+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 29
  1. Junior Member
    Join Date
    Oct 2015
    Location
    Maryland
    Posts
    9

    Certifications
    Net+, Sec+
    #1

    Default Master's Degree - Cybersecurity or IT (Information Assurance)

    Hello.

    I want to enroll in Master's program for either Cyber Security or a more general Information Technology Degree.

    I keep hearing cybersecurity degrees are just a fad and most people who get into just end up doing penetration testing all day.
    Reply With Quote Quote  

  2. SS
  3. Junior Member
    Join Date
    Oct 2015
    Location
    Maryland
    Posts
    9

    Certifications
    Net+, Sec+
    #2
    Which do you think is the better option?
    Reply With Quote Quote  

  4. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    942

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #3
    Saying cybersecurity is a fad is like saying IT is a fad.... It's here, and it's gonna stay

    Cybersecurity is also the hottest job market in the world for the next few years. It'll eventually settle down and be a "normal" job - but not anytime in the next decade+. Most infosec job postings in my area for the past 5 years or so (which is only when you started to see infosec job postings) have gone unfilled or were filled with inexperienced people they tried to then train up.

    Most people on these forums only seem to want to do penetration testing, but that's a very small market in the overall infosec world. I also try to steer most people away from pentesting since that's a very specialized niche and to be any good at it you need to be really good at a LOT of things. not to say bad pentesters can't get a job - 90% of the pentesters I know (and I know a ton) aren't what i'd consider to be any good at their job. they can run a bunch of scripts they find online (metasploit, empire, mimikatz, etc), but that's about it.

    most things cybersecurity, if you want a cybersecurity job, is defense, aka blue team. it's made of up 3 areas - the technical realm, administrative realm, and physical realm. most people typically think of the technical realm (running the AV, web filter, investigating logs, etc) but the admin realm is just as important, just with a different focus (writing & enforcing policies & standards, contract review, speaking to business people to find out what's the goal for the next few years, etc). physical too, but in most companies i know that's the job of the usual security department, not infosec dept.

    i'd recommend getting a taste - get darril gibson's CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide and read through it. if you think it's interesting, then dig deeper. if not, move on. the security+ exam is a great primer for all things infosec-related, and that study guide has knowledge bits for everything in the exam.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Apr 2013
    Posts
    2,140
    #4
    636-555-3226 is dead on. I don't know who is telling you that most people with cybersecurity degrees just pen test all day long, but please do more research than random anecdotes from people who probably aren't even working in the field.

    Before even considering a master's degree, do you have general IT experience now? Just rolling straight into a master's program isn't going to do you a lot of good, you'll just spend more or end up with more debt and not be in a much better position than every other person coming out of a BS program without actual work experience.

    Look here:
    https://tisiphone.net/2015/11/08/sta...-chapters-4-5/
    and see what kind of jobs are out there in the security space. Note how none of them say "get a master's degree and get a job". See if any of them really appeal to you, then start researching more into that specific area. Are those types of jobs even available near you? Are you willing to move to get a better job? etc.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Sep 2016
    Location
    VA
    Posts
    861

    Certifications
    CISSP, PMP, CCNP, FITSP-M
    #5
    What's your current level of experience? What do you want to do?

    What does the curriculum for the cyber degree look like?

    I've seen several Cyber masters degrees that have zero technical and a while lot of compliance/auditing. Make sure the degree in question matches your goals.
    2018: CCIE Written (R/S) (done - Jan), CCIE R/S
    After that: MBA, OSCP
    Reply With Quote Quote  

  7. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    834

    Certifications
    PenTest+, CySA+, LFCS, GCIH, eJPT, CCNA, CAPM, CompTIA Trifecta
    #6
    Quote Originally Posted by jamesindc View Post
    I keep hearing cybersecurity degrees are just a fad and most people who get into just end up doing penetration testing all day.
    I'll venture to say that most Masters in Cybersecurity graduates are poorly prepared to do penetration testing from the degree experience alone. Acadamia just doesn't teach the specific skillset needed for that kind of work at the depth needed. Certs do a better job of it, which is why job ads often ask for specific pentest related certs, while being vague about the degree.

