Malware and ransomware attacks on infrastructure, hospitals, financial services, and public utilities have increased dramatically over the last few years. As a result, there’s been a huge growth in demand for cybersecurity experts. But what does a cybersecurity specialist do?
They analyze networks, investigate security breaches, and design secure systems to prevent attacks. It’s a constant game of cat and mouse, as attacks become more brazen and the stakes go ever higher.
Companies, schools, and government agencies understand why cybersecurity is important, not just to their bottom line but to the people they serve.
In this Article
What Is Cybersecurity?
At its most basic definition, Cybersecurity protects networks, devices, and data from unauthorized access (hacking). These hacks take the form of malicious software (malware) that can upload code to a network and take over a computer operating system.
Hackers use this code to gain access to financial data, such as credit card information, healthcare data, or privacy data, such as Social Security numbers.
Viruses, Trojans, and Other Malware
Viruses and trojans (named after the Trojan Horse from the Iliad) are software programs designed to infiltrate a computer network. Once these bits of code gain entry into a network via a security vulnerability, hackers use them take over the network.
Trojans look like legitimate applications. Instead, they sit and hide, gathering data without being noticed, or waiting to be deployed.
A famous example of a trojan horse is Emotet, which hackers successfully used to steal millions of dollars from financial services companies.
Ransomware is a subset of malware that hackers use to hold a company hostage, demanding payment in exchange for giving access back to a company’s computer system. Companies that pay off the hackers may get their data back, or the hackers will increase the ransom. Their data may also be compromised. This is why many experts say companies shouldn’t pay ransom demands (although other experts advise otherwise).
A famous example of ransomware is WannaCry, which gained notoriety in 2017 and is still wreaking havoc to this day.
One of the most effective forms of hacking — and one that is very low-tech — is social engineering. Social engineering is when bad actors make personal connections with a person or people inside a company. They use these connections to gain trust and access to secure systems. Examples of social engineering include telling someone they forgot their badge and asking to be let in through an employee entrance. Hackers could also try to connect on social media and claim connections in common.
Phishing Emails and Texts
Phishing tactics rely on social engineering to get past users and into an organization. If a person clicks on a link in a text or email, the link captures their data or downloads a virus on their computer, infecting the network.
If you’ve ever gotten a text that you have been locked out of your Netflix or Amazon account, and you need to click a link to unlock it, that’s a phishing text!
Spear-phishing is a more sophisticated form of phishing. Spear-phishing targets victims more selectively based on shared interests, and is often harder to identify as a phish.
Denial of Service Attacks
Denial of service (DoS) attacks flood a company’s computer network, overwhelming its ability to process requests from customers and other users. A denial of service attack can cripple a company. Distributed denial of service attacks (DDoS) are conducted by more than one computer network acting in sync.
In 2015, the tech site GitHub was a victim of a DDoS attack that experts believe originated from Chinese hackers.
Why Is Cybersecurity Important?
We’ve all heard our IT departments telling us not to click on links in suspicious emails. We’ve gotten the texts that we’re locked out of our bank accounts. We might think that cyberattacks are part of modern life – and they are.
But there is a deeper and darker side of cyberattacks that experts say go beyond clumsy phishing emails. They say it’s these threats that answer the question of why cybersecurity is important.
The Internet of Things
We all have computers and smartphones, which have to be connected to the Internet to be useful. We know these devices are vulnerable. But what about your smartwatch or the computer inside your car? More and more of our appliances come with sensors that are connected to the Internet – home environment systems, appliances, manufacturing systems, and more.
This concept is called the Internet of Things (IoT), and there are many advantages. However, every time we connect a device to the Internet we add a node of vulnerability. For example:
- Automobiles. Car manufacturers have been incorporating computers for decades. However, automotive experts warn that cars are already the next ransomware target.
- Home security systems. High-tech security systems are supposed to protect our homes. Unfortunately, there have been incidents of hackers gaining access to people’s homes through their security systems.
- Hospitals. Healthcare systems have been moving toward IoT technology for a few years now. However, experts are concerned that it makes hospitals even more vulnerable to cyberattack.
- Industry. Manufacturers can track products from raw materials and parts to the final product. Farmers can use sensors to track rainfall and other statistics. As with the other examples, however, if there is a breach or a failure, all interconnected systems can be impacted.
State-Sponsored Cyber Attacks
National security experts all speak of the dangers of state-sponsored cyber attacks. These attacks range from penetrating into financial services companies to seeking to destabilize governments. Mass transit and public utilities are uniquely vulnerable to cyber attacks.
Russia, China, and North Korea are among the biggest threats, according to experts.
- North Korea. The U.S. Department of Justice indicted three North Korean hackers in attacks that stole more than $1.3 billion from organizations worldwide.
- China. Chinese hackers stole $20 million in U.S. COVID relief benefits.
- Russia. The FBI identified a dozen Russians, including military personnel, as interfering in the 2016 presidential elections.
These are just a few of the reasons that cybersecurity experts are in high demand. Their expertise is a defense against more than just financial losses, which are bad enough. They can help protect against attacks on health, safety, and welfare.
Top Cybersecurity Skills
At the very core of what cybersecurity specialists do is to analyze an organization’s vulnerability to a cyberattack. They identify weaknesses, design secure systems, and conduct investigations into attacks.
Secure System Design
First and foremost, specialists have to be experts in designing secure systems. Then, they have to continually evaluate and update hardware and software to stay ahead of malicious attacks. Cybersecurity experts are responsible for security planning and policy. They have to make sure that everyone in the organization, from the executive suite to staff, understands the importance of data security.
Cybersecurity experts have a deep understanding of networking hardware and software. This is the first step toward ensuring the safety and integrity of an organization and customers.
Penetration Testing and Investigation
A large part of an IT department’s responsibilities is penetration testing. Organizations conduct attacks on their own infrastructure to find weaknesses before hackers do. They can use that information to shore up their defenses. Additionally, cybersecurity specialists are also responsible for investigating attacks. They report attacks to law enforcement and work with authorities to identify the perpetrators.
Legal and Ethical Understanding
Cybersecurity experts must also have a solid background in the legal and ethical problems surrounding cyber incidents. Companies that don’t take security seriously risk legal action from their customers whose data may be compromised. Cyber attacks can cause risks to the greater community. An effective cybersecurity specialist understands all of these complex issues and can advise their companies accordingly.
Demand for Cybersecurity Experts
Demand for cybersecurity experts should grow 35% over the next 10 years, according to government data. In Central Texas, the starting salary for a cybersecurity expert is around $66,000, according to Salary.com.
However, salaries will range depending on years of experience, the industry, and the skills people bring to the table.
Education and Training for Cybersecurity Specialists
Cybersecurity is not a one size fits all job title. Every industry requires different skills. From bug hunter to CISO (chief information security officer), jobs in cybersecurity take on various roles.
Many entry-level positions just require an associate degree, indicating that an employee has the basic skills needed to begin their career. However, the more education a person has, the more opportunities open up.
A bachelor degree in cybersecurity provides a more in-depth education for students who are excited about defending a company against cyber threats, investigating breaches, and designing secure systems.
Explore ACC’s Bachelor Degree in Cybersecurity
Are you ready for a deep dive into cybersecurity? Austin Community College’s Bachelor of Applied Science (BAS) in Cybersecurity is designed to move students from an associate degree to a bachelor’s – fast. You’ll learn everything you need to take on the job of fighting the bad guys. Find out more today.Back to Top