Skip to main content Skip to search
""

M.S. in Cybersecurity

Making the World Smarter, Safer and Healthier

""

Eligible for

STEM-OPT
""
""

Affordable

$25k
Fixed-Rate Tuition
""
""

U.S. News & World Report

Top 100
University in the U.S.
""
""

Alumni Career Outcomes

95%
employed within 6 months
""

With the Katz School’s master’s in cybersecurity, you’ll develop the technological and managerial expertise to plan, implement, upgrade, monitor and audit cybersecurity protocols and procedures. You’ll master state-of-the-art technologies and practices, and you’ll get hands-on experience with threat mitigation, detection and defense in the heart of New York City—a global headquarters for cybersecurity.

Protecting an organization's information assets and technology infrastructure is critical and requires teams of cybersecurity professionals to protect against increasingly frequent attacks. Fueling this growth is the rapid evolution of cyber threats through the expansion of mobile device usage, the Internet of Things (IoT), machine learning, artificial intelligence and drones. Additionally, evolving privacy and cybersecurity standards and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) and the EU General Data Protection Regulation (GDPR), are driving demand for a new breed of cybersecurity professionals. Secure your place in this critical and fast-growing industry with Katz’s M.S. in cybersecurity.  

Program Highlights

Gain cybersecurity know-how in systems architecture, operating systems, applications, endpoints, securing data, networking, cloud security and software development

Analyze threat landscapes and security frameworks, as well as legal compliance and audit frameworks

Develop internal and external communication strategies to promote a cybersecurity culture

Prepare for industry certifications, including CEH, CISM, CISSP, CRISC and CSSK

Gain industry experience through internships and research, as well as benefit from career support and professional networking opportunities

STEM-OPT eligible

Full Program Breakdown

With the Katz School’s master’s in cybersecurity, you’ll develop the technological and managerial expertise to plan, implement, upgrade, monitor and audit cybersecurity protocols and procedures. You’ll master state-of-the-art technologies and practices, and you’ll get hands-on experience with threat mitigation, detection and defense in the heart of New York City—a global headquarters for cybersecurity.

Protecting an organization's information assets and technology infrastructure is critical and requires teams of cybersecurity professionals to protect against increasingly frequent attacks. Fueling this growth is the rapid evolution of cyber threats through the expansion of mobile device usage, the Internet of Things (IoT), machine learning, artificial intelligence and drones. Additionally, evolving privacy and cybersecurity standards and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) and the EU General Data Protection Regulation (GDPR), are driving demand for a new breed of cybersecurity professionals. Secure your place in this critical and fast-growing industry with Katz’s M.S. in cybersecurity.  

Program Highlights

Gain cybersecurity know-how in systems architecture, operating systems, applications, endpoints, securing data, networking, cloud security and software development

Analyze threat landscapes and security frameworks, as well as legal compliance and audit frameworks

Develop internal and external communication strategies to promote a cybersecurity culture

Prepare for industry certifications, including CEH, CISM, CISSP, CRISC and CSSK

Gain industry experience through internships and research, as well as benefit from career support and professional networking opportunities

STEM-OPT eligible

Swipe to learn more!

With the Katz School’s master’s in cybersecurity, you’ll develop the technological and managerial expertise to plan, implement, upgrade, monitor and audit cybersecurity protocols and procedures. You’ll master state-of-the-art technologies and practices, and you’ll get hands-on experience with threat mitigation, detection and defense in the heart of New York City—a global headquarters for cybersecurity.

Protecting an organization's information assets and technology infrastructure is critical and requires teams of cybersecurity professionals to protect against increasingly frequent attacks. Fueling this growth is the rapid evolution of cyber threats through the expansion of mobile device usage, the Internet of Things (IoT), machine learning, artificial intelligence and drones. Additionally, evolving privacy and cybersecurity standards and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) and the EU General Data Protection Regulation (GDPR), are driving demand for a new breed of cybersecurity professionals. Secure your place in this critical and fast-growing industry with Katz’s M.S. in cybersecurity.  

