Cybersecurity

How to Maintain Consumer Trust After a Data Breach

Steve Wallace PortraitIn today’s digital landscape, data breaches are an unfortunate reality that organizations must confront. With cyber threats evolving and becoming more sophisticated, the importance of robust data protection strategies has never been greater. A data breach can pose significant risks to sensitive information, but they also threaten the trust that consumers place in brands. How do organizations navigate this complex terrain?

This Q&A with Syracuse University’s cybersecurity expert, Stephen Wallace, explores the multifaceted approaches organizations can use to prepare for potential data breaches and maintaining consumer trust. Uncover the strategies that help businesses safeguard their data and uphold their reputation in an increasingly connected world.

Interested in a career in cybersecurity? Check out the College of Professional Studies Bachelor of Professional Studies and Credit Certificate in cybersecurity administration!

Preparing for a Data Breach

What processes can organizations use to identify and assess potential vulnerabilities in their data security?

Organizations should consider a multifaceted approach to identify and assess potential vulnerabilities in their information security environment. One of the primary methods an organization uses to assess their risk is a security audit.

A security audit is a systematic examination of an organization’s information systems. This includes network infrastructure, software applications, and data storage solutions. By conducting an audit, organizations can pinpoint gaps and weaknesses in their security processes and procedures.

A vulnerability assessment is a crucial component of an audit. Organizations can use automated or manual techniques to scan for flaws vulnerable to an attack.

Additionally, penetration testing, or ethical hacking, can simulate cyberattacks to help organizations evaluate the effectiveness of their existing security measures. Finally, organizations should consider implementing a governance framework to help them identify and mitigate risks.

What types of training should employees receive to recognize and respond to potential data breaches?

In today’s cybersecurity landscape, employee training is critical to an organizations ability to recognize, respond to, and prevent data breaches.

Organizations can start educating their workforce on basic cyber hygiene practices. For example, foundational techniques can help organizations mitigate common vulnerabilities that cyber attackers will often attempt to exploit.

Cybersecurity has become a mission critical function inside all companies both large and small. Syracuse University has been designated, by the National Security Agency, as a National Center of Academic Excellence in Cyber Defense (CAE-CD) through academic year 2028.

The College of Professional Studies offers a B.P.S. and Credit Certificate in cybersecurity administration, which will teach students about the cybersecurity tools, techniques and best practices.

Globe representing cybersecurity

Responding to a Data Breach

What measures should be in place for data recovery after a breach occurs?

Organizations should consider developing an incidence response plan and be ready to deploy it if necessary. This plan assigns roles and responsibilities, establishes communication plans, and tailors specific actions for different breach scenarios.

Regular data backups are also critical in this scenario. It is a good idea to regularly test these backups, ensuring that in a crisis, data can be restored swiftly and accurately.

How can organizations analyze and learn from past breaches to improve future preparedness?

If an organization experiences a data breach, resolving the immediate crisis is the top priority, but they should not stop there. Once things have stabilized, the leadership team should meet with cybersecurity experts and conduct a comprehensive post-incident review. It can be helpful to examine systems logs and system behaviors, to understand the tactics, techniques, and procedures (TTPs) used in the attack.

Moreover, lessons learned from this analysis can be a source of useful information on an organization’s vulnerabilities. These lessons should lead to updated policies, enhanced training, and fortified defenses.

cybersecurity graphic for data breach blog post

Maintaining Consumer Trust After a Data Breach

How important is transparency in maintaining consumer trust during and after a data breach?

If a breach were to occur, the leadership team needs to understand that their initial steps will be crucial to maintaining consumer trust. Organizations should prioritize transparency, by immediately informing their customers about the breach using clear, honest communication. Customers feel reassured when the company engages in open dialogue, showing its commitment to addressing the issue head-on.

As the situation unfolds, the company should continue to provide regular updates, sharing their progress in securing the system and preventing future breaches. This approach can not only help to manage the immediate fallout, but it can also help build a foundation of trust.

Customers appreciate a company’s candor. The more a company communicates, the more likely it is that customers will remain loyal. Most customers understanding that breaches can happen to any organization and will value a company’s integrity if the company responds well. 

How can a customer’s perceptions of the company change after a data breach?

As outlined above, in the aftermath of a breach, customers closely watch how the company handles the situation. If the company is transparent, communicative, and takes swift action to address the breach and enhance security, the customer’s initial anger may transform into a cautious appreciation for the company’s integrity and responsibility.

However, if the company is evasive, slow to respond, or downplays the breach’s severity, the customer’s perception can sour quickly, leading to a loss of trust and a potential shift to a competitor.

Just remember, a breach can quickly become an organizations defining moment.

Career Corner: Fast Facts About a Career in Cybersecurity

Considering a career in cybersecurity? Here’s what you should know about this lucrative and exciting field.

When you picture a “cybersecurity expert,” you may envision the Hollywood version: a person typing away in a white van or surrounded by computers in a control room. 

In reality, cybersecurity is not a career path that exists solely on the big screen. As more of our professional world becomes digitized, cybersecurity experts are the key to ensuring that the data businesses, organizations, and governments share stays private and uncompromised. 

