A cybersecurity team member with a tablet works on critical infrastructure protection.
Article

How Critical Infrastructure Protection Fits into a Cybersecurity Career


Cybersecurity

Experts believe future wars won’t be fought on the battlefield but the web. Cyberattacks on the government infrastructure, for example, could halt vital operations of entire cities or countries and leak crucial security information into the wrong hands.

To guard against debilitating attacks, government organizations must have the right systems and talent for critical infrastructure protection. For those interested in a career in critical infrastructure protection, pursuing an advanced degree, such as an online Master of Science in Cybersecurity, can provide key insights and essential skills for success in a cybersecurity career.

Defining Critical Infrastructure Protection

What is critical infrastructure protection? This vital process takes preventive measures to protect key infrastructure from cyberattacks. The U.S. Department of Homeland Security (DHS) pinpoints 16 critical infrastructure sectors including transportation systems, energy, food and agriculture, communications, and health care. Information security professionals guard infrastructure against cyber threats by working with supervisory control and data acquisition systems and industrial control systems: the networks used to keep critical infrastructure operating at a massive scale.

The United Nations introduced the concept of critical infrastructure protection in response to terrorist attacks. According to the UN Office of Counter-Terrorism’s 2018 compendium of good practices, member states agree to “step up all efforts to improve the security and protection of particularly vulnerable targets, such as infrastructure and public places, as well as the response to terrorist attacks and other disasters, in particular in the area of civil protection.” Additionally, the Critical Infrastructure Protection Act of 2018 criminalizes trespasses on critical infrastructure facilities by individuals and conspiring organizations. This act is meant to prevent cyberattacks and hacks from occurring from inside government facilities.

In the U.S., the secretary of homeland security coordinates critical infrastructure protection at the federal level and delegates responsibilities to sector-specific federal agencies. Each sector must follow federal, state, and local standards for protection. For example, the Federal Energy Regulatory Commission enforces risk assessments and awareness training for personnel, monitoring systems, incident reporting, and response planning.

Essential Skills for Effective Critical Infrastructure Protection

People interested in this career path need fundamental skills and competencies to effectively enforce critical infrastructure protection. Professionals in this field must have the technical skills to operate security software, analyze data, and manage automated processes. They also need business skills, such as project management and leadership expertise to organize teams of information technology professionals.

In addition to these hard skills, critical infrastructure protection professionals should possess soft skills, including collaboration and communication skills that enable them to work in a high-stress, team-oriented environment.

How Norwich Prepares Students for Cybersecurity Roles

Norwich University’s online Master of Science in Cybersecurity (MSCY) program prepares students to pursue an advanced role in cybersecurity. In the program, prospective professionals learn the technical and business skills needed for leadership positions in the field. The Critical Infrastructure Protection and Cyber Crime concentration, in particular, prepares students for the responsibility of safeguarding government systems against cyber threats and cyber attacks.

Core courses arm students with extensive knowledge of information security best practices, organizational structure, policy development, and management strategies. These courses include:

  • Foundations and Historical Underpinnings of Information Assurance focuses on the evolution of keeping digital and online information safe and secure. By learning about early data structures and modern encryption methods, prospective professionals can more effectively build policies and models for information assurance.
  • Information Assurance Technology discusses the various tech-driven defenses deployed to protect information systems from cybercriminals. Expertise in this area is essential for working with access controls, anti-malware tools, and security elements of operation systems.

Courses in the Critical Infrastructure Protection & Cyber Crime concentration cover information critical to national security, the nature of conflict in cyberspace, and data acquisition systems. Courses in this concentration include the following:

  • Cyber Crime breaks down the nature of cyber-based threats, examining how they can potentially impact U.S. national security. These skills help information leaders understand the execution of cyber terrorism and how they can use risk management frameworks to mitigate threats and damage.
  • Cyber Infrastructure Protection explores the relationship between a security and cyber-based infrastructure. Gained skills are essential for operating SCADA systems that control critical sectors such as electricity, water, and fuel.

Graduates of Norwich’s MSCY program have moved into roles as a chief information security officer, chief risk manager, cybersecurity engineer, and director of information systems.

Future Growth of Cybersecurity Jobs

Our world needs advanced cybersecurity professionals across a wide range of industries. Hacking and cyberterrorism threats continue to concern government organizations around the world. The U.S. Government Accountability Office reports that a great deal of work still needs to be done to equip the 16 critical infrastructure sectors to adopt cybersecurity frameworks. But DHS reports that some sectors may have limited resources, knowledge, and skills for adopting these necessary frameworks.

The job outlook for information security analysts and cybersecurity professionals is bright. The U.S. Bureau of Labor Statistics reports that the number of information security analysts will increase by 32% from 2018 to 2028, much faster than the projected average growth rate for all occupations that stands at 5%. Moreover, a Herjavec Group jobs report predicts 3.5 million cybersecurity job openings by 2021.

Fostering a New Generation of Cybersecurity Experts

Norwich University’s online Master of Science in Cybersecurity prepares professionals for an advanced position in cybersecurity. Graduates learn the skills needed to understand, value, and protect information assets in complex business and government organizations. Students can choose from five concentrations, including Critical Infrastructure Protection and Cyber Crime, that best fits their interests to pursue a rewarding career in the vital field of information security.


Recommended Readings

The Changing IT Security Job Market
Cybersecurity vs. Information Security: Exploring the Differences
How to Become a Cybersecurity Engineer

Sources

The Future of War Is Cyber, The Next Web
Critical Infrastructure Sectors, U.S. Department of Homeland Security
The Protection of Critical Infrastructure Against Terrorist Attacks: Compendium of Good Practices, United Nations
Cyber Threats to Our Nation’s Critical Infrastructure, Center for Strategic & International Studies
Critical Infrastructure Protection Act, American Legislative Exchange Council
Critical Infrastructure Protection (CIP): Security Problems Exist Despite Compliance, CSO
10 Critical Security Skills Every IT Team Needs, CIO
Master of Science in Cybersecurity, Norwich University
Critical Infrastructure Protection: Additional Actions Are Essential for Assessing Cybersecurity Framework Adoption, U.S. Government Accountability Office
Information Security Analysts, U.S. Bureau of Labor Statistics
The Cybersecurity Jobs Report 2017, Herjavec Group