Dr. Todd R. Andel is the Dean of the School of Computing at the University of South Alabama, a former U.S. Air Force officer with 23 years of service.
Summary of the episode
Dr. Todd R. Andel explains how industry and government partnerships help keep coursework aligned with real-world threats, highlights hands-on learning through labs like digital forensics and hardware security, and shares internship pathways that connect students to regional defense and technology employers.
He closes by encouraging students to see cybersecurity’s fast pace as an advantage and to stay curious, adaptable, and committed to continual learning.
Listen to the episode
Read a full transcript of the episode
Steven Bowcut:
Welcome to the Cybersecurity Guide Podcast where we help students and early career professionals navigate their path into the world of cybersecurity. I’m your host, Steven Bowcut.
Today I’m thrilled to be joined by Dr. Todd R Andel, Dean of the School of Computing at the University of South Alabama. Dr. Andel has built an impressive career at the intersection of cybersecurity education, research, and national level service.
He holds a PhD in computer science from Florida State University with research expertise in computer security, formal methods and cyber physical systems. Over the years, he has worked extensively with the United States Air Force, the Department of Defense, and various national labs contributing to topics such as secure architectures, trusted systems, and cyber defense for critical infrastructure.
At the University of South Alabama. Dr. Andel leads a rapidly growing school of computing offering undergraduate and graduate programs in computer science, information systems, information technology, and of course cybersecurity.
Under his leadership, the university has strengthened academic rigor, expanded research opportunities, and enhanced hands-on student learning experiences through partnerships with industry, government and regional cybersecurity organizations.
Today he’s here to share his insights into his career journey, discuss the cybersecurity opportunities available at South Alabama, and offer guidance to students preparing for careers in this dynamic field. With that, Dr. Andel, thank you for joining me.
Todd Andel:
Alright, thanks for having me, Steven.
Steven Bowcut:
All right. This is going to be fun and interesting. We really appreciate your time. I’m looking forward to hearing what it is you have to say. And on the show, we always like to start with a look under the hood at your professional or academic journey.
So maybe what can you tell us about how you got to where you’re at and that journey looked like for you?
Todd Andel:
Well, it was kind of a, I would say interesting, maybe not a hundred percent unique path, but really a path that I don’t think I ever could have planned out. In hindsight, there’s no way I could have really planned this.
So I spent 23 years on active duty in the US Air Force, as you kind of alluded to in the intro, wanting right out of high school I wanted to get the GI bill so I could get out and go to college, and that never happened.
I never got out of the Air Force. And what happened instead is the Air Force sent me to school three separate times as my job.
And so I ended up getting my BS in computer engineering from Central Florida. I got an MS in computer engineering from the Air Force Institute technology or what we call AIT. And then as you said, I got my PhD in computer science at Florida State.
And so in between all those actually military school assignments, I had obviously regular Air Force jobs as well. A lot of ’em were pretty varied. So I started off in nuclear treaty monitoring when I was in enlisted.
Once I became an officer, once I got my first degree, I worked in aircraft simulation in the Air Force Research Lab. Did a lot of network crypto security work at that point to supporting some aviation simulation. And so we had to deal with a lot of encryption techniques in that case for distributed stuff. And then worked a lot in operational testing of new cyber technologies.
That was a really cool job. And then my final job was actually a faculty member back at the Air Force Institute technology. So the Air Force has their own grad school. About 50% of their faculty are military officers, but military officers have to move every four years so they can maintain relevancy in the military.
When I retired in 2012, I was recruited actually to come down here at South Alabama to really start building our cybersecurity program. We had a program here at South originally, primarily in our it, we were very strong in digital forensics already at the time, but we didn’t have a lot of other cybersecurity into our other programs at that time.
And so I moved on in 2012 as an associate professor, obviously work doing all things professors do, developing new classes. We added some classes in crypto, in secure hardware, in some reverse engineering secure software.
So we started adding all those things that you see in our curriculum today really started about 12, 13 years ago. In that timeframe in 2018, my career changed a little bit, so you can always do different things.
And I went down more, started going into administration, at least toying with it a little bit. I had the opportunity to work in the provost office, so basically all the deans obviously report to the provost on campus. And so I got the opportunity to work in a fellowship in his office for an academic year, splitting my time between teaching and working in the provost office.
And that really kind of changed my trajectory and gave me this background or kind of desire to want to get more in the leadership and administrative role while still obviously supporting the growth of the school. So I came back from that position and was selected to be the chair of the computer science department back in 2018 and did that for four years until I became the dean in until 23.
