One amazing benefit of being a student at McIntire is the access to faculty members who have expertise across a wide range of topics. Our faculty members conduct research in areas that not only interest them, but also add value to our in-class experience and holds weight within academia on a global scale.
I checked in with Professor Chris Maurer to learn more about his research and how he translates his findings into real-life classroom lessons for his students—including for students like me in the M.S. in Accounting Program—in his Intro to Cybersecurity course.
Professor Maurer’s involvement in the subject spans a large portion of his career. Prior to earning his Ph.D. in Management Information Systems, Professor Maurer worked as the Director of Security and Controls for TRX Inc. and as an IT Auditor for KPMG.
Currently, Professor Maurer’s research involves the Society for Information Management (SIM) IT Trends Study. Every year, SIM conducts a survey, sending it to over 4,000 IT leaders from companies around the country. The survey asks about what concerns them in the world of IT and how they operate their IT functions. The results are published every year as a baseline for establishing the pulse of the industry across the country. Professor Maurer uses these results to look for trends and identify emerging issues.
The results of the IT Trends Survey show that cybersecurity has consistently been ranked as the top concern for organizations across the country, and yet Professor Maurer has taught us that there has been very little movement in terms of organizational actions as a response to this concern. Much of his current research has focused on understanding and detailing the disconnect of why there is a lot of talk about cybersecurity as a top priority for companies, with little investment in practices to improve it among these companies.
In his cybersecurity course, Professor Maurer instilled in us that a hacker can fail 99.99% of the time and still have success. All it takes is one little hole for a hacker to take advantage of and use it to access information. It is important to remember that this lesson goes for information security officers within companies: You can win 99.99% of the time and still experience a hit the one time a hacker is able to breach your systems. Due to this reality, cybersecurity is something that requires constant attention.
Some might ask why students in the M.S. in Accounting Program should give attention to cybersecurity. The IT and cybersecurity team can program the servers and network to protect a company all they want, but at the end of the day, the weakest point to attack is other employees within a company. All it takes is one employee to click on a phishing email, give away information over the phone, or have their laptop stolen. As Professor Maurer says in class, “It takes a village.”
It is imperative that all employees of a company, including accountants, realize the importance of cybersecurity and become informed of best practices to combat attacks from hackers. This notion of a culture of cybersecurity is another emerging theme that Professor Maurer is hoping to expand his research into within the next year and apply in the classroom for his students at McIntire too.