In an age where daily tasks such as banking and grocery shopping are done online and more and more people have relied on the internet to stay connected during pandemic lockdowns, it comes as no surprise that, due to our increasing reliance on internet-based technology, cybersecurity has now become more essential than ever before. The increasing prevalence of cyber-attacks on IT infrastructure shows us the need for a new generation of cybersecurity professionals who are equipped with the knowledge and techniques to protect not only an organization’s information but our own privacy as well.
McGill’s School of Information Studies is looking to address these concerns and rectify the current gap of cybersecurity professionals in the industry today. The School’s new Online Graduate Certificate in Cybersecurity is designed to equip IT professionals with both the technical skills to prevent cyberattacks and the managerial skills required in creating and implementing effective security policy within their organizations.
“We hope that this certificate would set the pace for other universities to catch up to this balance of practice and theory to shape the future of cybersecurity training” says the School’s director, Professor Kimiz Dalkir.
The 15 credit certificate was created with expert instructional designers from McGill’s Teaching and Learning Services who worked alongside leading content experts to create a truly interactive online course that perfectly amalgamates pedagogy and learning experience. Delivering the course in an online platform not only allows the School to reach an international cohort but its asynchronous set-up also allows students to learn at their own pace; lectures are pre-recorded, which gives students the flexibility to accommodate a wide range of professional needs.
As public and private sectors continue to invest more funds and resources into cybersecurity, university training programs now need to rethink and assess how they will train their graduates in meeting the high demand for cybersecurity experts. According to a Cybersecurity Workforce Study and ISACA State of Cybersecurity Update in 2021, the global shortage of cybersecurity professionals is 2.72 million. Bridging this employment gap is now more crucial than ever. “In the next couple of years, you will see big changes within Quebec,” says Professor Benjamin Fung, McGill’s Canada Research Chair in Data Mining for Cybersecurity. “More and more security and privacy regulations, such as Quebec’s Bill 64, means that by 2023, more companies will have no choice but to adhere to those requirements.”
Given the increase in demand, universities like McGill are taking the lead in training students in this area. The role of IT professionals in cybersecurity is to identify the needs in both the public and private sectors; which share a common need in cybersecurity and provide adequate training to fill that gap. Research is another key component in ensuring that IT professionals are being proactive, and not reactive when it comes to cybersecurity threats. “Attackers are always improving and evolving,” says Professor Fund, “we need to keep implementing new techniques and proposing new techniques to further strengthen our systems.”
McGill’s course has also consulted and recruited leading experts from the industry, including Anton Stiglic, General Director of IT at Loto-Quebec and Nicolas Bedard, Cloud Customer Engineer at Google, as well as data scientists and lecturers from University of Ottawa and Queen’s University.
The course will give students valuable hands-on experience in identifying vulnerabilities and threats within operating systems, network systems, and software, and train them in managing and responding to information security threats, as well as the skills to form security policy and governance. The “virtual lab”, simulation exercises which will allow students to access real systems and examine vulnerabilities, allows students to discover how and why an attack has occurred, what to do in tracing back its origins and how to lock files on different systems.
“The biggest challenge is improving cyber-resilience within systems,” says Professor Fung. “ It’s not about just trying to ‘patch’, a system when an attack happens, we want to identify the vulnerability before the attack happens, we want to have adequate training not just for the technical staff, but everyone within the company. Most attacks start from a wrong click that has some malicious software.”
Indeed, wide-scale training within organizations is crucial in improving the resilience of systems. But our increasing reliance on technology means that many people are ill-equipped with the now necessary digital and privacy literacy needed to prevent cyberattacks from happening.
What can institutions like McGill do to sensitize and educate members of its community to this new need for digital and privacy literacy? On January 28 2022, McGill marked Data Privacy Day with a series of events such as a lecture by McGill Law professor Allen Mendelsohn on the impact of Bill 64 and a workshop on secure meetings and webinars. As an official 2022 Data Privacy Day champion, McGill’s goal was to highlight how students, faculty and staff can learn about the skills and tools required to protect their data.
Resources such as McGill’s Digital Research Services, help by giving students and researchers advice and support on research data management, research software and advanced research computing. You can find out more information about the Digital Research Services here.