    Example, writing a term paper and doing a group case study or two for a course on physical system security does not demonstrate competency in being able to actually stake out a building to break in during a pen test.
    Reply With Quote Quote  

  8. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    6,310

    Certifications
    GCFE, GCED, GCIH, GSTRT, CISSP, CCSP, and others that should never be mentioned
    #7
    I keep reading "my friend says this", "people tell me that" about the security field. Most of the time the stuff mentioned makes zero sense. I wish I could get more context on those sources. Are they industry professionals? Do they hold any degrees?
    Reply With Quote Quote  

  9. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    4,027

    Certifications
    BS-CST MLS CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #8
    What's your undergraduate degree in? If you have one in IT/IS/CS then I would say for for Cybersecurity. If it's in another field or in something security related then I'd say go for the general Masters in IT (most offer concentrations in security anyhow).
    WIP:
    Python
    Java
    Reply With Quote Quote  

  10. LA2
    LA2 is offline
    Member
    Join Date
    Mar 2014
    Location
    Atlanta, GA
    Posts
    44

    Certifications
    CISSP, CEH, Security+, Network+
    #9
    Cyber security is not a fad. Buzz word, maybe, but fad, no. Would a masters degree in cyber security help you land a role in security? Yes, if you have some experience and/or certifications to back you up. And no, you will not be doing pentesting all day unless you are shooting for that role.
    Reply With Quote Quote  

  11. Senior Member kaiju's Avatar
    Join Date
    May 2017
    Location
    3rd rock
    Posts
    140
    #10
    Certification and Accreditation (C&A) and Cyber Security Engineers are two really good fields that are somewhat intertwined. Many Cyber Security Masters Degree programs will concentrate on cert material (CISSP, CISM, GIAC, CEH) that will pertain to those two fields.
    Reply With Quote Quote  

  12. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    407

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #11
    For the love of god people, STOP GETTING MASTERS DEGREES just because "my friend said this" or "I heard that...". A masters degree is not worth your time unless you have worked in the industry for a very long time and are bored. It will do ALMOST NOTHING for your career. You don't need a masters to work in management and sure as hell don't need a masters to get a job.

    Ok, I feel better now.
    Reply With Quote Quote  

  13. Senior Member Nyblizzard's Avatar
    Join Date
    Jan 2013
    Location
    South Florida
    Posts
    325

    Certifications
    A+, Network+, Project+, Security+, Hyper-V, MCSA: Windows 7, CCNA: CyberOps, SSCP
    #12
    But it usually helps and for many that's the only reason needed
    O
    /|\
    / \
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Mar 2014
    Posts
    670

    Certifications
    Alphabet-soup
    #13
    On topic of degree choice: I'm finishing my MS in Cybersecurity in a few months. The first thing I'll say is that because "cybersecurity" is new as a buzzword every job, degree, program, etc. anything with it in the title means nothing. You have to look at what you're signing up for. The degree title means nothing when comparing "Cybersecurity" and "IT/IA". Look at the courses required, they'll vary widely between schools, even with the same title.

    The next thing is, why do you want to pursue a Masters degree? I'm not discouraging it all, unlike some here, I always support the pursuit of more education. The program you pursue should depend on your current position and your end goal. If you're new to IT and trying to use the Masters as a way to break in to it, you need to look at programs that are more general in IT with some IA focused courses. If you've worked in IT and looking to break in to security, look at a program that's more focused on general security. If you've worked in security and pursuing a Masters, find something more focused on what you want.

    I will say that my degree program was focused on covering all areas of Cybersecurity, and it started out the first course with a bunch of people who had completely different backgrounds. A few school teachers, some random retail workers, etc. By the third course it seemed most had some sort of technical background. Now in my last course everyone's bio lists some type of IT with security work. Basically, without the right background for the program, you might struggle to get to the end.

    If your goal is to just get in to IT at all, a degree probably isn't the best route. If you're trying to get a senior level position somewhere, need a Masters, and you have the work experience in other fields, but want the IT or Security education on top, you might also look in to MBA programs with a concentration in IT or Security.
    Reply With Quote Quote  

