Five Things Every MBA Student Should Know About Cybersecurity

August 21, 2024
Young man looking at a computer screen

“Network attacks are a matter of when, not if,” said Carlos I. Torres, PhD, assistant professor in the Department of Information Systems and Business Analytics at the Hankamer School of Business. “Every company or individual will be attacked at some point. The question is whether or not they will be ready.” 

In the cybersecurity courses he teaches, Torres equips his students to develop information security managerial strategies that prevent and mitigate the attacks that will inevitably come their way. Every student, whether they go on to lead a cybersecurity team or serve in a different function, needs a working knowledge of cybersecurity to contribute to a more secure workplace. 

Below, he shares five things that every MBA student should know about cybersecurity by the time they graduate.

 1) Three-quarters of cybersecurity attacks involve an employee. 

Approximately 70 to 80 percent of cyberattacks involve humans. Hackers know that employees are the weakest link in the chain, and they consistently exploit that weakness. An employee may fall prey to a phishing scam by logging into a fake look-alike site with their username and password. They may download a file that contains malware or respond to a text from someone pretending to be a colleague. 

“But while employees are the greatest liability, they are also the most effective line of defense,” Torres said. 

For every firm, preventing and mitigating attacks starts with training employees to follow clearly defined security procedures to protect their information. In their cybersecurity courses, Baylor students gain hands-on experience in security policy development and training by creating a comprehensive training program for a policy designed to counter a cyber threat.

2) Remote work heightens the level of risk. 

The rise of remote work has opened the world to firms, allowing them to source talent far from the office. Unfortunately, it has also exposed them to higher levels of risk. 

“Remote employees tend to be more relaxed in their home environment,” Torres said. “Just like they would wear gym shorts to work from home but not in the office, they do not follow all the rules and procedures of the office while working from home.” 

A home network is rarely as protected as an office network. Without remembering to use a VPN, a remote worker is vulnerable to a network attack even when logging in for a minute or two to send an email. They may also experience a security breach if a hacker gains access to their computer through another device in their home network, like a smart speaker or kitchen appliance. 

3) Policies and procedures must evolve to address changing threats. 

The last thing a cybersecurity professional can do is stand still. Threats evolve daily, and so must the response to these threats. 

“Companies must constantly evaluate and re-evaluate their plans to meet the needs of the moment,” Torres said. 

Every company should have an emergency plan in place so that in the event of an attack, it can keep working. If business grinds to a halt, the damage multiplies. Once it has been attacked, implemented an emergency plan and made it through to the other side, it should do a thorough audit of what went wrong to adjust its strategy going forward. 

4) Reducing risk to zero is not feasible. 

Realistically, a firm cannot shoulder the cost of protecting its information systems against every identified or unidentified threat. A careful risk-benefit analysis must be conducted to determine which risks make sense to prioritize. If it invests in the protection of a specific system, for example, it must be confident that a successful attack on that system would be more costly than the investment in protecting it.

5) AI is fundamentally reshaping the field of cybersecurity. 

AI will be a gamechanger in the way attacks are carried out and the way they are apprehended. A hacker trying to find a weak point in a network can deploy multiple AI bots using machine learning algorithms to expedite the process. Breaking through a company’s defenses will become faster and easier. On the flip side of the coin, companies can use AI tools to better spot vulnerabilities, patch holes and confront threats. 

Whether they go on to become a CIO, CTO, CFO or CEO, Baylor students will gain a competitive edge by mastering the fundamentals of cybersecurity early in their careers. 

“Everyone is affected by cybersecurity, so everyone—no matter what their role—should get involved,” Torres said. 

What’s Next

Are you ready to succeed in cybersecurity? Click here to learn more about Baylor’s Online MBA with a Cybersecurity concentration or fill out the form below to speak directly with an Enrollment Coordinator.

Hankamer School of Business

Paul L. Foster Campus for Business and Innovation
1621 S 3rd St.
Waco, TX 76706

One Bear Place #98001
Waco, TX 76798

(254) 710-3411
AACSB Logo
 
Copyright © Baylor® University. All rights reserved.
Baylor University • Waco, Texas 76798 • 1-800-229-5678