From the giants of finance on Wall Street to everyday people just trying to protect their digital identities while going about their online lives, no one is immune to cybercrime. Even Manhattan’s fashionistas have skin in the game, recently making an appeal to city government to strengthen cybersecurity measures to help keep their trade secrets under wraps as they unveiled their line of smart clothing and designer digital wearables at New York’s Fashion Week.
You’re never alone in New York, and sometimes that’s actually a good thing. In late 2018, the New York City Economic Development Corporation launched the $100 million Cyber NYC initiative with the goal of growing the City’s cybersecurity workforce and to help companies innovate while protecting networks and community spaces.
The initiative has established a literal presence outside of cyberspace, creating a Global Cyber Center to act as a co-working space for cybersecurity startups. But the incubation of ideas that drive a consortium of pen testers and network architects to try to get a company off the ground often starts even before they’ve earned their bachelor’s. As the place where the world’s biggest tech companies were born, college dorm rooms have famously become the proving grounds for billion dollar ideas. That’s why the initiative goes even further by brining in Columbia University for the Inventors to Founders program, developed to help student start-ups become commercially viable. And for the altruists out there who are more concerned with the capabilities of technology to keep people safe, the initiative’s Cybersecurity Moonshot Challenge hosted by the Mayor’s Office and NYC Cyber Command offers a forum for creating and deploying new information security technologies.
Cyber NYC focuses on hitting security problems at every level, from contributing to information clearing houses that strengthen the city’s cyberdefenses, to investing in education to increase the number of highly trained infosec professionals available to work in the industry. It’s a comprehensive effort that could serve as a model for other cities and creates some golden opportunities to get ready for a master’s in cybersecurity or to pivot out of college with your degree in hand so you can start putting your skills and ideas to work.
Earning a Master’s Degree or Graduate Certificate in Cybersecurity in New York
When you go into a master’s degree or graduate certificate program in cybersecurity, you’ll come out on the other side fully capable of architecting secure systems and monitoring the threats to those systems, while proactively implementing defense strategies, and providing risk assessments.
The National Security Agency and Department of Homeland Security offer two designation classifications applicable to schools that offer graduate programs in information security and cyber defense:
- CAE-CDE – National Center of Academic Excellence in Cyber Defense Education (qualifying colleges and universities offering bachelor’s, master’s, and graduate certificates)
- CAE-R – National Center of Academic Excellence in Cyber Defense Research (schools that participate in research initiatives and that integrate a strong research component into the curriculum of bachelor’s and graduate programs)
NSA/DHS designated online programs offer a level of flexibility not found through conventional campus-based programs. Through online problem modules that students complete at their own pace, discussion forums that allow for meaningful interactions with peers and professors, and mock threat simulations and response drills, distance learning programs offer an experience with all the rigor of a campus-based program… but none of the inconveniences like commuting and parking.
The typical master’s program in cybersecurity through an NSA/DHS designated school includes approximately 18 core and 18 elective credits, while graduate certificate programs typically include about 15 core credits and two electives.
The top cybersecurity graduate programs can be highly selective, mandating that applicants meet certain prerequisites before enrollment, including:
- Holding a bachelor’s degree in computer science, mathematics, information technology, engineering, science or a related field
- Maintaining a minimum GPA of 3.0 in an undergraduate program
- Passing scores on an entrance exam such as the Graduate Management Admission Test (GMAT) or the Graduate Record Exam (GRE)
- Writing a statement of purpose stating an applicant’s cybersecurity experience and reasons for applying to the graduate program
- Completing these prerequisite courses:
- One year of calculus
- One mathematics course beyond calculus (such as differential equations, discrete mathematics or linear algebra)
- One year of university-level science
- One course in data structures
- One course in high-level, general purpose computer programming (usually C++ or Java)
- Demonstration of a basic understanding of computer fundamentals like computer operation and organization and computer architecture
Graduate cybersecurity programs may admit students conditionally with the understanding that they complete undergraduate-level bridge courses to make up for any deficits in the prerequisites listed above.
Core Courses and Electives Found in Cybersecurity Master’s Programs
The typical graduate cybersecurity degree program will include the following core courses:
- Introduction to operating systems
- Computer networking
- Design/analysis of algorithms
- Information, security and privacy
- Network security
- Applied cryptography
- Application security
Graduate cybersecurity programs may offer electives that include:
- Computer architecture
- Penetration testing and vulnerability analysis
- Information systems security engineering and management
- Digital forensics
NSA and DHS Designated National Centers of Academic Excellence in New York
The following schools have met the rigorous criteria required to earn the NSA/DHS National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) designation for their master’s and post-bachelor’s certificate programs:
Pace University, School of CSIS
- Master of Science in Computer Science–Network Security Concentration
- Master of Science in Information Systems
Fordham University, Department of Computer and Information Science
New York Institute of Technology, School of Engineering and Computing Sciences
Rochester Institute of Technology, Department of Computing Security (Also holds the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
Syracuse University, Engineering and Computer Science (Also holds the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
University of Buffalo, the State University of New York, Computer Science and Engineering (Also holds the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
Utica College, School of Business and Justice Studies
- Master of Professional Studies in Cyber Policy and Risk Analysis
- Master of Science in Cybersecurity
- Cybersecurity Certificate Programs
Additionally, New York University, Tandon School of Engineering and University at Albany, the State University of New York hold the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.
