Sacramento’s chief innovation officer, Louis Stewart, originally posted this commentary on his blog, MeetMrStewart.com. It’s reprinted here with his permission.
Early on, many thought cybersecurity was only important for techies. When I was in high school, computers were becoming a household item, and I tried to copy what I saw on TV and in movies … trying to use my Texas Instrument modem to access systems. I had no idea I was trying to hack anything, nor did I know what I was doing in any way.
Cybersecurity was originally viewed by corporate leadership to be the sole domain of the IT department. This meant as long as antivirus tools and packages were in place, companies felt they had nothing to fear in regard to cybersecurity. Around this time, I became a system administrator and an IT director. It was my initial introduction to cybersecurity and all the threats out there. I was taught everything on the job. I didn’t know how to or have the funds to access the appropriate certifications back then.
In my role at GOBiz, I had the opportunity to get briefings about cybersecurity from Sandia National Labs. They always managed to blow my mind, and I left there with many new shareable nuggets. Their internship program was cool. University students from around the country applied to this elite program. I was so inspired I helped lead the efforts to create the first and only statewide high school cybersecurity competition as part of Cyber California. The intent, if I had stayed, was to connect the top high school teams with Sandia and industry leaders to begin establishing a pathway for cyber professionals in the state. I was a little before my time, even a few years ago.
Today, cybersecurity affects nearly everything we do, from our phones to our personal assistants to our credit to autonomous cars and our streetlights. Nearly everyone realizes the significance of cybersecurity.
The industry landscape has changed drastically. Living in a technologically advanced digital world, no one can afford to take cybersecurity for granted. Headlines shout the news of the latest attack in which cybercriminals breached security protocols to steal your personal information, passwords and Social Security numbers. Meanwhile, hackers gather proprietary company information from the cloud. All information seems quite vulnerable, with numerous reports springing up daily highlighting the theft of private information for a growing number of the world’s citizens, businesses, organizations and governments.
Cybersecurity Is Key
For everyone, keeping information safe has become priority one, which means enhanced cybersecurity. Cybersecurity by definition is the technology which protects computer systems and electronic data. When systems are hacked, companies not only lose confidential data, they also lose their customers' trust, and often find themselves in legal trouble. As the advance of technology marches forward with autonomous vehicles, internet-enabled smart homes, and the rise of Smart Cities, cybercrime takes an even more heinous position.
Everyone is at risk and everyone needs protection from the potential threats of hackers. We live in a truly connected world, so we also owe responsibility to not only ensure our own safety but also the safety of those with whom we interact. The challenges we face are many, including the following:
- The Cost of Security Breaches — Cybersecurity breaches are costly affairs for businesses and their customers – including the financial losses and the losses to business’ goodwill. It is estimated that the cost of security spending in 2019 surpassed $124 billion.
- Highly Sophisticated Hackers and Hacking Tools — Highly sophisticated hackers and widely accessible state-of-the-art hacking tools continue to simplify cybercrime, increasing the need for cybersecurity.
- The Internet of Things (IoT) — The rapid growth of IoT continues to enhance our lives, but also creates greater complications, exposing our mobile devices (smart phones and tablets) to even greater threats of security breaches.
- Tougher Government Regulations — The General Data Protection Regulation (GDPR) requires businesses and firms to implement cybersecurity measures and ensure safety of personal data.
All applications dependent on the internet for communication purposes are liable for security breaches including email, text and phone messages, direct messages, etc., which then puts Social Security numbers, tax and license records, medical records, educational records, financial accounts, transportation systems, home security systems, and more at risk. The result: The global economy demands cybersecurity professionals in numbers greater than ever before. Right now, there are nearly 1 million cybersecurity jobs available globally, and that number will only continue to grow as the future becomes brighter for those in the industry.
Here is a sampling of career options in cybersecurity:
Chief Information Security Officer — CISO, or the chief information security officer, is a mid-executive level official who is responsible for general operations of a firm’s IT security department. The job title involves planning, correlating, and controlling various network, data, and computer security requirements within the business. They work with higher-level management and understand the distinct cybersecurity requirements of the company.
Computer Forensics Expert — A computer forensics expert is responsible for carrying out security incident probes, gathering and inspecting data from various devices, assembling proof for legal purposes, and recommending law proceedings based on the data recovered.
Network Security Engineer — This position involves managing the safety of the firm’s network software and hardware.
Information Security Analyst — An ISA is involved in safeguarding the computer networks and systems of the organization. This includes planning and execution of programs and steps (installation and use of software) for firewalls and data encoding.
Security Software Developer — Developing security software and integration of security into software applications during the process of designing and development is the responsibility of these tech professionals.
Penetration Tester — This job title involves hacking the computer network systems legally to uncover vulnerabilities in security protocols.
Security Architect — A senior-level position involving design, development, and supervision of the execution of network and computer security at a firm.
IT Security Consultant — The job requires meeting with clients and giving guidance on how to safeguard their firm’s cybersecurity efficiently and cost-effectively.
And one final pro tip before I close: All your passwords should be 12-13 characters long and include numbers, letters, and special characters. The more complex your passwords, the better. You should change your passwords every six to 12 months. I know it’s a pain ... but the reality is we live in a time where it is needed. If your passwords are nine characters or less, I estimate it has already been hacked. There are apps (I use oneSafe) to help you securely remember all your passwords.