Gain cybersecurity know-how in systems architecture, operating systems, applications, endpoints, securing data, networking, cloud security and software development

Analyze threat landscapes and security frameworks, as well as legal compliance and audit frameworks

Develop internal and external communication strategies to promote a cybersecurity culture

Prepare for industry certifications, including CEH, CISM, CISSP, CRISC and CSSK

Gain industry experience through internships and research, as well as benefit from career support and professional networking opportunities

STEM-OPT eligible

Research and Capstone

For the capstone project, you'll develop a complete cybersecurity strategy for a non-profit organization. Throughout the program, you'll also have the opportunity to work alongside faculty to design and implement specialized research projects. 

Recent Projects

  • Capture the Flag: Opportunities for the Cybersecurity Classroom
  • Two Step Verification System Using Face Recognition
  • Cymple Bits Security Analysis (Won 1st Place in the 2022 ISACA Cybersecurity Case Study Competition)
  • Equifax Data Breach Analysis (Won 1st Place in the 2021 ISACA Cybersecurity Case Study Competition)

Tech Fellows

Join students and alumni from over 30 countries to work on pioneering research, citywide initiatives and new technologies that help to make the world smarter, safer and healthier.

Benefits

Learn more about the Fellows Program.

B.A./M.S. Pathways Option

Through the B.A./M.S. option, undergraduates from Yeshiva College and Stern College for Women can take up to nine graduate credits that will count toward both their bachelor's and master's degrees. After completing their bachelor's, students can finish their graduate degree in just one more year.

  • Admissions criteria: Junior or senior in any YC/SCW undergraduate major with a minimum GPA of 3.2 and a minimum grade of B-plus in the prerequisite courses listed below. Students can begin taking graduate coursework in their junior or senior year.
  • Prerequisites for graduate courses: One computer networking or security course with a minimum grade of B-plus.

For more information, visit www.yu.edu/pathways

Internships and STEM-OPT

Gain industry experience in major companies, startups and the YU Innovation Lab through internships that count toward your degree. Yeshiva University's master’s in cybersecurity is a STEM-approved degree. International students may be eligible for up to 36 months of Optional Practical Training (OPT). The program also offers several opportunities for Curricular Practical Training (CPT). 

Recent Internships 

  • Radware 
  • New York City MTA 
  • Bank of New York Mellon 
  • Technical Consulting and Research, Inc. 
  • American Eagle Outfitters 

Interested in this program? Apply Now! 

At a Glance

30-credit Master of Science

Full-time or part-time

Online or on-campus in New York City

Evening courses so that you can work full-time while completing your degree

Leading research and industry expert faculty

Small classes where you’ll get to know everyone by name

Admissions Criteria 

Candidates must possess a bachelor’s degree from an accredited college or university.

TOEFL or IELTS scores demonstrating strong communication skills are required for candidates whose bachelor's degrees were earned at a non-English-speaking institution. We also offer a fully online, 11-week intensive English program for applicants with low- to upper-intermediate English reading, speaking and writing skills. 

Contact an admissions director for more information.

Application Requirements 

Applicants must submit the following:  

  • Online application  
  • Official transcripts from all colleges or universities attended 
  • Résumé 
  • Personal statement detailing your career goals and interest in the program 
  • Required: TOEFL, IELTS or Duolingo scores (for candidates whose bachelor's degrees were earned at a non-English-speaking institution) 
  • $50 application fee 

Application Deadlines 

For up-to-date application deadlines, visit Graduate Admissions.

Tuition, Financial Aid, & Scholarships 

The Office of Student Finance maintains current tuition and fees for all graduate programs. 

Scholarships

All applicants are automatically considered for scholarships. You do not need to submit any additional information. Scholarship awards are determined during the application review process. 

Questions? 

Schedule an appointment with an admissions director if you have questions about your qualifications, financial aid opportunities and financing your graduate degree. We can do a preliminary transcript review and discuss your admissions and financing options with the Katz School. 

Admissions & Financial Aid

Admissions Criteria 

Candidates must possess a bachelor’s degree from an accredited college or university.

TOEFL or IELTS scores demonstrating strong communication skills are required for candidates whose bachelor's degrees were earned at a non-English-speaking institution. We also offer a fully online, 11-week intensive English program for applicants with low- to upper-intermediate English reading, speaking and writing skills. 

Contact an admissions director for more information.

