Interview with Thomas Reichherzer, Ph.D. about the Master of Science in Cybersecurity Program at the University of West Florida

About Thomas Reichherzer, Ph.D.: Thomas Reichherzer is an Associate Professor and the Chair of the Computer Science Department at the University of West Florida. In this role, he oversees the department’s five undergraduate and graduate programs, including the Master of Science in Cybersecurity program. He also teaches courses in systems and networks, data structures, information visualization, and program design.

Dr. Reichherzer earned his Ph.D. in Computer Science from Indiana University in 2009, his M.S. in Computer Science from the University of West Florida in 1996, and his Diplom in Informatic from the University of Ulm in Germany in the same year. His research focus is on Artificial Intelligence, and he has completed research on smart home technologies, information visualization, network security, and information modeling in health care. Prior to his position at the University of West Florida, Dr. Reichherzer served as the Director of Technology at Enkia from 2007 until 2009, developing technology to support information sharing while preventing sensitive information from being released. Enkia was funded by the Airforce Research Lab in Rome, NY. In addition, Dr. Reichherzer worked as a Research Associate for the Florida Institute for Human and Machine Cognition.

Interview Questions

[CyberSecurityDegree.com] Could you please provide an overview of University of West Florida’s Master of Science in Cybersecurity, and how it is structured? May we have more information about the four concentrations in Data Security, National Security, Security Management, and Software and System Security? How does this program prepare students to work at the intersection of cybersecurity and information technology management?

[Dr. Thomas Reichherzer] The M.S. in Cybersecurity is an interdisciplinary program offering students several tracks to focus their studies and gain advanced knowledge in areas where cybersecurity is a growing concern, including software development, IT, criminal justice, and management. Students complete a common core of courses to give them a solid foundation in cybersecurity. Courses cover cybersecurity principles and topics in ethics, legal issues, and the psychology of hackers and their motivation to commit cybercrime. Students complete their studies with a seminar course where they apply the knowledge they gained in the coursework to analyze and discuss contemporary issues in cybersecurity.

The core courses in the program provide background in cybersecurity, while tracks in the program allow the students to gain advanced knowledge in cybersecurity related to a profession. For example, students who pursue the Data Security track will learn how to build and manage database systems, secure the data from unauthorized access, and perform forensics to detect intruders. Such skills allow them to pursue career opportunities as Data Analysts or Database Administrators. The Software and System Security track provides professionals in IT and software engineering with courses that teach them how to analyze existing systems for vulnerabilities and harden them to make them more secure. Security Management and National Security tracks offer courses that prepare students for cybersecurity leadership roles.

Our curriculum was designed to align with the National Institute of Standards and Technology’s NICE Cybersecurity Workforce Framework categories. The Workforce Framework for Cybersecurity (NICE Framework) provides a set of building blocks that describe the tasks to perform cybersecurity work, and the knowledge, skills, and abilities (KSAs) needed to perform those tasks. Each course in the curriculum lists several student learning outcomes (SLOs). For example, one of the SLOs in the core course CIS5775 – Cybersecurity Principles reads “apply encryption techniques to secure assets” as an outcome. The SLO provides a description of the nature of the work and the tasks to be performed by the student. Such tasks are directly related to the KSA statements in the NICE framework. Students will demonstrate that they possess the knowledge and skills to complete a task. This is just one example of how we used the NICE framework as a guide to develop the cybersecurity curriculum.

[CyberSecurityDegree.com] How is cybersecurity as a field evolving to meet the needs of industries, ranging from the health care field to government security? In other words, how does cybersecurity and information assurance intersect with fields such as computer science, business, public policy, engineering, public health, and more? How does University of West Florida’s Master of Science in Cybersecurity equip students with the knowledge and skills to meet these needs?

[Dr. Thomas Reichherzer] Our lives depend in very fundamental ways on the technology that Cybersecurity specialists protect. We live in a highly interconnected world with ever more devices linked to the Internet. Hackers exploit software and hardware security weaknesses to gain unauthorized access to data and physical systems through the Internet. Cybersecurity as a discipline has emerged to protect our assets from digital attacks and ensure businesses and government agencies are able to offer services to their constituents without any interruption. Cybersecurity specialists need to have a deep understanding of how computer systems and networks work. They need to understand policies that regulate information access and sharing, as well as laws that protect the privacy of individuals or organizations.

Computer science and computer engineering have contributed to the development of technology that we use daily, including computers, servers, mobile and Internet of Things devices, and small and large-scale networks. Any business, whether it is health care, banking, insurance, tourism, or manufacturing, depends on this technology. They collect massive amounts of data that are essential to the organization, and that must be protected. The same is true for government agencies. Some of the data may be public; others are private to an organization. Unfortunately, software and hardware are not free of errors. Hackers exploit their weaknesses to gain control of the data assets. They also trick users into accepting and installing malware such as ransomware that is designed to encrypt their private data and make them useless.

Data and systems must be protected to prevent harm to businesses and their constituents. We need to develop methods by which we can study weaknesses in the technology and prevent the installation of malware on our systems. We also need to look at policies that regulate information access and sharing. Furthermore, we need to develop guidelines to improve awareness of cybersecurity within an organization and mitigate the risks of becoming victims of cybercriminals. Finally, we need to look at our domestic and international legal framework to ensure that we have the tools in place to pursue and prosecute cybercriminals.

Our Master’s of Cybersecurity program offers different concentrations for professionals to gain advanced knowledge in those areas that I just mentioned. For example, in the Software & System Security and Data Security concentrations students will learn to solve computationally a problem in cybersecurity, such as developing a network design for threat analysis within or external to an organization or apply engineering skills to solve computer forensic investigation cases that can further prove that a suspect has committed a crime in a court of law.