  15. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    407

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #14
    I personally have not met or worked with one person who benefited from having a Masters, they just got it because work paid for it. None of our upper management here have a masters except for one and its not even IT related. If you personally want to pursue a masters, then that is your choice. I am just saying that you shouldn't expect much of, if any ROI after obtaining the degree. You don't have to listen to me, I'm just some random dude on the internet lol But IMHO masters degrees are just not worth it, at least at this point in time.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Apr 2017
    Posts
    391
    #15
    @McxRisley I have to agree with you there. I'm a security engineer and I work with people who have masters degree's and others who only have a high school diploma. They are in the SAME positions too. I mean, if my employer wanted me to have a master's or is willing to give me a fat raise for getting one, then sure why not! But unfortunately, that's not the case. There is literally ZERO incentive for me to get one at this point. If I wanted to move into management, ehhhh maybe, but still usually not required.
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Apr 2013
    Posts
    2,140
    #16
    I'm looking to start one, but I've been in IT for over a decade and a half, manage some people and still have to do a technical job. Does my job require one? Not at all, but if they'll pay for it then I'm willing to take the classes. Worst case I learn some stuff and become more marketable? Would I go into deep dept to get a technical masters, nope.
    Reply With Quote Quote  

  18. Junior Member Registered Member
    Join Date
    Dec 2017
    Posts
    5

    Certifications
    A+, Network+
    #17
    I already have a master in CS and thought about getting a masters in Cybersecurity. I looked at WGU and noticed that the program focuses on certifications... lots of them. Rather than do the second masters degree I decided to focus on getting the certs... Just an idea.
    Reply With Quote Quote  

  19. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    830

    Certifications
    SSCP, Security+, eJPT +4
    #18
    Quote Originally Posted by CompuGeorge View Post
    I already have a master in CS and thought about getting a masters in Cybersecurity. I looked at WGU and noticed that the program focuses on certifications... lots of them. Rather than do the second masters degree I decided to focus on getting the certs... Just an idea.
    I have bachelor degrees in architecture (building design and construction) and technical writing. I considered getting a master in security, but then I decided that experience and certifications would serve me better.
    Reply With Quote Quote  

  20. Senior Member snokerpoker's Avatar
    Join Date
    Sep 2006
    Location
    SF Bay Area
    Posts
    643

    Certifications
    BS: IT, CCNA, CCENT, CCDA, MCTIP:SA, MCTS, MCSA, MCP, A+, Network+, CIW Professional
    #19
    I am looking into an MS program right now. Looking at Central Washington University or Fort Hays State.

    Having a degree of any kind will never hurt you.
    Reply With Quote Quote  

  21. Senior Member YuckTheFankees's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,255

    Certifications
    A few..
    #20
    To say cybersecurity is a far, is crazy. To say most security people end up doing pentesting all day made me laugh lol. I would love to know your sources!

    Before jumping into a masters degree, really think about if you need it. Honestly, if you have the experience, self study for the CISSP and I bet a lot of options would become available to you. You would save a ton of money and time...

    But! If you really have your mind set on a masters, then go for it. You'll never truly know the ROI but one day you might get an interview because you had a masters and the other guy didnt...then its up to you to impress them.
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Dec 2013
    Location
    Trinidad and Tobago
    Posts
    142

    Certifications
    A+,CCENT,CCNAR&S,CCNA Security,CCNA Voice,CCNP R&S,BCNE2012,HCNA,ITIL Foundations,BCNP, BAIS,VCA-DCV
    #21
    If your in the USA/EU go for your cyber sec degree bro

    In my part of the world nobody cares about cyber security unfortunately.
    Reply With Quote Quote  

  23. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    407

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #22
    Quote Originally Posted by Fadakartel View Post
    If your in the USA/EU go for your cyber sec degree bro

    In my part of the world nobody cares about cyber security unfortunately.
    The thing about the US though is that you don't even need a degree in cyber security to get a job in the field. A CS degree is a very new thing here still. Hell where I work, NOBODY has a CS degree because that degree has only been around for a couple of years now. Also, as stated above most CS degree at the moment are really not that great. They focus on certifications which should be a MASSIVE red flag when enrolling in a program. To me that just screams laziness on the instructors part.

    On a side note: All you need to get started in security here is Security + and a clean background. The DoD and contracting companies are picking up entry level workers left and right.
    Last edited by McxRisley; 12-27-2017 at 09:52 AM.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Mar 2014
    Posts
    670

    Certifications
    Alphabet-soup
    #23
    @McxRisley it's interesting that you're not seeing anyone getting a benefit out of it. Where I was at for the DoD jobs, it's a couple of pay grades up if you're starting with a Masters vs. a bachelors. Not that you can't get the job without it, but being up two pay grades doesn't hurt. Also, some agencies and positions require the Masters to be in a specific field. I know several people whose Bachelors weren't in STEM fields, so they went for the Masters in a STEM (IT, IA, Cybersecurity) field in order to get the job to begin with. Four years experience and no STEM degree, maybe GS5-7. Throw that degree on it, GS11-13 depending on the position and how well the person negotiates.