Application Requirements 

Applicants must submit the following:  

  • Online application  
  • Official transcripts from all colleges or universities attended 
  • Résumé 
  • Personal statement detailing your career goals and interest in the program 
  • Required: TOEFL, IELTS or Duolingo scores (for candidates whose bachelor's degrees were earned at a non-English-speaking institution) 
  • $50 application fee 

Application Deadlines 

For up-to-date application deadlines, visit Graduate Admissions.

Tuition, Financial Aid, & Scholarships 

The Office of Student Finance maintains current tuition and fees for all graduate programs. 

Scholarships

All applicants are automatically considered for scholarships. You do not need to submit any additional information. Scholarship awards are determined during the application review process. 

Questions? 

Schedule an appointment with an admissions director if you have questions about your qualifications, financial aid opportunities and financing your graduate degree. We can do a preliminary transcript review and discuss your admissions and financing options with the Katz School. 

Program News

""

New York City a Global Cyber Headquarters

Read more about how the city is backing cyber development

New York City a Global Cyber Headquarters

New York City is investing millions to develop its cybersecurity ecosystem by attracting startups, building infrastructure and creating a centralized cyber command.

The city’s Economic Development Corporation is backing a CyberCenter to host the city’s first cybersecurity-dedicated accelerator. Startup companies from around the world are locating in New York. Jerusalem Venture Partners, an Israeli cybersecurity venture fund, is opening its New York office to attract more Israeli companies to the city.  

In addition, Israel-based D-ID and Intezer will join Team 8, a landmark cybersecurity think tank, which recently opened a hub in New York. Additionally, according to a 2018 Indeed.com Cybersecurity Spotlight Report, New York City ranks second on the list of U.S. cities with the most cybersecurity job postings and is in the top three for having the highest salary for information security specialists. 

Cyber Team

Cybersecurity Team Wins ISACA Competition

Read about the Katz team's victory over 17 competitors

Cybersecurity Team Wins ISACA Competition

On May 18, 2022, students from the Katz School of Science and Healthfound out that they won first place in the ISACA Cybersecurity Case Study competition for the second year in a row. The victorious Cymple Bits Security team, led by Kevin Suckiel ’22K, included Jacob Leichter ’22K , Orly Schejter ’23K and Margarita Zeleniy (Brooklyn Technical High School.)

The competition, which this year awarded $21,000 in scholarships, is open to students at U.S.- based universities, colleges and high schools, regardless of the their majors or degrees.

Read the entire story in the Katz blog.

Sivan Tehila

Cyber Expert Named Program Director

Read more about cyber entrepreneur Sivan Tehila

Cyber Expert Named Program Director

Sivan Tehila, a cybersecurity expert and entrepreneur, has been named director of the in-person and online cybersecurity master’s programs for the Katz School of Science and Health. Dave Schwed and Lev Feldman, who served as co-directors of the program since the school’s founding in 2016, have returned to executive positions in industry but remain on the faculty as practitioners-in-residence.

During a 10-year career in intelligence and cybersecurity in the Israel Defense Forces, Sivan served as an intelligence officer, CISO of the Research and Analysis Division and head of the Information Security Department of the Intelligence Corps. After leaving the military, she joined RAFAEL, an Israeli defense company, as an information security officer and a profiler. She then shifted her career to securing critical national infrastructure at the Israel Railways. Since 2019, she has been director of solutions architecture at Perimeter 81, a cloud and network security company.

Sivan has dedicated herself to promoting women in cybersecurity. She is the founder of Cyber Ladies NYC, a fierce troupe of women innovators who are all driven and accomplished in tech and cybersecurity, and a mentor at the Manhattan High School for Girls where she developed a unique cybersecurity program. She was recognized as a 2020 Woman to Watch in IT Security. In June, she led a team of cybersecurity students who won first place in ISACA’s annual Cybersecurity Challenge.

Sivan teaches the course Cybersecurity Audit, Assessment, and Testing. She holds an M.A. in business development and consulting from the University of Haifa and a B.A. in political science and criminology from Bar-Ilan University, as well as a CISO certificate from Technion – Israel Institute of Technology.

The Katz School’s in-person and online cybersecurity master’s programs help students develop the technological and managerial expertise to plan, implement, upgrade, monitor and audit cybersecurity protocols and procedures, as well as to master state-of-the-art technologies and practices. Students get hands-on experience with threat mitigation, detection and defense — all in the heart of New York City. 

