Cybersecurity Guide

An interview with Robert Greenberg | Sam Houston State University

Last updated:

Written by Steven Bowcut

With over 30 years of experience in the security industry, Steven Bowcut is a skilled editor, writer, and consultant.

Robert Greenberg, Director of the Cyber Forensics Intelligence Center and Assistant Professor of Practice at Sam Houston State University.

With decades of industry experience and a strong background in computer science, he brings practical insight into cybersecurity education, digital forensics, and student career preparation.

Summary of the episode

Robert Greenberg discussed the university’s cybersecurity, digital forensics, and computing pathways. He explains the differences between computer science, cybersecurity, information assurance, and digital forensics, while outlining SHSU’s undergraduate, master’s, certificate, and PhD options.

He also emphasizes the importance of hands-on learning, internships, certifications, and extracurricular projects in preparing students for the workforce. The conversation highlights a key takeaway for listeners: succeeding in today’s cybersecurity job market requires more than earning a degree alone.

Listen to the episode

Read a full transcript of the episode

Steve Bowcut:
Welcome to the Cybersecurity Guide Podcast, where we help students and early career professionals make confident decisions about cybersecurity education, training, and career paths. I’m your host, Steven Bowcut.

Today, I’m very pleased to tell you that as a guest today, we have Robert Greenberg. Robert is the director of the Cyber Forensics Intelligence Center and an Assistant Professor of Practice at Sam Houston State University.

Robert Greenberg:
In this episode, we’ll focus on the cybersecurity and digital forensics educational opportunities available at SHSU, how the programs differ, what types of students thrive in each path, and what practical steps listeners can take if they’re considering SHSU or a similar route into the field. With that, Robert, thank you for joining me today.
It’s great to be here. Thanks for the invite.

Steve Bowcut:
All right. This is going to be interesting and very useful for our audience, so we appreciate you giving us part of your day today. So let’s start off with a little bit about your role and the CFIC mission.

So you are the director of the Cyber Forensics Intelligence Center and an Assistant Professor of Practice. I guess to be honest, we’d probably like to hear a little bit about how you got to that role, what your academic or career path looked like to get to where you’re at.

And then also, how does the CFIC support students academically and professionally and what problems? I assume it was designed to solve some problems, so what were those problems?

Robert Greenberg:
Sure. Yeah, my academic background is actually a little bit unusual, and that ties into the title of assistant professor of practice because I got my bachelor’s and master’s in computer science years ago, and then I spent 34 years in industry, and I retired from industry and then popped out of retirement not long after to pursue this role that I’m in now.

So my background here, it’s kind of unusual, but it’s worked out beautifully. And I’ve found running the CFIC has been a really good experience, I think, for the students and for myself.

Steve Bowcut:
Well, I would think that you would be able to … Your experience in industry would bring some value to your role. So you know what it’s like to work out there, you know where the students are going to end up, or at least someone will end up in similar situations, so that’s got to be helpful.

Robert Greenberg:
Oh, very. I try and inject as much real-world exposure and experiences as I can into all my classes. And the feedback from the students is that they love that.

Steve Bowcut:
Yeah, I’m sure. All right. So tell us more about the Cyber Forensics Intelligence Center.

Robert Greenberg:
So we do a lot of things. We’ve got a lot of different roles. So first of all, we’re part of the computer science department here at SHSU. So we’re a center, but we’re part of the computer science department. So we do a lot of different things. So we work with people wanting to partner with the computer science department.

There’s always companies and various entities that we’re looking to have something done. They’re looking for expertise. So when those people approach, they are referred to us and then we talk with them and we try and figure out what the matches are. And do we have faculty or students that can support their needs? And we’ve done that a number of times and it’s worked out very well.

So that’s one thing that we do. And of course, because we’re part of the computer science department, we have as resources, dozens of computer science faculty and many hundreds of students.

So pretty broad range of expertise and skills there. So that’s one thing. Also, we wear a lot of hats here. We are a matchmaking service with our computer science students that want internships and careers, career help for placement. So we have a bunch of partner companies and we have a bunch of interested students.

And so we act as a matchmaker trying to make life easy for the companies, our partners. If they say, “Hey, we really need someone to do this. Do you have that? ” We have a database of students that have expressed interest and we go through and can pull very curated lists of candidates for partner companies.

So it works out very, very well for the students and the faculty in some cases when they’re looking for things that need to be supervised, and it works great for the partner companies. So we do that as well.
We’re big proponents of getting as many of our students’ internships or real job experience as possible before graduation.