So it’s been an exciting path. I know when I was getting ready to retire from the military, it was kind of interesting when I was making that decision, about two years before I retired, I had to turn down some training that I was selected for because I knew I was coming up in retirement.
It wasn’t something that now my path was changing a little bit and I had a discussion with a general officer who used to be one of my commanders in a former job, and he said, Todd, don’t be embarrassed about serving your country for 23 years and no longer, you’re still going to be supporting the cybersecurity fight in your new role as you’re going off into academia, because now it’s my job both as a professor and as a dean to prepare that next generation to go out and to do those types of works.
And so his viewpoint on it was really great because a lot of times folks, they’ll want you to maybe follow their path and continue down that, but there’s many paths. So yeah, that was a great piece of advice that I got and I’ve been pretty happy with that decision.
Steven Bowcut:
Well, that’s perfect. You got the education, the experience, and then you turned around and entered academia so you could share that with others. And I might make just a little plug for the air force here and would do a little compare and contrast. I too was in the Air Force and I spent four years and then decided to get out.
And while I love my career as a journalist, I don’t have a PhD and I’m not the dean of a computing school, computer engineering. So there’s lots of different paths.
Todd Andel:
Yeah, there is. And it’s funny, my mom was mad at me the first time I reenlisted because she wanted me to, I got one in and got the GI bill and she really wanted me to go to college.
So I finally retired, I said, Hey mom, I’m finally getting out of the Air Force and I’m going to the University of South Alabama. She said, I don’t care how many degrees you have, don’t be smart with me. I’m your mother.
Steven Bowcut:
Yeah, there you go. Very good for her. Right?
Todd Andel:
Yes.
Steven Bowcut:
Okay, so let’s pivot here just a little bit. Let’s talk about your leadership vision. So as the dean, so what is your guiding vision for the school of computing and what things have you changed or how would you like to see the school change?
Todd Andel:
Well, I guess our ultimate goal, and again, it is sometimes kind of, I wouldn’t say difficult, but you’re in a unique situation when you become a dean internally. So we had a nationwide search and it happened. Luckily I was selected to be the dean, but a lot of times deans will become a dean at school if they weren’t at they moving that.
So there’s a little bit of shared vision of maybe what was on from the faculty perspective, but you really do have to make it your own and kind of build into that. So really our ultimate goal though is to really expand our programs and we’re looking from a student perspective.
So we really want to increase our student enrollment. We’re sitting at right around 600 right now in the school. We’d like to be at college and we really need to be closer to a thousand.
We were up around maybe 700 for a while. A lot of that was international. And obviously right now with visas, our international student population has gone down a little bit, but again, we get ebbs and flows.
We have actually the whole time I’ve been here get ebbs and flows with our international based on a lot of folks will come to a school and then their friends come and their friends come, and then that ebbs and flows. And so we’re anticipating that to come back a little bit.
But we’ve been growing our actual, I would say our traditional programs and adding some program offerings as well in order to try to build that student thing. The other focus though really that we really want to look at at all of our levels is we really have two main cores that I would say in this school, and we try to capitalize on those.
One of ’em is obviously cybersecurity, and we’re very committed to those programs. And again, like I said, we started that about 12, 13 years ago. And the other one really in AI and machine learning. So we’ve been doing machine learning for a long time. AI obviously is, I mean, machine learning from computer science perspective goes back to the fifties when we think about. Sure, Absolutely
But today with AI, we really have to apply that to a lot of things. And one of the nice things is applying AI to cybersecurity domain. So we see a lot of crossover then with our two cores, which is very, I think, relevant today for the needs that we have.
One of the early goals that I wanted to have, and we actually only took us about a year to get it, is we became a center for academic excellence in cyber research in four. So that was something that knowing we already were designated as cyber defense, I think maybe about a year or two even before I got here.
So about that timeframe that was, that’s based on our IT program and the digital forensics. That’s what we’re mapped against in that. But really we’re really trying to transition into more of a research university.
In fact, the university has a significant goal in becoming an R1 institution, and we’re really right on the cusp of the difference between a Carnegie R2 and a Carnegie R1, and we’re only 62 years old, and we’re literally within just maybe a dozen annual doctoral graduates per year before we meet that threshold because we already reached the research expenditure threshold of an R1 institution.
