Graduate school is a big decision from both a financial and time perspective, but it's very common nowadays for companies to even sponsor advanced degrees or courses as you progress in your career. I'm writing this quick blog post to share my experience and hopefully shed some light on the general graduate school experience.
Graduate degrees present one great way to break into the cybersecurity field, especially for those that are transitioning from a different area, but they are certainly not a necessity. While this blog post is not meant to spark the age old debate of whether degrees are necessary in cybersecurity, I personally believe that they can indeed help. I've had friends and worked with colleagues throughout my graduate school experience that used a Cybersecurity master's degree as their way of breaking into the field.
I had the very fortunate opportunity of having graduate school paid for when I decided to attend, but this meant that I was on a specific timeline for completing my degree. I also chose to pursue computer science programs instead of a cybersecurity one for a couple of reasons. I personally saw that many of the cybersecurity programs were either not technical in nature or very new with limited course options. Additionally, I had always wanted to study something in the realm of computer programming, but this wasn't really an option at the undergraduate institution I attended. Ultimately, I wanted to stay in the DC area, and I ended up being accepted to the Computer Science master's program at the University of Maryland (UMD). The UMD CS graduate program is a research-based program that combines master's and doctoral curriculum, and the master's cohort is actually much smaller than the doctoral student population. I chose the thesis track option, as I knew this would be one of the only opportunities I'd have to perform research that I was personally interested in.
I took my first semester to explore different areas and was lucky enough to get picked up for a research assistant position doing geospatial visualization work. I ended up working on this project with the professor that would eventually become my thesis advisor, but through this research assistantship, I found that I loved the concept of visualization and wanted to understand how these visuals could be used to better convey data specifically in the world of cybersecurity. I ended up focusing my thesis research on human-centered, cybersecurity visualization but still took coursework in traditional areas of CS like algorithms and data science. I am incredibly grateful for my graduate school experience because it opened my eyes to several disciplines that intersect cybersecurity, such as information visualization and machine learning, and it allowed me to take a step back and think about my career in cybersecurity as a whole.
Graduate degrees aren't a walk in the park, especially for reputable and worthwhile programs. Deciding to attend school for another 2+ years can be a big decision since most people will likely take a break from their full-time jobs and salaries. Regardless of what anyone chooses, it needs to be something YOU want to do and not something you choose because you think you need it to get ahead. I hope this helps someone out there and as always, feel free to reach out if you have any questions!
You can find me on Twitter or LinkedIn if you have any questions or just want to connect! If you're curious where I've worked or what skills I've acquired over the years, I've linked my resume.