In the computer lab at the Velocity Hub of the Michigan Cyber Range, the technicians will tell you that you don’t have to be a “tech nerd” to be in cybersecurity.
“I think a lot of people have this false impression that you have to be really technical and good with computers to get into cybersecurity,” says Oakland University (OU) student David Piontkowski.
“There’s a lot of different domains,” he says. “Like risk analysis, which is pretty much all math, there’s really no computers involved.”
David Piontkowski appreciates the broader approach to IT candidates at the Velocity Hub.
David Piontkowski was part of the first cohort to go through a 14-week cybersecurity program run out of the Macomb-OU Incubator space in Sterling Heights. The initiative, called Applied Entrepreneurship in Cybersecurity (AEC), provides OU criminal justice students like Piontkowski with IT and cybersecurity courses to better prepare them for their careers.
Piontkowski and his peers are a result of an education system striving to fill a significant gap in the workforce. According to a report from CyberSeek, at the start of this year the United States faced a shortfall of nearly 314,000 cybersecurity professionals. Another report in 2018 found that 69 percent of cybersecurity teams were understaffed, and 58 percent were advertising positions. To fill that space, it’s going to take more than just IT students.
Macomb-OU Incubator executive director Larry Herriman says there are also some serious gaps in small-business security that these kind of initiatives can help plug.
“We see in many of the small businesses that we work with the entrepreneurs are making apps and they're not typically thinking about writing secure code,” Herriman says. “They are in a hurry to bring their product to the market and launch their business. This urgency can create a data-security deficiency.”
This was one of the reasons behind the hub at Velocity, built out by a collective of non-profit organizations and students from OU. Courses there focus on the entrepreneurship elements to cybersecurity, and Piontkowski says he enjoyed the broader approach to IT work.
“That gives participants to the chance to see what they are good at, what they are not good at, and what they like,” he says.
Piontkowski sees the perfect role for him in the small business world, with the growing need for a “jack-of-all-trades” in cybersecurity.
“They can’t hire a ton of personnel,” he says. “And I don’t want to work in a corporate environment.”
Sam Eid helped develop the IT program at the Velocity Hub in Sterling Heights.
Meeting the market
Sam Eid is an information technology student at OU and came across the program at Velocity while looking for an internship. He was part of the team who developed the AEC course, and while it still has a few things he would like to tweak, Eid thinks the program will spark a lot of interest.
“It covers aspects of entrepreneurship, networking, security providers and ethical hacking,” Eid says. “In the end we want them to think of their own business, to create an idea.”
Eid hopes to go into cybersecurity in the automotive industry, especially with family members already working in General Motors, and is particularly enjoying the research and ethical hacking skills he is picking up through the lab.
“The whole point is to try and break into a system, before an attacker does, then you can patch up the vulnerabilities,” he says. “But to get to that point you have to build up a whole background of knowledge, so I am in that process.”
Eid believes the hands-on experience that program offers will be the key to getting students interested, and meeting the gap in the cyber security workforce—not just locally, but globally.
“Especially when you are trying to hack something,” he says. “It’s really engaging and I think they’ll like it.”
Matthew McMurray (pictured with service dog Cobalt) has been instrumental in getting a veteran program in place.
Tapping into vet (and pet) potential
For Iraq war veteran Matthew McMurray a career in cybersecurity was ideal. When he returned, injured, he struggled to continue his work in construction and—with the help of US Veterans Affairs (VA)—he decided to pursue a degree at OU. In his final year he did an internship with the cyber program and now works as a cyber range administrator for the lab. McMurray has been instrumental in getting a new program off the ground where veterans like himself can learn to be computer support specialists.
“There’s nothing like it out there,” McMurray says. “We can take a veteran with no skills and put them into a job as a computer support specialist in only 18 months.”
The program goes through OU Professional and Continuing Education, in partnership with a Las Vegas company Cyber World Institute to provide the certificate classes, and has just been officially approved by the VA. It’s been 18 months in the making and McMurray says it will provide experiences for people like him, who have graduated with a degree but still need certifications to go into cybersecurity.
“If you have the certificates you can get the job but you don’t have a lot of room for growth—you’ll cap out at a certain point—but if you have the degree and the certs then the only place you can go is up.”
McMurray is assisted by Cobalt, his service dog, who sits placidly at his feet while he works. Cobalt’s company is something McMurray relies on to motivate him and help him focus on his work. “They can sense so much,” he says. “So when I get anxious or angry, he responds.”
From McMurray’s perspective, workplaces that are able to include veterans in cybersecurity will reap huge rewards. He says their discipline, team-player attitude and mission mentality can assist the problem-solving required in the field.
“Having veterans working with veterans in this type of scenario—they will help each other along the way because if one fails, then you all fail.”
“They are a very reliable asset.”
Hannah Bowen attended a course at the hub recently with her high school class.
Reaching the next generation
Sterling Heights Stevenson high school senior Hannah Bowen attended a class at the hub recently to expand her general knowledge of computers and to learn about security measures on networks.
“Technology is becoming the future,” Bowen says. “It’s important to know how to protect yourself and to grow with it.”
Bowen and her class visited the range to learn from Herriman, Piontkowski, Eid, McMurray and the rest of their team. One of the highlights is undoubtedly the “secure sandbox” tool the hub has access to, which provides a way to test out viruses in a safe digital space.
“It’s a place where you can do dangerous things that you couldn’t do on your production system for your business,” Herriman says. “It’s a place where you can test, explore and destroy things in a controlled, digital environment.”
“You can take a copy of your newly devised app, stick it in the secured sandbox and then run malicious exploits against it to learn potential weaknesses.”
Watching the enthusiasm shared between the mentors and the myriad students at the hub, it seems there is, indeed, safety in numbers.