If you are having trouble accessing this website or parts of it, please call 1-800-832-0034 or email [email protected] and we will provide you with assistance.
 

BLOG

Resources for Educators
& Professionals

 

Why Programming Skills Matter in Cybersecurity

by  Dr. Gene Lloyd     Apr 19, 2026
cybersecurity-programming

Programming courses are a common element of any computer science higher education program, as students are given a broad look at many of the different areas of an expansive field of study. But students who do not specialize in programming tend to lose those skills. Students who specialize in cybersecurity typically do not maintain their programming skills, and this can become a problem as they advance into investigating hacking incidents that involve custom-made programs, as these programs often need to be closely examined in lab environments to decipher their function. Programming skills help immensely in these types of operations. Cybersecurity professors should promote continuation, at least at a basic level, of reading and writing code in a handful of common programming languages so students maintain a strong familiarity with this skill. Some areas where this is incredibly useful are in malware analysis, reverse engineering, and penetration testing. 

From Entry-Level Analyst to Advanced Cybersecurity Roles 

A typical cybersecurity professional starts their career as an analyst who monitors network traffic for nefarious activity or in one of several lower-level network defense positions. We do a great job in the classroom, preparing them for these roles. But one can quickly advance into more specialized jobs where programming skills become very handy. Malware analysis is one such job. Malware analysis aims to determine what a malicious file does. Some questions that need to be answered are whether they make changes to files, broadcast information outside of the network, or attempt to disable services or capabilities. One needs to be able to analyze the code, without executing it, to observe its behavior. Cybersecurity professors who teach students the importance of maintaining programming skills ensure one’s success in advancing through the career, and give us more capable defenders on the front lines. Reverse engineering is another more advanced cybersecurity position that can benefit from programming knowledge. 

Understanding Malicious Code 

Reverse engineering goes deeper by attempting to translate compiled binaries into understandable logic. Malware commonly mixes different languages together to create a measure of obfuscation, which can only be identified if one already knows how the code should behave. One also needs an understanding of control flow, memory, and data structures when looking at compiled portions of code. These are skills one first encounters in programming courses, which highlight the importance of maintaining this vital skill. Professors can incorporate assignments in the classroom that require students to reverse engineer different categories of malware as a way to actively provide vital skills and promote continued interest in programming. Within the hacking world, it is evidenced that hackers with a greater degree of sophistication are usually writing their own applications (commonly referred to as tools) to use in their attacks. 

Real-World Incident Investigation and Sophisticated Attacks 

When I previously worked as an incident investigator, one thing we looked for was activities that pointed to a higher degree of sophistication. Large scans against a network or launching the wrong type of attack against a service were signs of someone stabbing in the dark. But the occasional attack, or successful penetration, that made analysis difficult, were the ones we wanted to tear apart in the lab. These types of sophisticated attacks resulted in hours of reverse engineering that not only helped us understand the attacker’s goals but also allowed for the update of defensive devices to catch any future activity of a similar nature. This is the type of work needed in industry, more so than a simple analyst. Industry needs cybersecurity graduates who can tear apart attacks to determine a more targeted level of defense. Another area where programming skills are useful in cybersecurity is in offensive operations. 

Programming in Penetration Testing and Offensive Operations 

Penetration testing has long been the go-to operation when an organization wants to test its network against real-world threats. The teams behind these tests often employ their programming skills to create custom scripts or payloads that have a greater chance of evading detection. Off-the-shelf exploits are easily detectable because intrusion detection systems (IDS) and antivirus software are already configured to identify them as they come across the wire. The ability to modify common attacks so they do not trip an alarm, or build custom attacks from scratch, makes the penetration test more beneficial because the network’s defenses will be stressed as they would in a real targeted attack. A helpful assignment in the classroom would be to have students modify a common exploit and test it against an IDS to see if it triggers an alert. This type of programming practice has real-world applications that will prepare a student for many other roles. 

The Limits of Guesswork and Overreliance on AI 

The challenge in this space is that some may think it is easy to “fake it till you make it” and guess their way through any job requirements that require code analysis. Some may also think that AI could be used for this task, taking the mundane out of the hands of humans. The problems with these approaches are twofold: they assume guessing at what the program does is good enough, and they increase reliance on systems instead of one’s own brain. As cybersecurity professors, we need to do a good job at preparing students for every possible eventuality in the field. 

Programming as a Core Cybersecurity Skill 

It is easy for one to assume that programming is only a necessary evil to complete a computer science degree, but this is not true. It is a vital skill used, yes, in creating everyday applications, but also in keeping networks secure. If we can determine the motive of an attacker by analyzing captured programs, determine where the code may have originated, and learn how it functions, we can create alerts that will catch it every time the same attack is launched. We can extend this protection to others by sharing our results with antivirus and IDS vendors so they can propagate alerts to systems around the world. A little programming can go a long way. Let’s push our cybersecurity students to keep this tool in their tool belt.

