Dale C. Rowe is a computer ninja. He has reviewed cybersecurity in Libya, worked with a slew of federal agencies, and is teaching computers to recognize faces by skin texture. And this year, the information technology professor helped BYU clinch designation as one of the nation’s premier academic institutions for cybersecurity education, an honor given by the National Security Agency (NSA) and Department of Homeland Security (DHS).
Q: What are some of the big threats in cybersecurity?
A: Since the ’70s we’ve been using computer systems to control machinery, power distribution, water treatment—you name it. And in the past 10–15 years we’ve hooked everything up to the Internet so things can be done remotely—creating a big security problem. Recent viruses are already targeting those kinds of systems, with effects far more serious than having your computer hacked or identity stolen. The U.S. power grid is vulnerable. An online attacker can cause explosions remotely. Every week we hear about some government agency or major business getting hacked, some kind of malware or advanced persistent threat. Last year was the first year that electronic fraud actually cost more than all other nonelectronic fraud. And you don’t always know who your enemy is; you can’t send the FBI to kick down a door in Ukraine. Another looming threat: what do we do when the attacker is a nation state?
Q: What’s being done?
A: A couple years back the U.S. government said it was short 10,000–30,000 cybersecurity professionals in the public sector. The private sector is short even more than that. In October 2012 Defense Secretary Leon E. Panetta said that one of the most important investments America can make is in training “skilled cyber-warriors.” Federal agencies recognize the urgency and are actively creating initiatives in academia to develop cybersecurity professionals. There are now military groups in all the major units dedicated to cyber-defensive and offensive operations—this was unheard of a few years ago.
Q: How has BYU responded?
A: We’ve seen a surge of growth in BYU’s information technology program: 207 students now, up from 160 last year. Our cybersecurity students deal with everything from malicious software to breaking through firewalls. A very popular course is penetration testing—more widely known as ethical hacking, or figuring out weaknesses before the bad guys do. We can’t graduate these students fast enough. We’ve had 100 percent job placement for six years running—with a few undergraduates taking six-figure starting salaries and interns getting high-level government clearances. An individual has more communications reach today than entire countries had two decades ago. A student with the right idea can change the world.
Your Personal Cyber Trail
Security is a state of managed paranoia, says information technology professor Dale C. Rowe. “Be paranoid, but deal with it responsibly.” Here are his thoughts on keeping your computer and online information secure:
- Use 17- or 18-character passphrases instead of passwords; passphrases are memorable and harder for a computer to guess.
- Try to use services (from your e-mail provider to your bank) with two-factor authentication—something you have and something you know. For example, Gmail can send you a text with a number required to log in. The cell phone is something you have, the password something you know.
- Encrypt any important personal information stored in the cloud or sent online—like financial records. You can do that in Word or with programs like Winzip or Winraw.
- Educate yourself; you don’t need to be a geek or an expert to keep your computer virus-free. HijackThis and MalwareBytes are malware research companies with good online forums.