In a troubling spate of extortions, police departments across Maine have been forced to pay anonymous malicious hackers to spare department computer files from destruction, as was revealed by the standing undersecretary for intelligence of the U.S. Department of Homeland Security at that time.
At the Maine Partners in Emergency Preparedness Conference in Augusta in April 2016, DHS undersecretary for intelligence Chet Lunner told an audience of over 500 attendees that first responders in Maine and across the country are all too often top targets for cyber attacks. In addition, he noted that in the event of a massive cyber attack, fire alarms could cease to work, cell phone and radio networks could shut down, hospitals could be cut off from the outside world, and the sewage system could break down, along with countless other problems.
- Grand Canyon University - B.S. and M.S. in Cyber Security
- SNHU - B.S and M.S. in Cybersecurity
- Purdue Global - Bachelor of Science in Cybersecurity
- Arizona State University - Online Master of Arts in Global Security
The cybersecurity coordinator of the Maine Emergency Management Agency (MEMA), Cameron Wellman, noted that the agency does not currently have a robust plan of action to respond to cyberattacks. However, as Wellman explained, MEMA is in the process of writing cybersecurity response protocols. He said one challenge that is compounding this problem is that some rural areas of the state may only employ one information technology professional, while others have none.
These problems highlight the acute need for graduate-educated cyber security professionals to secure systems that if breeched have the potential to disrupt the lives of all state residents. All over the state, in government, the public sector, and the private sector alike, the number of jobs for cyber security analysts is growing at an unprecedented rate. According to job market analytics company Burning Glass Technologies, the number of job postings for cyber security professionals in Maine rose by 214 percent from 2010 through 2014.
In May 2016, Maine Senator Angus King introduced legislation that would require the president to clarify when a cyber attack has crossed the line and has become an official act of war. Entitled the Cyber Act of War Act of 2016, the legislation is being proposed by King and a fellow senator from South Dakota, Mike Rounds. King noted that the existing policy is unclear and needs to be solidified. This law would require the administration to define what constitutes an act of war in regards to the cyber domain. King says that such legislation would help the government more effectively respond to cyber attacks and prevent them from occurring in the first place.
Earning a Master’s Degree or Post-Bachelor’s Certificate in Cybersecurity in Maine
Universities that offer cybersecurity graduate programs that meet rigorous standards may earn recognization from the National Security Agency (NSA) and the Department of Homeland Security. These two designations applicable to schools that offer graduate programs are:
- CAE-CDE – National Center of Academic Excellence in Cyber Defense Education (qualifying colleges and universities offering bachelor’s, master’s, and graduate certificates)
- CAE-R – National Center of Academic Excellence in Cyber Defense Research (schools that participate in research initiatives and that integrate a strong research component into the curriculum of bachelor’s and graduate programs)
Employers of cybersecurity professionals may require applicants to hold a graduate degree or certificate from a designated school.
With no campus-based cybersecurity graduate programs that hold a DHS/NSA designation available in Maine, infosec graduate students in the state more often elect to attend designated online programs.
A master’s degree in cybersecurity consists of approximately 18 credits of core coursework and 18 credits of electives. A graduate certificate program may require from 12 to 15 credits of coursework, two of these credits being electives.
As of 2018, just one school in Maine holds the CAE-CDE designation:
University of Maine System
Common Admissions Requirements
Prior to admission to a graduate cybersecurity program, applicants must meet certain qualifications, which typically include:
- Hold a bachelor’s degree in computer science, information technology, engineering, mathematics or a related field
- Hold a minimum GPA of 3.0
- Some programs may require applicants to pass the Graduate Management Admission Test (GMAT) or the Graduate Record Exam (GRE)
- Provide three letters of recommendation (from persons familiar with the applicant’s academic qualifications)
- Essay or statement of purpose stating why an applicant wishes to apply to the cybersecurity graduate program
- Complete these prerequisite courses:
- Calculus (one year)
- One mathematics course past calculus (such as differential equations, discrete mathematics or linear algebra)
- Discrete structures (one course)
- Computer programming (one course, such as C++ or Java)
- Computer organization/structure (one course)
- Computer law and ethics (one course)
- Operating systems design (one course)
Some graduate-level cybersecurity programs will offer applicants undergraduate-level bridge courses to fulfill the above named prerequisites in math and computer science.
