Spence Witten, Adjunct Professor at CSU, did not plan on a cybersecurity career. After the recession interrupted his venture capital career, he was unexpectedly contacted by a cybersecurity company while job-hunting. “I gotta tell you,” he laughs, “It sounded like the most boring thing I’ve ever heard of in my entire life.” But as time passed and he remained unemployed, he decided to give them, and himself, a chance – even though he lacked any technical background in the field.
First Impressions and Unexpected Benefits
Spence quickly rose through the ranks; field cybersecurity work, project management, program management, and even running large cyber programs himself. It was a great, though unexpected, outcome when “I definitely stumbled into it. It wasn’t planned. I wish I could say that I had this brilliant foresight back in the early 2000s that cybersecurity was going to be huge, but in reality, I was just unemployed,” he admits good-naturedly. All’s well that ends well; today he is the Director of Application Security at 38North as well as CSU adjunct faculty member.
Spence got to know CSU’s own Brian Ray while working on state cyber policy, and when Brian asked him about teaching technical courses, “it sounded really fascinating and fortuitous. I got in right at the ground floor and helped build the program, which is an innovative way to teach cybersecurity in an increasingly regulated world.” It makes sense, then, that Spence emphasizes the importance of networking in the technical capstone coursework. “It’s really just about working with interesting people,” he offers, “and when your circle expands, that’s when opportunities open up.”
Grounded Teaching Methodologies
Spence’s personal experience informs his teaching, so naturally he empathizes with students lacking a technical background trying to enter a technical field. “I remember that it was a bit of a shellshock. It was really challenging and totally new, and I just remember how unfamiliar it all felt,” he admits. “But I also learned that you start small, it snowballs, and after a lot of hard work one day you wake up and you’re an expert. I definitely try to bring that perspective to the class, and create a program that walks students down the same path that I took to get increasingly comfortable with technical concepts.”
In contrast, many programs stick close to theories and history while eschewing the actionable steps. “I don’t think it’s practical,” Spence says. “I like to put people in the driver’s seat with cybersecurity.” It’s why his courses are lab-focused. “I help them stumble through and make it a very safe, no-apologies learning environment. It’s going to be uncomfortable at first, and that’s fine. Once you’re competent, you can decide where you want to take it next, but at least you understand how that part of the world works.”
Learning and Expanding Your Cyber Career
Spence is cognizant of working towards multiple goals in designing his coursework. “One of the things we work on is communicating complex topics for non-technical personnel; how to write, speak, and present a concept succinctly.” Students graduate from CSU with a wealth of diverse skills, some of which they may never even expected to achieve in the first place.
“I think students who do the best come into it with a willingness to chip away, every day, at staying on top of things and doing just a little bit better. It’s about continuous development.” Next steps are up to the individual; CSU provides a general education, and Spence and the rest of the faculty try to help students find their personal niche. They encourage resume-boosting independent research, or pursuing pertinent certifications. “We’re going to do everything we can to help you.”
The Strengths of CSU’s Program
As our society’s cybersecurity attacks become increasingly dangerous, regulation noticeably increases … which sometimes means that finding an easy, efficient solution to a problem decreases. Due to this increase in regulation around cybersecurity, there is simultaneously an increase in the importance of the legal counterpart – but, as previously noted, there’s a limit to how much a purely legal understanding of the industry can do for you.
“We have brought the two together, and I think we are really positioning our students for the future of cybersecurity. Our program will help you break into a field that’s really difficult to break into.” Without either technical or legal knowledge, there’s a cap on where you can go in your career. But with a solid understanding of both, the doors open.
Contribute Meaningfully to Global Conversations
Cybersecurity continues growing exponentially, in both its social reach and impact. “Our program is preparing students to contribute meaningfully to these global conversations on how to prepare for our steadily interconnected world.” Staying on top of current events and consistently learning about the latest advances come with the territory at CSU. Possible careers post-CSU will likely continue along one of three security trajectories: compliance, analyst, or engineering.
Spence concludes with an honest appraisal of CSU’s MLS. “I don’t think there’s a program anywhere else in the country that is a technical program tailored to non-technical people. We’ve specifically tailored the technical aspect of our program to the skills anyone, regardless of your background, has to have in order to be successful in cybersecurity. There’s no one who brings the two together like our program does. You’re simply not going to get that anywhere else.”