Jonathan Deutsch

Joined a Techie, Left a Leader

Read more about Jonathan Deutsch’s journey

Joined a Techie, Left a Leader

Jonathan Deutsch was drawn to the Katz School not just to master cybertechnology but for the soft skills — to learn how to lead people and teams, to teach others how to protect themselves from cybersecurity threats, and to empower others to take their electronic destiny into their own hands.

“The hard skills you can always learn, but the soft skills and how you communicate them are most important,” he said, “and that’s where the Katz School program was exceptional.”

Jonathan said one of the most valuable things about the master’s program is that the professors are practitioners and therefore keenly aware of what the current cybersecurity environment is like. “They bring boots-on-the-ground experience to current events and issues in the profession,” he said.

He was particularly inspired by Alexsandr Zhuk’s leadership course that draws a distinction between managers and leaders. “People are more likely to follow and do the right thing when they want to do it rather than when they have to do it,” he said.

In January, he became Compliance Lead for Axoni, a New York-based technology firm that specializes in blockchain infrastructure, because of the relationships he had forged with Katz cybersecurity faculty.
“The level of care that Professor Zhuk and other professors showed was phenomenal,” he said. “They are genuinely interested in students and are there for you. They are very passionate about their area of expertise and want their students to succeed.”

After graduation, Jonathan was accepted into another master’s program at Columbia University. He also obtained the coveted CISSP certification, which is granted by the International Information System Security Certification Consortium, also known as (ISC)². CISSP is well-recognized and globally trusted, and it enables students to perform various security job functions and pursue an advanced IT security career.

In the Katz School master’s program, students gain cybersecurity know-how in systems architecture, operating systems, applications, endpoints, securing data, networking, cloud security, and software development. They analyze threat landscapes and security frameworks, as well as legal, compliance and audit frameworks. They develop internal and external communication strategies to promote a cybersecurity culture. And they prepare for industry certifications, including CISSP, CISM, CRISC and CEH.

Demand for cybersecurity professionals is on the rise, according to the U.S. Bureau of Labor Statistics. The bureau reports that the industry will experience job growth of 31% between now and 2029, which is a much faster rate than most other industries. The median salary of an information security analyst, for example, was $103,590 in 2020.

In his free time, Jonathan is a volunteer mentor for emerging cybersecurity students with Cyber Ladies NYC, founded by Katz School cybersecurity instructor Sivan Tehila Alus, and works with nonprofit and educational organizations to help design secure technology solutions to help further their mission.

He said he’s passionate about how cybersecurity relates to the role human nature plays when defending digital assets. “We’re dealing not only with the technical reality of a security breach, for example, but also the social and psychological reality,” he said. “The Katz program not only explored that reality but gave us the vocabulary to make it accessible to anyone in the company.”

David Schwed

Cybersecurity Program Hacks the Hacker's Mind

Read more about the psychology of cyber criminals

Cybersecurity Program Hacks the Hacker's Mind

While mastering technology is a prerequisite for being a cybersecurity professional, understanding the psychology of a cyber-criminal is indispensable for protecting against the theft of an organization’s assets. “In order to be good at what we do,” said David Schwed, a practitioner-in-residence at the Katz School, “we need to think like the bad guy.”

Ninety percent of hacking incidents, he said, involve people who fall prey to scams. That’s why IT professionals install tools on computers and other electronic devices to scan links that might contain malware.

“People are your weakest link when it comes to security,” he said. “We can’t stop people from doing it, so that’s what we’re trying to educate students about. If I’m trying to break into an organization, how am I going to do it? And then from there, we try to establish defenses for it.”

Hackers employ surprisingly low-tech methods at times to infiltrate an organization’s computer systems. Schwed said they’ll pose as couriers who are recognizable to an organization and then once inside they plant listening devices or keystroke loggers on the back of keyboards that vacuum up passwords. Or, hackers will drop USB sticks in an organization’s parking lot or other high-trafficked areas, and unsuspecting employees will retrieve them and insert them into their office computers, unleashing malicious code.

