Cybersecurity is a vast field with numerous niche areas for professionals to explore, says Rick Hansen, a cybersecurity consultant whose work has included developing network technologies to protect sensitive Department of Defense (DoD) data, managing multiple DoD medical IT modernization contracts, and designing training programs.
A Capitol alumnus, Hansen also teaches in the university’s cybersecurity program, helping to nurture the next generation of professionals in this critical arena.
“It’s become such a broad field that no one can know it all,” he says. “No one can really know even a significant percentage of it – it’s that big. You need to specialize. I tell students start learning, work with your hands, and see what you find yourself coming to again and again.”
We asked Hansen for his thoughts about emerging trends within cybersecurity, about the attributes needed for success, and about his own academic and career path.
How did you first become interested in cybersecurity?
I was an electronics engineering student at Capitol, and that involved learning about microprocessors. These form the basis for what we now call the Internet of Things (IoT). As part of my second and third year courses I had to take microprocessors and build a working computer on a little protoboard. It was really pretty cool. I was also working a great deal with Unix, which has now become Linux. I got to know about the internals operating systems that run computers, and about networks.
My interests increasingly gravitated towards doing neat things with microprocessors and writing neat software, so I took the next logical step and got a graduate degree in computer science, from Johns Hopkins. As my professional career advanced, cybersecurity was beginning to emerge as its own separate field, and I started to move towards that. Because I specialize in some of the more difficult and esoteric areas of computing, it was just a natural fit. Many of the things that need to be looked at require certain kinds of expertise and I was fortunate enough to have been working in positions where I could acquire that expertise.
Where do you see cybersecurity headed? What are the top priority areas right now?
The risk of penetrations for important systems has become ubiquitous. Whether we’re talking about drivers’ license databases, security clearance information, or even a food company’s inventory of dried nuts, important systems are being compromised and data stolen. Even if your data hasn’t become an open secret yet, in many cases it’s a straightforward process to acquire it. We need a whole new generation of software systems that have been designed from the ground up to keep the bad people out.
That’s one priority. Another is what I would call “invisible computing.” That means the fifty computers that are in your car, or the many that are scattered around your house. We commonly refer to this as the IoT. From a hacker’s or adversary’s point of view, the IoT represents a world of opportunity. If you can co-opt several million small processors, you can do a lot of magic things with them.
It’s scary, for instance, to think about someone taking over your car systems and making them work against you, or having all the systems in your house participate in a denial of service attack. These are real risks today.
What would you say are the attributes that are needed for success in cybersecurity?
It’s essential to gain hands-on knowledge and experience, where you’re actually interacting with systems. Even if you end up in a part of the field where you’re not actually touching the system, you’ll have a deeper understanding if you’ve done hands-on experiments that confirm how things work, as opposed to just accepting what’s said in a book or accepting the premises made in a lecture or video.
Our program at Capitol is known for exactly this kind of approach. That sets us apart from programs that largely provide theoretical training without giving students the opportunity to apply it. At Capitol, labs are an integral part of the training and a major part of the grade. You must go in and build things, and you will encounter problems and figure out how to solve them.
It’s a very distinctive type of learning and it goes all the way back to our founder, Eugene Rietzke. I was privileged to meet his wife, Lillie Lou Rietzke, a number of times over the years. The Rietzkes were always very proud of the fact that at Capitol you learned how to do it in the classroom, and then you also had to go into the lab and put that learning into practice, and then you had to write a report. In that way, all the key facets of learning were covered. It was an efficient, effective solution and it’s one still used in our programs today.