Program Objectives, Core Courses and Elective Options
Once completed, a graduate of a master’s degree or graduate certificate cybersecurity program should be able to:
- Understand the state of cybersecurity, both globally and nationally
- Develop and execute a cybersecurity strategy within a complex organization
- Make informed security risk decisions
- Understand technical and non-technical aspects of cybersecurity
- Understand major regulatory, legal and compliance cybersecurity frameworks
- Develop a plan for crisis management
While courses vary from one program to another, most graduate cybersecurity programs include core courses in the following subjects:
- Foundations of cyber security
- Contemporary security studies
- Cyber security risk management
- Cyber security research design
- Management and cyber security
- Scientific and technological dimensions of national security
- Computer network security
- Cyber intelligence
- Legal aspects and ethics in cyber security
- Designing and building a cybersecurity program
Elective courses that may be offered by a graduate cyber security degree or certificate program are:
- Network and systems administration
- Managing virtual systems
- Intrusion detection systems
- Cloud computing and cyber security
- Digital forensics
- Network infrastructures
Cybersecurity Boot Camps Get You Primed for a Master’s and Ready for Entry-Level Work
Get hands-on training in defensive and offensive cybersecurity, networking, systems, web technologies, and databases, and benefit from our CompTIA Partnership. Maintain your work or college schedule by studying part-time, only three days a week, with convenient evening and weekend hours. Click for more info:
– Northwestern Cybersecurity Boot Camp
– The Cybersecurity Boot Camp at UT Austin
Opportunities Available to Master’s-Prepared Cybersecurity Analysts and Specialists in Maine
Market research firm MarketsandMarkets has projected that cybersecurity spending will grow to $170.21 billion internationally by 2020. This number is an increase from 2015’s cybersecurity spending of $106.32 billion, and represents both cybersecurity technologies and services. They predict that North America will have the largest growth in cybersecurity spending and adoption over the next five years.
The following job listings (May 2016) reflect current job opportunities and offer insight into the numerous types of professional opportunities available to master’s-prepared cybersecurity graduates in Maine, but are not intended to imply any guarantee of employment:
Information Systems Security Architect, L.L. Bean- Freeport, ME
Responsibilities:
- Provide leadership in the development of security architecture
- Validate existing security architecture
- Develop security reference models and secure solutions
- Identify and analyze use cases, nonfunctional and functional security requirements
Requirements:
- Bachelor’s degree in computer science, information security or related field required; master’s degree preferred
- Ten years of experience
- At least one of the following certifications:
- Certified Information Security Systems Professional (CISSP)
- Certified Network Security Engineer (CNSE)
- Global Information Assurance Certification (GIAC)
- Certified Cloud Security Professional (CCSP)
- Experience with NIST, PCI or similar security framework
Cyber Security Engineer, Northcross Group- Portland, ME
Responsibilities:
- React to potential cyber security breaches
- Proactive network scanning to detect cyber security vulnerabilities
- Develop configuration baselines that implement correct cyber security settings
- Identify new cyber security tools and technologies to be implemented
Requirements:
- Bachelor’s degree in computer science or related technical field required, master’s degree preferred
- Five years of hands-on experience with cyber security devices or operations
- Relevant certification (Security+, GIAC, CISSP)
- Ability to obtain a secret security clearance
Threat Research Team Lead, Alert Logic Inc. – Belfast, ME
Responsibilities:
- Analyze, translate and document code behavior in a sandboxed environment
- Perform proactive research to identify and categorize new emerging threats, tactics, vulnerabilities, procedures and techniques used by actors
- Work with other employees, internal teams and customers to prepare and protect against emerging threats
- Provide training, leadership and expertise
Requirements:
- Graduate degree in computer science, electrical engineering or a related field
- Security certifications such as GCIA, CISSP, GCIH are preferred
- Experience with TOR/IC2 network use and setup required
- Experience with defensive tools such as WAF, IDS, SIEM technologies and content required
Information Security Analyst, Delhaize America- Scarborough, ME
Responsibilities:
- Monitor, identify, analyze and respond to cyber security threats
- Develop technical and process capabilities for operating new and existing cyber security solutions
- Manage, monitor and maintain multiple security technologies (syslog, IDS/IPS, file integrity, vulnerability scanners)
- Correlate and analyze vents using internal management system to detect information technology security incidents
Requirements:
- Bachelor’s degree in information systems or related field required, master’s degree preferred
- Five or more years of experience in information security monitoring, penetration testing, vulnerability assessment, cyber threat intelligence, or incident response
- Certification preferred (GCIH, GCEC, CCNA)
- In-depth knowledge of Windows/Unix operating system forensics, operations and event logging systems required