Cyber Crime Technology

Cyber Crime Technology


This curriculum will prepare students to enter the field of computer crime investigations and private security.  Students completing this curriculum will be capable of investigating computer crimes, properly seize and recover computer evidence and aid in the prosecution of cyber criminals.


Course Work


Course work in this curriculum will include a division of work in the disciplines of criminal justice and computer information systems.  Additionally, students will be required to take specific cyber crime classes.


About Our Curriculum


Graduates should qualify to become computer crime investigators for local or state criminal justice agencies.  Also, these graduates should be competent to serve as computer security specialists or consultants with private business.

Career Information:
Degrees offered:
Program Major Code
CIP Code 
Cyber Crime Technology-Associate Degree A55210 43.0116
Cyber Crime Technology-Certificate (Basic) C55210A 43.0116
Cyber Crime Technology-Certificate (Basic) / Pathway C55210AP 43.0116
Cyber Crime Technology-Certificate (Advanced) C55210B 43.0116
Related classes and additional information can be found in the MTCC Catalog.
Randy Hollifield @ 828.659.0426

Did you know that a career in #cybersecurity is one of the best-paying jobs in the IT field?  The median base salary for a cybersecurity professional in the U.S. is $103,000 💸 ‼️

It's no secret that cybersecurity jobs often pay very well. In fact, the median base salary of a cybersecurity professional in the U.S. is about $103,000 per year. 


But not all cybersecurity salaries are the same across the board. More senior-level positions in the field command higher salaries, along with higher responsibilities. 


If you're considering joining the cybersecurity field, and wondering how much your earnings could increase over the years, here's what you should know.


Where to find cybersecurity salary information.

CyberSeek, a program funded in part by the National Initiative for Cybersecurity Education, has an interactive career pathways map on its website. It provides information on the various domains of expertise in the cybersecurity world—such as networking, software development, and auditing—and how those backgrounds can lead to various entry-level roles. These include security technician, incident responder, and security analyst. The interactive map shows the average cybersecurity salaries for various roles in field.


What your career path and salary growth could look like.

Using the data from CyberSeek, let's explore a potential career path for a recent graduate starting their career as a cybersecurity specialist or technician. 60% of postings for jobs with these titles require a bachelor's degree, with another 20% requiring a master's degree, and the average salary for these jobs is $92,000.

After some years of experience, and perhaps some additional education or certifications, the professional moves up to a cybersecurity analyst position, a role that requires a bachelor's degree or higher in 73% of job postings, and boasts an average salary of $95,000.


Continuing their upward trajectory, the professional now applies to be a cybersecurity engineer, which offers an average salary of $106,000. Finally, after some more time, they move up to cybersecurity architect, which has an average salary of $133,000.


The numbers prove that a career in cybersecurity can be rewarding in terms of salaries, and luckily, the field is in high demand. For example, according to LinkedIn data, there were more than 19,000 cybersecurity job postings in the Washington D.C. area in 2021, but there were only 8,000 cybersecurity professionals located in the region.

If you're interested in getting your foot in the door and launching a career in cybersecurity, check out this full jobs guide to learn more about the current market for these professionals and what your future could look like.

What Does it Take to Be a Cybersecurity Analyst?


Tips and tricks for building an analyst skillset.


 Photo by Carlos Muza on Unsplash


I recently had the privilege of participating in a fireside chat series for the University of Colorado, Colorado Springs Cybersecurity Apprenticeship program. Say that five times fast!


The series was broken down into three episodes:


Beginning as an analyst

Acing the analyst interview

Career growth as an analyst


Through these episodes, the goal was to provide insight into what it’s like to be a cybersecurity analyst, tips for obtaining an analyst position, and finally, what career growth for an analyst looks like.


Because this series was developed by UCC-CS and won’t be widely distributed outside of the university, I thought it would be worthwhile to publish an article that provides an overview of my conversation with the moderator.


In this article, I’ll be covering episode one, Beginning as an Analyst, and will cover episodes two and three in subsequent articles.