Schwed himself is a security professional who has spent a career searching for vulnerabilities, hoping to find weak links in computer systems before criminals can exploit them. He has 21 years of experience in information technology, information security and risk management, and he helped build the information technology infrastructure for Citigroup before joining the Katz School.

He said the Katz cybersecurity program offers an elective course on Cybercrime, Cyberwar and Threat Actors, which examines the profiles of hackers, members of organized crime, and nation-states that conduct espionage. “We discuss what they’re after—money, information or intelligence, and who the potential targets are and how they’re going to execute their schemes,” he said. “We talk about how there’s intrinsic value to some types of data that are a target in financial services, health care and retail, among others.”

The Katz School program develops students’ technological and managerial expertise to plan, implement, upgrade, monitor and audit cybersecurity protocols and procedures, as well as mastery of state-of-the-art technologies and practices. Students gain cybersecurity know-how in systems architecture, operating systems, applications, endpoints, securing data, networking, cloud security and software development. They also analyze threat landscapes and security frameworks, as well as legal, compliance and audit frameworks; develop internal and external communication strategies to promote a cybersecurity culture; and prepare for industry certifications, including CISSP, CISM, CRISC, CSSK and CEH.

“Students get hands-on experience with threat mitigation, detection and defense,” said Schwed. “And then when they graduate, they have access to jobs at the biggest companies in the heart of New York City, which is a global epicenter for cybersecurity.”

He said an important component of the program are guest speakers from the cybersecurity industry. He recently brought in a cybersecurity professional who rolled out a smart vacuum in class to demonstrate how simple it is to tamper with the machine’s brain. From a nearby computer, he uploaded software that swapped the unit’s Siri-like voice for his own, putting the vacuum under his command. Since those machines are already pre-programmed with a floor’s layout, they can yield important information.

Too many cybersecurity professionals, he said, just throw technology at a problem. “They ask, ‘Do we have a firewall? Do we have data loss prevention? Do we have network access control?,’ without stepping back and asking what they’re trying to protect against internally and organizationally.”

A good cybersecurity professional at Coca-Cola, for instance, would try to protect the formula for Coke, but would be more likely to defend Planned Parenthood from hackers who are hostile to its mission rather than the theft of its data.

“Someone using a telecommunications interface, like PRI technology, could flood the phone lines of Planned Parenthood by setting up a computer to make multiple calls at once,” said Schwed. “Their lines would be busy all day, preventing people from making appointments, and the perpetrators wouldn’t have hacked anything.

“Our program is about doing this kind of risk-based analysis to determine what the bad guy is after and how they’re going to get it.”

""

New York City a Global Cyber Headquarters

Read more about how the city is backing cyber development

New York City a Global Cyber Headquarters

New York City is investing millions to develop its cybersecurity ecosystem by attracting startups, building infrastructure and creating a centralized cyber command.

The city’s Economic Development Corporation is backing a CyberCenter to host the city’s first cybersecurity-dedicated accelerator. Startup companies from around the world are locating in New York. Jerusalem Venture Partners, an Israeli cybersecurity venture fund, is opening its New York office to attract more Israeli companies to the city.  

In addition, Israel-based D-ID and Intezer will join Team 8, a landmark cybersecurity think tank, which recently opened a hub in New York. Additionally, according to a 2018 Indeed.com Cybersecurity Spotlight Report, New York City ranks second on the list of U.S. cities with the most cybersecurity job postings and is in the top three for having the highest salary for information security specialists. 

Cyber Team

Cybersecurity Team Wins ISACA Competition

Read about the Katz team's victory over 17 competitors

Cybersecurity Team Wins ISACA Competition

On May 18, 2022, students from the Katz School of Science and Healthfound out that they won first place in the ISACA Cybersecurity Case Study competition for the second year in a row. The victorious Cymple Bits Security team, led by Kevin Suckiel ’22K, included Jacob Leichter ’22K , Orly Schejter ’23K and Margarita Zeleniy (Brooklyn Technical High School.)

The competition, which this year awarded $21,000 in scholarships, is open to students at U.S.- based universities, colleges and high schools, regardless of the their majors or degrees.

Read the entire story in the Katz blog.