So that’s typically a high growth thing for the students. And it works real well for the partner companies too, because they’re able to hire very talented, very bright people for college student salary ranges. So it works well for everyone.

Steve Bowcut:
Yeah, I love it when I see that because it is. It’s a win-win. The student is getting potentially some exposure to potential employers, and the employers are getting people who have more than just the technical knowledge. They’ve got some experience in the job that they might be doing.

And that kind of leads me into the question that I wanted to ask next. So cybersecurity, as you’re aware, is a very broad field, and it seems like it’s growing more as more and more things … I don’t know if more and more things are coming under cybersecurity.

We just find more and more ways to do what it is we do in the world of cybersecurity. So when potential students possibly come to you, how do you explain to them the differences between the various aspects that would still fall under cybersecurity, information assurance, information security, digital forensics?

And I guess I’m couching the question is that the student would come to you, or potentially in your role, you would have the opportunity to meet with students who are trying to figure out what pathway they should take to end up where they want to end up in what we call cybersecurity. So do you have any formula or how do you describe the different roles?

Robert Greenberg:
Well, so we offer a lot of different specialties here in this department. So we offer everything from traditional computer science, compute-related jobs. These are the jobs going back 50-plus years. It’s the foundational computing infrastructure.

It’s the hardware and software that enables organizations to function. So that’s the traditional computer science degrees. So we absolutely train people for that. For information assurance and cybersecurity, we would sit down with the students and explain these various roles that we have with the various degree plans we have here.

For information assurance and cybersecurity, we would describe that just simply as protecting information and the networks and resources that it lives on, ensuring that data is kept secure and confidential and that infrastructure is protected.

For digital forensics, these are very common questions that students ask. I’d say, what are really the differences here and how do I choose? For digital forensics, we describe that it’s related to information assurance and security.

It’s the investigative and analytical side of gathering information from devices to figure out what happened during a security incident. So it’s very different focus than protecting and preventing problems in the first place.

This is when something has happened. So we sit down and explain to them, here’s the various plans that we offer, and we describe to them where it leads, and hopefully that will give them enough information to make informed decisions.

Steve Bowcut:
Yeah. And I love that as well, because there are certain skills and techniques and tools that are purely forensic, and it’s important for people to understand that there’s protecting, and then there’s forensics, which is looking at it after it’s already happened. And both would be fascinating for students, I’m sure, but there’s a big difference between the two.

Robert Greenberg:
Sure. And then there’s the underlying compute structure that lets the businesses do what they do anyway.

Steve Bowcut:
Exactly.

Robert Greenberg:
The other thing we do

Steve Bowcut:
So if we focus just on the undergraduate options that a potential student might have at SHSU, can you talk to us about what undergraduate programs are available? What are those options?

And maybe if you can, what kinds of students, and by that, I guess what I mean, students that have a particular skill, gift or acumen for a particular thing, maybe the more technical versus those that are not quite as technical, but they’re interested in other things. So what kinds of students would thrive in each of these different programs that are available?

Robert Greenberg:
Sure, no problem. So I guess again, we will start with the basics. So we teach computer science, which is computational algorithms, pardon me, and data. So that includes AI, machine learning, and other topics.
As far as jobs go, AI is obviously enormously popular right now.

That’s everything that’s talked about is what it seems like. Machine learning is also very popular because it opens up possibilities to have computers quickly do really tedious things that otherwise people would have to do.

But then there are more focused areas like software engineering, which is a lot more applied, and it focuses on developing software, project management, and building solutions. So these are the classic programming jobs.

Students that thrive as software engineers, they need to be able to think logically and creatively and craft software and solutions that solve difficult problems while keeping to a schedule. So if you’re a disciplined, flexible, logical person that embraces change, you’re going to do really well there.

So we also have cybersecurity and data assurance programs. Those appeal to people that want to protect infrastructure and data and resources. So this leads to jobs like network security, security auditors and penetration testers.

So we also have one of the oldest digital forensics programs in the United States. If you want to be an investigator who analyzes breaches after they happen and work with forensic tools, and in some cases, law enforcement, that’s the career for you.

And then there’s a whole other variety of areas at SHSU that blends the basics of computer science with other related subjects like digital and analog electronics, circuit design, robotics, control systems, and FPGAs. Most of that is in another department, but they leverage our core classes.