So becoming a center for academic excellence in cyber research was very key in aligning with that same goal that the university has.
Steven Bowcut:
Okay, excellent. Thank you very much. I appreciate that. So let’s talk about maybe an overview of the academic pathways, and let’s start with undergraduate programs. So what undergrad programs does the School of Computing offer?
Todd Andel:
So we actually have four undergraduate degree programs. Three of them are what we consider our core under ABET. So all of our programs are certified. These programs are certified under ABET. And so we got computer science, we got computer information systems.
We just actually rebranded that one because it used to be just information systems and we had some confusion with students thinking that was like a MIS and a business school versus a CIS.
So again, we had to do that from our own perspective. And then we have information technology, and we did not put computer in front of that one because pretty much everyone knows what information technology is out on the street and the nice thing. So with those three courses, obviously I know relevancy is a big thing in undergraduate programs as well too.
And so ABET kind of helps us make sure that we have the core things that you would need relevant in those degrees. And so because of that, that forces us to do assessment. We should never be forced to do assessment. We should always do it on our own, but from an assessment perspective and then making sure that as we align to the continuing changing ABET standard as well, that piece I say from a core fundamental, but then you still have this other piece of, obviously you want to make sure that you’re meeting industry needs and that’s going to drive changes to your program as well.
And so we have a very good industry partner and advisory board that really kind of helps us see what they need and it helps us be able to bring that. And so we try to bring those things in, obviously in some more of our hands-on stuff while we’re still maintaining our fundamental core from what ABET will require. And really kind a prime example I would say, of business needs really is that fourth degree that we have. So I mentioned we had a fourth undergraduate degree, and that one is in health informatics.
So if you don’t know a lot about mobile, mobile’s got a lot of interesting things. So we’ve got a big chemical corridor where we, because we manufacture chemicals and all these plants build ships, we have two different ship building contractors within one’s in Pascagoula over Mississippi, which is about 20 minutes away. And we have one downtown that builds aluminum ships, and then we also build airplanes. We’re the first largest, largest airplane builder in the world with Airbus being here in mobile. But we also have a very large healthcare business.
The university itself is almost 50% healthcare. We have our own medical school and nursing and stuff like that. And so we’re huge into healthcare here in mobile. And we have a lot of businesses that write healthcare software, particularly in the insurance billing cases. And so them being part of our advisory board kind of showed us they kind of needed people that were a little bit health and a little bit computing.
And So that’s where this health informatics program developed where it’s kind of like the computer information systems program where we’re building, I would say business applications, but now their business applications tailored to healthcare. And so a student has a little bit of healthcare background, they understand that, let’s say they’re developing insurance software for coding, medical, different codes for different things for insurance.
And so that’s been a very, again, responding to industry needs and making sure relevant, obviously there’s security issues even in health informatics to do HIPAA. And so we’ve got all those things that we kind of focus on. So yeah, I mean that’s kind of how we work with our industry to make sure that we’re being relevant, we’re keeping up with needs.
Steven Bowcut:
And let’s explore that a little bit because that’s always an interesting for our audience. So cybersecurity shows up throughout your curriculum. I would be interested, and not just your undergraduate, but also the graduate and PhD research focused programs.
So how does that prepare students for real world threats? How are you getting the information into the curriculum? So you talked about industry partners. I assume that’s one way, maybe you could expand on that a little bit and help our audience understand how you’re building your curriculum around what they’re going to actually need to know when they graduate.
Todd Andel:
So our industry partners are in our advisory board, so we meet pretty often with them. We actually, it’s kind of two way even. We kind of tell them what we’re doing. They get a good feel for what our programs are in our curriculum. We actually have even students come in and either brief or research or brief projects they’re working on, or our cybersecurity team will come in and brief that. And our industry loves to talk to students.
And so then they’ll respond, tell us maybe where they have some gaps. So hey, they know what our curriculum looks like and when they have a person come in, I need ’em to do X, Y, and Z. And we’re like, oh, okay.
And so we can start looking at maybe I need to add a new type of software that they need to program, what do they need to program in? What are you guys using? And what types of tools maybe are you using if you’re doing network defense? And so those things kind of come in from that aspect.
The other thing that I think maybe pulls into from a real world threat perspective, obviously with being part of the CAE community, attending things like nice and looking at how cybersecurity curriculum connects to actually job aspects. I think those are important things. Then obviously from a research perspective, our folks are always out in the literature by doing research.