Students in the Security Management track take classes in Cybersecurity Risk Management and Information Systems Auditing and Control to learn about theories underlying risk management, vulnerability assessments, contingency strategies for business resumption planning, and the process of auditing information systems.

Students pursuing the National Security track take classes in National Security Policy, Technology, and Cyber to learn about theories of politics, innovation, and national security, and cybersecurity as an evolving policy challenge. In Homeland Security, they learn about intelligence gathering, critical infrastructure, emergency management, interagency collaboration, and counterterrorism.

[CyberSecurityDegree.com] The University of West Florida is a military-friendly school that is a participant in the G.I. Bill’s Yellow Ribbon Program, which offers financial aid and other benefits to active military members and veterans. May we have more information about these benefits, and how they help students of the Master of Science in Cybersecurity?

[Dr. Thomas Reichherzer] The Yellow Ribbon Program can help Veterans and dependents (using the GI Bill) to pay for higher out-of-state, private school, or graduate school tuition that the Post-9/11 GI Bill doesn’t cover when a student does not live in Florida. If they reside in Florida they do not use the Yellow Ribbon per the C.W. Bill Young Tuition Out of State Waiver. That waiver gives them in-state rates.

At this time, active-duty service members or the spouses of active-duty service members are not eligible for the Yellow Ribbon rate under the Post-9/11 GI Bill. But, as of August 1, 2022, an update is in place to include an active-duty service member who qualifies at the 100% level, or the member’s spouse, using the transferred benefits of an active-duty service member who qualifies at the 100% level.

We have several former military service members and veterans enrolled in our M.S. in Cybersecurity program. Some of them already have cybersecurity training and have active security clearances. The clearance and a Master’s degree in Cybersecurity opens up well-paid career opportunities with the federal government and government contractors that are not available to graduates without security clearances. Since we launched our cybersecurity programs, we have been contacted multiple times by our industry partners who seek cybersecurity graduates with active security clearances.

[CyberSecurityDegree.com] What online technologies does this program use to facilitate interactions between course faculty and students? Are classes primarily asynchronous, synchronous, or a combination of both?

[Dr. Thomas Reichherzer] All classes in the program are offered asynchronously online via the Canvas learning management system, giving students the flexibility to study the material at their own pace. Using Canvas, faculty offer recordings of their lectures and engage students in curriculum discussions with asynchronous discussion sessions held throughout the semester. Students also have the ability to contact their professors during weekly office hours if they need assistance with the material.

[CyberSecurityDegree.com] What role does faculty mentorship play in University of West Florida’s Master of Science in Cybersecurity? Independent of faculty instruction and support, what career development resources and academic services are available to students of this program? How can students make the most of these mentorship opportunities and support systems while in the program?

[Dr. Thomas Reichherzer] Students have access to UWF’s Office of Career Development & Community Engagement (CDCE), which offers a wide variety of services and resources concentrating on career readiness. Students can drop in or schedule an appointment to meet with a Career Coach virtually or in person, for guidance including resume/cover letter review or creation, career exploration, job search strategies, mock interviews, and more.

All degree-seeking students also have access to on-demand resources such as Focus2Career, Big Interview, and Handshake, which features a database consisting of more than 8,000 career opportunities nationwide, 102 of which are in the field of Cybersecurity, as of 6/28/2021.

[CyberSecurityDegree.com] For students who are interested in University of West Florida’s Master of Science in Cybersecurity, what advice do you have for submitting a competitive application?

[Dr. Thomas Reichherzer] Applicants need to articulate clearly their professional and academic backgrounds and how the degree will advance their career goals. We expect applicants to have academic or professional experience related to the track they wish to pursue in the program. Those who wish to pursue the Software & System Security or Data Security tracks are expected to have experience in IT or software development.

Students who wish to pursue the Security Management track are expected to have experience in business administration or management. Students who wish to pursue the National Security track are expected to have experience in the government agencies related to criminal justice, intelligence, the military or associated industries.

[CyberSecurityDegree.com] What makes University of West Florida’s Master of Science in Cybersecurity program unique, and a particularly strong graduate degree option for students? From faculty expertise and mentorship opportunities to the quality of the curriculum, what are some standout aspects of the program that you would like prospective students to know about?

[Dr. Thomas Reichherzer] The uniqueness of the M.S. Cybersecurity program at UWF is that it offers tracks for students to customize the degree to their interests and professional or academic backgrounds. Each track has several courses that cover advanced topics in the track and relates them to cybersecurity. For example, the Data Security track offers courses in Data Mining and Big Data Analytics to teach students advanced techniques and tools in data analysis. Those techniques and the tools play an important role in digital forensics when conducting fraud-based investigations.

Our curriculum provides a solid foundation in cybersecurity blended with hands-on experiences to study cybersecurity problems and potential solutions. For example, students in System & Network Security work on mini-projects that allow them to use hands-on experiences in tasks such as constructing a network design, analyzing several PCAP files using Protocol/Port analyzers (NetWitness Investigator), and scanning networks using Zenmap. Students in Cybersecurity Principles are introduced to fundamental concepts in cybersecurity blended with hands-on laboratory exercises. For example, students use Access Control Lists to apply and implement file permission settings in an operating system, use auditing tools to check several operating systems for compliance, or apply various encryption and hashing algorithms for secure communications.

Thank you, Dr. Reichherzer, for your insight into the Master of Science in Cybersecurity program at the University of West Florida, as well as your discussion of cybersecurity as an essential and expanding field!