Steve Bowcut:
Okay, perfect. So as we move up the hierarchy, at least that’s the way I picture it in my mind. So let’s look at the graduate level. As I understand it, you’ve got an MS degree in digital forensics and an MS in information assurance and cybersecurity. And if there’s more, please tell me.

But for those two anyway, or others, if there are any, how do they differ? How does the curriculum differ? The level of hands-on work or job outcomes? What kinds of jobs could you end up with, whichever one you choose?

Robert Greenberg:
So both programs are fully online and they’re well-regarded master’s programs. They differ in that the information assurance and security degree focuses on proactive security and policy and risk management and preventing data breaches.

This is a cybersecurity related job, obviously, and there are quite a few open cybersecurity jobs, so that should lead to a good outcome for students. The additional topics and knowledge of this degree helps to bridge the gap between the foundational bachelor’s degree cybersecurity training and employer experience expectations.

So there is a gap there in the cybersecurity world and will help bridge that gap. So the digital forensics degree focuses on digital forensic techniques and legal aspects of digital evidence. This is a smaller, more focused specialty area.

Steve Bowcut:
Okay. So where does the MS in computing and data science fit for someone who wants cybersecurity capabilities, but they may also want to stay flexible across software data and security roles? Is that kind of what that is designed to do?

Robert Greenberg:
So yeah, that degree is designed for students who want strong cybersecurity capability, but they don’t want to lock themselves into a single niche too early. So it sits right at the intersection of software systems, data, and security. And so that makes it a good fit for students who know that security is important, but they also want to remain adaptable as their career evolves.
So from an advising standpoint, we usually describe it as a foundational and flexible degree. So students build core computing depth while they layer in security concepts, and that combination’s valuable because most real-world security roles don’t operate in isolation and they require understanding of how software is built, how data flows and how systems fail.

Steve Bowcut:
Yeah. Interesting. And so speaking of advising someone on your website, it shows that you offer some certificates and graduate certificates. So how do you … I always find this question a little hard to articulate, but I always find it interesting how you would do that.

So how would you advise someone to either choose a graduate certificate or maybe move towards a master’s degree or even a PhD? What kinds of people … I mean, I’m sure there’s life circumstances and financial circumstances and maybe even some technical acumen or interests. How do you go about helping people make that choice?

Robert Greenberg:
Well, I think you just hit the nail right on the head. There’s a lot of our students come from a variety of backgrounds. A lot of the situations you just described are real world situations that apply to our students.

So what we do, particularly for students that come from non-computer science backgrounds, what we do is we a lot of times we’ll advise them to start with a certificate rather than jumping right into a master’s degree. So the reason it’s not ability, it’s not about their ability, it’s about building confidence and a foundation and momentum in their studies.

So the certificates provide kind of a gentler on- ramp into computing and security concepts. So they let students focus on a well-defined area, learn core terminology, learn tools and ways of thinking, and then just confirm that that field is really a good fit with them without having to jump into the pressure of joining a full degree program.

So it’s especially important, we think, for career changers who may not have prior experience in programming and systems and formal computer science coursework.
So once they complete that certificate, they’re in a much better position to succeed in a master’s program.

So they’ve developed the mindset, they understand the expectations, and they can make an informed decision about where do I want to go? What do I want to specialize in?
And the nice thing for them is if they decide to continue into the master’s programs, those courses count towards the master’s degree, so it’s very helpful for them.

Steve Bowcut:
Yeah. Oh, that’s excellent. So they haven’t lost anything. They haven’t lost any momentum or any traction by taking the certificate route, but they do get a little peak under the hood like, is this really what I want to do before you’re fully committed? I like that idea.

Robert Greenberg:
Exactly. And from a timeline perspective, if you’re a working professional, it’s realistic because the degrees … I’m sorry, the certificate program is entirely online, you can complete a certificate in a year with a manageable courseload.

Steve Bowcut:
Very nice. Okay. All right. And as I understand it, there’s a PhD in digital and cyber forensic science that you can get at the SHSU. Can you talk to us about that a little bit? Is it a research degree or would the degree be focused on research or is it else? Is it more of a educational?

Someone with that, would you be the kind of person that wants to spend your career doing research in cybersecurity? I mean, that’s what I would guess it is, but maybe it’s not.

Robert Greenberg:
It’s that and it’s other things actually. So the PhD program here, it’s not just a longer master’s degree. What it really is, it’s for students who really want to create knowledge, not just use forensic tools.

