Graham School of Business Interior Banner

Back to List

York College to create new graduates to manage a new kind of cyber career

James Norrie

The long-simmering state of cyber security is now boiling over: email phishing schemes, system-wide ransomware attacks, foreign hacks penetrating highly classified networks.

If you’re a high school student who’s into computers, York College of Pennsylvania has an interesting take on a rapidly evolving field.

“Our new Cybersecurity Management Program is for students who appreciate technology but don’t want to be involved in the manufacturing or the production of technology,” says Dr. James Norrie, Dean of the Graham School of Business at York College.

“They want to manage the implications of technology,” he says, “and that’s a very different thing.”

Cyber security is now moving toward ways to help organizations fix the problem from the inside out, as opposed to worrying about it as only a technical dilemma.

“We are producing a very new kind of graduate,” Dr. Norrie says. “Someone who is trained to look at where the problem is moving to, rather than where the problem was.”

A very different flavor of cyber

“The origins of cyber security lie in information privacy and security,” Dr. Norrie says. “In the IT disciplines, it’s building firewalls, it’s antivirus, it’s teaching people the basics of safe computing.”

So, how has cyber security changed?

“Over time, we have moved away from physical network architecture – networks located in companies – to things like the cloud, which hovers at a level above individual systems,” he says.

The cloud doesn’t really belong to any one organization; it’s a tool made available to businesses and consumers that is visible and transits through public networks.

Because networks are already set up, internally, to detect and stop problems, the cloud presents a different kind of security concern — and a different job market.

“Companies are moving rapidly to this integrated view of thinking about cyber as being part of the organizations’ overall risk and compliance framework,” Dr. Norrie says.

What does cybersecurity management look like?

“These are questions of sociology, pathology, and managing human behavior within an organization,” Dr. Norrie says.

The goal is not to turn out more technical experts in network security.

“That’s not where the job growth is,” he says. “We’ve hit the limits of how those people can help us; this is a major that combines three distinct perspectives.”

Technical compliance: Dr. Norrie says that, although this is not a technical pathway, graduates will need to be aware of the technical aspects.

“They won’t need to be able to do it,” he says, “but they will need to manage the technical side of compliance.”

Grads who can “talk the talk” will be able to more easily communicate with the technologists and understand the basics of network security and privacy. Getting this part of it down will help them determine how to generate solutions.

Organizational Behavior and Management: “This is all about the sociology of organizations,” Dr. Norrie explains, “how people behave in an organization, exploring the issues involved in compliance, and risk management.”

This leg explores things like organization management, introduction to management, and human resources management.

Socio-political and Intelligence Tradecraft: This is all about training someone to ask which industries are more at risk. The defense industry, banking, critical infrastructure, for example, are industries that can be a more attractive target.

“But, it also asks broader questions,” Dr. Norrie says. “What is the socio-political landscape? Where does a company have alliances, or vendors, or partners that might be at risk?”

For companies with foreign assets, the questions revolve around where conduct in another country make a company more of a potential target. 

Where will you fit in?

Future graduates of this field will make their way into roles like Cyber Security Analyst or Manager of Cyber Security. Jobs are opening now in Cyber Security Compliance, Risk and Compliance, and System Integrity.

If you’re interested in pursuing Cybersecurity Management or want more information about the program, learn more information about the program.