That actually then keeps us, I would say, on top of things, even in our curriculum. So all of our faculty that are doing research are then incorporating the stuff they’re learning from new threats that are coming out or new things that we might be working on from a research perspective back into their coursework.
I think that’s really probably the big avenue. We actually have a pretty good strong relationship here in town with the FBI as well. Oh, nice. So that when we have threats, especially to academia, because there are a lot of threats specific to academia with intellectual property, we hear from them quite a bit.
In fact, our, I would say intellectual property protection office, and that’s not their exact name here on campus, but the former director of that was an FBI agent retired and we just moved into another role on campus and they just hired a new retired FBI person just to start that job this week.
And so that really helps us, or if we see any suspicious emails we share that they use it for their stuff in building patterns and stuff. And so that’s been a pretty good two-way street force too, to just kind of know that, oh, they’ll let us know.
And with public things, obviously they’re still public, but they make sure that we’re on their mailing list and stuff like that. And DHS is the same way. We do a lot of stuff with CISA. Obviously we have a local CISA representative, and even they have an operation location over in Pensacola, which is only about an hour from us.
So we operate with those guys a lot just from, they come over and give presentations. They talk about real world, current world things as well as our industry folks. They’ll come and do presentations as well as what they’re seeing.
Steven Bowcut:
Yeah. Awesome. Alright, a couple other things. Well, and actually something I don’t know that you did touch on, but our research shows that your research touched touches on cryptographic side channel analysis, automotive, cybersecurity, embedded system protection and active cyber defense.
So I think the audience would love to hear a little bit about the research that you’ve done in those areas and maybe as important what research areas are currently the strongest at South?
Todd Andel:
Well, I’d have to say the strongest ones are mine, right? No. Well of course, right, of course. But I would tell people that my research, it seems very hardware centric when you look at that, you’re like this guy’s. And so I always tell people, and that’s due to my computer engineering background.
I always tell people I’m a computer engineer trapped in a computer scientist body. I still do a lot of hardware things, but I think by getting, by combining computer science, when I went to my PhD now I see really the seam between the two.
And it’s made me a better overall, I think researcher and a faculty member because I see why things that we do in software make a difference from the hardware perspective and vice versa. So a lot of book smart things that I always was good at, the light bulb didn’t click for me until I had both. So from leading then into those research perspectives, obviously there’s not a lot of folks when you look at, I mean there’s still good numbers, but there’s not a huge number of folks that do a lot of work.
What I would say in hardware security per se, I mean all these other things people think about side channels and stuff, there’s limited schools that have the equipment to do that type of work.
I know when we got a lot of our advanced equipment at the time, we were 1 of 13 folks in the US that had one when we bought our first set of equipment about six or seven years ago. And a lot of this work really stemmed at work. I started in the Air Force.
So it’s really where I started down that line and the interest that I had when I was a faculty member in the Air Force, and then I’ve really kind of moved a little bit. The automotive security was like I had some students that were interested in, I don’t have any automobiles here to work on, but we can Sure build test beds. There we go.
We’ve been able to do that. We’re actually working with some folks at another university and we might get some access in the future here to actually have some real testable vehicles, which would be pretty cool.
We’re doing a lot of work and it dovetails a lot. So I have a pretty close colleague that I’ve actually been colleagues with for 20 years and we’ve worked together at three places and he’s here. And so our work kind of dovetails each other. And so he works really a lot. So I work a lot on the side channel and the embedded security side.
He’s working really a lot in malware and reverse engineering and obfuscation, and we’re kind of combining that into hardware implementations from a security standpoint. So we’re looking closely at how does obfuscation, where you’re making multiple copies of a piece of software that’s now a circuit, so we’re putting it at the circuit level.
If we change the structure of that, does it change the side channel? Well, in theory, obviously it does, but we’re trying to see what are the security impacts of that from a countermeasure perspective.
And so we obviously get something or we change the underlying structure and obviously the transistors are going to work differently at that level. And so we are using that now from a say, how do we make a good counter measure in that, or are we fully the attacker?
I would say the other thing then that in addition to a lot of work that I’ve done, even in the active cyber defense stuff, so I didn’t really touch on that. I’ve got some students right now working really in moving targets.
And so that’s one of the things that we’ve always seen in security of networks is an adversary will take months if not even longer, sometimes mapping a network because they don’t want to want to trip a firewall or detection system.
And so it’s that low and slow process of mapping your network, but by the time they come to attack you, what if your network looked different?
