When sitting at his desk, 2015 computer science graduate Kyle Gutschow is fighting a battle in an unseen realm. He is reinforcing the bunkers in the cyberwar by maintaining the sleepless soldiers of cyberwarfare — cybersecurity systems.
Let’s (Not) Go Phishing
“Cybersecurity is a very broad term for my career,” Gutschow said. As a cybersecurity specialist at Prisma Health, he and his team have systems in place that alert them when a possible attack occurs. A team member must confirm that there was an incident, as alerts are sometimes misidentified. Many of the incidents come through email. Prisma receives hundreds of phishing attempts a day.
The security systems in place stop or detect most of the attacks. “The systems that stop (attacks) require constant attention because sometimes they get too aggressive, and they stop legitimate stuff,” Gutschow said. A main focus of Gutschow’s team is verifying that safe information gets through then maintaining and updating the systems as needed.
Gutschow’s boss, Prisma’s director of information security, has many goals and initiatives that he is trying to put in place. These require the cybersecurity team to build new security measures on a regular basis. One example is implementing two-factor authentication for all Prisma employees. Another example is confirming employees are using corporate-sanctioned services to store files. If employees were keeping patient data in a personal file storage account, that would be a serious breach of patient privacy.
Protecting the Data
In order to keep Prisma safe from attacks, Gutschow said, “You have to know what the organization has that it is viable. . . . You have to know what makes the business money at the end of the day.” He also has to know what mistakes could keep the business from staying afloat financially. If Prisma lost patient information in a breach, they could be fined, which is an incentive to spend money on security. Because such a program has to protect a wide array of information, it has to be comprehensive.
When preventing cyber attacks, the cybersecurity team rarely knows how serious the attack would have been if it had been successful. “You’re not sitting at a computer, just typing a bunch of stuff into a command line, keeping the guy out of the firewall,” Gutschow said. “When you stop something, you don’t really know the extent of the damage that could have occurred.”
Building a Foundation
Gutschow grew up in Greenville and knew about BJU from his father, who attended a couple of years, as well as from relatives who attended. When faced with making a decision on secondary education, Gutschow considered attending technical school but decided to attend BJU after his parents encouraged him to get a well-rounded education.
“Understanding the way computer systems work is really important to understanding how to keep your information secure,” Gutschow said. At BJU, Gutschow learned all about computer science. “Computer science forces you to get a lower level of understanding, and this gets you closer to the ones and zeros that we talk about.” Gutschow also learned how to write program code which opened his eyes to the many facets of computer systems.
“If I had to go back and redo what I studied, I probably wouldn’t change much, “ Gutschow said. In computer science, he learned the lower-level workings of computers, how to write some codes and how operating systems work. If someone is looking to work in cybersecurity, he advised, “Your main focus should be learning as much as you can about computers, how they work, and networks.
“There’s a lot of things that school teaches you and that is valuable in life. I think BJU has a very high level of preparing you for being productive.”