Engineering and cybersecurity are two distinct disciplines, each demanding its own rigorous education and training. But should there be crossover? Should engineers or engineering students invest in cybersecurity education as well? What are the opportunities for engineers to gain expertise in protecting against threat actors in the software realm?

As the world becomes more complex and the use of cyberattacks grows, the world of cybersecurity benefits more and more from engineering expertise, and vice versa. Here’s why.

Cybersecurity Education Leads to Options and Job Security

The world of cybersecurity suffers from a skills gap. Businesses, non-profits, schools, government agencies — every sector needs more security experts. And there just aren’t enough to go around. By getting a background from cybersecurity education, engineers open themselves up to a new world of job opportunities. In the job market, security-savvy engineers and engineer-trained security specialists have far more options for career advancement. And, of course, the role of cybersecurity engineer is a great specialty.

Partnerships on Cybersecurity Initiatives

Engineers make great partners for cybersecurity professionals to troubleshoot complex system vulnerabilities and design system-wide strategies for protecting an organization. Adding cybersecurity education to the engineering track just makes that easier.

Engineers get training on, and may have solid knowledge of, many elements present in both fields. Look at numerical methods, simulation, statistical probability, process flow and diagraming and even cost estimation. All of these can be very valuable in developing cybersecurity strategies, methods and plans of action. The complex tasks done in the course of high-level security work benefit from an engineering mindset in a big way.

Build Better Products with Cybersecurity Education

One of the reasons threat actors are able to breach defenses, steal data, destroy reputations and extort money is that the hardware and software products everyone uses aren’t always as secure as they could be. Case in point: many IoT devices ship with insecure default passwords or settings, creating an enormous burden on security people as these devices become more common in the workplace and the home.

Product designers add breadth to their skills if they have a grasp of the basics of cyber engineering and cybersecurity. For example, software engineer training should include a thorough knowledge of cybersecurity topics. And even if the formal training is lacking, a software developer’s career path will be enhanced and boosted by security knowledge. For many software developer specialties, certifications and training in cybersecurity are gold on resumes.

The world needs far more secure software development. If more engineers were required to consider the realities of cybersecurity, we might end up with products that are more secure by design.

Cybersecurity Education and Future Leadership Training

As careers advance, just about any person can advance to a leadership position. While cybersecurity training is lacking in engineering education in general, it’s also lacking in the c-suite. Engineers who evolve from team leaders to department heads to leadership would bring a lot more to the table if they arrived with a solid grasp of cybersecurity to inform their decisions.

The truth is that cybersecurity training for engineers is a great idea at the university level and as a mid-career enhancement.

This industry is rapidly changing, hand in hand with the tech it works with. But one thing that is certain is that training and education in cybersecurity will always be worth it for engineers.

More from Risk Management

Did Brazil DSL Modem Attacks Change Device Security?

From 2011 to 2012, millions of Internet users in Brazil fell victim to a massive attack against vulnerable DSL modems. By configuring the modems remotely, attackers could redirect users to malicious domain name system (DNS) servers. Victims trying to visit popular websites (Google, Facebook) were instead directed to imposter sites. These rogue sites then installed malware on victims' computers. According to a report from Kaspersky Lab Expert Fabio Assolini citing statistics from Brazil's Computer Emergency Response Team, the attack ultimately…

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Worms of Wisdom: How WannaCry Shapes Cybersecurity Today

WannaCry wasn't a particularly complex or innovative ransomware attack. What made it unique, however, was its rapid spread. Using the EternalBlue exploit, malware could quickly move from device to device, leveraging a flaw in the Microsoft Windows Server Message Block (SMB) protocol. As a result, when the WannaCry "ransomworm" hit networks in 2017, it expanded to wreak havoc on high-profile systems worldwide. While the discovery of a "kill switch" in the code blunted the spread of the attack and newly…

Why Operational Technology Security Cannot Be Avoided

Operational technology (OT) includes any hardware and software that directly monitors and controls industrial equipment and all its assets, processes and events to detect or initiate a change. Yet despite occupying a critical role in a large number of essential industries, OT security is also uniquely vulnerable to attack. From power grids to nuclear plants, attacks on OT systems have caused devastating work interruptions and physical damage in industries across the globe. In fact, cyberattacks with OT targets have substantially…