    For contractors, I don't know if it's a DoD requirement or something the companies are doing themselves, but everyone I've worked for pays more the higher your degree, for the same exact position. Yes, Bob and Joe will both get hired for having certs and clearances. Bob with no degree will be at the low end of the pay range for the position, Joe with a Masters will do the same job, and get paid about 10k more than Bob.

    For the private sector, it's absolutely dependent on the company. There are some where you won't rise above X level without a degree. Some won't let you above that level without a specific degree, such as an MBA, etc. Obviously without the degree these companies probably aren't on your radar or places you work, but it happens a lot.

    Of course, the most important thing isn't the degree opening doors. That's been hit or miss for every college graduate in every field ever. The important thing is the knowledge you learn and what you want to do with that knowledge. A blanket "Masters degrees are useless and you should do something else" is a bit discouraging on a forum full of people trying to better themselves through education, not to mention ridiculous in theory.
    Reply With Quote Quote  

  25. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    407

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #24
    The requirements will vary based on what baseline requirements the area you work in is operating under. We operate under 8140 baseline requirements here, which for me means I come in at master level for my current job(obviously I am no master, but I do meet the requirements to be considered one here). I have heard of some companies paying more depending on your degree OR certification level. When I worked for BAH I was making much more than people with PHDs as a pentester. Now I realize that this doesn't represent all other areas in this industry but the point I'm trying to convey is that a lot people are just wasting their time on a Masters when they should be spending time getting more work relevant certs and experience. I would not recommend pursuing a masters to anyone who was paying for it out of their own pocket.

    The part of your post where you mention the important thing is the knowledge you gain and what you want do with it, I agree with you 100% on. That being said, I would also point to what I said previously about MOST CS degrees right now just not being very good or worth the money.

    Also once again I will state that this is all just my opinion based off of what I've seen during my time in this industry. I have no problems with people bettering themselves, I am just giving them another opinion or point of view to consider before they make their decision.
    Reply With Quote Quote  

  26. Junior Member
    Join Date
    Oct 2015
    Location
    Maryland
    Posts
    9

    Certifications
    Net+, Sec+
    #25
    Thanks for all your replies. It's all very helpful advice.

    Just to tell you about my background. I have a liberal arts bachelors degree and have about 3-4 years of technical experience mainly doing lower level help desk work.

    To be honest, I'm pursuing a Masters because I'm curious about the field of IT and how things work. Because of that reason, I've decide to pursue a Masters in Information Technology that will expose me to databases, programming, web development, networking and security.

    I feel that I'm limited in what I can learn at my job and with certifications. I want the context of how things fit together and conceptual understanding that comes with taking graduate level classes.

    I'm looking into UMUC's Master of Information Technology with a concentration in Informatics. What do you guys think about this program?

    Here's the course list:

    Introductory Course

    • Orientation to Graduate Studies at UMUC (0 Credits, UCSP 615)1
      (to be taken within the first 6 credits of study)
    Core Courses

    • Information Technology Foundations (3 Credits, ITEC 610)
    • Computer Systems Architecture (3 Credits, ITEC 625)
    • Information Systems Infrastructure (3 Credits, ITEC 626)
    • Information Systems Analysis, Modeling, and Design (3 Credits, ITEC 630)
    • Information Technology Project Management (3 Credits, ITEC 640)
    Core Rules & Recommendations +



    Specialization Courses

    • Modern Software Methodologies (3 Credits, SWEN 603)
    • Relational Database Systems (3 Credits, DBST 651)
    • Software Requirements (3 Credits, SWEN 645)
    • Foundations of Information Security and Assurance (3 Credits, INFA 610)
    • IT Acquisitions Management (3 Credits, IMAT 637)
    • Internet Multimedia Applications (3 Credits, IMAT 639)
    Specialization Rules & Recommendations +




    Capstone Course

    • Contemporary Topics in Informatics (3 Credits, IMAT 670)
    Last edited by JDMurray; 12-28-2017 at 12:43 PM.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks