Andy Hermanās curiosity was piqued while attending a family physicians conference. He wondered: Are these physicians really ready to move to electronic health care record systems?
At the time, Herman was in medical school and hadnāt really thought about cybersecurity. The medical industry was incentivizing physicians to make the move but not really training them in the potential pitfalls of keeping the data secure.
It opened his eyes to another career path. He decided to pursue the cybersecurity field and enrolled in the University of Washington Information Schoolās Master of Information Management program, and its information security specialization.
āCybersecurity is such a great field to be working in right now. You hear about hacks and breaches, but do people really know what to do about that?ā he asked.
To help answer that question, Herman founded the , whose mission is to ādefine the roles of information systems governance, security, audit and assurance professionals worldwide.ā The UW ISACA student group was registered in March 2016 with the university and is the 77th student chapter of ISACA. It has grown quickly and now has almost 200 members.
Annie Searle, iSchool lecturer and UW ISACA academic advisor, notes that, from the outset, Herman reached out to both undergraduates and graduate students, with a special recruiting emphasis on pathways to professional careers.
āIāve been involved with ISACA for over 15 years, so It was easy to say yes to Andy and become the groupās academic advisor,ā said Searle. āThere really is no other formally organized group concerned with security, risk and audit. Iām proud of the work the chapter is doing."
The goal of UW ISACA is to develop a network between students and professionals in the field. They hold presentations and meetings to further the understanding of cybersecurity among the groupās members, who range from undergrads to Ph.D.s with majors as diverse as philosophy and informatics.
Monthly topics hosted by the group focus on technology and policy. Invited speakers have come from the Cloud Security Alliance discussing policy work and local security firms demonstrating how easy it is to hack a system.
The recent DDoS attack using the āInternet of Thingsā that affected Dyn is an example of something most people outside of the security profession hadnāt thought about. Your webcam or baby monitor can be hijacked for malicious purposes. Herman said the group will tackle the topic at future meetings.
āMost of the questions I get from students are about whether their mathematics or arts degree can translate into a career in cybersecurity,ā he said. āMost of the time, I answer āwhy not?ā You develop a passion for a topic and you use your subject matter expertise to pursue it.ā