MBAs Are Being Trained In Cybersecurity
Business schools are now training students in cybersecurity.
With cyberattacks disrupting daily operations and costing companies millions, worldwide enterprise security spending is forecasted to total $96.3 billion in 2018, up 8% from 2017, according to Gartner.
“Overall, a large portion of security spending is driven by an organization’s reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide,” Ruggero Contu, research director at Gartner, says. “Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years.”
Sarah Murray, a contributor at Financial Times, recently wrote about how MBA programs are ramping up their training on cyber security.
Achieving Effective Cyber Security
One way b-schools are prepping their students in cyber security is by teaching them technical skills. But experts say more needs to be done in order to effectively achieve cyber security.
“Technical skills . . . by themselves are not sufficient to achieve effective cyber security,” Alan Brill, senior managing director for cybersecurity and investigations at Kroll, tells Financial Times.
\Rather, Brill says, achieving effective cybersecurity requires managing online behavior of employees in addition to installing firewalls. At the b-school level, it’s more than just teaching technical skills. Instead, it is more about understanding the threats and how to prevent and respond to them at a financial, legal, and reputational level, Brill says.
“Each MBA programme should have at least some content on cyber security,” Brill tells Financial Times.
How B-Schools Are Teaching Cybersecurity
A number of b-schools are now offering specializations in cybersecurity.
At the University of Albany’s business school, the full-time MBA cybersecurity specialization covers both risk management and security incident analyzation.
Coventry University made strides by becoming the first to offer a course in cyber security in the UK. Through workshops and online content, the curriculum includes topics such as strategic thinking and analysis, network security, crisis communications and international cyber and digital law.
At London Metropolitan University, the cybersecurity MBA includes professionals who manage cyber security departments or processes.
“They want to blend management knowledge with the specialist area they’re in,” Hazel Messenger, MBA course leader at London Metropolitan, tells Financial Times. “They’re wanting to sit at a board meeting and to understand what the guy from marketing and finance is saying.”
According to the school’s website, the cybersecurity course covers the “fundamentals of leadership and risk management within cyber security organizations.” The school hopes that through the course, students will learn “how to anticipate, deter, detect and resist cyber-attacks on digital assets and activities.” The course covers everything from identity theft, scams, fraud, and attacks on computer systems.
For Brill, he says, cyber security education needs to expand beyond just something that computer scientists deal with.
“Organizations that consider cyber security to be a technology problem — something that can be offloaded to the ‘techies’ — are almost guaranteed to have incidents,” Brill tells Financial Times.