In its simplest abstraction, the world of cybersecurity is a story of good guys (the cybersecurity experts) versus bad guys (the people who aim to sabotage our networks or steal information).
Of course, they’re not always guys.
“I was always interested in that balance of giving people access while keeping things secure,” says Brittney Bukartek, 23, of Centreville, Va., who’s earning her master’s degree in information technology with a focus on cybersecurity at Marymount University. She’s among a growing number of women and minorities poised to enter a field that is trying to shed its white, male reputation. Women make up about 28 percent of the total science and engineering workforce, and minorities comprise 29 percent, according to the National Science Foundation. Women represent about 25 percent of Marymount’s information technology programs, says Diane Murphy, chairwoman of the department at Marymount.
But things are changing at Marymount and at other schools that offer cybersecurity degrees — including the University of Maryland and George Washington University. Many of these programs have their eyes on boosting diversity in the cybersecurity field.
“Security is so multifaceted — you have the policy side, the technical side [and also] communicating with different people about what’s going on,” Bukartek says. “Women and minorities all have different skills and different ways to perceive things that can be beneficial and that may not have been thought about before.”
A Visible Gap
“In the cybersecurity field, every time you go to a meeting, you’re conscious of how few women and how few minorities are there,” says Murphy, whose department has a new master’s program focusing on cybersecurity. “It’s pretty much a white male group.”
Kim Lawson-Jenkins, 54, of Boyds, Md., earned a professional degree in computer science, concentrating in computer security, from George Washington in 2006. Lawson-Jenkins, who works in computer security for the U.S. Naval Research Laboratory, says that when she attends technical conferences, it’s not unusual for her to be the only African-American there, and one of few women.
That’s changing, but slowly. While at a late-July information security conference, Nanci Gandy, 36, of Falls Church, who’s in the Army and earning her master’s in cybersecurity from the University of Maryland, noticed “an incredibly diverse group of women here — I don’t think it’s so much a closed field as it used to be.”
A Helping Hand
One of the programs aiming to change the face of cybersecurity is CyberCorps (sfs.opm.gov). It’s a full-ride, government-funded scholarship available at George Washington and Marymount, along with nearly 50 institutions across the country. The program encourages institutions to focus on recruiting underrepresented U.S. citizens such as women, minorities, low-income students and veterans in order to diversify the workforce.
In the past fiscal year, about $40 million in CyberCorps grants went to 47 universities, according to Victor Piotrowski, lead program director for CyberCorps at the National Science Foundation. The scholarship program, which is funded by the foundation, has gone to some 1,900 students since 2000.
“The goal is basically to improve the federal workforce in cybersecurity,” says Lance Hoffman, computer science professor and director of the Cyber Security Policy and Research Institute at George Washington, which counts a dozen underrepresented men and 21 women among its 70 CyberCorps graduates since 2003.
In return for their full-tuition scholarships — plus money for books, room and board, and stipends — CyberCorps students are required to work for the government for the same number of years they received the scholarship for. Many CyberCorps students have gone on to work at the CIA, the State Department, the Air Force, the Department of Homeland Security and other agencies.
In addition to financial assistance programs such as CyberCorp, many programs aim to get women and minorities interested in cybersecurity early. The University of Maryland runs workshops and camps to get middle and high school girls interested in cybersecurity. Michel Cukier, associate director of Cybersecurity Education Activities, says that parents of two high school girls attending a University of Maryland cybersecurity summer camp recently emailed that the girls want to study it in college.
“We need to try to encourage [students] much earlier to take math, and algebra, and to think logically,” says Lawson-Jenkins, whose interest started in an elementary school math club. “We need to make it really cool to be a geek.”
Cybersecurity Powers Unite!
Cyberattackers are getting smarter, Gandy says, “and the level of intelligence that goes into some of the things they bring about is really kind of awe-inspiring.”
That means that thwarting villainous hackers and attackers will require diverse groups working together. With a diverse field, the solutions are more creative, innovative and original, Cukier says.
“Diversity in all things is incredibly important,” Gandy says. “If everyone thinks the same, you have absolutely no chance of breaking through the way attackers think. Through all those differences, you come together with some really wonderful solutions.”
Making the Web a Safer Place
Our emails, purchases and exchanges aren’t always as secure on the Internet as we think they are. “Nowadays, people can hack any normal system within five seconds,” says Marymount CyberCorps undergraduate Nam Nguyen, 21, of Falls Church, who was an information technology specialist in the Army. Take the encryption on your home wireless network for instance, he says. If you set it to an older function, someone could hack in within seconds.
Some parts of the Internet are more secure than others, says Lance Hoffman, computer science professor and director of the Cyber Security Policy and Research Institute at George Washington University. And as devices around the home and office become networked together, there’s more opportunity for trouble. “People typically go for utility and efficiency first and worry about security and privacy later, which can have disastrous consequences,” Hoffman says.
As the cybersecurity field grows and diversifies, it will help make average Internet users more secure without complicated settings or programs. And at the same time, our technology will evolve. In the future, cybersecurity professionals will have to figure out how to secure such things as tiny ingestible computers, computerized cars and even computerized clothing.
“There are big issues of data protection and privacy as well as security,” Hoffman says. “It takes awhile for new technology first to get the bugs out, then become a commonly used good.”