Cybersecurity careers are rapidly expanding as organizations seek professionals who can navigate the complex intersection of law, technology, and policy. One individual leading this transformation in Ohio is Kirk Herath, Esq., CIPP/US, CIPP/G, the State of Ohio’s Cybersecurity Strategic Advisor. In a recent webinar, Herath, alongside Brian Ray, Professor at Cleveland State University’s College of Law, explored how Ohio is shaping the future of cybersecurity careers and education.
This blog explores the key takeaways from the recent webinar, providing insight into the skills and knowledge required for a successful career in cybersecurity, as well as how Ohio is at the forefront of developing this crucial workforce.
Cybersecurity as a Career Path: The Need for Legal and Technical Expertise
Kirk Herath, Ohio’s Cybersecurity Strategic Advisor, highlighted the growing need for cybersecurity professionals who possess a strong understanding of both technical and legal frameworks. As more organizations face complex cyber threats and privacy issues, there is an increasing demand for professionals who can navigate the legal and regulatory aspects of cybersecurity while understanding the technology that drives these challenges.
Herath, who has spent 25 years in the cybersecurity and privacy field, explained that the emerging trend is the convergence of technology and law. To succeed, professionals need to grasp the technical aspects of cybersecurity, such as network vulnerabilities and risk management, while also understanding how laws like GDPR and HIPAA shape data privacy and security protocols.
Bridging the gap between legal professionals and technical experts requires a solid foundation in both fields, which is crucial for addressing today’s cybersecurity challenges.
A Unique Curriculum for Cybersecurity Professionals
Brian Ray, who teaches in Cleveland State University’s cybersecurity and privacy law program, explained how their curriculum is designed to equip students with the operational knowledge and technical insights necessary to excel in the cybersecurity field. The program is particularly focused on providing a 360-degree view of the issues surrounding cybersecurity, data privacy, and corporate compliance.
Ray described the program as a “fusion between law and technology,” which allows students to gain practical, hands-on knowledge that they can immediately apply in the workplace. The curriculum combines legal and technical courses, including courses in cybersecurity law, corporate compliance, privacy law, and technical forensics.
As Herath pointed out, students in the program are exposed to at least two to three technical courses that give them a solid understanding of the technology behind the legal challenges they may face. Ray explained that these courses are designed for professionals who may not have a deep technical background but still need to understand key aspects of cybersecurity infrastructure to make informed decisions.
“You don’t need to be a technical expert, but you need to understand the technology well enough to make recommendations, understand risks, and protect your organization,” said Herath.
A Practical, Real-World Approach
Herath and Ray both emphasized that the program is practical and operational, focusing on preparing students for the real-world challenges they will face in the cybersecurity field. “It’s not just about theory,” said Ray. “Our program is designed to prepare you to apply what you learn in real situations.”
One of the unique features of Cleveland State’s program is its asynchronous structure, which offers flexibility for working professionals. The program includes live office hours and regular interaction with faculty, allowing students to engage directly with instructors and peers. According to Herath, this structure helps students learn in a way that fits their schedules while still receiving personalized support when needed.
“The beauty of the program is that it is structured to give you the flexibility to balance your work and life while also providing access to highly knowledgeable instructors and peers,” said Herath.
In addition to the legal and technical courses, the program includes real-world case studies and practical assignments designed to help students understand how cybersecurity laws and policies work in practice. This approach ensures that graduates are ready to navigate complex compliance issues and manage cybersecurity risks in a variety of professional settings.
Ohio’s Role in Cybersecurity and Data Privacy Education
Ohio is rapidly emerging as a hub for cybersecurity and data privacy education, and Herath’s role as Cybersecurity Strategic Advisor is central to these efforts. Herath shared that Ohio is committed to growing a skilled workforce capable of addressing the state’s growing cybersecurity challenges, which include everything from protecting government infrastructure to addressing the security needs of private companies.
Herath also touched on the increasing collaboration between government entities, private businesses, and academic institutions in Ohio. This collaboration is designed to ensure that Ohio has a talented and educated workforce ready to tackle the challenges of the modern cybersecurity landscape.
“We need to get the right people into the right places,” said Herath. “Our mission is to ensure that Ohio is not just responding to cybersecurity threats, but also leading the way in shaping the cybersecurity future.”
Looking Ahead: What’s Next for Cybersecurity Careers in Ohio?
The future of cybersecurity careers in Ohio looks promising, with the state positioning itself as a leader in both cybersecurity policy and education. Herath and Ray both agreed that as cybersecurity threats become more sophisticated, the need for well-trained professionals will only grow. Herath sees Ohio as a critical player in providing the workforce and leadership needed to respond to these threats effectively.
Herath also emphasized that Ohio’s cybersecurity initiatives will continue to focus on both training professionals and fostering an environment of collaboration and innovation between public and private sectors. This includes not only training individuals in the technical skills needed to protect systems and data but also ensuring they are equipped to understand the legal and regulatory frameworks that govern these areas.
For students and professionals interested in advancing their careers in cybersecurity, Ray’s program offers an excellent foundation in both the legal and technical aspects of the field, combining theory with practical application. The ability to understand both the technological risks and legal implications of cyber threats is a unique skill set that is highly sought after in today’s cybersecurity job market.
An Evolving Discipline
Cybersecurity is more than just a technical field; it’s an evolving discipline that requires an understanding of law, policy, and technology. Ohio’s Cybersecurity Strategic Advisor, Kirk Herath, and Cleveland State University’s Brian Ray are at the forefront of training the next generation of professionals who will lead the way in this dynamic and critical field.
As Ohio continues to invest in cybersecurity education and workforce development, the opportunities for professionals in this field are only expanding. With the right mix of legal knowledge and technical expertise, you can play a key role in shaping the future of cybersecurity in Ohio and beyond.
