Direct Link: https://www.captechu.edu/blog/telecommunications-cybersecurity-program-alum
Dr. Hector Santiago earned his doctorate in cybersecurity in 2014,
with a dissertation that built on his telecommunications background and
explored new approaches to analyzing cyber attacks. It was not his first
time at Capitol; Dr. Santiago also holds a master’s degree from the
university in telecommunications and information systems management.
Among many other professional accomplishments, Dr. Santiago devised a
non-forensic attribution methodology (NFAM) which is used by the
Department of Homeland Security (DHS) to track down anonymous cyber
adversaries. He also played a key role in building the database used by
the DHS for identifying cyber threats to federal agencies.
In addition to his government service as part of the DHS, Dr Santiago is also a regular contributor to Homeland Security Today.
How did you first become involved in the cybersecurity field?
I
was enlisted for nine years in the Army as a signals intelligence
professional. As a result, I became very familiar with signals
intelligence and telecommunications, and decided this was what I wanted
to do after retiring from the military and transitioning to a civilian
career. And it seemed to me that the smartest choice was for my career
to take on more of a cybersecurity aspect.
Telecommunications is
about how things are supposed to work – how devices are supposed to talk
to each other, for instance. A telecommunications professional focuses
on the expected outcomes. Cybersecurity is about how malicious actors
can manipulate systems and devices to get an unintended outcome. These
two areas – cybersecurity and telecommunications – are both continually
evolving, but at different speeds. So, for instance, a rapid increase in
processing speed, allowing a decrease in latency with regard to data
transmission, might also constitute a variable which adversaries can use
to their advantage.
In telecommunications, the guiding principle
often amounts to “as long as everything works the way we expect it to
work, things are fine.” The cybersecurity perspective is “no, at that
same moment someone is doing something with your device that you did not
intend and will harm you in ways you cannot possibly imagine.”
What do you find most interesting about the cybersecurity field?
Intelligence
about cybersecurity supports a lot of policy making. Cyber is a hot
button topic right now, with policy being put forward at the highest
levels based on the work done by analysts. I go to work every day with
the knowledge that a project I’m involved with may well help shape
national policy, and that’s exciting and rewarding.
What are some of the top-priority concerns with regard to cybersecurity?
One
of the overarching concerns is the tradeoff between convenience and
security. Everyone wants things to be as convenient as possible. We want
to be able to access our information immediately. For example, a
growing number of people like the idea of a cashless society, where you
can just wave your phone – or maybe, someday, your hand – and be able to
pay your restaurant bill or buy groceries. We see the benefits of
having a chip in you that, for instance, will provide first responders
with your HIPAA data if you suffer an accident or sudden medical
condition. But we tend to forget about the security aspect. It always
seems to be an afterthought in the rush to get these exciting
innovations out there. As a result, we are caught off guard by attacks
which actually should not have been a surprise.
I mentioned the
idea of a cashless society. This has implications that are far more
radical than people often acknowledge. Wealth may no longer be attached
to something tangible which we can retrieve if the grid goes down. Your
wealth will be continually on the grid. If something happens to the
grid, you won’t necessarily be able to reacquire it. In a cashless
society, wealth consists of servers telling other servers what you are
worth. Once we consider these implications, we may be inclined to
rethink the priority we place on convenience.
What were your reasons for wanting to undertake a doctoral degree in cybersecurity?
I
had a yearning to teach and to mentor others. A doctoral degree opens
up the opportunity to teach classes and even become a faculty member at a
college. It also gave me the opportunity to refine my skill set in my
chosen field. My research focused on telecommunications infrastructure
as a precursor to malicious attacks. Typically, when people examine how
malicious attacks come about, they look at behavior. I looked at
infrastructure; I was able to identify certain types of infrastructure
that are preferred by malicious actors.
Why did you choose Capitol for your doctoral degree?
I
was familiar with the school, having already completed a master’s
degree at Capitol, and I also knew that the cybersecurity program is
highly regarded. It is a DHS and NSA-designated Center for Academic Excellence. Also, the program is online, offering me the flexibility that I needed at the time. Dr. Helen Barker was also a critical influencer in my decision to take on my doctoral level challenge.
What did you find most rewarding about the doctoral experience at Capitol?
The
critical thinking and exposure to the scientific method involved in
earning the Doctorate of Science degree – it’s like nothing else I’d
experienced. Doctoral work was the first time I had to do a deeper dive
into certain things to make sure that the work could withstand the
utmost scrutiny. At the baccalaureate level, you may be basically
writing book reports. At the master’s level, you’re hopefully
undertaking something more rigorous. But at the doctoral level – and
particularly in the doctoral programs at Capitol – students are
challenged to go way beyond that and make serious contributions to their
fields of study. It’s not an easy undertaking, but it’s well worth it;
I’m incredibly proud of the caliber of the work I did as a student in
the doctoral program. I take that professional ethic I refined at
Capitol with me into work every day.
No comments:
Post a Comment