Given this was an informal discussion about being a cybersecurity analyst, I thought the best way to convey the conversation was via a Q&A format. I’ve outlined the conversation I had with the moderator into the six questions you’ll read about below and through these, I hope to provide insight into what it takes to be a cybersecurity analyst.


What are the day-to-day tasks of a beginner analyst?


One of the primary responsibilities of a cybersecurity analyst is security monitoring. What this entails really depends on the organization's program and the different types of technology the security team manages, however, entry-level analysts can expect to be reviewing and investigating logs and alerts from various security tools.


These tools can include the organization’s SIEM, antivirus solutions, internet protection, email security, and intrusion detection/prevention systems(IDS/IPS). While there won’t always be active threats on the network, it’s important that a team understands their “normal”.


In order to understand this baseline, the security team must be performing monitoring tasks daily, which could be as simple as checking a dashboard to see the trends in activity over the last 24 or 48 hours. By doing this, the team can better understand when something seems out of the ordinary and begin investigating it to determine whether the abnormal activity is expected or not.


In addition to security monitoring and analysis, an analyst might be tasked with various types of other work that doesn’t involve reviewing and investigating alerts.


Part of a security team’s job is to continuously improve via automation and optimization of tools and processes to achieve overall efficiency. Analysts might be tasked with small projects like configuring a new feature in the antivirus solution that will streamline an existing process or creating a new alert in the SIEM tool to provide visibility into certain events currently not being alerted on.


So as you can see, the day-to-day includes not only security monitoring and analysis tasks, but usually involves administration of the security technology as well.


What are some essential tools & skills that come into play?


The most important skill an analyst should possess is likely obvious. They must be analytical, but in addition to that, I think it’s important to be a problem-solver. Much of the work involved in an analyst's day-to-day is reviewing security tools and finding ways to optimize them.


As an analyst, you must be able to look at the current state of a tool, process, or procedures, and always be thinking about ways to improve upon the way things are done. Cybersecurity is all about automation and efficiency because there’s always so much work and so few resources.


Critical thinking and problem-solving skills come in handy when you need to think outside of the box and get creative and many hiring managers look for candidates to portray these capabilities.


As I mentioned, analysts may spend a lot of time performing reporting and metrics-related tasks, so attention to detail is critical to ensure the accuracy of the reports. The ability to create a report is one thing, but it’s just as important to pay attention to what the report is showing and validate its accuracy prior to sharing it.


Lastly, strong verbal and written communication skills are a must. As an analyst, you’ll likely be interfacing with employees from all parts of the business and at all levels. You’ll likely have to interact with end-users every now and then, you’ll be expected to collaborate with other IT teams, and you’ll have to engage with management and sometimes executive leadership.


In all of these types of interactions, it’s important to be able to effectively communicate whatever it is you’re discussing or sharing in a way that’s understandable for your audience.


While these aren’t the only skills successful analysts possess, these are some of the most important ones.


What is one of the biggest challenges of being an analyst?


One of the biggest challenges of being an analyst is really a challenge all security professionals face: trying to stay ahead of threat actors.


The threat landscape changes and evolves every day and we must continue to evolve with it. Cybersecurity is a fast-paced industry to be a part of so it’s important to stay in the know for starters. Having a pulse on the happenings in the industry is critical to understanding the threats you’re up against.


This knowledge is important, as current trends in the industry directly impact the defense strategies and techniques employed in a security program. Analysts must be dedicated to the continuous improvement of their organization’s defenses and frequently reference current trends to further improve their security controls.


Without a continually evolving security program, the defenses will quickly become irrelevant and easy for attackers to circumvent.


Cybersecurity personnel must always be on top of their game because we never know when an attacker will strike. That’s one of the biggest challenges, but it’s also what drives our profession and pushes us to strive for robust and effective security programs.


What is your favorite part about being an analyst?


My favorite part about being an analyst really ties back to why I love working in IT to begin with: the sense of accomplishment when you create something or solve a problem.


In a previous role, I was tasked with creating various alerts in our SIEM tool. The alerts were written in regex, which I was still learning, and both my manager and I couldn’t get a specific alert working for some reason. I spent hours testing and researching, testing and researching until finally, I got it working as expected.