Yeah, okay. So I’ve got a student right now who’s in the early stages of looking at moving targets, and it could be an overlay network, so maybe not really changing the network structure, but it could be done in the network structure now with software defined networks. So we’re looking at some of those.
We’re in the early stages of looking at some of that from that perspective. And then obviously I’ve got a lot of faculty members working again in the AI space. So how do we use that to detect patterns? And it could be security patterns, it could be detecting a root kit through power, which is still kind of a side channel.
It’s a different type of side channel, but you see power fluctuations, and we’ve done some work in is that a root kit or is it not a root kit? And because those are lying to the operating system, and so sometimes it’s hard for a regular viral scanner or intrusion detection system to really say what’s happening. So we have to look at it from a non tainted perspective, and that’s kind of what we’re doing in that area.
And then obviously we just hired a new faculty member not too long ago that’s looking at transparent AI. So basically we understand what the model’s doing and then that’s going to help us a little bit more in our security work. So it’s our explainable AI, they call it not transparent. Oh, okay.
They call it, yeah, they call it explainable AI. And yeah, it leads itself to, now I can explain it and study why it made the decisions, so I may then know better if it’s being attacked or how you could protect it or just to validate that it’s working properly.
So those are all kind of things that we’re now seeing in the landscape that we’ve, again, we’ve got to keep on top of these new things.
Steven Bowcut:
Absolutely. Yeah. In fact, I was just reading, in fact, I wrote yesterday earlier this week about this, that same idea of agentic AI. We’re seeing a lot of movement in that area where agents, AI agents can do a lot, but people, when it was kind of a black box, that was a little scary for folks.
So they, they’re building them now so they can be very transparent and you can ask them, why did we make this decision? And it’ll tell you in your language of choice what it’s doing and why it’s doing it. So that’s kind of an interesting topic I think.
So let’s talk a little bit about the facilities that a student that may choose to come to South Alabama, University of South Alabama. What are they going to find in terms of state-of-the-art facilities and that?
Todd Andel:
Well, I’ll tell you, one of the things that attracted me to university was this really influx of new buildings. So when I came here, so I interviewed back in 2011 and Shelby Hall at the time wasn’t even here. So now we’re in Shelby Hall. Well, Shelby, the outside of Shelby Hall was here. It was not open yet, so it was in construction.
So when I interviewed, they took me around. We even snuck into the building actually. And so we put on hard hats and took a little tour and said, Hey, if you take a job here by the time you get here next year, I was really interviewing a year out. We’re going to be sitting in Shelby Hall. But I also looked around even the rest of the campus, about 40% of the buildings looked like they were fairly new.
And again, we’re a 62-year-old institution and with already a hundred thousand graduates. So we’re doing really good for 62 years and still to this day we’re building new buildings on campus. So speaking specifically at Shelby Hall. So we actually share this building, the School of Computing and the College of Engineering.
We’re two completely independent colleges or schools on campus, but we do share the building and we have a lot of, I would say, capabilities that we actually collaborate with on. And so we do have a lot of things are pretty unique in the building.
So specifically I would say computing. We have some of our faculty, most of our faculty have dedicated labs. And obviously when someone sometimes comes to a computing lab, it’s a bunch of computers
And you’re like, oh wow, is that cool or not? You’re trying to recruit people. But we do have some actually cool labs in addition to obviously those that we have people doing research and using computing power.
We’ve got some drone labs where we’ve got folks doing basically autonomous AI and they’re flying drones together and we’ve had to put netting in those labs because everyone wants to come and see ’em. But then we were having drone incursions into the public viewing space, and so we had to put some netting up in some of those areas.
We’ve got communicated labs in digital forensics because we got a lot of tools obviously. And again, that work was going on well before I got here even so that’s always been kind of our bread and butter and in addition to some industrial control system stuff. So we have access to some PLCs. And so we’ve done a little of work in those labs with attacking industrial controls.
And we have some folks that have worked physically in the area before they were faculty members in these industrial control areas, which suits well to us because again, we’re in this chemical plant corridor and we have a lot of folks out here that use industrial controls and it’s very important to look at that from a security aspect as well.
And then obviously a lab that I originally built, I would say when I was a faculty member and now I’ve had to hand a lot of that off to my younger faculty as now I’m more like say an administrator into our side channel lab and we really have some advanced equipment in there.
So we use a package from riskier, they’re bought by key set recently, and this package riskier comes out of the Netherlands and it’s very, very tailored, like I said, isn’t huge.