Sivan Tehila

Cyber Expert Named Program Director

Read more about cyber entrepreneur Sivan Tehila

Cyber Expert Named Program Director

Sivan Tehila, a cybersecurity expert and entrepreneur, has been named director of the in-person and online cybersecurity master’s programs for the Katz School of Science and Health. Dave Schwed and Lev Feldman, who served as co-directors of the program since the school’s founding in 2016, have returned to executive positions in industry but remain on the faculty as practitioners-in-residence.

During a 10-year career in intelligence and cybersecurity in the Israel Defense Forces, Sivan served as an intelligence officer, CISO of the Research and Analysis Division and head of the Information Security Department of the Intelligence Corps. After leaving the military, she joined RAFAEL, an Israeli defense company, as an information security officer and a profiler. She then shifted her career to securing critical national infrastructure at the Israel Railways. Since 2019, she has been director of solutions architecture at Perimeter 81, a cloud and network security company.

Sivan has dedicated herself to promoting women in cybersecurity. She is the founder of Cyber Ladies NYC, a fierce troupe of women innovators who are all driven and accomplished in tech and cybersecurity, and a mentor at the Manhattan High School for Girls where she developed a unique cybersecurity program. She was recognized as a 2020 Woman to Watch in IT Security. In June, she led a team of cybersecurity students who won first place in ISACA’s annual Cybersecurity Challenge.

Sivan teaches the course Cybersecurity Audit, Assessment, and Testing. She holds an M.A. in business development and consulting from the University of Haifa and a B.A. in political science and criminology from Bar-Ilan University, as well as a CISO certificate from Technion – Israel Institute of Technology.

The Katz School’s in-person and online cybersecurity master’s programs help students develop the technological and managerial expertise to plan, implement, upgrade, monitor and audit cybersecurity protocols and procedures, as well as to master state-of-the-art technologies and practices. Students get hands-on experience with threat mitigation, detection and defense — all in the heart of New York City. 

Jonathan Deutsch

Joined a Techie, Left a Leader

Read more about Jonathan Deutsch’s journey

Joined a Techie, Left a Leader

Jonathan Deutsch was drawn to the Katz School not just to master cybertechnology but for the soft skills — to learn how to lead people and teams, to teach others how to protect themselves from cybersecurity threats, and to empower others to take their electronic destiny into their own hands.

“The hard skills you can always learn, but the soft skills and how you communicate them are most important,” he said, “and that’s where the Katz School program was exceptional.”

Jonathan said one of the most valuable things about the master’s program is that the professors are practitioners and therefore keenly aware of what the current cybersecurity environment is like. “They bring boots-on-the-ground experience to current events and issues in the profession,” he said.

He was particularly inspired by Alexsandr Zhuk’s leadership course that draws a distinction between managers and leaders. “People are more likely to follow and do the right thing when they want to do it rather than when they have to do it,” he said.

In January, he became Compliance Lead for Axoni, a New York-based technology firm that specializes in blockchain infrastructure, because of the relationships he had forged with Katz cybersecurity faculty.
“The level of care that Professor Zhuk and other professors showed was phenomenal,” he said. “They are genuinely interested in students and are there for you. They are very passionate about their area of expertise and want their students to succeed.”

After graduation, Jonathan was accepted into another master’s program at Columbia University. He also obtained the coveted CISSP certification, which is granted by the International Information System Security Certification Consortium, also known as (ISC)². CISSP is well-recognized and globally trusted, and it enables students to perform various security job functions and pursue an advanced IT security career.

In the Katz School master’s program, students gain cybersecurity know-how in systems architecture, operating systems, applications, endpoints, securing data, networking, cloud security, and software development. They analyze threat landscapes and security frameworks, as well as legal, compliance and audit frameworks. They develop internal and external communication strategies to promote a cybersecurity culture. And they prepare for industry certifications, including CISSP, CISM, CRISC and CEH.

Demand for cybersecurity professionals is on the rise, according to the U.S. Bureau of Labor Statistics. The bureau reports that the industry will experience job growth of 31% between now and 2029, which is a much faster rate than most other industries. The median salary of an information security analyst, for example, was $103,590 in 2020.

In his free time, Jonathan is a volunteer mentor for emerging cybersecurity students with Cyber Ladies NYC, founded by Katz School cybersecurity instructor Sivan Tehila Alus, and works with nonprofit and educational organizations to help design secure technology solutions to help further their mission.