Another time my team was attempting to solve a problem and I came up with an idea that could potentially resolve the issue. I spent an hour or two making my idea come to life and then testing it to confirm it worked as expected. Once it did, I was able to implement it into the workflow we were trying to build and in turn, resolved the issues we were facing.


While it was exciting to have seen my idea come to life, the best part was helping the team solve the problem we were facing. Having a hand in achieving a desired outcome is so rewarding.


That coupled with my passion for cybersecurity is really what makes me love what I do so much.


How much of the job is more mundane vs. handling active threats/incidents?


I’d say it’s a 70/30 split, 70% being mundane and 30% handling alerts, but it really depends on the environment you’re working in. A common misconception of a career in cyber is that security professionals spend all their time actively responding to incidents, which is far from the truth.


The only people that likely do that are the ones who work in a 24x7 SOC, but even then, they aren’t dealing with incidents all the time. Most of the time SOC analysts are reviewing and investigating alerts to determine if said alert indicates a potential incident.


For your average corporate security team, analyst work entails continuous improvement of security tools, vulnerability management tasks, and risk management and compliance activities. Depending on the maturity of the program and the defense tools in place, a team may spend more or less time responding to active threats.


While I’m not sure it’s been proven, my experience leads me to believe there is a strong correlation between the time spent responding to threats and the maturity of a security program. In past roles, the less security technology and processes in place, the more incidents that occurred.


When I first started at one of the companies I worked for, the security program was still in what’s called the Initial phase of the Capability Maturity Model (CMM). In this phase, security tasks are “ad-hoc and chaotic”.


When I left that company two years later, the program was nearing the third level in CMM, Defined. In this level of the model, a program has processes built out which are leveraged to create standards and procedures. In other words, the program is more structured and leverages standards and procedures to achieve consistency.


When I think back to my first year as an analyst with that company, I was spending probably 10 hours a week responding to alerts, active threats, and incidents. Fast forward to my last few months, my time spent responding to threats was less than three hours a week, and sometimes zero.


This goes to show that with a mature security program in place that has minimal gaps, the time spent responding to alerts and active threats is greatly reduced.


How does an organization’s industry affect the security program?


The industry you work in will greatly impact your experience in an analyst role. I’ve been an analyst in two different industries: Wholesale and Healthcare.


I’ll also note that whether the organization is publicly held or private affects the security program as well.


The wholesale company I worked for was private, and the healthcare one public. The differences here made for very different experiences as a security analyst.


For one, publicly held companies are subject to various financial audits and some industries, like healthcare, may also be subject to additional audits in regards to compliance with HIPAA, GDPR, etc.


Conversely, private companies are not subject to any financial audits and have minimal regulations. Add to that, a wholesale company that hardly handles any personal information or financial/banking information, and you’re left with few reasons to enforce security at your organization.


This is the main difference I’ve noticed in how the industry affects the security program. A non-regulated, non-publicly held organization is much less likely to have an effective security program than a public, regulated company. This is largely due to the importance of security not being fully understood by board/executive leadership and therefore, minimal funding to build an effective security program.


However, with the rise in cyberattacks across all industries many organizations are beginning to invest more in their IT infrastructure and cybersecurity programs.


In terms of the industry, heavily regulated industries usually lead to stronger or better-developed security programs. Organizations in healthcare and finance must be compliant with various regulations and in order to do that, must have certain security capabilities and defenses in place.


Naturally, executive leadership must ensure compliance with these regulations so security funding is much easier to justify and receive.


Companies in non-regulated industries like retail and wholesale are really only subject to things like customer security questionnaires and third-party audits. Without those sorts of audits being done, executives may be more hesitant to provide a sufficient budget to implement a strong security program.


This is why it’s so critical for security management to be able to effectively communicate the importance of a security program in a way that non-IT leadership can understand.


As you can see, a cybersecurity analyst has many responsibilities and they differ from organization to organization. Much of the tasks also depend on the scope of the role. Many analysts that work in a 24x7 SOC only work in the security tools, investigating and responding to security alerts.


Security analysts that work on a blue team or a security operations team are the ones that likely spend some time doing project-like work that involves process improvement and security tool optimization.