Attending a Cybersecurity Bootcamp in NYC or Online to Prepare for a Master’s Program or a Career in Information Security
One of the most interesting features of Cyber NYC is the Cyber Boot Camp hosted by Fullstack Academy and LaGuardia Community College. It offers a practical, time-compressed education in entry-level cybersecurity skills designed to get qualified candidates into the workforce fast.
It’s not the only program of its kind, either. New York state as a whole is home to a lot of bootcamp-style IT-related training programs, with a wide variety of skill levels and specializations on offer that can make them a good choice for either someone looking for immediate employment in the industry or preparing to qualify for a master’s degree program.
Bootcamps tend to last from a few days to a few weeks, and put aside theoretical education in favor of hands-on, practical experience and training in how to secure systems and actively combat intrusions. They work with all the same tools currently used in real world cybersecurity, and often in virtual ranges that simulate exactly the kind of attacks you will see in the wild.
While companies like Fullstack have offered bootcamps for a while, now big name schools are getting in on the game. The Columbia Engineering Cybersecurity Boot Camp is one of these options, offered in New York City or online. Drawing from the deep expertise in the Columbia family, this entry-level program doesn’t have any stringent entry requirements beyond a phone interview. It lasts 24-weeks in a part-time format and offers hands-on training in networking, systems, web technologies, databases, and defensive and offensive cybersecurity. You’ll benefit from a wide range of career services to help equip you for success as you work to change career paths or advance in your current position.
That kind of knowledge can land you a job immediately, or strengthen your application if you’re looking to get into a master’s program.
Opportunities Available to Master’s-Prepared Cybersecurity Analysts and Specialists in New York
According to a 2019 report published by job market analytics company Burning Glass Technologies, the number of cybersecurity job postings has expanded by 94% during the seven-year period leading up to 2020, versus only 30% for information technology positions overall. The infosec positions also take 20% longer to fill than other IT jobs, and pay 16% better, a premium of $12,700 per year on average.
And that’s probably even higher in New York, which ranks #3 in the nation for tech jobs in 2020 according to Dice’s Tech Jobs Report.
The following job listings reflect some of those positions and offer insight into the different opportunities available to master’s-prepared cybersecurity graduates in New York. (Shown for illustrative purposes only and not meant to imply any guarantee of employment):
Senior IT Security Analyst, NYU Langone Medical Center– New York, NY
- Develop, update and educate the hospital workforce on IT security policies, standards and best practices
- Comply with related industry standards and regulations (such as HIPAA, Meaningful Use, FISMA, PCI, FERPA)
- Lead training and awareness activities to maintain security awareness program in hospital
- Work with IT subject matter experts to be sure that standards and policies reflect their procedures
- Bachelor’s degree in computer science, cyber security or related field required; master’s degree preferred
- Five years of experience in IT security policy required
- CISSP Certified Information Systems Security Professional (ISC2), CISA Certified Information System Auditor certifications preferred
- Strong knowledge of laws, industry regulations and standards that govern information security frameworks and practices required
Director, Cyber Risk & Compliance, Dow Jones- New York, NY
- Set and execute cybersecurity strategy for Dow Jones & Co
- Engage leaders from technology and business to understand and prioritize cybersecurity risks
- Create cyber risk management program to focus cybersecurity investments with guidance from the Cybersecurity Steering Committee
- Develop and maintain budgets
- Bachelor’s degree in cyber security or related field required; master’s degree preferred
- Six years of information security experience in increasingly responsible roles
- Professional certification in information security (such as CISA, CISM or CISSP) required
- Experience managing a small team required
Research Staff Member – Security Department, IBM’s Thomas J. Watson Research Center- Yorktown Heights, NY
- Conduct fundamental and applied research in security and privacy
- Build new and innovative security technologies in research areas such as cybersecurity analytics, information security and cryptography
- Define new research directions
- Drive a project from exploratory thinking to developing a practical service or solution
- Graduate degree in computer science or closely related field preferred
- One to three years of experience in designing and building secure systems
- One to three years of experience in monitoring and analyzing systems, malware or networks
- One to three years of experience in mobile and information security
Security Engineer II, Mediacom Communications – Blooming Grove, NY
- Analyze external and internal threats to protect sensitive data within company network
- Investigate and resolve security incidents
- Analyze effectiveness of existing security measures
- Recommend changes to improve company security
- Bachelor’s degree in cyber security, computer science, telecommunications or information technology required; master’s degree preferred
- Five or more years of hands-on technical security experience required
- Experience with firewall technologies and security tools required
- Security certifications such as CISSP, CISM, CISA, CRISC, SANS GIAC and OSCP preferred