We are more connected now, in a virtual sense, than ever. And while this trend is nothing new, it is being accelerated by the COVID-19 pandemic, with more employees than ever before working remotely and organizations—eager to maintain their competitive edge—forging ever broader, faster, and more efficient networks to reach them.
But there is a downside to all this hyper-connectivity: It has been a boon to cybercrime.
“It’s pretty bad, and it’s not going away soon, because organizations are turning to technology to keep pace with the services and access that people are expecting,” says Frederic Lemieux, Faculty Director of the Georgetown University Master’s in Cybersecurity Risk Management program. “They are increasing their digital footprint, and that offers new attack surfaces that hackers can exploit.”
Two recent incidents stand out: In December 2020, a top U.S. cybersecurity firm called FireEye found that hackers had infiltrated Solarwinds, an American software company, and implanted malicious code into its system. The hackers, believed to be from Russia, gained access to several government agencies, among them the Departments of Homeland Security, Justice, and State.
A second major attack occurred in May 2021, when Colonial Pipeline, a Houston-based oil pipeline system responsible for nearly half the fuel used on the East Coast, suffered a cyberattack and was forced to pay $4.4 million in ransom. By hacking into the attacker’s system, the FBI was able to trace and track the payments in cryptocurrency and get most of the money back, Lemieux says, and then made a rare public announcement that it had done so.
A More Aggressive Response
Agencies like the FBI are taking more aggressive approaches for a simple reason: the emerging challenges demand it. According to a “Washington Post” analysis, ransomware attacks alone more than doubled in the United States from 2019 to 2020, and some experts estimate hackers received at least $412 million in ransomware payments in 2020.
For businesses and organizations, knowing and adhering to government regulations regarding cybersecurity is essential, but this alone is insufficient in today’s volatile climate, Lemieux says.
“Cybersecurity threats and vulnerabilities are multifaceted and ever-evolving,” Lemieux says. “And, because these threats are evolving rapidly, being compliant with the existing cybersecurity frameworks and information security regulations is not enough. You have to be proactive.”
Georgetown students in the master’s program take an active, experiential approach that includes detailed simulations of cyberattacks and the measures used to prevent and respond to them.
“The courses prepare students to not only understand information security basics, but also, for example, survey networks—their own networks—which we call cyber-defense analysis,” Lemieux says. “Then students move on to learning how the bad guys are operating.”
Students also learn about the regulatory environments in Europe and North America, study cybersecurity governance frameworks for key industries, and learn how to communicate potential risks to supervisors without jeopardizing organizational security.
An Evolving Threat
Georgetown also offers two certificates in cybersecurity: the Certificate in Cybersecurity Strategy, which can be completed in anywhere from 12 weeks to two years; and the Graduate Certificate in Cybersecurity Risk Management, which can be completed over a period of six to 12 months. In addition to reviewing the basics of cybersecurity, the graduate certificate program prepares students to develop and implement risk government frameworks that increase resiliency for individuals, departments, and organizations.
One thing students can count on is that the field will continue to change as the threats themselves morph and become more sophisticated.
“Security is constantly changing and evolving,” says John Harmon, regional vice president for cyber solutions at Elastic, near the close of a conversation about current threats. “We could talk next weekend, and it would be something new.”