Stay Connected

Categories

Clear

Search Blogs

Featured Posts

Why Programming Skills Matter in Cybersecurity

by  Dr. Gene Lloyd     Apr 19, 2026
cybersecurity-programming

Programming courses are a common element of any computer science higher education program, as students are given a broad look at many of the different areas of an expansive field of study. But students who do not specialize in programming tend to lose those skills. Students who specialize in cybersecurity typically do not maintain their programming skills, and this can become a problem as they advance into investigating hacking incidents that involve custom-made programs, as these programs often need to be closely examined in lab environments to decipher their function. Programming skills help immensely in these types of operations. Cybersecurity professors should promote continuation, at least at a basic level, of reading and writing code in a handful of common programming languages so students maintain a strong familiarity with this skill. Some areas where this is incredibly useful are in malware analysis, reverse engineering, and penetration testing. 

From Entry-Level Analyst to Advanced Cybersecurity Roles 

A typical cybersecurity professional starts their career as an analyst who monitors network traffic for nefarious activity or in one of several lower-level network defense positions. We do a great job in the classroom, preparing them for these roles. But one can quickly advance into more specialized jobs where programming skills become very handy. Malware analysis is one such job. Malware analysis aims to determine what a malicious file does. Some questions that need to be answered are whether they make changes to files, broadcast information outside of the network, or attempt to disable services or capabilities. One needs to be able to analyze the code, without executing it, to observe its behavior. Cybersecurity professors who teach students the importance of maintaining programming skills ensure one’s success in advancing through the career, and give us more capable defenders on the front lines. Reverse engineering is another more advanced cybersecurity position that can benefit from programming knowledge. 

Understanding Malicious Code 

Reverse engineering goes deeper by attempting to translate compiled binaries into understandable logic. Malware commonly mixes different languages together to create a measure of obfuscation, which can only be identified if one already knows how the code should behave. One also needs an understanding of control flow, memory, and data structures when looking at compiled portions of code. These are skills one first encounters in programming courses, which highlight the importance of maintaining this vital skill. Professors can incorporate assignments in the classroom that require students to reverse engineer different categories of malware as a way to actively provide vital skills and promote continued interest in programming. Within the hacking world, it is evidenced that hackers with a greater degree of sophistication are usually writing their own applications (commonly referred to as tools) to use in their attacks. 

Real-World Incident Investigation and Sophisticated Attacks 

When I previously worked as an incident investigator, one thing we looked for was activities that pointed to a higher degree of sophistication. Large scans against a network or launching the wrong type of attack against a service were signs of someone stabbing in the dark. But the occasional attack, or successful penetration, that made analysis difficult, were the ones we wanted to tear apart in the lab. These types of sophisticated attacks resulted in hours of reverse engineering that not only helped us understand the attacker’s goals but also allowed for the update of defensive devices to catch any future activity of a similar nature. This is the type of work needed in industry, more so than a simple analyst. Industry needs cybersecurity graduates who can tear apart attacks to determine a more targeted level of defense. Another area where programming skills are useful in cybersecurity is in offensive operations. 

Programming in Penetration Testing and Offensive Operations 

Penetration testing has long been the go-to operation when an organization wants to test its network against real-world threats. The teams behind these tests often employ their programming skills to create custom scripts or payloads that have a greater chance of evading detection. Off-the-shelf exploits are easily detectable because intrusion detection systems (IDS) and antivirus software are already configured to identify them as they come across the wire. The ability to modify common attacks so they do not trip an alarm, or build custom attacks from scratch, makes the penetration test more beneficial because the network’s defenses will be stressed as they would in a real targeted attack. A helpful assignment in the classroom would be to have students modify a common exploit and test it against an IDS to see if it triggers an alert. This type of programming practice has real-world applications that will prepare a student for many other roles. 

The Limits of Guesswork and Overreliance on AI 

The challenge in this space is that some may think it is easy to “fake it till you make it” and guess their way through any job requirements that require code analysis. Some may also think that AI could be used for this task, taking the mundane out of the hands of humans. The problems with these approaches are twofold: they assume guessing at what the program does is good enough, and they increase reliance on systems instead of one’s own brain. As cybersecurity professors, we need to do a good job at preparing students for every possible eventuality in the field. 

Programming as a Core Cybersecurity Skill 

It is easy for one to assume that programming is only a necessary evil to complete a computer science degree, but this is not true. It is a vital skill used, yes, in creating everyday applications, but also in keeping networks secure. If we can determine the motive of an attacker by analyzing captured programs, determine where the code may have originated, and learn how it functions, we can create alerts that will catch it every time the same attack is launched. We can extend this protection to others by sharing our results with antivirus and IDS vendors so they can propagate alerts to systems around the world. A little programming can go a long way. Let’s push our cybersecurity students to keep this tool in their tool belt.

Tags

Clear