So if you enjoy asking why digital evidence works the way it does and how it can be made more reliable or how new technologies change investigations, then you’re thinking like a PhD student. So the students who do best in this pathway, they’re curious, they’re patient, they’re comfortable with open-ended problems.

And yes, there’s a lot of research here and it doesn’t come with step-by-step instruction. So you might have to spend a lot of time refining a single question, and that process has to motivate candidates, not frustrate them. So if you like independent work and deep thinking, that’s a good sign that this PhD program might be right for you.

So in terms of research, PhD students work on all kinds of different topics, file systems, memory, mobile, cloud, network forensics, malware analysis. And of course, these days, especially increasingly they use AI and machine learning for digital investigations.

So a big emphasis is on making things scalable, explainable, and legally defensible. So that’s where you get some distinguishing characteristics of this doctoral research from advanced technical training. So career-wise, and you hit on this earlier in your question, career-wise, graduates go in a lot of different directions.

So some become faculty members and researchers, others work in government agencies or national labs as senior scientists. Many join industry R&D teams that are building forensic tools or leading advanced security research, and some move into leadership roles. They direct labs, they shape policy, or they serve as expert advisors.

Steve Bowcut:
Interesting. Go ahead.

Robert Greenberg:
No, the bottom line is if you want to move beyond using tools to defining methods and shaping the future of the field, if that excites you, then this is a good program for you.

Steve Bowcut:
I really like that way of describing that. So very good. Thank you. I appreciate that. So one of the things that I noted was that you are a National Center for Academic Excellence in Cyber Defense Education as designated by NSA, which is a really fancy title.

And I believe it’s important. I talked to lots of people and many of them have that designation as well as something that academic institutions strive forward. But so from a student’s perspective, if you’re a student or a potential student, you’re listening to this podcast, what does that mean for this student in their day-to-day world?

Is it going to mean that the curriculum is more rigorous or is it going to follow certain pathways that are going to make you better position for a government job than an industry job? Or explain that for us.

Robert Greenberg:
Well, you hit on a lot of really good points there. So the answer to most of those questions is yes. The accreditation means for our students, it means they’re in a program and they know that program has … It meets rigorous standards.

So students are going to be spending a lot of money to go to college. So if they’re going to spend the time and they’re going to spend the money, they need to make sure they’re enlisting in a program where they know it’s going to deliver for them.

And so that’s one of the things that the accreditation does. So big picture, what does the CAE accreditation mean for the program? It means that outside entities are looking at and analyzing our program, the program that the student would be signing up for.

The scrutiny is going to range from the professors teaching the classes to ensuring that degree plans have the correct classes in them. It ensures that subjects are taught in each class that are appropriate and rigorous. It ensures that steps are taken to ensure continual improvement and that the students are truly learning the material and that students are graduating from the program.

Tests and assignments are examined for rigor and appropriateness. So this is a pretty hardcore certification. So why is it valuable for the students? Well, there’s a lot of reasons. It brings a lot of value.
One of them is, well, there’s a fair number of computer science programs out there that are not CAE accredited. So because of our accreditation, there’s a lot of additional opportunities that open up for the students.

So they can participate in a lot of different CAE events, both educational lectures and training on specific areas, competitions, they have opportunities to present, and then there’s vocational windows that open as well. So per your point earlier, it opens up a lot of opportunities for government internships.

There’s a lot of government agencies that are interested in hiring students from CAE organizations, and there’s a lot of full-time positions open up because the government agencies really want students and graduates of CAE accredited schools.

And then there’s other things as well. There’s CAE job fairs, and those are for industry partners and government partners. They’re looking to fill internships and jobs. So that’s at a high level, that’s what it is, but there’s a few other things that are noteworthy as well, and that is the CAE input, it impacts the student’s curriculum. It ensures that our programs are aligned with the latest industry trends and expectations. I think that’s very important because particularly in this field, things are changing so

Steve Bowcut:
Quickly. So fast.

Robert Greenberg:
So you’ve got to stay aligned with that, and that helps with that. And then the last thing is the job market is, you’re well aware, it’s very competitive. Being able to claim that you graduated from a CAE certified program, a study, it’s a competitive advantage because potential employers know they have assurances that you’ve had a rigorous, appropriate on- track education.

Steve Bowcut:
Yeah. Interesting. So a thing that’s come up a couple of times in our conversation thus far is this idea of preparing students with real world readiness, if you will. And oftentimes that’s done, or the perception is, and you can weigh in on this, but most of us believe that oftentimes that’s done with hands-on experience during their academic career.

