GRCC hopes to produce class of ‘ethical hackers’

GRCC hopes to produce class of ‘ethical hackers’

Recognizing and preventing digital threats will be the focus of the Certified Ethical Hacker program at GRCC. Photo by Mike Nichols

Grand Rapids Community College has become a training ground for digital guardians to keep digital thieves away from your digital treasures.

In order to help train the next generation of digital talent to fight off cyber attacks, GRCC recently announced that its computer information systems department has now become the state’s first EC-Council Academic Accredited Training Center through the International Council of Electronic Commerce Consultants, better known as EC-Council.

The new Certified Ethical Hacker program, the latest curriculum expansion for GRCC’s CIS department, equips students with the skills needed to defend against cyber attacks.

“These changes and additions to the GRCC CIS programs will prepare our students to enter the workplace with high-level skills,” said Luann Keizer, department chair. “Employers will hire our students knowing they have achieved the highest industry standards.”

GRCC’s CIS department has been growing this year. Earlier this summer, it announced it had been approved as a Cisco Networking Academy, a CompTIA Academy and a Microsoft IT Academy.

The department already offers pre-major degrees in computer information systems, computer science and information security, and two-year degrees in network administration, computer programming, graphics and web development, and computer support.

The new program was needed because IT security is a growing field, said Andrew Rozema, CIS assistant professor. IT security, in general, is a huge field for which the market doesn’t have a lot of work force yet, he said.

But GRCC is looking to change that.

“In partnering with the EC-Council, Grand Rapids Community College is looking to help fill the talent gap in West Michigan for information security professionals and, in particular, penetration testers — a type of security professional that often goes by the name ‘ethical hacker,’” Rozema said.

“The EC-Council Certified Ethical Hacker Certification is perhaps the best known in the industry for this type of work and will verify the knowledge and skills these students have as they enter the workplace.”

Rozema is the man who helped put the new program together. He spent about 16 years as director of technology at Tribune Co., handing all technology resources at FOX 17. He’s also a CIEH Certified Ethical Hacker with EC-Council, which he had to be in order for GRCC to qualify for accreditation.

“I had to jump through hoops this summer. It was 20 hours of lecture and thousands of hours of reading. I had to … actually take the certification exam students will have to take. It was very rigorous. But that’s the idea. We hope that when students leave, employers will see that they’ve had hands-on experience and can prevent these attacks.”

As for the program, Rozema said there are already 13 students enrolled. It’s a broad curriculum designed to cover the “whole penetration process.”

“The first cohort started this semester; we try and run it fall and winter, and probably again in two sessions, but accelerated, over the summer. … It’s two semesters worth of classes; it’s a total of six credits by itself. It’s either taken as a professional returning for education or as a component for pre-information security degree,” he said.

“(The course) involves hands-on lab work, attacking systems, work through virtual environments. The classes prepare students for the examination.”

GRCC is also hoping this new program will help the college become a certified center of academic excellence for this kind of teaching through the National Security Agency, he said.

“The NSA and CSS (Central Security Service) run this program we’re working toward. The National Center of Academic Excellence and Information Assurance award(s) you to be a national center of excellence,” he said.

Cyber-crimes aren’t going away, Rozema said. Large corporations and institutions especially need to have top security. All the more reason young talent needs to be trained.

There was a time when a company’s IT security was done by an employee who was known for “liking computers,” but the field has become a professional industry and academic training is needed, he said.

“When you’re a large institution, in addition to your corporate treasures being on the line, your reputation is on the line too. I think there’s a growing understanding that your security has to be a part of it,” he said.

“As a student, you’ve got a really good handle on the understandings … of how networks work. It also validates all the layers of skill that have to lead up to that. There are jobs in this industry that aren’t getting filled.”