Skip to Main Content

An Interview With Cybersecurity Program Alumni Hector Santiago, DSc

Dr. Hector Santiago earned his doctorate in cybersecurity in 2014, with a dissertation that built on his telecommunications background and explored new approaches to analyzing cyber attacks. It was not his first time at Capitol; Dr. Santiago also holds a master’s degree from the university in telecommunications and information systems management. Among many other professional accomplishments, Dr. Santiago devised a non-forensic attribution methodology (NFAM) which is used by the Department of Homeland Security (DHS) to track down anonymous cyber adversaries. He also played a key role in building the database used by the DHS for identifying cyber threats to federal agencies.

Hector Santiago

In addition to his government service as part of the DHS, Dr Santiago is also a regular contributor to Homeland Security Today.

How did you first become involved in the cybersecurity field?

I was enlisted for nine years in the Army as a signals intelligence professional. As a result, I became very familiar with signals intelligence and telecommunications, and decided this was what I wanted to do after retiring from the military and transitioning to a civilian career. And it seemed to me that the smartest choice was for my career to take on more of a cybersecurity aspect.

Telecommunications is about how things are supposed to work – how devices are supposed to talk to each other, for instance. A telecommunications professional focuses on the expected outcomes. Cybersecurity is about how malicious actors can manipulate systems and devices to get an unintended outcome. These two areas – cybersecurity and telecommunications – are both continually evolving, but at different speeds. So, for instance, a rapid increase in processing speed, allowing a decrease in latency with regard to data transmission, might also constitute a variable which adversaries can use to their advantage.

In telecommunications, the guiding principle often amounts to “as long as everything works the way we expect it to work, things are fine.” The cybersecurity perspective is “no, at that same moment someone is doing something with your device that you did not intend and will harm you in ways you cannot possibly imagine.”

What do you find most interesting about the cybersecurity field?

Intelligence about cybersecurity supports a lot of policy making. Cyber is a hot button topic right  now, with policy being put forward at the highest levels based on the work done by analysts. I go to work every day with the knowledge that a project I’m involved with may well help shape national policy, and that’s exciting and rewarding.

What are some of the top-priority concerns with regard to cybersecurity?

One of the overarching concerns is the tradeoff between convenience and security. Everyone wants things to be as convenient as possible. We want to be able to access our information immediately. For example, a growing number of people like the idea of a cashless society, where you can just wave your phone – or maybe, someday, your hand – and be able to pay your restaurant bill or buy groceries. We see the benefits of having a chip in you that, for instance, will provide first responders with your HIPAA data if you suffer an accident or sudden medical condition. But we tend to forget about the security aspect.  It always seems to be an afterthought in the rush to get these exciting innovations out there. As a result, we are caught off guard by attacks which actually should not have been a surprise.

I mentioned the idea of a cashless society. This has implications that are far more radical than people often acknowledge. Wealth may no longer be attached to something tangible which we can retrieve if the grid goes down. Your wealth will be continually on the grid. If something happens to the grid, you won’t necessarily be able to reacquire it. In a cashless society, wealth consists of servers telling other servers what you are worth. Once we consider these implications, we may be inclined to rethink the priority we place on convenience.

What were your reasons for wanting to undertake a doctoral degree in cybersecurity?

I had a yearning to teach and to mentor others. A doctoral degree opens up the opportunity to teach classes and even become a faculty member at a college.  It also gave me the opportunity to refine my skill set in my chosen field. My research focused on telecommunications infrastructure as a precursor to malicious attacks. Typically, when people examine how malicious attacks come about, they look at behavior. I looked at infrastructure; I was able to identify certain types of infrastructure that are preferred by malicious actors.

Why did you choose Capitol for your doctoral degree?

I was familiar with the school, having already completed a master’s degree at Capitol, and I also knew that the cybersecurity program is highly regarded. It is a DHS and NSA-designated Center for Academic Excellence. Also, the program is online, offering me the flexibility that I needed at the time. Dr. Helen Barker was also a critical influencer in my decision to take on my doctoral level challenge.

What did you find most rewarding about the doctoral experience at Capitol?

The critical thinking and exposure to the scientific method involved in earning the Doctorate of Science degree – it’s like nothing else I’d experienced. Doctoral work was the first time I had to do a deeper dive into certain things to make sure that the work could withstand the utmost scrutiny. At the baccalaureate level, you may be basically writing book reports. At the master’s level, you’re hopefully undertaking something more rigorous. But at the doctoral level – and particularly in the doctoral programs at Capitol – students are challenged to go way beyond that and make serious contributions to their fields of study. It’s not an easy undertaking, but it’s well worth it; I’m incredibly proud of the caliber of the work I did as a student in the doctoral program. I take that professional ethic I refined at Capitol with me into work every day.

Tags: Critical Infrastructures and Cyber Protection Center