He said he’s passionate about how cybersecurity relates to the role human nature plays when defending digital assets. “We’re dealing not only with the technical reality of a security breach, for example, but also the social and psychological reality,” he said. “The Katz program not only explored that reality but gave us the vocabulary to make it accessible to anyone in the company.”

David Schwed

Cybersecurity Program Hacks the Hacker's Mind

Read more about the psychology of cyber criminals

Cybersecurity Program Hacks the Hacker's Mind

While mastering technology is a prerequisite for being a cybersecurity professional, understanding the psychology of a cyber-criminal is indispensable for protecting against the theft of an organization’s assets. “In order to be good at what we do,” said David Schwed, a practitioner-in-residence at the Katz School, “we need to think like the bad guy.”

Ninety percent of hacking incidents, he said, involve people who fall prey to scams. That’s why IT professionals install tools on computers and other electronic devices to scan links that might contain malware.

“People are your weakest link when it comes to security,” he said. “We can’t stop people from doing it, so that’s what we’re trying to educate students about. If I’m trying to break into an organization, how am I going to do it? And then from there, we try to establish defenses for it.”

Hackers employ surprisingly low-tech methods at times to infiltrate an organization’s computer systems. Schwed said they’ll pose as couriers who are recognizable to an organization and then once inside they plant listening devices or keystroke loggers on the back of keyboards that vacuum up passwords. Or, hackers will drop USB sticks in an organization’s parking lot or other high-trafficked areas, and unsuspecting employees will retrieve them and insert them into their office computers, unleashing malicious code.

Schwed himself is a security professional who has spent a career searching for vulnerabilities, hoping to find weak links in computer systems before criminals can exploit them. He has 21 years of experience in information technology, information security and risk management, and he helped build the information technology infrastructure for Citigroup before joining the Katz School.

He said the Katz cybersecurity program offers an elective course on Cybercrime, Cyberwar and Threat Actors, which examines the profiles of hackers, members of organized crime, and nation-states that conduct espionage. “We discuss what they’re after—money, information or intelligence, and who the potential targets are and how they’re going to execute their schemes,” he said. “We talk about how there’s intrinsic value to some types of data that are a target in financial services, health care and retail, among others.”

The Katz School program develops students’ technological and managerial expertise to plan, implement, upgrade, monitor and audit cybersecurity protocols and procedures, as well as mastery of state-of-the-art technologies and practices. Students gain cybersecurity know-how in systems architecture, operating systems, applications, endpoints, securing data, networking, cloud security and software development. They also analyze threat landscapes and security frameworks, as well as legal, compliance and audit frameworks; develop internal and external communication strategies to promote a cybersecurity culture; and prepare for industry certifications, including CISSP, CISM, CRISC, CSSK and CEH.

“Students get hands-on experience with threat mitigation, detection and defense,” said Schwed. “And then when they graduate, they have access to jobs at the biggest companies in the heart of New York City, which is a global epicenter for cybersecurity.”

He said an important component of the program are guest speakers from the cybersecurity industry. He recently brought in a cybersecurity professional who rolled out a smart vacuum in class to demonstrate how simple it is to tamper with the machine’s brain. From a nearby computer, he uploaded software that swapped the unit’s Siri-like voice for his own, putting the vacuum under his command. Since those machines are already pre-programmed with a floor’s layout, they can yield important information.

Too many cybersecurity professionals, he said, just throw technology at a problem. “They ask, ‘Do we have a firewall? Do we have data loss prevention? Do we have network access control?,’ without stepping back and asking what they’re trying to protect against internally and organizationally.”

A good cybersecurity professional at Coca-Cola, for instance, would try to protect the formula for Coke, but would be more likely to defend Planned Parenthood from hackers who are hostile to its mission rather than the theft of its data.

“Someone using a telecommunications interface, like PRI technology, could flood the phone lines of Planned Parenthood by setting up a computer to make multiple calls at once,” said Schwed. “Their lines would be busy all day, preventing people from making appointments, and the perpetrators wouldn’t have hacked anything.

“Our program is about doing this kind of risk-based analysis to determine what the bad guy is after and how they’re going to get it.”

Skip past mobile menu to footer