There isn’t hundreds of these out across the United States. There’s probably handfuls maybe of these across the United States, and that allows us to do EMEG collection of traces that are doing an encryption cycle off of a chip.
We can do it via power and there’s some cheaper versions that do that obviously too. But then obviously the software that goes with it will do all the differential calculus and we don’t have to do it and those types of things to do correlation to break an encryption key or something. So that’s pretty cool.
We’ve also got the ability to inject faults as well. So you could maybe skip a, at the end of the day, your password is a one or zero, did you put in the right code or not?
And if you can find that spot in a hardware circuit, you can flip that from a one to a zero. So you can do that via EMEG or even with a laser injection with optical.
Now to do a laser, what do you have to do? You have to take the top of the chip off without ruining it. So we’ve got some techniques to do that. We are actually actually installing some new equipment right now that actually allows us to use a laser to capper to do that. So we can do it a little bit more precisely.
And a lot of those types of equipment are built to remove layers off the chips. So you can do imaging, so they don’t necessarily care if they might damage operability. We’re trying to do it so we can still run it trying to it under runtime. And so the challenge becomes a little bit more very unique type of challenge.
Steven Bowcut:
What would be a common application of that ability or that technology? Maybe forensics like your FBI partners might be,
Todd Andel:
You could do it if you’re doing imaging, you could do the forensics, but if I’m trying to see where on a chip, maybe a specific place or a circuit where there’s an encryption cycle and I can inject something and skip that cycle, now I can know where that glitch.
We call it glitching, and I know where that glitch resides, and I don’t necessarily have to do that for the future and maybe make that attack, but I know where that piece is vulnerable or if I really did have some equipment that I gotten it and now I can study it, I can’t destroy it when I study it, so that’s okay, but now I know where that flaw is or so some type of, and we’re looking at really more from the counter measure perspective.
So we’ve done some stuff with some partners that they want to make sure if their equipment gets in the wrong hand, someone of ’em couldn’t reverse engineer it.
Steven Bowcut:
Exactly.
Todd Andel:
Then you have to assume that they have full capability to do anything they want to both from a destructive and non-destructive point.
And so if we can understand where they’re vulnerable, then we can maybe develop a way that we could thwart ourselves from doing it from a countermeasure perspective. Our goal is to build that countermeasure in there.
Steven Bowcut:
Yeah, okay. Awesome. Well, on that topic, I guess it suffice us to say that you have some cool stuff and students that come to South University of South Alabama can expect to be able to get some hands-on experience with some cool stuff, and I like that. And that is important. That does affect the quality of the education that you can receive.
Another thing that students and prospective students are always interested in are what kinds of partnerships or internships, pipelines are in place or are you looking at? So what could they expect in that area?
Todd Andel:
Well, we have a lot of partners and a lot of that has come obviously from our work in the cyber world. So being part of the a e community I think is important in most if any student is looking out or I know in your field you’re obviously most folks, a lot of folks we talked to are probably part of the CAE community, just you have to be relevant in cybersecurity and that’s really the best thing.
And from that, that’s where you start really building your contacts and your partnerships. We’re also part of the scholarship for service community. And so in that program specifically, we have to ensure that our graduates get the appropriate type of follow on jobs because that’s part of the requirement that we have to be part of that grant system.
We actually a dedicated center here within the School of Computing that kind of runs our industry partners in our internship program. And so that’s called CFITS and it’s the Center for Forensics and Information Technology and Security. So it’s hard for me even to remember because I’ve just referred to a CFITS since my whole life here.
But CFITS in itself, they fall under the school, but they really run our K 12 outreach as well. We like to even start our partnerships early to recruit students to come in here. They also then, like I say, they’re the ones that run our advisory board and go out to our industry folks, and then they manage this internship program. So we have kind of a varied internship program. We have a few options.
We have a lot of our folks that will come to us and actually they don’t want to go through the onboarding of interns, so they’ll actually contract with us and the students will get paid by the university, but they’ll be working out at the third party at the partners facility.
Steven Bowcut:
Oh, interesting.
Todd Andel:
Okay. So they don’t have to deal with the HR perspective of it. Now some of ’em will still choose to do that, so we still have that option. We have an internship coordinator who tries to hook up a partner that needs an intern, but then we have those ones that just want us to fully run it, at least from a funding perspective.