With that, I hope this Q&A has provided valuable insight into a day in the life of an analyst, the skills a successful analyst possesses, and some of the real-life experiences I’ve had in my time as an analyst.


Source: What Does it Take to Be a Cybersecurity Analyst? | by Katlyn Gallo | Dark Roast Security | Medium


According to the 2019 U.S. Cybersecurity Salary & Employment Study, North Carolina ranks #5 in the country as a best state for cybersecurity roles.
US Cybersecurity Employment Study
In a world where data protection is becoming increasingly important, cybersecurity roles are at the heart of many companies’ employment strategies.
Often defined as “information security analysts,” these roles involve planning and implementing security measures that help protect an organization’s computer systems and networks. This includes installing software, i.e. firewalls and data encryption programs, investigating security breaches, and looking for potential vulnerabilities before they are exploited.
In 2018, the average salary for cybersecurity roles was $92,789 per year, and over the next 10 years (2018 to 2028), the job growth for these roles is 32 percent (much higher than the average of 5 percent).
So how do these roles shape up on a state-by-state basis (including the District of Columbia and Puerto Rico)?
We reveal where the cybersecurity job hotspots are, including where you’ll get the highest salary, where the most jobs are, and where the best long-term projections for these roles are.
The top-scoring states for cybersecurity roles
According to our research, Virginia is the best state to be an information security analyst. It was the highest-ranking state for the number of people currently employed in these roles and employment per 1,000 jobs. It also received a high score for its average annual salary and the number of job vacancies currently available.
However, there were some weak points to Virginia’s cybersecurity roles. Since 2013, the average salary and number of people employed in these roles have grown at a slower pace. But this is perhaps due to the vast number of roles already available, and it doesn’t seem to dampen the long-term projections for these roles (41.51 percent growth from 2016 to 2026).
Texas, Colorado, New York, and North Carolina were the other four states that made up the top five. All of these states performed better than Virginia with recent salary increases over both one- and five-year periods. However, only cybersecurity analysts in New York receive a higher average salary ($122,000) than those in Virginia ($111,780).
The top 5 states at a glance




Average Annual Salary

#of People Currently in These Roles

Employment per 1,000 of Jobs

# of Job Vacancies Currently Available

Long-Term growth Projection for Roles by 2026 (from 2016)

5-Year Increase in Employment#

5-Year Increase in Annual Salary

































New York










North Carolina








The highest-scoring states per category were:
  • Highest average annual salary – New York – $122,000
  • Highest % difference to state average annual salary for all types of employment – New Mexico – 80.34%
  • Highest number of people currently in these roles – Virginia – 14,180
  • Highest employment per 1,000 jobs – Virginia – 3.70
  • Highest number of jobs currently being advertised for – California – 5,008
  • Best long-term projection for roles – Utah – 50% growth
  • Best 5-year increase in employment numbers (from 2013 to 2018) – South Dakota – 212.50%
  • Best 5-year increase in average annual salary (from 2013 to 2018) – Arkansas – 41.69%
  • Best 1-year increase in employment numbers (from 2017 to 2018) – Wyoming – 66.67% growth
  • Best 1-year increase in average annual salary (from 2017 to 2018) – Kansas – 10.86% growth
The lowest-scoring states for cybersecurity roles
At the bottom of our table was Puerto Rico – the lowest-scoring territory for average annual salary, the number of jobs currently available, and its five-year increase in annual salary. This is probably due to a lack of demand for these roles within Puerto Rico. However, when we look at its 1- and 5-year growths, things do look like they’re on the up. Over the last 5 years, employment has increased by 84.21 percent, and from 2017 to 2018, employment increased by 12.90 percent. While the annual salaries don’t seem to be increasing to reflect this demand, the average salary for these roles is 36.11 percent higher than the state average.
Maine, Montana, Indiana, and Vermont were the other four states in the bottom five. These states all followed a similar pattern to Puerto Rico with low salaries and demand, but all were showing signs of increasing levels of employment.
The bottom 5 states at a glance




Average Annual Salary

#of People Currently in These Roles

Employment per 1,000 of Jobs

# of Job Vacancies Currently Available

Long-Term growth Projection for Roles by 2026 (from 2016)

