In an era where massive data breaches have caused some consumers anxiety while swiping their credit card, keeping out hackers is a hot topic among students learning to build and maintain the systems that often fall victim.
At the College of Engineering and Computer Science’s second annual Cyber Security Day Friday, industry experts familiar with the level of damage a hacker can level against a system shared their expertise with ECS students.
“Cyberwarfare … has become much more important than perhaps nuclear warfare,” said Raman Unnikrishnan, Ph.D., dean of the College of ECS. “It can wipe out what we consider important by doing some things that many of you in the audience are capable of doing.”
Virginia Mushkatblat from Hush Hush, a company that masks important information in documents stored digitally, talked about the growing demand for cybersecurity.
She cited the recent data breaches at Target, Home Depot and Snapchat that affected tens of millions of consumers. Shoppers weren’t the only ones affected by hackers, however—August saw data breaches at medical centers that pose an additional threat to personal security.
Since last year, the college has added two classes on cybersecurity and has begun integrating cybersecurity into some existing classes, and the program is something that will continue to grow.
Information security analysts are projected to be one of the fastest growing occupations in the country, according to a 2013 report by the Bureau of Labor Statistics.
Mikhail Gofman, assistant professor of computer science, compared cybersecurity to a game of chess.
“We don’t have a perfect algorithm for winning a chess game. Perhaps the algorithm does not even exist,” he said. “We can learn to get better at chess and we can get better at cybersecurity.”
But for Gofman, the overall goal is for the college to one day become a National Security Agency-recognized Center for Academic Excellence in Information Assurance, joining just two other California State University campuses with that distinction.
Carter Jones, security consultant for Cigital, a software security firm, discussed the importance of “Patch Tuesday,” when software improvements or fixes are released monthly to users of the Microsoft Windows operating system. Many hackers, however, analyze these patches to find the vulnerabilities in the software in order to target computers that haven’t been updated yet and are therefore still vulnerable, he said.
With hackers getting better and better at analyzing this software code, many can identify the vulnerabilities in as quickly as a day, which has now given rise to an occurrence known as “Exploit Wednesday.”
Bill Willis, a global subject matter expert for security and identity at IBM, explained how biometric authentication, or using a face, fingerprint or the iris of an eye can confirm someone’s identity.
Biometric authentication is becoming increasingly popular, and is included in technology like Apple Pay, which allows users to make a purchase with a quick scan of the fingerprint.
Although only three of those biometric authentication features are currently used, Willis believes that voice recognition can one day be used as an identifier. The technology, however, just isn’t there yet, he said.