Posted on 26 July 2010.
The numbers are sobering regarding threats to the confidentiality of personal and business information. In 2008, for example, more than 33 million records were exposed to possible identity theft, says one national organization. And if businesses want to improve performance in 2009, they need to have information systems (IS) security as a critical â€œto do,â€ says a leading information technology research firm.
â€œIf businesses donâ€™t jump in now, they will pay dearly later,â€ says Irena Kageorgis, program director forÂ information systems security at the online American Public University. Kageorgis has more than 20 years experience in the industry; she has seen the industry evolve from computer punch cards to todayâ€™s sophisticated information networks.
This priority on information security means strong career opportunities for professionals with the right knowledge and certifications. Hereâ€™s the outlook from the Bureau of Labor Statistics (BLS):
â€œDemand for computer security specialists will grow as businesses and government continue to invest heavily in â€œcyber security,â€ protecting vital computer networks and electronic infrastructures from attack. The information security field is expected to generate many new system administrator jobs over the next decade as firms across all industries place a high priority on safeguarding their data and systems.â€
More specifically, employment of network and computer systems administrators is expected to increase by 27 percent from 2006 to 2016. This is much faster than the average for all occupations, according to BLS. The jobs are good, with the average IT salary at about $74,000.
Preparing for information system security positions
Kageorgis says many professionals rely on experience to land good positions. However, an IS security degree — coupled with certifications — is often necessary for further advancement.
â€œOur online degree program helps our students gain critical management skills. These skills are necessary for earning higher-level management or even chief security or chief technology officer positions,â€ she says.
APU is part of the regionally accredited American Public University System. The university serves more than 40,000 students worldwide and offers more than 73 online undergraduate and graduate degree programs. Many students are in the military or hold national security and defense-affiliated positions.
Kageorgis and fellow professors lead students through a kind of information lifecycle â€“ discussing how to secure data while it is being stored, modified, transferred, maintained, etc. They challenge students to examine three critical areas:
- Security awareness
- â€œWe cannot secure systems if we are not aware of vulnerabilities or issues,â€ Kageorgis says. She asks students to use the same software programs they use on the job, such as Visio and other Microsoft Office programs, and industry-leading network security and detection tools. As they map out their networks and interfaces, students can see vulnerabilities, assess possible issues, propose solutions, and provide a plan for long-term security monitoring and management.
- Security protocols
- Kageorgis says proper documentation is often missing in many companyâ€™s security procedures.
- â€œWe strengthen technical documentation strategies through well-formed and well-formatted technical writing skills,â€ she says. â€œThis helps the IS team assess a problem and mitigate a solution within their systems; properly document the problem with its successful resolution; and provide end-to-end protection for their systems, data, and information.â€
- Security breach prevention
- â€œImplementing secure networks from the outset should be the goal of any IS security professional,â€ says Kageorgis.
The APU program integrates online discussions with coursework. Students exchange strategies and share opinions on industry topics. Kageorgis says APUS is unique in that many courses often include at least one student who has earned their Certified Information Systems Security Professional (CISSP) certification.
â€œThat level of knowledge and expertise raises the aptitude of the whole class,â€ she says. â€œItâ€™s almost like having another instructor in the classroom, sharing their opinions and perspectives.â€
APU offers such graduate courses as:
- Information assurance
- Information security management
- Computer networks and data systems
- Computer forensics
- Intrusion detection
- Incident handling
- Telecommunication and network security
Undergraduate courses include information, network, and computer security classes. Professors encourage students to earn certifications as they progress in their degree path. Kageorgis says she also looks for ways to raise the visibility of her studentsâ€™ expertise. For example, she encourages students who have written exceptional papers to submit them to prominent security magazines and journals.
â€œInformation systems security experts have many opportunities today, but they need to show current and prospective employers that their knowledge is current,â€ Kageorgis says. â€œPursuing a degree, earning certifications, participating in security associations â€“ these are all important ways to set yourself apart.â€