It’s a great time to be a cybersecurity professional.
Illinois State University senior Justice Cassel graduates this spring with a degree in information security, also known as cybersecurity. Companies are clamoring to hire young IT professionals like Cassel with experience protecting vulnerable systems from hacker attacks. Weeks from graduation, the 21-year-old Cassel isn’t worried about finding any job; he’ll choose the company that’s the right fit for him.
“I don’t know anyone here at ISU who doesn’t have at least one job offer from a decent company that they want to go to,” the Peoria native said. “It’s an awesome, awesome time for us.”
“If we can get them out into the industry with a security mindset, the companies on the hiring end are going to love that.” —David Nolan
Companies and governments are staffing up to protect themselves against data breaches, which can be costly. A well-regarded study by Verizon in 2015 estimated a breach of 1,000,000 records will cost more than $1.2 million on average to remedy. The number of information security analyst jobs in the U.S. is projected to grow 18 percent between 2014 and 2024, much faster than other jobs, according to the Bureau of Labor Statistics.
Ready to meet that demand is Illinois State’s School of Information Technology, a nationally recognized leader in cybersecurity education with 125 students in its rapidly growing information assurance and security sequence. A new cybersecurity major—with room for more students—is expected to launch in fall 2017.
“Security is fun,” said David Nolan ’06, who protects Caterpillar’s systems as a security engineer and also serves on the School of Information Technology’s Business and Industry Advisory Council.
“Security professionals have that hacker mindset: How can I dissect this, break it, or make it better? That’s where the creativity comes into play. That’s where the fun comes in,” said Nolan.
Beyond the classroom
Faculty, students, and alumni say outside-the-classroom experiences such as ISU Security Club (ISUSEC) and business-backed hacking competitions also set Illinois State apart.
ISUSEC, a student organization, has excelled at collegiate and professional hacking competitions for years. Those events, which typically test someone’s offense or defensive hacking skills, supplement coursework by encouraging students to share techniques and tricks among themselves.
ISUSEC students also support the School of Information Technology’s annual cyberdefense competition for Illinois high school students, now in its 5th year.
“ISUSEC gives students a chance to do things they want to do that we either don’t have time or reason to do in class,” said Associate Professor Glen Sagers, an ISUSEC advisor. “It’s been a good relationship.”
ISU’s students are on the radar of major employers such as State Farm Insurance, which recently sponsored the student-run Redbird Hacks “hackathon” at Milner Library. The Bloomington-based company also hosted a high-tech game of “capture the flag” for ISU students last November.
Cassel, the graduating senior, took second place in State Farm’s event. It wasn’t his first rodeo.
Cassel finished high school early and got a cybersecurity job at Caterpillar at age 16, first doing penetration testing (also known as ethical hacking) and later working on Cat’s response team. As Cassel finishes his degree, he’s doing freelance work for big companies that pay him to find vulnerabilities in their systems. United even pays him in airlines miles.
He praised his ISU professors for giving him space to pursue outside work while also empowering him to complete IT research. He even presented at this month’s University Research Symposium.
“You’ll never learn everything you need to know by taking classes,” Cassel said.
Recognition from NSA
It’s not just companies that need cybersecurity expertise.
Illinois State’s Center for Information Assurance and Security Education (CIASE) is designated as a National Center of Academic Excellence in Cyber Defense Education by the National Security Agency and the Department of Homeland Security. Associate Professor Doug Twitchell is CIASE’s director.
The national designation ranks ISU among the top U.S. institutions for information assurance and cybersecurity education. It also makes available student scholarships and grants.
“It really helps us to be more visible,” said Mary Elaine Califf, director of the School of Information Technology.
The new cybersecurity major is expected to include new classes focused on offensive and defensive security and incident response. By adding more depth to the curriculum, graduates will be better able to land jobs that require IT security experience even for entry-level work, said Twitchell.
ISU’s curriculum has been shaped by the Business and Industry Advisory Council. Alumni like Nolan have stressed the need for security training across all IT majors—not just the security majors. A well-rounded developer can learn to build her app so securely that a breach is stopped before it starts.
“If we can get them out into the industry with a security mindset, the companies on the hiring end are going to love that,” said Nolan. (The new major includes a new elective on secure programming.)
All this comes as technology increasingly intersects with our daily lives. And at every turn—from the card reader at the grocery store to the Wi-Fi at the library—is the need for an IT security professional.
“The great part about IT security is not only is it fun, the job placement rate is high and they are well-paid jobs at the end of the day,” said Nolan. “It’s interesting, cool, and you’ll probably get a job that pays well.”
Ryan Denham can be reached at rmdenha@IllinoisState.edu.