Top Trends in Cybersecurity in 2024

According to eSentire’s 2023 Official Cybercrime Report, “the global annual cost of cybercrime is predicted to reach $9.5 trillion USD in 2024.” Cybercrime is predicted to increase exponentially over the next several years. As cyber threats continue to increase in frequency and sophistication, focus is being placed on the critical need for organizations to emphasize the development of a strong cybersecurity stance.

How do you develop a strong cybersecurity stance?

Developing a strong cybersecurity stance involves a multi-layered approach that includes several steps. When creating a strong stance, organizations identify risks, implement multiple defenses like firewalls and encryption, train employees on security, and stay up to date on emerging threats. 

Businesses incorporate reactive defense measures as well as preparatory measures. Reactively defending against cyber threats is like constantly putting out fires. Preparedness involves anticipating and proactively addressing potential security risks before they occur. By prioritizing preparedness, organizations can build robust defenses and respond more effectively to emerging threats. This enhances their overall cybersecurity posture. Being aware of predicted trends and how they could impact your organization is vital to developing a strong cybersecurity stance. 

What are some trends anticipated in 2024?

1. Cybersecurity Skills Crunch 

A significant cybersecurity skills shortage is highlighting the urgent need for more trained professionals. Businesses are recognizing the importance and value of investing in training, development, and upskilling programs as an avenue to strengthen and reinforce their defenses while mitigating risks. 

2. Artificial Intelligence (AI)

As AI technology evolves, AI attacks are getting more sophisticated. This includes deepfake social engineering attempts and automated malware that learns to avoid detection, making it harder for cybersecurity experts to keep up with these new threats. 

AI can be used to assist in strengthening cybersecurity. AI is used for early detection making cyber incident responses more accurate. By quickly analyzing data and spotting abnormalities in real-time, AI helps organizations find and stop potential threats before they cause major damage.

3. Next Level Phishing 

Advanced phishing, deep fake attacks, and AI-generated content are ushering in a new era of cyber deception. These tactics create convincing fake events that never happened, posing a big challenge for cybersecurity as they become more common.

4. Cybersecurity in the boardroom 

Cybersecurity has transitioned from being solely an IT department concern to a top priority in the boardroom. More boards are recognizing the importance of including at least one member with expertise in cybersecurity to effectively address the evolving threat landscape and mitigate potential risks.

5. Focusing on both cyber resilience and cyber security

Cybersecurity primarily focuses on preventing cyber-attacks through various measures such as firewalls and antivirus software. Cyber resilience acknowledges that no system can guarantee 100% protection. Resilience emphasizes the ability to withstand and recover from attacks swiftly, ensuring continuity of operations even in the face of breaches or disruptions. Resiliency keeps operations going after an event, focusing on quick recovery with minimal data loss and downtime. Organizations can bounce back from disruptions and maintain essential functions, safeguarding their operations against potential cyber threats.

6. Less than Zero Trust

Less than zero trust means always verifying network activity, as there’s no safe perimeter. Security covers not just the corporate network but extends to remote workers, partner organizations, and IoT devices, recognizing that nothing should be trusted without confirmation.

7. Soft Skills

Soft skills are becoming increasingly necessary for cybersecurity professionals with the growing sophistication of cyber-attacks. Cyber professionals will need to weave together soft skills with technical expertise to strengthen the overall cybersecurity posture of their organization. Soft skills include communication, collaboration, and empathy.  

8. Election year disinformation

During an election year, disinformation becomes a serious concern, with a rise in cyber-attacks anticipated to disrupt democratic processes. These attacks could target vital infrastructure like communications, public utilities, transportation, and security systems, aiming to create disorder and confusion in an attempt to wear down trust in the electoral system.

9. Cloud Attacks

Cloud attacks remain a major cybersecurity concern.  Attackers are expected to use more advanced tactics in 2024. As businesses move more data and services to the cloud, attackers will likely focus on exploiting vulnerabilities. Organizations must enhance security measures to protect their data on multi-cloud setups. 

10. Multi-Factor Authentication (MFA)

MFA is not a new trend, but will become increasingly popular in cybersecurity. As cyber threats evolve and increase, MFA will continue to prove important in the cyber protection of sensitive information. Organizations are expected to increase the adoption of MFA. 

Who is responsible for developing a strategic plan to strengthen an organization’s cybersecurity stance?

In an organization, the leadership team is responsible for prioritizing cybersecurity and developing an environment that provides the proper scaffolding for the entire organization to be educated and prepared. The leadership team may include the CEO, CISO, and a Board of Directors, among others. In reality, cybersecurity is the responsibility of everyone in an organization. Everyone is at risk, regardless of role, length of employment, or previous background. Cybersecurity must be part of every organization’s culture.

Where do we find professional technical training in cybersecurity?

Professional technical training in cybersecurity can be found through a variety of platforms. These include online platforms and accredited higher education institutions offering education, certificates, and degrees in cybersecurity. 

Organizations evaluate their needs and objectives, opting for either group or individualized training. Group sessions, whether in person or online, involve employees utilizing the same vendor/institution with a structured training path. Alternatively, individual training allows organizations to customize learning based on identified needs, goals, and each employee’s skillset.

In Montana, there are many pathways for professional technical training in cybersecurity. Cybersecurity training options include courses that align with the 52 NICCS work roles as outlined by the workforce framework for cybersecurity. The Cyber Rapid Training program provides entry-level and upskilling training in networking, operating systems, communication and cybersecurity. Both the training programs and the rapid training program provide support and scaffolding for individuals to test for and earn the CompTIA Network+ and Security+ Industry Recognized Credentials. Montana is privileged in being home to several Cybersecurity and IT certifications and degrees in most colleges and institutions statewide.

How do we move forward?

That is easy! Whether you are a CEO, CISO, board member, or employee, start the conversation on your organization’s needs, goals, and priorities. Once those are determined, find the right educational and training path for your community.

Cybersecurity Tips for the Holidays and Traveling

The holidays are a time for joy and family. They are also a time of heightened cybersecurity attacks.  Forbes recently published a list ofincreased cybersecurity threats and solutions during the holiday season. Cybereason published a research report in June of 2021 that found ransomware attackers take advantage of holidays and weekends when planning attacks. It is important to stay vigilant and prepared for cyber threats and/or attacks. Identity theft has increased as online purchases have increased.

During the holidays, internet use increases significantly. It is important to keep your computer and other mobile devices clean. This is true while using your devices in the comfort of your home and while traveling. It is always important to keep your devices clean but the holidays do prove to be a good reminder to run virus protection and verify your computer has the latest updates installed.  Malware checks should be kept up regularly throughout the year. Although keeping your computer clean and up to date, there are other ways to make sure your computer remains clean. Threats can emerge from the most likely of places.

Key Factors to Keep In Mind When Traveling:

  • Use secure Wi-Fi. Do not use public Wi-Fi. This can of course feel challenging when traveling. Prepare ahead of time and secure a virtual private network or use your cell phone as a personal hotspot. (This is good advice when using public Wi-Fi in general.)
  • Do not post travel photos or information on social media while traveling. Posts can be scheduled into appear at a later date. This allows you to capture your adventure in real time but share photos and information when you are safely back at home. This also helps you avoid the picture dump that can happen during a trip. If you are away for a week, you can schedule posts throughout the week as you would during your adventure. 
  • Provide your own personal chargers while on vacation. Yes. Hotels do often have USB ports connected to different light fixtures throughout your room. Airports do have options as well. Did you know this is one way malware/ransomware can be introduced to your device? This is a public port, bringing the same concern as using public Wi-Fi.
  • When renting a car, if you tie your phone to Bluetooth or USB, disconnect it before returning your car. When you tie your phone to the car, you want to clear your connection before returning the vehicle to the rental company. This is actually how one criminal was caught. The individual stole a car. The car was found but with no information or leads as to who stole it. Until their information showed up on the car’s system. The individual was eventually arrested. 

Home Safety

It is as important to stay vigilant while celebrating the holidays at home as it is when you travel. The holidays are often a time when there is some splurging and new devices or larger technology products are purchased. How you dispose of your delivery boxes is important. These larger or more identifiable larger-priced purchases are very noticeable in your trash disposal.  Remove your personal information, such as name/address.

All of your accounts should be monitored. This time of year provides a great opportunity to get back on track by monitoring accounts regularly. Accounts can include financial accounts, such as bank accounts and credit accounts. It can also include being vigilant in regards to keeping an open eye on scams.  This includes emails. Attention should be paid tophishing emails, securely working from home, and keeping data safe when using a mobile device. Look into both your bank account and credit account liability policies. Does one have a ‘zero liability’ policy for fraudulent activity? 

Staying Cyber Safe All Year Long

We cannot stress enough the importance of a strong password. A password should have at least 12 characters and include numbers and symbols. One suggestion is to use a combination of three words that do not necessarily relate to each other. Remember to never use the same password for multiple sites. Keep passwords individual. Use a password management site to keep track of your various passwords. 

Want to learn more?

CyberMontana provides opportunities to assist you in staying safe all year round. This includes opportunities for new learners, which includes adult learners who are interested in pivoting into entry-level cybersecurity or IT careers as well as individuals currently in entry-level cybersecurity or IT careers who are interested in upskilling and progressing their careers. This also includes high school students interested in learning about cybersecurity or pursuing a Certificate of Technical Studies.  There are opportunities for workforces to strengthen their cybersecurity defenses through Security Awareness Training. 

Cybersecurity Awareness Month: Top 6 Cybersecurity Tips (2023)

October is National Cybersecurity Awareness Month. Held every year in October, the inaugural month of cybersecurity celebration began in 2004. The decision to focus on cybersecurity was a collaborative effort between the National Cyber Security Division within the Department of Homeland Security and the National Cyber Security Alliance (a nonprofit). The goal continues to be to ensure everyone has the resources needed to be as safe and secure online as possible. By putting a lens more directly on the importance of cybersecurity, the goal is to also provide both the public and private sectors with tools and resources to be proactive in enhancing cybersecurity practices.  Intentional, strategic cybersecurity practices for both homes and businesses are the key to providing cyber vigilance.

What is the value of cybersecurity awareness?

Almost 90% of data breaches are caused by human error*; the human factor is the weakest link. Security-aware employees are one of the primary lines of defense in the business world. Security-aware family members are one of the primary lines of defense in your home. Security-aware individuals and organizations help provide protection from cyber threats, which are becoming stronger and increasingly relentless. By adding cyber security awareness to your toolbox, you better understand threats and how to prevent and/or abate cyber attacks. 

What are the essential elements of good cybersecurity?

There are 6 main elements that should be addressed when considering cybersecurity:

  • Application Security – Application security adds security measures inside the applications we all use every day. Examples are firewalls, antivirus software, and encryption techniques. 
  • Information Security – Information security references the security controls put into place to protect information collected by companies from their clients. Examples of the information to protect include personal data and login credentials.
  • Network Security – Network security defends and protects computer networks from unauthorized network access. 
  • Operational Security –  Security and risk management processes designed for risk management as countermeasures to reduce or eliminate threats to the exploitation of sensitive information.
  • End-User Security – End-user security is educating your employees, and yourself, about cybersecurity best practices. 
  • Disaster Recovery Planning – Disaster recovery planning is your continuity plan describing the procedures and steps that are put in place to efficiently and successfully if a breach should occur. 

How can we promote cybersecurity awareness?

The first step to promoting cybersecurity awareness is to lead by example. Make cybersecurity a priority in your life, at home, and at work. If you are an employer, take a look at what your current practices are, where you see room for improvement and assist your employees in increasing their cybersecurity awareness. If you are an employee, start the conversation with your employers about the importance of cybersecurity awareness and encourage them to look at their current practices as well as current best practices. Better yet, help them take these steps by working alongside them. The way to promote awareness is by making it a priority, not only for you but for those around you. We all continue to learn, and cyber threats and consistency continue to increase. Increasing awareness is for everyone, even those with background knowledge, experience and skills

Essential Cybersecurity Tips

Luckily, there are some key cybersecurity tips to assist in expanding your cybersecurity awareness.

TIP: Create strong, unique passwords. Create individual passwords for all accounts. See some key factors to a strong password here.

TIP: Use a password manager to keep track of your passwords. We know it is not a good idea to use the same password for all online accounts, let alone share a password with work and home log-ins. A password management application is safe, convenient, and assists with the lift of password management. 

  • Phishing – Knowing how to identify phishing and what to do if phishing is suspected can help protect your various accounts, and your identity, for both you and your employer.

TIP: Take a close look at your email before clicking any links. Keep an eye out for: spelling and grammar errors, things that sound too good to be true, nuances in the sender address that do not match the sender’s normal address, urgency, and requests for personal information.

TIP: Just as you clean your house regularly, regularly check to see if your email has been breached. Add this check to your routine, and always update passwords for accounts that have been breached. (Check if your email address was in a breach here.)

  • Malware and Ransomware – Understanding the difference between these two words, what an attack can look like, and implementing prevention methods is a step towards limiting the impact these bring.

TIP: Hover over links to see and verify URLs before clicking. When in doubt, go directly to the source to verify requests or offers. Remember, “” is owned by Google, but “” is not.

  • Mobile Device – Understanding how to keep data safe (application permissions, phone calls, network/Bluetooth connections, and sharing information between applications) protects you from threats you may not realize are there.

TIP: Don’t access workplace data on mobile devices unless authorized and necessary. 

TIP: Use a VPN or your personal hotspot when on the move. 

  • Social Media – Implementing strong security settings and thoughtful consideration of what you share on social media helps keep you safe.

TIP: Use unique passwords for each social network and implement multi-factor authentication (MFA).

  • Work from Home – Recognizing the dangers of unknown networks, the importance of securing devices in transit and public places, and how to handle secure information helps you keep yourself and your organization safe while you work remotely.

TIP: Make sure all company data is saved on the company network, have a proper backup strategy, and follow all set cybersecurity policies of your employer.

What now? 

The first step to increasing cybersecurity awareness is to start a conversation with those around you. Have a discussion as to why cybersecurity awareness is important, why you would like to focus on cybersecurity as a priority, and start building your plan to increase cybersecurity awareness. 

There are a vast array of opportunities to take trainings or courses to add to your cybersecurity knowledge toolbox. Options include opportunities online and in person, short 20-30 minutes sessions to certification and degree opportunities. There are organizations out there that can help you determine goals, set up plans, and track progress for individuals and organizations as a whole. Assess your individual and organizational needs and determine what path is best for you and your team. What parameters fit your goals and needs. 

Cybersecurity Awareness Can Be Fun!

Cybersecurity is of course about protection. Cybersecurity, and building your awareness can be fun as well! Check out cybersecurity awareness month activities in your area and see what events may be occurring. One example is Missoula College’s CyberSec Challenge occurring on October 28th. The event includes expert speakers from the cybersecurity field, challenges of increasing difficulty faced by teams of varying levels, and a prize to the winning team. It also includes enthusiastic participants who want to have some fun, test out their cybersecurity knowledge, or learn more about what a cyber threat may look like. We encourage you to look for events in your area and go have some cybersecurity awareness fun.


Cybersecurity-aware individuals are the primary line of defense from cyber threats and attacks. It is up to each of us to build up our toolbox. Our world continues to become interconnected at a rapid rate. It is up to you to become cyber-aware, but it takes all of us working together to protect the population at large. Working together to make cybersecurity awareness a priority, starting conversations, and taking action to learn more and make proactive plans and strategies will provide the strongest protection in a cyber-filled world.

Early College Offerings for High School Students

We are pleased and excited to offer our online, asynchronous opportunities for high school students to earn college credit in cybersecurity. Our Introduction to Cybersecurity provides a remote, early college experience for high school students to explore cybersecurity topics and career opportunities. Our Cybersecurity Certificate of Technical Studies Program is a set of four courses that provides students with an entry-level credential that can lead to the Associate of Applied Science degree in Information Technology. Upon completion of the program, students will receive special recognition indicating completion of an NSA-Approved Cybersecurity Center of Academic Excellence program of study. Students will also have the option of testing for the CompTIA Security+, a recognized DoD certificate, upon completion of ITS 222.

What is ITS 130, Introduction to Cybersecurity?

ITS 130 is an entry-level course offered to high school junior and senior students. Sophomore students are eligible with the recommendation of a school counselor. This course is 3 credits and develops a foundational understanding of cybersecurity and how it relates to information and network security. Minimal computer experience is required for this course. There is no textbook requirement. Topics covered include:

– Privacy
– Computer Ethics
– Networking
– Cyber Attacks
– Cyber Defense
– Career Options in Cybersecurity

What is the Cybersecurity Certificate of Technical Studies (CTS) Program?

Our Cybersecurity Certificate of Technical Studies (CTS) program includes 4 courses (12 credits) where students earn an entry-level credential that will stack to our AAS in Information Technology. Open to high school juniors and seniors. Students who complete the program are prepared to earn the CompTIA Network+ and CompTIA Security+ industry-recognized credentials, which are recognized by the U.S. Department of Defense for certain cybersecurity positions. Topics covered include:

– Networking Concepts
– IT systems and components
– System Administration
– Cyber-threats and cyber defense
– Cryptography
– Policy, legal, ethics, and compliance

This is a CAE Designated CTS Program. What does that involve?

It is important to note that our CTS in Cybersecurity follows a rigorous curriculum approved by the National Security Agency (NSA). Missoula College was the first institution in Montana to be designated a Center of Academic Excellence in Cyber Defense by the NSA. This designation ensures that the curriculum aligns with NSA standards, is taught by qualified faculty, and involves opportunities for students to benefit from cybersecurity-related activities in addition to their classroom studies. The CAE designation is noted on the student’s official University of Montana transcript.

What is the cost of the Early College offerings?

All 5 of our cybersecurity courses are part of the 1-2-Free program. This program allows high school students to earn college credit while in high school for free. Students may take up to 2 college courses (6 credits).

Once a student has used their 1-2-Free benefits, CyberMontana will pay for additional credits hours leading to the completion of the CTS Program. CyberMontana will also provide two vouchers to be used toward the CompTIA Network+ and the CompTIA Security+ Industry Recognized Credential exams upon completion of the CTS. 

CyberMontana was the recipient of Montana’s Future at Work grant, offered through the Montana University System and is funded by the Dennis and Phyllis Washington Foundation. This grant was created with the goal of training school students in the CTE field in the community where they live.

When do courses begin?

All courses are available in the Fall 2023 semester. ITS 130 begins on September 18th, 2023. **September 11th is the registration deadline for the ITS 130 course. September 18th is the deadline for course registration.

The Certificate of Technical Studies courses begin August 28th, 2023. **August 21stis the registration deadline for the CTS Program. 

How do I register for the ITS 130 Course or the CTS Program?

There are two pathways to register for these early college courses. 

  • If you are a new student, a student who has never taken an early college or dual enrollment course previously, you will need to create and submit an application. The Missoula College  – Dual Enrollment webpage provides all the information you need to make this process easier. After reading the information provided, you will find an “apply now” button at the bottom of the page.
  • If you are a returning student, one who has taken an early college or dual enrollment course previously, you are able to request your course. The information for course selection can be found on the same Dual Enrollment webpage. Scroll down to the “Course Selection” section where you will find directions. 

The Dual Enrollment team is available to assist in the case of any hiccups or complications during the registration process. They can be reached at

Do you work in a high school and would like more information on providing these offerings to your students?

Whether you are an administrator, counselor, IT teacher, or anyone who works with students, you see where students’ passions fall. You also see where new interests are budding. We all want to assist students in finding and pursuing opportunities/pathways that align with where they are at. If Early College is new to you and your school, or you have more questions. Please reach out. You can schedule a 30-minute ZOOM informational session by clicking here.

Get started!

Cybersecurity professionals are in high demand statewide and nationwide. The need continues to grow. Cyber technology is advancing rapidly, as are cyber threats. These programs provide the footing to choose a pathway of your choice. That pathway may involve further studies, stacking these 12 credits into the University of Montana’s AAS. That pathway may lead  gainful employment upon completion of the CTS program and Industry Recognized Credential testing. Either way, employers are looking to develop a cyber workforce with the skills and abilities to meet today’s cyber needs. We look forward to your participation in one of these great cyber opportunities! 

What Is Cybersecurity Workforce Development?

Cybersecurity Workforce Development

On April 19th, 2023, a cyber-attack occurred at a Montana University. The attack impacted two separate campuses, Montana State University, and Great Falls College. Members of the Montana National Guard’s Defensive Cyber Operations Element (DCOE) responded to assist in identifying and mitigating additional vulnerabilities. Three weeks later, the University’s fileserver was still being restored. The attack impacted both campuses in their entirety.

Montana State University is well-versed in cybersecurity. After helping the Department of Defense and Department of Homeland Security to improve methods for resisting cyber-attacks, they were recipients of an award working to improve cybersecurity. Whether an organization is more or less knowledgeable in cybersecurity, threats are increasing, and the need for new and experienced cybersecurity employees increases.

What is Cybersecurity Workforce Development?

Cybersecurity workforce development provides a pathway for individuals to develop skills to enter the workforce or to help current employees grow their skills within the cybersecurity profession. Cyber technology is advancing at a rapid rate, as are cyberthreats. Employers are looking to develop a cyber workforce that has the skills and abilities to meet today’s cyber needs.  

Many businesses require their employees to align their skills and certifications with the U.S. Department of Defense 8570 matrix for Information Assurance (Cybersecurity) positions involving:

  • Technical activities such as securing networks and computers
  • Management activities such as ensuring cyber compliance
  • Information Assurance Architecture and Engineering
  • Cyber Security Service Provider

This preparatory training includes over 30 industry-recognized cybersecurity-related certifications in 13 of the 14 Department of Defense Cybersecurity Workforce categories. 

Why is Cybersecurity Workforce Development important?

One key role of workforce development is to assist businesses in finding qualified employees to meet their cybersecurity needs. Through workforce development, those looking to enter the field of cybersecurity acquire the skills needed to enter this high-demand field as quickly as possible. Those already in the field can continue growing in their knowledge, with the potential of promotions and/or higher wages. 

CyberMontana’s workforce training domains include:

  • Cloud Security
  • Defensive Security
  • Governance, Risk, and Compliance
  • IT/Network Operations
  • Management & Leadership
  • Offensive Security
  • Scripting
  • Secure Coding

What training topics and certification preparation options are available?

CyberMontana’s professional development options through our workforce development courses include:

– CompTIA Security+
– CompTIA Network+
– Certified Ethical Hacker (CEH)
– AWS Certified Cloud Practitioner
– Microsoft Azure Security Tech
– GIAC Security Essentials (GSEC)
– Project Management Professional
– Certified Information Systems
– Security Professional (CISSP)
– Cyber Defense Infastructure
– Cloud Administration
– Intrusion Detection
– Digital Forensics
– System Hardening
– Identity and Access Management
– PCI DSS Compliance
– Penetration Testing
– Policy and Risk Management
– Threat Hunting

Where does Cybersecurity Workforce Development training take place?

Trainings are offered online and are asynchronous. You can take them anywhere you have a computer, reliable internet, and an environment you believe you can focus. Trainings are hands-on, interactive, and self-paced to the learner.

Who can sign up for Cybersecurity Workforce Development and what does it cost?

The cybersecurity training programs are for adults who want to jumpstart their cyber career or advance in their current position with additional training. Due to its asynchronous, online nature, anyone can access the training programs.

Individual course costs can be found in the course descriptions. CyberMontana can provide training at a reduced cost to state, county, and local government organizations, education organizations, and their employees. We also have negotiated reduced rates with our vendors, and are glad to pass this favorable pricing on to our private sector business clients.

Starting August 15th, 2023, CyberMontana has limited numbers of Cybrary licenses to pass on to public sector parties. For more information, or to be added to the list of people interested in a license, visit the CyberMontana website here.

Signing up for cybersecurity workforce development training is easy! Visit the CyberMontana website or click here to complete the interest form. A member of the CyberMontana team will be in touch to discuss further steps. If you are a public entity or employee that is interested in being put on the interested party list for a license, please note that in the “additional comments” section.

Why wait? Start your Cybersecurity Workforce Development training now!

It is never too late to start your career in cybersecurity, or too late to grow in your current cybersecurity career. Our courses through our industry-leading cybersecurity education companies will help you gain the skills and confidence to move forward in the high-demand field. To start your path, contact Cyber Montana. We look forward to hearing from you!

Why Register for the Rapid Cyber CTS

The CyberMontana accelerated academic program is an asynchronous, online program that prepares students with entry-level cybersecurity knowledge in 10 to 15 weeks. Students complete four courses covering basic networking, operating systems, ethical and legal issues, communication skills, and, of course, cybersecurity. 

Why is the Cyber Rapid CTS important?

The Cyber Rapid Training Program is a National Security Agency (NSA) designated, intensive, accelerated program. The CTS curriculum aligns with standards and associated knowledge units established by the National Center of Academic Excellence in Cyber Defense in Montana. 

Our Cybersecurity Certificate of Technical Studies (CTS) is a set of 4 courses (12 credits) that provides students with an entry-level credential that can lead to the Associate of Applied Science degree in Information Technology. 

Skills learned include: 

  • Cybersecurity foundations
  • Cybersecurity principals
  • IT Systems Components
  • Basic Networking
  • OS Concepts
  • Cyber Threats
  • Policy, Legal, Ethics & Compliance
  • Security program management
  • Security risk analysis
  • Basic cryptography

Why Cybersecurity and why now?

Currently, there are 810 cybersecurity-related jobs available in Montana. Employers are seeking cyber-aware employees. The Cyber Rapid Training CTS Program is designed primarily for two categories of people:

  1. Adult learners who are interested in pivoting into entry-level cybersecurity or IT careers.
  2. Individuals currently in entry-level cybersecurity or IT careers who are interested in up-skilling and progressing their careers.

Upon successful completion of this program, graduates will be equipped to take and pass the CompTIA Security+ and CompTIA Network+ Certification exams. These standard, entry-level credentials are aligned with the U.S. Department of Defense Information Assurance technology and Management job categories.

These credentials give students baseline information to prepare them for further studies related to more advanced security certifications, such as EC-Council Certified Ethical Hacker (CEH), ISC Systems Security Certified Practitioner (SSCP), and CompTIA Cloud+, all available through CyberMontana.

Courses include:

  • Information Technology Systems (ITS) 150 – CCNA 1: Exploration (3 credits)
  • Information Technology Systems ITS 212 – Networks OS – Desktop (3 credits)
  • Computer Science/Programming (CSCI) 215 E – Social & Ethical Issues In Computer Science (3 credits)
  • Information Technology Systems (ITS) 222 – Enterprise Security (3 credits)

How do I know if this program is right for me?

This program is online and asynchronous. We do strongly encourage participation in an online weekly check-in meeting. (The schedule of this meeting is based on student availability and is set at the start of the semester.) We also encourage developing a schedule in which you are able to check in on coursework, requirements, and expectations early in the week. Instructors are typically available 8 am – 5 pm, Monday through Friday.

Students who are self-motivated, organized, and able to advocate for their individual educational needs thrive in this program. Our best estimate is that program participants will need to devote approximately 40 hours per week to their studies throughout the program. We do recommend a work week that consists of less than 20 hours per week if possible. We also recommend putting time and thought into how you could schedule at least 40 hours per week to devote to your academic studies. 

It is important to note that our CTS in Cybersecurity follows a rigorous curriculum approved but the NSA. Missoula College was the first institution in Montana to be designated a Center of Academic Excellence in Cyberdefense by the NSA. This designation ensures the curriculum aligns to NSA standards, is taught by qualified faculty, and involves opportunities for students to benefit from cybersecurity-related activities in addition to their studies. The CAE designation is noted on your official University of Montana transcript. 

What kind of employment/job does this program lead to

Upon completion of this program, students will be equipped for entry to mid-level jobs in the IT and Cybersecurity Sectors. Specifically, this training prepares students for employment as a Network and Computer System Administrator (entry-level), Computer System Analyst (entry to mid-level), and Information Security Analyst (entry to mid-level.) 

The 12 credits earned by completion of this program stack towards an Associate of Applied Science (AAS) in IT at Missoula College. There are a variety of concentration options that would accompany this degree. 

As noted, these credits prepare students for two specific Industry Recognized Credentials (IRCs) that help lead toward gainful employment upon completion of the program. CyberMontana provides one voucher for each exam upon completion of the program and a signed Memorandum of Understanding. 

There is a current need for cybersecurity professionals both statewide and nationwide. 

The Cyber Rapid CTS Program at Missoula College is unique in that it provides wrap-around services to assist you through this process. The dedicated program staff supports students through academic advising, career advising, and mentoring. 

Upon exiting the program, students will have access to career-ready services that build soft and hard skill competencies, aligned with the standards established by the National Association of Colleges and Employers (NACE).

How much does this program cost?

This program costs approximately $2,100 plus under $400 for course materials. There are multiple material pricing options available. Financial assistance programs are available to offset or cover enrollment and course materials. (These costs reflect in-state tuition coding and are current as of the blog post date.) 

There are federal and state-funded financial assistance programs that could offset or cover enrollment and other associated program costs such as required course materials. During the initial student contact phases, Missoula College will provide information and application support for available financial assistance programs upon request.

How do I register for the Cyber Rapid Training CTS Program?

This program does provide support during admissions, registration, throughout the semester, and employment opportunities post-program. The admissions process begins with an intake appointment, made with our Director of Workforce Training & Career Education, as well as Associate Director of CyberMontana, Christopher Prosa ( This appointment, which takes approximately 45 minutes, allows for the opportunity for us to gather useful information from you as a potential student and allows you to have an opportunity to learn more about the program and make an informed decision as to if it is right for you currently. This appointment also helps us start you on a process to enter the admissions/registration process as smoothly as possible, and that you are coded correctly for tuition purposes. 

The Fall 2023 Semester begins August 28th. We encourage interested students to contact us by July 5th. This allows us to help you with any admissions/registration complications that may arise and for you to secure course materials.

Interested in joining the Fall 2023 cohort?

The Cyber Rapid Training CTS Program provides you with training toward an entry – mid-level cybersecurity position. It is a goal of the program to not only assist you in academics but help you set yourself up for gainful employment upon completion of the program. We work with community partners to work together to provide warm hand-offs that help everyone succeed.

What to Know about Cyber STEM Summer Camps in Montana

CyberMontana is excited to sponsor 2023 Cyber STEM Summer Camps throughout  Montana. A total of eight camps will be held throughout seven cities across the state. Registration is currently open for all Cyber STEM Summer camps. We believe no age is too young to start learning more about cybersecurity!

What are Cyber STEM Camps?

Cyber STEM Camps use hands-on activities to investigate topics ranging from programming in Scratch or Python, to electronics and networking, to basic command-line operation of computers. All camps incorporate aspects of cybersecurity throughout the various topics.

We are becoming more reliant on cyber-based technology throughout all aspects of our daily and work lives. Cyber STEM camps offer an opportunity for Middle School students to be inspired to embrace interest, passion, and talent to build skills that may help our country’s national and economic security. 

Where are STEM Summer Camps located?

STEM Summer Camps are located throughout Montana. Camps are open to Middle School Students (ages 10 – 14 years old.) The 2023 STEM Summer Camps include:

Why should my child attend a Cyber STEM Summer Camp?

Cyber STEM Summer Camps provide an opportunity for Middle School students to explore aspects of IT along with cybersecurity. There is a shortfall of skilled cybersecurity professionals in the nation. Cybersecurity Summer Camps aim to ensure interested and inspired young students embrace this passion. As we become more reliant on cyber-based technology in every aspect of our daily lives, it is critical we nurture excitement and drive in relation to cybersecurity in our youth.

Young girls’ confidence drops by 30% between the ages of 8 and 14 years old*. Something about the percentage of fading interest in females. In high school, 60% of girls who were interested in STEM as freshman are no longer interested by graduation. For all students, it is important to provide access to STEM, and IT/Cybersecurity opportunities. For young girls, it is imperative to provide these opportunities and role models within the field. Mentors who show excitement in regard to their interests, who help provide scaffolding to continue down a path that explores IT and cybersecurity.

What does a day or a week at a STEM summer camp look like?

Cyber STEM camps provide a minimum of 20 contact hours delivered over 1 or 2 weeks during the summer of 2023. Each institution works to provide a low counselor-per-student ratio. Each city is able to design its own curriculum. Some camps share a cybersecurity/basic electronics curriculum developed by Missoula College for Summer 2021 and 2022. Others may opt to teach a CyberPatriot camp or to teach their own custom curriculum. Each camp’s registration page shares information on their schedule and curriculum. Each institution is able to provide any further details regarding individual camp schedules. Food and snacks are provided for each camp.

How to register your children for one of Montana’s Cyber STEM Summer Camps

Registering for a STEM summer camp in any of the 7 cities providing offerings is easy! Registration can be found on the CyberMontana website. Choose the city where you would like to register a student and complete the online registration form. (Missoula College is currently full but accepting waitlist applications as family plans tend to change as summer approaches.)

What is the history of Cyber STEM Camps in Montana?

The 2021 legislature provided funding to Missoula College’s Center of Academic Excellence (CAE) for Cyber Defense to develop the Montana Cyber Hub for workforce education. 

STEM summer camps began in Summer 2021. During the summer of 2022, CyberMontana funded STEM day camps in 7 different cities throughout Montana. These day camps are aimed at increasing middle school student interest in cybersecurity and other aspects of IT such as programming and networking. Camps will use local faculty and mentors, typically older students, along with additional support to provide hands-on experience with cybersecurity and other STEM topics. 

Training sessions are held for interested faculty in preparation for these summer camps. Returning faculty share their experiences allowing for new skills to be learned and passed on to the future workforce, helping each camp to be a success. 

Join the Cyber STEM Summer Camp fun today

These camps provide a fun and welcoming learning opportunity for your students. These camps also provide a great venue to explore the fields of IT and Cybersecurity. We are excited to work with our campers this summer!

*Katty Kay & Claire Shipman, The Confidence Code: The Science and Art of Self-Assurance – What Women Should Know.


Everything You Need to Know About CyberMT’s GenCyber Camps [2023]

Missoula College and Great Falls College MSU are excited to hold our NSA-sponsored GenCyber Summer Institutes. The 2023 GenCyber Camps consist of 8 weeks of online pre-sessions, 1 week of in-person sessions at the location closest to you, and close with 8 additional post-sessions. Registration for both camps is currently open. 

What is GenCyber?

The GenCyber Summer Institute for middle school students focuses on cybersecurity and networking.  This program strives to be a part of the solution to the Nation’s shortfall of skilled cybersecurity professionals. Ensuring that enough young people are inspired to utilize their talents in cybersecurity is critical to the future of our country’s national and economic security as we become even more reliant on cyber-based technology in every aspect of our daily and professional lives. 

The primary goals of the GenCyber program are to:

  • Ignite, sustain and increase awareness of K12 cybersecurity content and cybersecurity postsecondary and career opportunities for participants through year-round engagement.
  • Increase student diversity in cybersecurity college and career readiness pathways at the K-12 level; 
  • Facilitate teacher readiness within a teacher-learning community to learn, develop, and deliver cybersecurity content for the K-12 classroom in collaboration with other nationwide initiatives.

*The bullet points above were sourced directly from GenCyber’s website

What are the origins of GenCyber?

GenCyber began in 2014. Initially, there were eight camps. Currently, this number has increased to over 150 camps. These camps span 44 states, plus DC and Puerto Rico. 

Who are the GenCyber Camps geared towards?

GenCyber camps are designed for students K-12. Funding is provided by the National Security Association (NSA) and the National Science Foundation (NSF). A goal is to spark interest or light a flame in students before they complete high school, leading more students, and a more diverse group of students, to pursue entering Cybersecurity programs as a post-secondary pathway. 

Where are Montana’s GenCyber Camps held?

Currently, Montana will hold GenCyber Camps in both Missoula and Great Falls.Both camps include

  • An online pre-camp: April 4 – May 24 (Tuesday and Wednesday, 7pm – 8pm)
  • An in-person camp:
    • Missoula’s in-person camp will be held June 19 – 23 at Missoula College (8am – 5pm)
    • Great Fall’s in-person camp will be held June 12 – 16 at Great Falls College (8am – 5pm)
  • An online post-camp: July 11 – Aug 23 (Tuesday and Wednesday, 7pm – 8pm)

These camps are open to any middle school student, ages 11 – 14, interested in exploring cybersecurity. You do not have to live in Great Falls or Missoula to attend. Attendees are expected to participate in the entirety of camp, including the in-person camps. 

How can the GenCyber Camps benefit your children?