So talk to us about what kinds of hands-on experiences or opportunities a student can expect should they come to SHSU for their cybersecurity education.

Robert Greenberg:
Well, there is a lot of hands-on experience that is going to be gained through labs. We have a capstone class, we have partnerships and internships. What we really want to do, especially me having come from industry, is I am always looking at the students and trying to prepare them in any way that I can to succeed in the workforce.

So one of the things that we tell students, and I teach our senior seminar incidentally, which I have repurposed into a bridge class between academic success and understanding what the job process looks like and how you find a job.

And more importantly, once you find a job, how do you succeed in that job? What are employers looking? And I bring 34 years of industry experience to that class.

But the big messages that I tell students, and I’m getting ready to have a meeting pretty much with an all- hands computer science student meeting next week, the thing that I pass on to them is in today’s job market, you need to do more than just earn your degree, but that’s an important first step, but a degree is the bare minimum these days.

And if for those people that are in the cybersecurity field, that’s particularly true. So in the cybersecurity field, from what I have found and talking with many others, there seems to be a gap between employer requirements and the skills that new graduates have just coming out of school.

So what we are telling students and emphasizing as much as possible is because employers seem to want candidates with two to three years of job experience, the students need to go the extra mile and close that gap with a combination of certifications and extracurricular projects that highlight their abilities, internships and any kind of part-time job that’s related.

So there is a gap there, but students can close that. And if students do a good job of closing that gap, that’s going to open up a lot of doors for them on the employer side, especially in cybersecurity. But even not on the cybersecurity side, all that advice applies to any student coming out of college these days.

Get those certifications, get those internships, try and make your part-time jobs field applicable if you can. And just go the extra mile. I mean, your GPA counts as well. It’s a crowded field and you need to stand out as a graduate.

Steve Bowcut:
Yeah. Excellent. All Okay, so we are about out of time and we always like to, if we can, end with some advice for the audience that’s listening. So for someone who’s listening, so picture in your mind a high school student who’s thinking about getting an undergraduate degree in cybersecurity or someone who’s thinking about making a career change and getting more education towards cybersecurity.

So what are maybe the first two or three actions that you would recommend to choose the right SHSU program and be successful once enrolled? So what’s some actionable advice that you could give someone who’s considering coming to SHSU for cybersecurity education?

Robert Greenberg:
I would start by meeting with SHSU academic advisors.You’re launching yourself in a path and you need to do your homework as a student and research what each program offers and the careers that it tends to lead to.

So you’re going to spend a lot of time and a fair amount of money, so you need to make wise choices and consider which of the degrees really match your skills and desires before you make your choice. And the good news is having made a choice, a lot of students do switch in the middle of their academic careers and they might switch to a related field.

So it’s not like you’re locked in, but of course it’s always best to make a perfect choice upfront. It’s not always possible, but that’s best. So in terms of advice to succeed, I give my students pretty basic advice, but it’s so important to remind them.

I think students should always remember it’s your responsibility to learn this course material that’s going to be presented to you. Ideally, you’ll learn the material in class, but if you don’t, it’s your responsibility to learn the material on your own. And if you don’t understand something, ask in class.

Don’t be shy. There’s a lot of different opportunities to get information that you didn’t understand in class. And what I find is the students who are not shy, the ones who ask questions in class or the ones that swing by and ask questions during office hours or send me emails, those students get a lot more out of their classes, much more.

So getting over that shyness about asking questions is a really big suggestion I have for students. And then the other thing is go beyond the minimum in your classes. Focus on your academics and keep your GPA just as high as you can make it.

So take the time, the students that take the time to work on extracurricular projects and on certifications and finding those career-related internships or part-time jobs, the students that do that, their resumes are dramatically more impressive.

So when you graduate or when you’re looking for that internship, your resume will stand out in a field of other resumes. So keep that in mind as you start and then get certifications.

Steve Bowcut:
Yeah. Excellent. All right. Robert, thank you so much for walking us through the educational landscape at Sam Houston State University. We genuinely appreciate your time, and I know that the audience will benefit from the things that you presented today, so thank you.

Robert Greenberg:
Well, thank you. Thanks for the opportunity to talk to you today.

Steve Bowcut:
And for our audience, if you found this episode helpful, please follow the Cybersecurity Guide Podcast and share it with a student or someone else that is trying to map out their next steps in cybersecurity.
I’m Steven Bowcut, and we’ll see you next time in the next episode.