Good Will Hacking: How Brooklyn Is Training Cyber SleuthsA new degree program at NYU Tandon is part of the city's effort to address a critical shortage of cybersecurity experts
The threat of cyber crime is real and growing, especially in an information capital like New York City. “The city houses a ton of critical infrastructure, both the physical kind, like power and light, but then also financial services,” says Jerry Brady, chief information-security officer for the Wall Street firm Morgan Stanley. “I think New York City is a unique concentration of critical infrastructure and it makes us a unique target.”
Yet that vulnerability also presents an opportunity: the booming business of cybersecurity and the jobs it creates. Right now the U.S. is short about 200,000 cybersecurity experts that it needs, according to industry estimates. But most of the industry has clustered around Washington, D.C., not here. The University of Maryland, for example, has 8,000 students enrolled in cybersecurity programs, while the largest one in New York has just 500, according to an op-ed essay in Crain’s New York Business by Alicia Glen, deputy mayor for housing and economic development, and Katepalli Sreenivasan, dean of Brooklyn’s NYU Tandon School of Engineering. “We want those cyber jobs here in New York, and we are making a big play for them.”
Rather than just recruit them from elsewhere, city leaders like the deputy mayor, dean and info-security officer have banded together with others to foster home-grown cyber sleuths. One step is the creation, announced this week, of the New York Cyber Fellows program: an elite, affordable online masters degree in cybersecurity. The tuition will be just $15,000, the lowest of any such program in the city, with scholarships available. The long-term goal is to add 10,000 cybersecurity experts to the city workforce within a decade, part of Mayor de Blasio’s pledge to create 100,000 new jobs within a decade.
To make sure the graduates are workforce-ready, the curriculum is being designed with input from big employers including Morgan Stanley, Blackstone Group, IBM Security and Booz Allen Hamilton. “We understand that courses have to be designed with industry participation and consultation,” Prof. Nasir Memon, founder of NYU Tandon’s cybersecurity program, told The Bridge. “We will be evolving and updating with feedback from industry partners.”
While the program is online rather than in-person, the students will have access to teaching tools offered by the newly created New York City Cyber Command (NYC3), the school’s partner in the program. “We will offer NY Cyber Fellows access to our virtual laboratory, known as the Cyber Range, for hands-on training and development,” says Colin Ahern, the city’s deputy chief information-security officer. “Students will be exposed to testing and research into real-world problems in a safe and controlled environment. Training comes in many forms. Hands-on training is just as important as degrees.”
Who qualifies for the program? “Students need to have a computer-science background, something roughly linked to a bachelor’s degree,” said Memon. (The school also offers a program called Bridge to Tandon, which gets non-engineering grads up to speed in a 26-week, part-time course.) The Cyber Fellow curriculum is rigorous, starting out with courses like Computer Networking but advancing to subjects including Penetration Testing and Vulnerability Analysis, which helps students learn how to “find and exploit flaws,” Memon said.
NYU Tandon has a running start in the cyber-security field. Fourteen years ago, the school founded Cyber Security Awareness Week, a student-run event featuring international competitions, workshops and industry events. Other innovative programs include a summer cybersecurity course for high-school women only.
The kind of people employers want for cyber-sleuthing are well-rounded types, not just the stereotypical computer geeks. “I’m also looking for leadership skills or knowledge of financial services,” said Morgan Stanley’s Brady. “Financial services does not offer up a ton of room for error. We’re very highly regulated, so you are looking for a pretty pivotal package of skills: leadership, technology, financial services, cybersecurity. We can potentially get that all in a single person,” he told The Bridge.
Graduates of the program will be thrust into a new world of intrigue. “There’s a lot of concern surrounding the conflation between a big, nation-state front and high-end cyber criminals. These can be really significant threats for large-scale fraud or impact the financial system,” said Brady. “And then you always have to look at the nation states that look at this as a military opportunity.” Targets include all the new kinds of devices and platforms, he added. “I think the bad guys right now are probably looking at categories like cloud [computing], internet of things, mobile, artificial intelligence, things that we can add security to.”
Ahern agrees about the new risks. “As organizations in NYC expand their digital footprint, we all become more interdependent and reliant on our technology. While advances enable us to provide better services, it makes cybersecurity more important. The big area to watch in the future is connected devices. As new devices are able to communicate, those same devices can be vulnerable.”
And because catching hackers is a game that moves as you play, graduates of the new masters program will be given five years of free access to the school’s curriculum as it’s updated in response to new threats. “We want our Cyber Fellows to know we will be with them for the long term,” says Memon, “and I have no doubt that their experiences in the field will enrich future scholars.”