Cybersecurity is not commonly taught in schools. Schools or institutions receiving a GenCyber camp grant can change that. To receive one of the grants, a school or institution must submit a comprehensive application in the winter. The development of curricula and lesson plans infuse cybersecurity principles across content areas. 

We currently live in a time where so many items and aspects of our lives are tied to “The Internet of Things” (IoT). Cybersecurity impacts all of our lives, whether it is physical devices, social media, online accounts, and so much more. Knowing, understanding, and practicing cybersecurity best practices plays, and will continue to play, a large role in all of our lives and futures. 

The activities presented include:

  • Hands-on exercises
  • Networking
  • Secure communications
  • System vulnerabilities
  • System exploitation

All student participants will receive a Le Potato (micro-computer) that will be theirs to keep after the program is complete. Lunch and snacks are also provided. 

How to register your children for one of Montana’s GenCyber Camps

Registering for the GenCyber Camps is simple! Registration can be found on the CyberMontana website. Please fill out the online form. The CyberMontana team will reach out closer to the camp’s start. Students do need to commit to the pre-camp, in-person camp, and post-camp. We ask that students register by Friday, March 31, 2023.   

Register for Montana’s GenCyber Camps today

The GenCyber Summer Institutes are a fun and welcoming opportunity for your child to delve into aspects of cybersecurity. The GenCyber, and STEM, summer camps strive to be part of the solution to the nation’s shortfall of skilled cybersecurity professionals. Ensuring that enough young people are inspired to utilize their talents in cybersecurity is critical to the future of our country’s national and economic security as we become even more reliant on cyber-based technology in every aspect of our daily lives. We look forward to working with some of you and your children this summer!

Why Is Security Awareness Training Important? [2023]

Security-aware employees are one of the primary lines of defense against cyberattacks in the business world. We know that almost 90% of data breaches are caused by human error*; the human factor is often the weakest link. Security awareness in employees prevents and mitigates the risk of security breaches. Professional development in security awareness is key to protecting your organization and your customers.

What is the Purpose of Security Awareness Training (SAT)?

Security Awareness Training provides your business and employees with knowledge on how best to mitigate risks presented through internet use. These forms of training help individuals understand their role in facing security breaches. Your stance changes from reactive to proactive. Cyber threats will never be eliminated. You can help create an environment that is resilient against threats and has increased its toolbox of capabilities to prevent and/or face threats. 

How effective is SAT?

Verizon’s 2020 Data Breach Investigation Report, which highlights insights from nearly 4.000 data breaches, found that 67% were caused by an attack targeting people – including credential theft and phishing- and 22% involved human error.”* – David O’Leary from SHI 

Think about password protection. We all have created passwords in which the organization/company tells you if your password is weak or strong, and often provides you with requirements as to what are the minimal requirements to create a password on their site. Security Awareness Training courses assist your employees in being aware of what it takes to truly create a strong password. 

We all have various devices that we use daily. It is always of intrigue to look up your email address and see if it has been part of a breach. One email typically is connected to multiple devices. It only takes one email breach to threaten all devices. This makes checking your work email on your personal devices and visa versa a risk. It is a good practice to create Security Awareness regulations within your organization. It is also very interesting to look up your email to see if it has been breached. Consistency in training employees can lessen cyber crimes and their impacts by 40% – 50%.*

What lessons does CyberMontana provide for Security Awareness Training?

Lessons are 20 – 30 minutes, online, training modules. These lessons teach best cybersecurity practices in a number of topics. These include: 

  • Phishing – The lesson defines phishing (a form of fraud in which an attacker masquerades as a reputable entity or person in email or other forms of communication), how to identify it, and what to do if phishing is suspected. Users are given several examples of phishing emails.
  • Password Creation – Users are taught the importance of proper passwords and how to construct them. Users are given examples of strong and weak passwords and will then practice constructing stronger, unique passwords.
  • Social Media – Users learn best practices to keep themselves safe on social media. Users learn strong security settings and thoughtful consideration of what they share about themselves and their organization.
  • Malware and Ransomware – The lesson defines malware (malicious software) and ransomware (type of malware that blocks access to devices and/or data, often until payment). The lesson describes what attacks can look like, prevention methods to implement, and what impacts malware can have on an organization.
  • Work from Home – The Lesson focuses on securing the home workspace, work, and personal devices, and your network. Users learn the dangers of unknown networks, the importance of securing devices in transit and in public places, and how to handle secure information in public places both on devices and in calls.
  • Mobile Device – This lesson covers foundational information to keep data safe when using a mobile device. This includes app permissions, phone calls, and network/Bluetooth connection in public areas. It also includes what it means to share information on your mobile devices and what exact information you are sharing with those applications.
  • Social Engineering – There are many ways to breach security for information. Social Engineering is a form of attacking the person instead of the software. Abusing simple trusts to gain an advantage to hack information. This lesson goes over what Social Engineering really is and how to protect yourself from it.
  • Browser Safety – Everyday use of browsers makes us feel safe using them. Browsers can be connected to security and personal information breaches. This lesson goes over safe browser habits, safety tricks, and the difference between browsing at work rather than at home.
  • Devices – There are many devices related to work and computers. From phones to portable drives. Each device needs proper security management. It’s important to know the risks of each device and how we can protect ourselves and our work.
  •  Password/Multi-Factor Authentication – This lesson discusses Multi-Factor Authentication (MFA) and why it is an important part of security when using accounts online, even with a secure password.

How Does Security Awareness Training Benefit Your Organization and Employees?

First and foremost, Security Awareness Training benefits your organization as it sets you up to play both offense and defense within the cyber threat world. Currently, it is not required in the state of Montana. There are some liability insurance policies that have requirements in which Security Awareness Training meets. Some organizations look for employees to have a badge or certificate to accompany their training. CyberMontana’s Security Awareness program offers badging and a certificate of completion for training. 

  • The Security Awareness Individual Proficiency Badge will be available to individual users of an organization who complete at least 75% of their assigned Security Awareness Training (SAT) modules. 
  • The Security Skills Individual Proficiency Badge will be available to individual users of an organization who complete at least 75% of their Security Skills assignments. Our Security Skills options will include subject matter such as Phishing Simulation, Removable Media, etc.). 
  • The Security Awareness Business Proficiency Badge is available to organizations whose users complete at least 75% of their assigned Security Awareness Training (SAT) modules.
  • Security Skills Business Proficiency Badge is available to organizations whose users complete at least 75% of their Security Skills assignments.  

