Five Reasons to Pursue an Information Assurance Degree

Jennifer A. Kurtz, MBA


  1. Strong job prospects: The US Bureau of Labor Statistics (BLS) predicts 37% growth in employment for cybersecurity professionals between 2012 and 2022, or an additional 27,000 positions.i
  2. Many employment choices: 40% of IT security positions went unfilled in 2013; 60% of senior security positions went unfilled.ii
  3. Government headhunters: The US Department of Defense and FBI are looking to fill 6,000 cybersecurity positions by 2016.iii
  4. High compensation: The BLS reports the average salary of $116,000 is "nearly three times the national median income for full-time wage and salary workers."iv
  5. Hands-on competition: Organizations value professional certifications coupled with rigorous education and monitored practical experiences.v

In a recent study by the Ponemon Institute (in which 86% of participants were from the private sector, with 46% at the manager/director level or above), 59% of responses indicate that "professional certifications and degree programs are rewarded. And 57 percent say the completion of a recognized college or graduate-level degree program is essential or very important in the hiring decision."vi At Regis, not only will students graduate with a respected master’s degree, they will also gain the foundational knowledge needed to take favored professional certifications exams offered by leading organizations including:

•   Certified Information Systems Security Professional (CISSP)
•   Systems Security Certified Practitioner (SSCP)
•   Cisco Certified Network Professional Security (CCNP)
•   Certified Information Systems Auditor (CISA)
•   Certified Information Security Manager (CISM)
Electronic Commerce Council
•   Certified Ethical Hacker (CEH)

A master's degree in information assurance is usually a two-year commitment that requires 36 credit hours—offering breadth and depth of knowledge acquisition. The information assurance curriculum is modeled on guidelines from respected organizations like NIST, ISACA, (ISC)2 and The Committee on National Security Systems (CNSS) 4000 training standards. Students also have the opportunity to participate in Regis-hosted cyber competitions (e.g., Computer and Network Vulnerability Assessment Simulation, or CANVAS, and Rocky Mountain Collegiate Cyber Defense Competition, or RMCCDC) that offer the opportunity to experience a simulated attack, challenge teams to think like an attacker, and manipulate tools and techniques to disrupt malicious efforts (or at least minimize their effects). Check out this video about the RMCCDC here.

Certificate programs are superb for developing niche expertise and skills honed for specific job responsibilities that will take you to the next salary level. Regis University's information assurance certificates: a graduate certificate in cyber security and a graduate certificate in policy management, both of which require 12 credit hours over approximately eight months of study.

More senior professionals in cyber security careers, especially those in the top 10 percent (those earning more than $135,000 in 2012), often work at the cusp between technology and business. They negotiate budgets to support investment in security solutions that align with, and promote, business strategy from a holistic perspective. They also manage multi-faceted, diverse teams in response to possible threats. In his testimony before Congress, Richard Hale (DOD Deputy CIO and former DISA Chief Information Assurance Executive) observed, "those that have deep and broad technical security skills and constantly adapt the tools to changing threat patterns are the ones that immediately identify and eliminate the APT [advanced persistent threat]."vii

So, if you would like to promote the responsible use of technology, make technology safer for the world, or enjoy a good ROI on your time spent studying ... what is your reason for not pursuing that graduate program at Regis University, NSF-ranked 9th out of 422 institutions in the U.S. for the number of Master’s degrees awarded in the area of Computer Science and a NSA-certified National Center of Excellence in Information Assurance through 2017?

Just for fun: Cybersecurity Salary Calculator from MeriTalk

iBureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2014-15 Edition, Information Security Analysts, 
on the Internet at http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm.
iiPonemon Institute, "Understaffed and at risk: today's IT security department," February 2014. On the Internet at http://www.hp.com/hpinfo/newsroom/press_kits/2014/RSAConference2014/Ponemon_IT_Security_Jobs_Report.pdf
iiiDune Lawrence, "The US Government wants 6,000 new 'cyberwarriors' by 2016," Bloomberg Businessweek, 15 April 2014. On the Internet at http://www.businessweek.com/printer/articles/195465-the-u-dot-s-dot-government-wants-6-000-new-cyberwarriors-by-2016.
ivKenneth Corbin, "Cybersecurity pros in high demand, highly paid and highly selective," CIO, 8 August 2013. On the Internet at http://www.cio.com/article/2383451/careers-staffing/cybersecurity-pros-in-high-demand--highly-paid-and-highly-selective.html.
vRand Corporation, "Hackers wanted: an examination of the cybersecurity labor market," 2014. On the Internet at http://www.rand.org/content/dam/rand/pubs/research_reports/RR400/RR430/RAND_RR430.pdf.
viPonemon Institute, p. 6
viiCSIS Commission on Cybersecurity for the 44th Presidency, "A Human capital crisis in cybersecurity," July 2010, p. 6. On the Internet at http://csis.org/files/publication/100720_Lewis_HumanCapital_WEB_BlkWhteVersion.pdf.