STEM, technology is one of the fastest growing of these already rapidly rising industries and it affects its STEM counterparts significantly.

Technology

Advancements in existing technology, like smart-phones and computers, as well as the development of new technologies, such as IoT devices and connected car security, make it very apparent that a career in technology has a bright outlook for the future. Jobs are becoming much more technical now and require a better understanding of technology, so STEM programs have been more heavily emphasizing this segment of STEM in recent years.

Of Monster’s top 10 most valuable STEM careers, there are four related to technology: computer and information services, computer engineering (also related to engineering), computer programming, and the #1 most valuable STEM career: information technology. For these careers, there are multiple job titles including Information Security Analyst, Computer Systems Analyst, and Web Developer, among others. These jobs not only require knowledge of the latest technology, high analytical and developmental skills, and logical thinking, but a person seeking one of these jobs must be goal-oriented, passionate, and dedicated to advancing technology and growing the industry as he or she rises throughout a career in tech.

A common misconception about STEM is that it is all about the technical and analytical side of these complex careers, but STEM workers are also creators, innovators, and ground-breakers for the futures of each of their industries. Another fallacy surrounding STEM is that a student must receive traditional training and education in order to gain a successful career in STEM; however, there are alternative ways into a career in these fields.

Alternative Routes to a career in STEM

Many people may look at the training and schooling necessary to attain a STEM-related degree and think that it is not affordable for them or the resources necessary to achieve such certifications required for their future careers are out of reach; however, there are companies out there that try and alleviate these fears by offering alternative routes for those individuals who are interested in a career in technology, but choose to go a different route to get there.

Axiom had the privilege earlier this year to work with IT Works, a Tech Impact program that offers free, immersive IT training to young adults– motivated high school graduates, age 18-26 years old, who have not yet completed a Bachelor’s degree. As part of the 16-week training program, an IT Works student named William Lewis, completed a 5-week internship with Axiom and you can read about his experience interning for Axiom through IT Works here. A career in STEM is not necessarily about going to the highest ranked technology school, but being motivated enough to find your own way to where you want to be in your career, with them help of some companies out there who can get you where you’re headed.

Why S.T.E.M.?

In case you’re still on the fence as to whether or not STEM education and careers are important, the National Science Foundation has this to say on the subject:

“In the 21st century, scientific and technological innovations have become increasingly important as we face the benefits and challenges of both globalization and a knowledge-based economy. To succeed in this new information-based and highly technological society, students need to develop their capabilities in STEM to levels much beyond what was considered acceptable in the past.”

With such a revolution in science, technology, engineering, and mathematics, the modern world is in great need of such advanced, pioneering minds as those interested in having an impact on these crucial subjects.

If you’re interested in learning more about STEM careers, please contact Axiom at https://www.axiomcyber.com/ to speak to one of our IT professionals about a career in tech. If you are in need of a different route of gaining technological experience and qualifications, please visit http://techimpact.org/ to learn more about their available programs for innovative and motivated individuals.

Hailey R. Carlson | Axiom Cyber Solutions | 9/16/2016

Image Source

Back-to-School Cybersecurity: What College Students Need to Know

Back-to-School Cybersecurity: What College Students Need to Know

“It’s that time of year again.”

Everyone is so original with their ad campaigns around this time of year. Nevertheless, August means that millions of students across the country will be going back to school. Among them, an astonishing 20.5 million university and college students will or already have started back in full force for the Fall 2016 semester in the U.S. alone. From seniors itching to graduate to wide-eyed freshmen trying to take it all in, universities are about to be jam packed with bodies eager to learn and have fun.

Amid the countless things packed in the bags of these students, a laptop, tablet, or some other sort of computer is essential for almost every single class, be it in-class or online. While the online components of college classes allow for more open communication between students, peers, and professors, there are some drawbacks to having all of these people online. Even though college-age students are generally more tech savvy than most other demographics, hackers and cybercriminals are targeting both the students and institutions alike more and more aggressively and there is a myriad of cyber threats that are trying to hurt or steal these students’ personal information.

Unsecured Public Wi-Fi Connections

While it is an incredibly convenient thing for students to be able to be connected on campus via free Wi-Fi, it could also potentially be extremely dangerous. The use of any public Wi-Fi connection, be it at the library, coffee shop, or anywhere else on or around campus, can be very risky because these networks are very rarely secured properly and consequently are a big target for cyberattack. Due of the openness of the connection, almost anyone who knows how could view what you are doing online while you’re connected.

