RIT’s Cybersecurity Bootcamp prepares professionals from all... PlatoBlockchain Data Intelligence. Vertical Search. Ai.

RIT’s Cybersecurity Bootcamp prepares professionals from all…

RIT’s ESL Global Cybersecurity Institute—a new on-campus facility that is making the university a top site for cybersecurity training, education, and research. Credit: Elizabeth Lamark

We have to think differently about who our cyber professionals are and where they come from. Hackers are diverse and come from different backgrounds, so if we’re going to outsmart them, our cyber professionals should be investigative minds who come from diverse backgrounds, too.

After five years working with the highway department and as a garbage truck driver, Garrett Morken wanted to trade in his bright yellow safety vest for something new.

Like millions of Americans, the past couple of years have challenged Morken to re-evaluate his life. He didn’t want to live paycheck to paycheck anymore. He was ready for a career change.

In less than year, he was able to make that happen.

After taking RIT’s Cybersecurity Bootcamp, Morken was trained and ready to start an entirely new career in cybersecurity. Today, as an operations consultant at Security Risk Advisors in Rochester, he’s learning new things, he’s saving money, and he’s helping to fight cybercrime.

“Signing up for the bootcamp was probably one of the biggest turning points in my life,” said Morken. “I was tired of the physical labor and wanted to find a career instead of just a job. Now, I’m with a company that wants me to grow as an employee and as a person.”

Morken is one of about 100 people who completed RIT’s Cybersecurity Bootcamp since it started in summer of 2020. Unlike a traditional degree program that can take years to complete, the bootcamp lasts 15 weeks—or 30 weeks part-time. It’s also offered completely online.

RIT’s bootcamp prepares professionals from all backgrounds and abilities—including those who don’t know code—for critical entry-level cybersecurity jobs. Those jobs can start with an average annual salary of about $60,000.

That’s good news for the millions of Americans switching careers as part of what’s been called the Great Resignation or the Great Reshuffle. It’s also good news for every organization looking to hire more cybersecurity workers. This need comes at a time when cybercrime continues to grow, but there are 2.7 million unfilled cyber jobs globally.

“And to help fill this job gap, we have to think differently about who our cyber professionals are and where they come from,” said Viviane Stover, RIT’s Cyber Range producer and business director, who administers the bootcamp. “Hackers are diverse and come from different backgrounds, so if we’re going to outsmart them, our cyber professionals should be investigative minds who come from diverse backgrounds, too.”

The bootcamp is part of RIT’s ESL Global Cybersecurity Institute—a new on-campus facility that is making the university a top site for cybersecurity training, education, and research. What makes RIT’s bootcamp unique, compared to other cybersecurity crash courses, is its focus on hands-on learning, professional development, and building a community within each cohort.

“It was almost like a cybersecurity trade school, in that I didn’t need prerequisites in English, math, or any coding experience,” said Morken. “You literally go in on the first day and start learning skills for the job that you’ll actually be doing in real world.”

Learning to do the job

It was a seemingly normal email that first got Christopher Bruns interested in cybersecurity.

After college, he was working as a golf professional at a country club in Florida, teaching lessons and running events. He opened an attachment in the email and his whole computer became encrypted.

“It was a ransomware attack and I got phished,” said Bruns. “It was a hard lesson to learn, but ever since then I’ve had a real interest in cybersecurity.”

Bruns continued to work at the country club until he was laid off in March 2020, due to the coronavirus pandemic. He wasn’t happy with his job and he wasn’t making a lot of money, so instead of going back into golf he decided to follow his passion for cybersecurity.

“I learned about the bootcamp and how immersive it was going to be,” said Bruns. “I saw it as a $10,000 investment in myself, because I knew it would help me break into a new career.”

On the first day, bootcamp students are “hired” by a company called Brick Wall Cyber. The company isn’t real, but all the infrastructure behind it certainly is.

Students work with large virtual networks of computers and must support security operations for 24 mock Rochester companies. Students get to work together, as they interact with role players who call-in and email to make each scenario more realistic. They discuss the latest news in the cybersecurity world and work on career preparation, including resume writing, interviewing, and networking.

Throughout the program, students take on a series of different roles in the company— from fielding tickets on the IT helpdesk to investigating security vulnerabilities in the company’s security operations center. In the end, students must help defend against a full-scale cyberattack.

“This bootcamp is based in reality and it gives students context and meaning behind what they’re learning,” said Rick Mislan ’91 (professional and technical communications), a management information systems lecturer who helped design the bootcamp. “Applied learning like this is going to win every day.”

The bootcamp’s curriculum aligns with the National Institute of Standards and Technology-developed National Initiative for Cybersecurity Education framework for cybersecurity jobs. Participants learn skills in Windows/Linux/Unix security fundamentals, information systems auditing and compliance, and Security Information and Event Management (SIEM) tools for detection and response, among others.

After completing the bootcamp, Bruns went the next step to earn special certifications to build up his resume and apply for jobs. A few months later, he was hired as a cybersecurity program analyst at enterprise cybersecurity provider Sedara in downtown Buffalo, N.Y. He said that he now makes 50 percent more than he used to at his old golf job.

“In two years, I’ll be making enough to achieve my dream of being a member of a nice country club,” said Bruns. “I’m also interested in learning more, so I can develop a new focus on offensive security and ethical hacking.”

Dilip Singh, vice president of cyber operations at Sedara, has already hired two bootcamp graduates for entry-level positions at his company.

“There is absolutely a need for these employees in our industry right now and you can see it with the number of job openings that will sit vacant for months on end,” said Singh. “I’m looking to hire people with practical knowledge who can come in ready to hit the ground running, which bootcamp grads can do.”

RIT has offered six bootcamp cohorts so far, including two taught with American Sign Language interpreters. The specialty cohorts aim to broaden participation of deaf and hard-of-hearing individuals in the cybersecurity workforce.

Grace Yukawa ’19 (mechanical engineering) took part in the first ASL cohort. After graduating from RIT/NTID amidst the coronavirus pandemic, she had trouble interviewing and finding a job in her hometown of Seattle. When she learned about the bootcamp, she thought that cybersecurity could be a good career shift if she needed to work remotely.

“It was really helpful to work in an all-deaf group that shared the same language,” said Yukawa. “We learned how to set up firewalls in specific ports and all about command lines and access controls.”

Yukawa was eventually offered a job in her field as a product engineer at the Seattle-based medical technology company Simulab. While she now designs simulators for the healthcare industry, she said that the cyber skills she learned are still useful and she will always have security on her mind for products she helps create.

Ultimately, bootcamp organizers and employers see the program as a new talent pipeline that will help meet critical needs in the cybersecurity industry. Jobs that traditionally only go to those with four-year computing degrees can now be filled by professionals from more diverse backgrounds and populations.

Time Stamp:

More from Computer Security