5-Year Increase in Employment#

5-Year Increase in Annual Salary











































Puerto Rico








The lowest-scoring states per category were:
  • Lowest average annual salary – Puerto Rico – $42,440
  • Lowest % difference to state average annual salary for all types of employment – District of Columbia – 29.28%
  • Lowest number of people currently in these roles – Wyoming – 50
  • Lowest employment per 1,000 jobs – Wyoming – 0.19
  • Lowest number of jobs currently being advertised for – Puerto Rico – 4
  • Worst long-term projection for roles – Vermont – 6.10% growth
  • Worst 5-year change in employment numbers (from 2013 to 2018) – Alabama – 36.81% decline
  • Worst 5-year change in average annual salary (from 2013 to 2018) – Puerto Rico – 9.82% decline
  • Worst 1-year change in employment numbers (from 2017 to 2018) – Arkansas – 49.14% decline
  • Worst 1-year increase in average annual salary (from 2017 to 2018) – Maine – 25.26% decline
Which state should you head to for the best cybersecurity roles?
Initially, you may consider Virginia thanks to its vast number of current roles and great salary. Or, you may opt for New York with its even more attractive salary ($122k) that’s 27.20% higher than the average information security analyst salary ($92,789.42) and 65.40% higher than NY’s average salary (for all types of employment).
You could even look toward somewhere like Utah, which has the best long-term projections for these roles, offering even more job security. The only thing letting Utah down is its salary ($86,790) which is 6.68% lower than the average for information security analysts. But with an 18.27 increase in the annual salary over the last 5 years, it might not be long until you’re enjoying the same or better salary.
Ultimately, the majority of states offer great prospects for cybersecurity roles. All states show at least some positive growth (when looking at the long-term projections) and each and every state has a salary that’s above the state average.
Our methodology: how did we find the best and worst states for cybersecurity roles?
To figure out how well (or poorly) these roles were represented in each state, we used ten different criteria, each of which was equally weighted to give us our overall scores. These were:
  • The average state annual salary for cybersecurity roles
  • The % difference of the annual salary for cybersecurity roles to the average annual salary of all types of employment in each state
  • The number of people employed in cybersecurity roles in the state
  • The number of people in cybersecurity roles per 1,000 jobs
  • The number of cybersecurity roles currently being advertised for by the state
  • The long-term projections for cybersecurity roles in each state (over a 10-year period)
  • The 5-year change in employment numbers (from 2008 to 2018) in each state
  • The 5-year change in average annual salaries (from 2008 to 2018) in each state
  • The 1-year change in employment numbers (from 2013 to 2018) in each state
  • The 1-year change in average annual salaries (from 2013 to 2018) in each state
To score each criterion we gave each state a point based on where it appeared between the highest- and lowest-scoring states. States that received the best scores for a criterion got 100 points, while the lowest-scoring ones received a zero. Then, all of the states in between these two figures were ranked on a percentile basis to give them their scores.
To achieve the total score we averaged the state’s score across all ten of the categories.
Some states were subject to limitations:
The states of Arkansas, Indiana, Kentucky, Nevada, Rhode Island, Wisconsin, and Wyoming didn’t recognize “information security analysts” as roles in their 10-year projections. Therefore, we used the closest roles available – “computer systems analysts”. These were only used for the long-term projection scores. Despite giving us low scores they did seem to reflect the demand for cybersecurity roles within these states.
Some states updated their long-term projections (most still publicize 2016 to 2026). Montana, Oregon, and Washington offer long-term projections from 2017 to 2027, while Colorado offers projections from 2018 to 2028.
Finally, we used Wyoming’s annual wage for computer systems analysts in 2013 for the 5-year growth in salaries, as the relevant information for information security analysts wasn’t available at this time.
Many of these limitations are due to how new these roles are. And this is why we also used “cybersecurity” as the search term on so as to cover the various titles these information security analyst roles come with. For example, while a company may refer to the role as a “cybersecurity engineer,” the state would place this under the “information security analysts” bracket when presenting its figures for employment.