And then we even have a third option where we’ve actually had a lot of our partners come to us and they’ll say, we want a team. And so we call it managed interns. So they might get four students for a year and a faculty member, and they’re working on an actual product that that company might use. And so a lot of those students have gone to work for those companies.
Steven Bowcut:
Right. Oh yeah, I can imagine that would be true.
Todd Andel:
Then we also have, and so a lot of that is local. We have a really good relationship, obviously with the defense sector being in the Cyber Corps program, a lot of our students from an intern perspective and final jobs, they’ll go up to Huntsville.
So Huntsville is obviously with Redstone, arsenal is really big into defense contracting. So we have a lot of our graduates that have done both internships up there and then gone on to work in those companies.
And then obviously even in our general region, we have a huge department of defense infrastructure and input here within mobile, if you’re not familiar with the area, we’ve got Coast Guard right here in town.
Obviously they do all Coast Guard aircraft. Annual flight training is done here in mobile. So we got a lot of postcard FOIA here. We’ve got a lot of Air Force in the area.
Biloxi is about 40 minutes away. Eglin going into Florida is about 60, 70 miles away. And then we also have the Navy presence over in Pensacola with NAS and THS being over there as well. And so we have a lot of this infrastructure around here that really is a draw for our students and that is really a draw.
That’s why we maintain partnerships with ’em. And even in some of our programs, we’ll actually bring students to some of these on field trips. Well, even NASA’s got some folks over at Stennis, which isn’t too far from here either. So we have this awesome, I think, place in where we’re located that puts us in the center for this.
And obviously we have a really strong relationship with the national labs or the Department of Energy, even though they’re not really local. We’ve just got so many of our students that are up in these locations that we maintain that relationship with our alumni and they’re hiring, they’re reaching out to us to hire interns and then even final folks that are going into those.
Steven Bowcut:
Yeah, very cool. Okay, well we’re starting to run a little bit short on time and I want to end with a forward looking advice question, but before we get to that, I know we’ve talked a lot about the cool things that you guys are doing at University of South Alabama and what students could anticipate that may choose to go to school there.
But from kind of a broad perspective, and maybe it’s a two-part question, what would you say distinguishes, and I know we’ve talked about all these stuff and maybe we’ve covered everything you wanted to say, but I’d be interested in giving you an opportunity to talk about what distinguishes a University of South Alabama, particularly your master’s and your graduate programs, your PhD programs, research, what distinguishes that from other schools? And then what advantages do students gain by choosing to come to school in South Alabama?
Todd Andel:
So I think obviously you look at a curriculum and like you said, they’re going to be fairly similar computer science degrees and computer science
Steven Bowcut:
Degree. Exactly.
Todd Andel:
And again, and when students come here to look at this, I said, Hey, you need to look at all the different schools. I mean, I want you to go to college. I’d like you to come here, but you need to go what best suits you?
And so I think a lot of the things, obviously we don’t here, at least in the School of Computing, it’s not like we don’t have classes with a hundred students in them. We got classes with 25 students. I like to, that’s one.
But from a building perspective, we don’t even have, I might have a couple 60 seater rooms. So our class sizes tend to be a lot smaller. So you get a little bit better one-on-one interaction with your faculty.
A lot of our faculty are obviously research interested. And so we have a lot of opportunities then for research at the undergrad level, actually even the university has the Office of Undergraduate Research. And so the university is very focused on undergraduate research for one thing.
Steven Bowcut:
And that’s fairly unique. You don’t see that a lot.
Todd Andel:
And we have a summer program that you can apply to and get a stipend and work on summer research. And that’s all really coordinated under our honors college as well. But you don’t necessarily have to be honor student in order to take advantage of some of these things.
I would also say that because of our location, we probably, I can say that we have the beach. That’s something that the weather’s nice, the weather seems to be nice. But we have, I would say a lot of opportunities for the students.
And a lot of it’s really just these focus that not just the School of Computing has, but the university has on student belonging and this community aspect. And so people come on campus and they go, we can’t really explain it, it’s just this feeling of a family.
The university has just recently, they just published a really interesting, you can find it on YouTube if you look forward. It’s called the USA way. And it really talks about this whole mindset that the university has a belonging and how we contribute and student success.
I mean, we have over 270 student groups on campus, so we want a student to come here and learn, but we also know that they need to feel like they belong and feel self-efficacy. You need to have that in order to be successful. And I think that is a big differentiator.