Cybersecurity is a career path growing in both need and popularity. According to the U.S. Department of Labor, there were over 700,000 open roles in cybersecurity as of August 2022. Jobs for information analysts are expected to jump 32 percent from 2022 to 2032, a clear indication the field is on the rise. According to staffing agency Mondo, the average salary for a cybersecurity analyst in the U.S. can be anywhere from $102,000 to $208,000.

What can you do with a degree in cybersecurity?

Cybersecurity is a diverse field with a wide range of roles. Virtually every organization– from hospitals to universities– has data they need to protect, which means the need for cybersecurity analysts exists in every sector. Below are just a few examples of what a role in cybersecurity can look like for you:

  • Computer forensic analysts evaluate technology to recover data. They often aid in gathering information that police can use during criminal investigations, mainly focused on cybercrime.
  • Security consultants are professionals who inform businesses on how they can upgrade their security protocols. They develop strategies for making businesses keep their data more secure.  
  • Security specialists are those in charge of monitoring a company’s potential breaches. They address cyberattacks in real time and edit security measures to prevent attacks in the future.

Beyond these roles, cybersecurity can also venture into related fields such as:

  • Information Security
  • Network Setup
  • Core Database, Coding and Scripting
  • Auditing
  • Network Protocols
  • Systems Administration
  • Health Care 
  • Finance and Accounting

Is Cybersecurity right for you?

Being a cybersecurity professional may be the right field for you if you’re passionate about technology, but are more interested in the privacy side, and don’t see yourself studying in a program such as software engineering or computer science. 

For those with an interest in compliance, national security, or data protection, cybersecurity is a career path that can provide both personal and professional fulfillment. A career in cybersecurity means that you’ll play a vital role in whatever business or organization you become a part of, and can rest assured in knowing that you’re keeping your coworkers’ work safe and secure. 

At Syracuse University, our Bachelor of Professional Studies program in Cybersecurity Administration provides essential skills for managing the people and technologies that protect information, information systems, and infrastructures. The 120-credit program gives students an understanding of network setup, database coding, and systems administration. It’s also 100 percent online, has six start dates, and is accommodating to part-time students.

A B.P.S. degree is different from a normal degree in that it’s more career-oriented, meaning the program is hyper focused on providing you with the necessary skills for your intended profession. If a full degree isn’t the right choice for you at this time, Syracuse University also offers a 15-credit Cybersecurity Certificate. 

Ready to learn how you can start your journey in this exciting field? Read more about our programs here, and see how you can get started in cybersecurity today.

By Isabel Bekele 

Cybersecurity Program Validated by the National Security Agency (NSA)

On December 6, 2022, the cybersecurity administration bachelor’s degree at the College of Professional Studies was validated by the National Security Agency (NSA) after a review completed by the NSA in partnership with a committee of academic peers.

The NSA is committed to remaining the pre-eminent foreign signals intelligence and cybersecurity agency in the nation, from protecting warfighters around the world to enabling and supporting operations on land, in the air, at sea, in space, and in the cyber domain.

Preventing, detecting, and responding to attacks is essential to all organizations, and cybersecurity specialists are fighting on the front lines of this effort. With the rising need for protecting our national and personal security from online intrusions, there is a call from government and corporate areas to have specialists, administrators and leaders trained in this field. Released in September 2018, the National Cyber Strategy addressed the critical shortage of professionals with cybersecurity skills and highlighted the importance of higher education as a solution to defending America’s cyberspace.

“The online bachelor’s degree in cybersecurity administration was developed to address rapidly evolving global information security needs,” says Michael Frasciello, dean of the College of Professional Studies.

The validation ensures a gold standard of curriculum and learning outcomes in the cybersecurity administration bachelor’s degree that directly contribute to the protection of the National Information Infrastructure, preparing highly skilled graduates to immediately join the cybersecurity workforce.

The cybersecurity administration program is a 120-credit bachelor’s degree program available fully online. Applications are accepted on a rolling basis, and students can start in one of the six sessions offered throughout the year. The NSA certification is set through 2027.

Syracuse University is among an elite group of academic institutions designated by federal agencies for research and education in cybersecurity. The University originally received the CAE-CD (Center of Academic Excellence in Cyber Defense Education) designation in 2001, CAE-R (Research) designation in 2009, and has been continuously re-designated by the agencies. As part of the CAE designation activities (now CAE-C, Cybersecurity), the University received the Program of Study (PoS) Validation by the National Security Agency (NSA) on the Bachelor of Professional Studies in Cybersecurity Administration program in 2022. Dr. Joon Park, Professor, the School of Information Studies (iSchool) serves as the Point of Contact (POC) for Syracuse University’s CAE-C.

Protecting Our Nation’s Cyber Information

From the front lines to behind the computer, one cybersecurity administration online student works to keep Americans safe.

Brian Mixon spent a total of 20 years in military service between the Marine Corps and Army Reserves.

It’s not every person that would go back to school to earn their bachelor’s degree as a post-traditional student but Brian Mixon ’24 isn’t one to back down from a challenge. Mixon, a U.S. Marine Corps and Army Reserve veteran, is currently pursuing a degree in cybersecurity administration from the College of Professional Studies.

Read the Full Story