The best way to avoid this threat is to not use unsecured public Wi-Fi. While this is a nice thought, it is not necessarily a realistic solution for all students, especially those that live on-campus. If you must use an insecure public Wi-Fi connection, make sure to not unveil any personal or financial information and only use secure, encrypted sites. Most universities do offer separate secure networks with a unique login for each student that is usually made up of either the individual’s student ID number, email address, or some other personal identifier. If your university offers such a connection, this is the best route to take.

Phishing Scams

Phishing attacks target different groups of people for different reasons. Email phishing scams that target college students are usually designed to try and steal personal information such as account names, passwords, and banking information.

The threat of phishing has been a big issue for North Carolina State University for several years now. N.C. State has seen rather targeted attacks where cybercriminals have performed reconnaissance to make their messages seem more realistic to students. Scammers have created virtually perfect copies of multiple N.C. State login pages with reference to the university and other specifics related to specific students’ involvement. With hackers working diligently to make their schemes appear legitimate, it is extremely important that students take defensive action against phishing scams into their own hands.

The first defense against phishing attacks is knowing how to identify them. If the message has an urgent request or is poorly worded, it is likely to be a phishing email. One thing that is fairly consistent in all emails of this nature is that they include a malicious link that appears to be legitimate. Students can verify the authenticity of a link by hovering his/her mouse over it. Scammers want to appear as true-to-the-original as possible, and will often use logos they find online. Examine these images to see if they are of the professional quality that your university would actually use, and this could be helpful in indicating a false sender.

The best plan of attack for combatting phishing emails is to not open any email from a strange, unrecognized source and report the incident to your university immediately so that your peers do not fall victim to this same scam.

Sextortion and Webcam Hacking

While it is pretty scary to lose your important personal and financial data, it is even more terrifying to have a cybercriminal harassing you by threatening to expose sexually explicit photos of you all over the internet unless you pay up or give them more photos. This cybercrime is called sextortion and some of its primarily targets are young people, specifically young women.

In May of this year, two students at George Mason University in Virginia reported to police that they were the victims of sextortion. Both victims claimed that their respective “sextortionists” demanded a $5,000 payment in lieu of him exposing the compromising photos online. This is a threat that the FBI says is increasingly growing and is in desperate need of being stopped.

There are a few ways to help combat this cybercrime:

  • Don’t send explicit photos of yourself to anyone.
  • Do not talk to people you don’t know personally online.
  • Turn off or cover your webcam when not in use—many cases of sextortion happen even if the victim has never sent out explicit photos. Hackers get into a person’s webcam and snap pictures without the target ever suspecting it. Just a piece of tape over the camera can be the difference between being safe or becoming a victim of sextortion.

Universities themselves are fighting cybercrimes like data breaches and ransomware that are targeting the student body as a whole—putting your and your classmates’ information in danger. Because of this, it is important for you to take your cybersecurity protection into your own hands. By taking a few simple steps, you can protect yourself against lurking hackers in a café, scammers trying to steal your information via phishing emails, and sextortionists who only want the worst out of you. When you protect your personal cybersecurity, you can truly enjoy the best years of your life without worrying about your personal data.

 

Hailey R. Carlson | Axiom Cyber Solutions | 8/25/2016

Image Source

Axiom Cyber Solutions Presenting Free Cyber Security Seminar

Axiom Cyber Solutions Presenting Free Cyber Security Seminar

Axiom Cyber Solutions will offer a free cyber security seminar at The Lead Team B2B Mixer Expo on Wednesday, May 31, 2016, at 6 p.m.

The expo, taking place at Palace Station Hotel and Casino, is designed to help small- to medium-sized businesses network, and more than 400 attendees are expected. Axiom Cyber Solutions is a co-sponsor of the expo.

“Cyber Security is critical for small businesses, as more than 70 percent of cyber attacks target them,” said Troy Wilkinson, CEO of Axiom Cyber Solutions. “So many small businesses still believe they are too small to face a cyber security breach, and our goal is to make business owners aware of the threat and protect them from the devastation a breach can cause.”

Troy founded Axiom Cyber Solutions a year ago with his wife Shannon, and the company now protects businesses across the country.

“Small business owners tend to think that they can’t afford cyber security, but we’re working to change that,” said Troy. “The cost of a cyber breach can be devastating to a small business. In fact, more than half of small businesses close within six months of a breach. We’re working to help more business owners understand that with Axiom comprehensive protection is easy and affordable.”

For more information about the The Lead Team B2b Mixer Expo and to get tickets, visit www.ltbusinessexpo.com

Employees: The biggest risk and defense in cyber crime

Employees: The biggest risk and defense in cyber crime

The news is full of stories about how computer networks are being infected by malware, trojans, viruses, and that nasty malware variant known as ransomware. Starting off as an innocent looking email with an attachment or link sent to someone in HR or Finance, an independent consultant, even the business owner, and ending with the encryption of the business’ networks or a data breach. The news loves to harp on the fact that the human factor is the biggest risk in cyber security but they often do not talk about how humans are also the best defenders against cyber crime.

You can’t just rely on one person in a 10-person company; everyone needs to have a good understanding of cybersecurity and what the risks are for the organization.

Patricia (Pat) Toth

Supervisory Computer Scientist, NIST

 

Employee education is one of the best ways to defend against malicious activity. Letting your staff know what a phishing email looks like, why they should not enable macros on files they receive by email, and just overall being smart about how they use the internet are all steps in a positive direction for businesses who take cyber security seriously. Firewalls, endpoint protection, SIEM, that’s all great but unless you also pay attention to the inside of the business, the threats and damage will continue to occur.

Four in ten organisations had experienced insider damage at least quarterly in 2015.

Information Age, 2016

Start with Employee Orientation: Incorporating data protection and cyber security best practices into new employee orientation and annual training is a great place for businesses to start hardening their inside defenses. Nearly all companies handle sensitive data, whether from employees to customers, so outlining safe data practices in the employee handbook and giving employees guidelines on how to safely handle data could be the difference between a W-2 phishing scheme that reveals sensitive data about your employees to a hacker and keeping that data secure.

Passwords: Seems like a no-brainer but organizations continue to struggle with password expiry, complexity, and even forcing their IT professionals/admins to change their passwords on a regular basis. A survey during the RSA security conference found that 55% of admins make users change their passwords more regularly than they change their administrative credentials. And believe it or not, 123456 and password still top the list as the most popular passwords still in use.

Safe Data Handling: Employees need to be aware of ways to safely handle data. Whether it’s encrypting sensitive data sent by email or shredding sensitive data on paper, employees need to be told how to handle data.  Employees also need to know the process for assisting people who call for assistance. Kevin Roose from Fusion learned the hard way how easy it was to con a customer support representative into letting a hacker into his mobile phone account with the help of the recording of a crying baby and the hacker pretending to be his stressed-out wife.

See Something, Say Something: Employees should not be punished for asking for verification of requests emailed to them. Too often phishing schemes are successful as they appear to be coming from the highest levels of management and are labeled urgent. Employees should know the normal procedure for making such requests and management should put check-and-balances in place to ensure sensitive data and money do not leave the organization without some form of verification. Those in Accounting should be told that the CEO, COO, etc will not email and tell them to wire money to a vendor without a verbal confirmation (and if that is not the procedure, the business should consider it or else be at risk for failing victim to a common phishing scheme!) And HR departments need to know that they won’t receive email requests for sensitive employee information either.

Cybersecurity Lunch & Learn

Cybersecurity Lunch & Learn

Last month we hosted a Cybersecurity Lunch and Learn for Small Business Owners with some of our local partners, Orbis Solutions Inc, ViaWest, and Alpine Insurance.

There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.

John Chambers, CEO of Cisco

We have seen a dramatic increase in the number of small and medium sized businesses falling victim to ransomware, phishing, malware and a variety of other nasty cybercrimes.

71 percent of cyber-attacks occur at businesses with fewer than 100 employees.

US House Small Business Committee, 2015

 

Besides giving small business owners an awareness that they are a target, getting protected is not an impossible task. There are easy ways for small businesses to get the same type of cybersecurity protection that large enterprises have.

 

If you are a business owner or executive that wants to know how to get cybersecurity protection, join us for our next lunch & learn scheduled for May 18th. Call our offices at 800-519-5070, Ext 1000 and RSVP today. Space is limited.