Cybersecurity is a field that I’ve been interested in since high school. Ever since I started learning about computers and how they work, I’ve applied the same ideas and logic to how the software and hardware I use functions in my every day life. First, one of my primary reasonings for actually taking steps to join the field is because of just how important the work is. It feels like every time I watch the news there’s a new cybersecurity incident unfolding or even ones that happened in the past that was never revealed to the general public. Its hard for us to come to terms with how these attacks will impact society right up until it affects each and every one of us individually. Within that same context, the offense only evolves as the defense evolves, which makes cybersecurity technology an ever-changing, albeit interesting concept. There’s always something new to learn. Secondly, as general technologies evolve, cybersecurity technologies are essentially attached at the hip. This allows lots of opportunities for the knowledge bubble to expand and encapsulate, so you never feel stuck where you are. Due to this fact, a person within this industry can also seek to diversify their skills and strengths with relative ease. For myself personally, I very much enjoy the idea of being able to move around in the space, while still retaining the skills I have learned and not throwing them to waste. This leads me to my third point, which is that since the field is growing at a rapid pace, the job demand is quite large. There are many different types of paths you can go down specifically within the cybersecurity field, which presents a ton of opportunities. Lastly, the future of cybersecurity looks extremely positive, and its importance will grow as human innovation and technology grows, which excites me greatly.

Cybersecurity plays a vital role in virtually everything we participate in via the internet. Because of this, many other college majors besides cybersecurity can transition a lot of the skills and knowledge gained. These majors include Computer Science, Criminology, Engineering, and Business Administration and Management. Building a foundation in cybersecurity almost certainly requires additional disciplines to be added to your repetoire. Skills and knowledge gained throughout should prove beneficial to a cybersecurity major, regardless of the path they decide to take within the field later on. Cybersecurity is a continuously evolving discipline, and with the intrinsic need to adapt to changes, comes an obligation to learn and discover. This also allows for students to pursue other careers outside of cybersecurity. Computer science majors can bring a solid understanding of the way in which computer systems operate and then apply that knowledge to cybersecurity. Knowledge of computer programming languages and how data is structured is hugely beneficial. Business administration and management majors would be able to use their understanding of the processes of running a business and handling large amounts of business-related data, to build a foundation for ways to protect it through cybersecurity. These processes include risk identification and assessment and implementing strategies to mitigate said risk. Engineering majors can put to use their knowledge of how hardware and/or software is designed, to create a low-level understanding of how systems are penetrated by attackers, as well as thinking up new defenses. Criminology majors and the insight into the criminal justice system that is gained can be absolutely beneficial to a cybersecurity major. With an additional understanding of criminal behavior and pattern recognition, criminology majors can use that information to stop threat actors. Since cybercrime is handled by law enforcement, students can use their understanding of they way law enforcement operates to apprehend cyber-criminals.

Electronic information, according to the “Information Technology Resource Management Glossary”, is known as “any information stored in a format that enables it to be read, processed, manipulated, or transmitted by an information system.” Electronic information can be stored on devices like USB drives, hard drives, or even on a remote server. A variety of ethical issues involved in storing electronic information about individuals come to mind. First, an issue that is still very controversial to this day is that most of the public are not aware of what information about them is being stored, much less the specifics of said information. This means that individuals may not be able to give their consent to store information in an informative manner, and if the information becomes leaked, they may be surprised to learn how much unwanted information will be released to the internet. In addition to this, an individual’s information that they may want to keep private may be accessed by insiders of companies, most notably social media providers like TikTok and Facebook. These actions could result in a serious violation of one’s privacy rights here in the United States. Electronic information about an individual that is stored could also misrepresent an individual, as the information could be inaccurate, especially concerning the age of the data versus the individual’s current and up-to-date information. This gets especially complicated when considering that companies often partake in selling user data to advertising partners. Fortunately for the average user, there are ways to take control of their data and the specifics of what is stored by different companies or organizations. Users should always read the fine print when prompted with data collection, as they can learn more about how an organization stores user data and the contents of what they are storing. Individuals will find that some companies will actually let one opt out, thus negating ethical issues. If it’s the case that you can’t fully opt-out, even then a user should be able to opt out of the selling of their data to other organizations. The ethical issues that arise from storing electronic information about a user should be clear to all organizations who take part, and should be done in a manner that respects an individual’s rights.

The risks that cybersecurity tries to mitigate cannot be understated. Critical infrastructure such as power grids or financial systems, sensitive user data collected by organizations, and computer systems in general are all targets of attackers. When discussing the risks to the United States’ critical infrastructure’s cybersecurity, there are numerous factors that can contribute. The U.S. is in a unique position due to it natural size, thus the infrastructure is vast and complicated, including an expansive variety of systems and machines that hold things together. Due to the size, it also makes it harder to defend, especially with the seperation of federal, state, and local government oversight. Different states might have different standards for how they protect their infrastructure, with some states leading and some falling behind due to negligent management. Compared to other countries, because of their smaller size, it’s most likely a lot easier to provide oversight to their critical infrastructure and provide a stronger defense. It also makes it a lot easier to update a smaller number of systems than it is a larger number, which results in better defense against zero-day exploits. In terms of risks to sensitive user data collected by organizations, both the U.S. and other countries have their fair share of issues to tackle, since said data is an important commodity globally. Social media is extremely prominent in the world today, with enormous amounts of data being passed back and forth all over the globe. Fortunately, the western part of the world has taken and are continuing to take steps toward protecting users and their right to privacy. The U.S. has various agencies and commissions, like the Federal Trade Commission, that produce safeguards for user data. The European Union has the “General Data Protection Regulation”, also known as “GDPR”, which pushes a set of requirements for organizations to protect user data, as well as notify users of data breaches in a timely manner.

Consulting for an organization.
Youtube Videos/Channel dedicated to the topic of cybersecurity.
Bug bounty hunting.
Evaluating software for safety.
Reporting security vulnerabilities.
Selling cybersecurity software or services.
Employee of a cybersecurity firm.
Certifications to put on your job resume.
Undercover work to test social engineering defenses for an organization.
Researching and creating vulnerability reports.
Investing into publicly traded cybersecurity companies.
Teaching cybersecurity courses online or at a university.
You can attend cybersecurity conventions that almost always have job opportunities.