To combat the ever-lurking online community of hackers and phishers seeking to steal identities, exploit data and rob bank accounts — sometimes through one ill-fated click — Cal Poly students are learning valuable skills that make using technology safer.
Cal Poly’s cybersecurity program has grown from two courses taught by computer science professor Phillip Nico to a new curriculum of five dedicated cybersecurity classes taught by three faculty members. Meanwhile, cybersecurity curriculum has been incorporated into existing computer courses.
About 250 students a year now participate in the university’s cybersecurity program — roughly half of the students in computer science, said Bill Britton, the director of Cal Poly’s Cybersecurity Center.
Cybersecurity isn’t an academic major or even a concentration at Cal Poly, but it supplements instruction with useful skills for the job market, said Zachary Peterson, a Cal Poly assistant professor hired to teach in the program in 2013.
“At the minimum, students will know when they should ask for help with a problem,” Peterson said. “They’ll know when to say, ‘You know, I should probably have a second set of eyes look at this.’ ”
And for those who want to pursue a career in the field, jobs are plentiful — as many as 12 positions for every qualified applicant, according to officials with computer security company McAfee who taught a course at Cal Poly last year.
Peterson said the Internet was developed to be reliable, fast and user-friendly — but security wasn’t necessarily a priority at the start. Now it is.
“There’s a huge demand,” Peterson said. “There’s demand in corporate cybersecurity, big government money is spent, and the National Science Foundation has a big pot too.”
Cal Poly students studying cybersecurity discover how algorithms are used to keep data secure and learn how to conduct forensics on breaches, protect online credit transactions, browse the Web anonymously and design secure software.
Peterson said his cryptology class enrolled 90 students this past fall, the most that he has taught, and had a waitlist.
In the future, cybersecurity program coordinators hope to expand basic instruction campus-wide by teaching students how to value their data.
“Even ‘liking’ something on Facebook means you become an endorser of that product,” Peterson said. “You’re projecting an image for that product. I’m not saying to avoid social media, because there are benefits. Just understand how it works.”
A year ago, Cal Poly opened a new cybersecurity laboratory that received a $150,000 donation from Northrop Grumman toward equipping the computers with specialized software and hardware.
“We’ve been able to run live malware in the lab and analyze what happens,” said Cristina Formaini, a computer science senior who has taken multiple cybersecurity courses. “It’s a great tool.”
Formaini is the president of Cal Poly’s White Hat Club, a group of students who gather weekly to network, talk and play games related to hacking such as “Capture the Flag.”
“In the game, one group is trying to attack your system and the other is trying to defend it,” Formaini explained.
Formaini and club president-in-waiting Nathan Lemay said that they come across unsafe computer behavior frequently in their daily lives.
They’ve encountered a local housing complex using a plain text password system that’s not encrypted, friends using Wi-Fi without locking the system with a password and a family member sharing sensitive personal information over a mobile device.
“It’s something he should have thought about and didn’t,” Lemay said of his relative. “I said, ‘What are you doing?’ ”
Basic computer advice includes avoiding the use of a single password for multiple logins, being careful not to click on email links from an unknown source, and using up-to-date antivirus software.
“Basically, be wary and don’t be low-hanging fruit in your habits,” Peterson said. “There’s the analogy: ‘If there’s a bear in the woods chasing after you, you don’t have to be faster than the bear. You just have to be faster than the next guy.’ ”