Careers in Cyber Security and the Traveling Salesman Problem

Cybercrime It is predicted to cost the global economy $5.2 trillion over the next five years. A single data breach — unauthorized access to private information – costs a U.S. company an average of $8.19 million. We all pay.

The worldwide supply of cyber security professionals equipped to defend against these criminals is woefully inadequate. One prediction estimates that the world’s cyber security workforce will have to grow by 145% in order to fill all the available cyber security jobs. Governments and industry agree that complete staffing of cyber security positions by qualified personnel is a necessary condition for national security and economic stability in the future.

For all these reasons, cyber security is one of the most lucrative career fields for which students can prepare. They can do this by studying computer science, and mastering basic mathematical skills. So, for all those students who doubt that things like polynomials (like x squared) and exponentials (like 2.718 raised to the power x) could have any relevance in their future lives, this blog is for you.

Let’s start with the well-known Traveling Salesman Problem (TSP). The TSP is an easily understood problem that mathematicians have been noodling over for more than 100 years. It goes like this: Given a list of N cities, the associated distances between each pair of cities, and a maximum distance D, determine if there is a route less than or equal to D that the salesman can take to visit each city once and end up back at the starting point.

We can try a brute force approach here, computing all the possible ways the salesman could make the trip and see if any are of length D or shorter. How many routes would that be?

Suppose there are 5 cities. We begin by choosing the first city to visit; there are 5 choices for that city. Then we choose the second city to visit; there are 4 choices for that city. We continue to choose all the way down to the last city; there is only 1 choice for that city. So, the total number of possible routes the salesman can take would be 5 x 4 x 3 x 2 x 1 = 120 routes. We can then calculate the total distance traveled along each route, adding together all the distances between adjacent cities visited, and compare each one to D.

So, the brute force solution to the TSP requires N x (N-1) x (N-2) x … x 3 x 2 x 1 computations, a value which we can show grows exponentially with N. We’d prefer a solution that grows more slowly, like in a polynomial number of computations (like N times itself p times), but there are no such solutions for the TSP, which is therefore said to be “NP-complete”.

So, now you’re thinking, “Whoa, this sounds complicated!” and it is. It’s called computational complexity theory, and it’s anchored in some very sophisticated mathematics which we are not going to talk about here.

Computational complexity is a key element of cyber security these days. It is used by computer security professionals to understand the risks associated with specific kinds of cyber attacks, and make recommendations on how to mitigate against them. Companies use these metrics to make decisions about which cyber security products to buy. For critical applications, a company may buy more expensive encryption capabilities, like one using a secret number of 1024 bits (a string of 1’s and 0’s that is 1024 digits long) which would require 2^1024 (that’s 2 times itself 1024 times!) computations to solve using a brute force attack.

For whatever reason, there is a critical shortage of qualified cyber security applicants in the world today. Computer security relies on basic math skills, things like counting, polynomials, and exponentials. By encouraging math proficiency among our young people, we will successfully set them on the paths for lucrative cyber security careers, and help ensure our own national security and economic stability in the future.