How to Get Started With Security Awareness Program?

Getting started is quite easy. The CyberMontana website has a Security Awareness Training page in which you can get more information and complete an interest form. Someone from our team will reach out to you. You can also contact Bianca ( directly to get you and your organization started. 

Sign Up for Security Awareness Training Today

There is no question we are all at risk for cyberattacks, cyber threats, and data breaches. The number of attacks each year increases significantly and continues to become more sophisticated. The best, and most successful, path to the best protection is to educate and prepare yourself and your team. Please contact us if you are interested in our Security Awareness Training, or our other Cybersecurity Training options that are available (K-12 education, Cyber Rapid Training Certification of Technical Studies Program, Workforce Development/Upskilling). 


A Guide to Cybersecurity [2022]

The word “cyber” refers to all things related to computers, information technology, and virtual reality. It includes the technology and processes designed to protect networks and devices from data breaches, identity theft, damage, and unauthorized access. Cybersecurity awareness is important for organizations as well as personal use (devices such as phones, computers, and tablets.) It is also important for the military, hospitals, as well as large and small corporations. Understanding cybersecurity, implementing defensive and offensive cyber protocols, and practicing continued diligence in staying up to date are all essential. Staying cyber secure starts with you.

Why is cybersecurity so important?

Proper use and knowledge of cybersecurity helps your organization and home create or maintain a defensive posture against cyber-attacks and breaches. These include unauthorized access, unauthorized deletion, and unauthorized modifications. This same proper use and knowledge helps prepare your organization or home offensively in the case of an attack or breach.  It is important to realize that not all breaches, attacks, or threats come externally (although a majority do). Some incidents may originate internally, with either malicious intent or incidents that occurred inadvertently. Everyone within an organization and in your home is responsible for cyber safety. Cybersecurity safeguards your systems, computers, and data from attacks that can lead to interruptions in services, information theft, or exposure of personal information

What are the main aspects of cybersecurity?

There are three pillars to cybersecurity, known as the CIA Triad. The three components stand for confidentiality, integrity, and availability. These are fundamentals when building your cybersecurity strategies.  

  • Confidentiality – Only authorized parties have access to your sensitive information and functions.
  • Integrity – Only authorized individuals may alter/add/remove sensitive information or functions.
  • Availability – Systems, functions, and data must be available on demand based on pre-determined, agreed-upon parameters. 

What are the most common types of cyber-attacks or threats?

  • Ransomware – Software that blocks access to a computer system. Without access to your files, the ransomware designer will ask for a ransom to be paid to unlock your files so you regain access.
  • Malware – Software that interferes with your computer’s normal functioning. These are viruses, trojans, or other malicious programs that infect your system or network. They may disrupt or damage your computer system or allow for unauthorized access to confidential information.
  • Phishing – The attempt to steal confidential information (credit card numbers, passwords, log-in information) through the use of email or other electronic communication forms. Typically, these appear to come from a reliable source. 
  • Social Engineering – A manipulation technique used to exploit the human error factor in cybersecurity. The goal is to steal private, personal, and financial information.
  • Denial of Service (DoS)/Distributed Denial of Service (DDoS) – Attacks that are intended to make an online service unavailable to its intended users on the internet. 
  • Man in the Middle Attacks (MitM) – Communication where two parties believe they are talking with each other but a ‘man in the middle secretly intercepts the information. The attacker controls the conversation and relays messages between the two parties. 
  • Cross-site Scripting Attacks (XSS) – Malicious scripts are injected into the code of a trusted website or application. The malicious link appears enticing and is clicked on by a user. This allows for code injection.
  • SQL Injection Attacks – Malicious SQL code is injected into an application allowing for backend database manipulation that provides access to confidential information.

Interesting fact: Injection attacks, which include XXS and SQL attacks, were the third most serious web application security risk in 2021.

What are the best practices to strengthen your cybersecurity?

Everyone within an organization and in your home is responsible for cyber safety. Increasing the cybersecurity awareness of all your employees or family members is critical. Creating, following, and updating your cybersecurity policies is key. Good cybersecurity involves multiple layers of protection using a combination of technology and best practices. Putting these practices in place does not guarantee you will avoid all attacks and threats. 

This starts with good preventative solutions. Install antivirus and firewall software. Download patches and updates regularly. Do take the time to know and understand what it is you are downloading before you click ‘install’. As an employer, know your network, who is on it, and what access they have been granted. Control and monitor cyber activity. Requiring strong credentials and having clear policies (for example, requirements for passwords that is known to all staff) sets the tone and stage for stronger cybersecurity. Create and follow workplace cyber policies such as Acceptable Use, Data Classification, Data Security, and Data Destruction.

At both work and home, passwords should be unique for different login credentials. At home, make it a habit to monitor your bank and credit accounts regularly. Frequently back up your data so that you have the most recent data and information possible in the case of a breach or attack. Be intentional online. This is very important with social media use. If you would not write something on a postcard and mail it, then do not put it on social media. Never post about traveling while you are traveling. 

Hint: you can back-post information or photos you do want to share on social media. These posts can play out, one day at a time, as if you were traveling but when you are back in your home and at work. 

How can I teach myself or gain more knowledge in cybersecurity?

There are many options throughout Montana. These include in-person, online, asynchronous, and rapid training program options. Individuals may take an introductory course to learn about cybersecurity, work towards a Certificate of Technical Studies, or pursue further higher education opportunities and degrees. Online options are available for work teams or individuals, including Security Awareness Training and Workforce Development. If you are in sixth grade through adulthood, CyberMontana offers learning and training opportunities for you. 

Keep Montana Cyber-secure

Cybersecurity awareness and in-house cybersecurity strategies are necessary best practices for any business or household. An array of options and opportunities are available to assist you in your cybersecurity growth. The first step is to define your need (awareness training, career opportunities, developing your workforce, a need for resources, or a need for incident response.) The second step is to do some research. The resource that is right for you is out there. CyberMontana does provide a variety of leads on our website, with the goal of continuing to add more statewide opportunities already available in the state. Consider your options (local/remote/in-person/online). Do a search that meets your needs. If you need help defining those needs, you may always contact us and we will connect you with the right resource in Montana.