Again, a program is a program. We might have some unique research capabilities that another school isn’t doing and they might have different research focuses that we’re not doing, but it really comes down to hoping to make sure that we’re doing everything that we can to make sure that you’re successful when you come here.
It does us no good to get students here and then not graduate. So the student retention and the student success is a significant focus of the whole university.
Steven Bowcut:
I love that.
Todd Andel:
I think that goes a long way.
Steven Bowcut:
Yeah, it does. I just love that idea of building a community where the students are actually a part of it and there’s nothing wrong with 250 room theater classrooms, but it’s much nicer if it’s not quite that big and not quite that intimidating, particularly for undergraduate students.
So, alright, so we’re going to end up here with this kind of a forward-looking question as I told you. So what kind of advice, let me preface the question here a little bit. So things are changing so quickly in cybersecurity, the technologies are changing, the threat vectors are changing and it could be a little overwhelming for somebody who’s thinking about where do I jump into cybersecurity?
So what kind of advice would you give to students or early career professionals who are thinking, making a change, but someone who wants to break into cybersecurity, what would you tell ’em? What do they need to do to figure out what’s the best decision for them?
Todd Andel:
Well, I guess is the pace really changing? Yes, the pace changes. The pace changes every day, right. And exactly. I would say that, I mean I can’t think of when the pace hasn’t changed.
And so if I think of my career, this is always really happening in computing, obviously anywhere in computing with AI, but cybersecurity as well.
I can’t remember when things haven’t been at a pretty constant change of pace and seeing it one step ahead of the attacker and it’s this iterative cycle and obviously this is going to continue into our lifetimes. This pace is going to maintain
Steven Bowcut:
An increase probably
Todd Andel:
If not even faster. With that being said though, I don’t think one should show up. You could think of this and be overwhelmed, but when I look at it, I think of this as an opportunity.
And so it’s such a dynamic environment and to me this ensures that we’re always challenged. We don’t take status quo. We have that excitement and that’s what actually what leads to discoveries and innovations trying to stay ahead of the game is in the early days, what led to intrusion detection systems and what led to these things is these discoveries and advancements.
And I think putting that look on it, obviously in your job too, you’re not bored. You’re always trying to, you got to be continually learning. And there’s many facets out there.
The other thing is with those facets, there’s so many things that are that cybersecurity umbrella that not just in a depth perspective and staying ahead of the attacker, but you might decide to pivot at some point and then you have options to, I can work in policy, I can work in operation.
Cybersecurity itself is a big umbrella in my mind and we need people in every single aspect of it. Very similar to what I said when the general told me, you’re still going to support the fight by training people.
I’m not on the front lines anymore, but I’m training people to be on the front lines in that daily fight. And so that to me is endless opportunities and endless pathways.
But you have to obviously be self-starting, I think, and you have to, you could just stagnate yourself, but as long as you’re willing to learn and to keep learning, I think that there’s nothing to fear because the opportunities are going to be there.
And it’s going to also be, if you enjoy it, it’s going to drive you. And I think that don’t worry about something taking your job. AI isn’t going to take us over and take our jobs. There’s so many things that we, who do you think? Who do you think’s making the AI people that are doing these things and then applying it to the right domains.
And that’s really where we have to have that understanding from the cyber perspective is how do I apply these tools now to be more efficient? So yeah, there’s plenty of work out there changes and because it’s changing, that’s driving us to keep the work going. And so I think if you have that viewpoint, I think you have a pretty happy and productive career.
Steven Bowcut:
And I really appreciate that advice. That is such good advice because, and what you said is so on target, there is a place for just about everybody in cybersecurity, whether it’s, as you mentioned, policymaking, but areas like social engineering and if you’re the kind of person who, maybe you don’t have some great technical skills, but you’re very interested in how the mind works and why people fall for social engineering scams and tricks and they can end up giving their password to somebody that is also needed in cybersecurity.
So thank you very much for that advice. I appreciate that. Alright, so thank you. We appreciate you being with us today and sharing your opinions and valuable guidance.
We really appreciate it and hopefully the people who listen to this podcast will take some time and give a good look at the University of South Alabama and see if it might be a good fit for them. So thank you.
Todd Andel:
Alright, well I appreciate it and I love the opportunity and I’m happy to do it.
Steven Bowcut:
Alright. Alright. And thanks to our listeners for being with us today. And please remember to and subscribe and comment and all those things so that more people will be able to find us. And with that, have a great day.
Todd Andel:
You too.