Dr. Jim Furstenberg is a distinguished faculty member in the Ferris State University Information Security and Intelligence program. Since joining the faculty in 2014, he has combined his extensive industry experience — including roles as Chief Information Officer, Cybersecurity Consultant, and Chief Operating Officer — with his passion for teaching. 

With an information technology/security career spanning sectors such as retail, healthcare, and nonprofit organizations, Dr. Furstenberg brings a wealth of practical knowledge to the classroom. He is not only a licensed Private Investigator specializing in digital forensics and cyber investigations but also the founder of Kalos Cybersecurity LLC. As a retired team leader in Michigan’s Cyber Partners Incident Response (MIC3), he has played a pivotal role in educating and responding to cyber incidents across public and private sectors. 

In this interview, Dr. Furstenberg shares insights into how his real-world experience shapes his teaching methods, the differences between educating students and training professionals, and the critical importance of hands-on learning in cybersecurity. He discusses the integration of tools like ANY.RUN‘s interactive malware sandbox into his curriculum, the evolving landscape of cybersecurity education, and the essential skills students need to thrive in this dynamic field.  

Join us as we explore Dr. Furstenberg’s approach to fostering the next generation of cybersecurity experts. 

On the approach to teaching 

Q: As someone coming from a practical background, how does your industry experience shape your teaching methods? 

Dr. Jim Furstenberg: My industry experience informs my teaching methods in several ways. First, it allows me to provide real-world experiential learning and examples that make cybersecurity concepts more relatable and engaging for students. I emphasize hands-on-keyboard practical applications of theoretical knowledge; helping students understand how their learning can be applied in actual work environments.  

I also foster a collaborative learning environment, similar to what they would experience in a professional setting, i.e., group projects that prepare them for teamwork and communication in their careers. I draw on industry best practices to create relevant assignments and projects, encouraging students to develop skills that are in demand. 

Additionally, our Information Security and Intelligence (ISIN) program’s faculty team draws on over 20 years of work experience ranging from leadership positions in multibillion-dollar corporations, healthcare, nonprofits, law enforcement, and licensed professional investigators.  

ISIN Faculty includes a Distinguished Professor, Michigan Professor of the Year, multiple Fulbright Scholars, and International Educator of the Year. Our faculty team has taught on four continents, including teaching digital forensics to the entire federal cybercrime units in Chile and Perú. In 2023,  I was nominated for Outstanding Professor of the year by students; although I did earn the award, just the nomination meant a lot to me.   

Finally, I am still active and, in the cybersecurity, and digital forensics profession and industry. I own my own cybersecurity business, and those firsthand client engagements and experiences help me stay updated on industry trends and challenges, allowing me to incorporate current topics into the curriculum and ensure that students are equipped for the future job market. 

Q: What are the main differences you see in how you tailor your approach to educating students versus training employees in cybersecurity? 

Dr. Jim Furstenberg: When tailoring my approach to educating students versus training employees in cybersecurity, several vital differences emerge: 

• Learning Objectives: For students, the focus is often on foundational knowledge and theory, while employee training is more about practical skills and immediate application. I emphasize real-world scenarios and problem-solving in corporate training. 

• Curriculum Depth: Student programs may explore a broader range of topics to provide a comprehensive understanding, whereas employee training is typically more targeted, addressing specific skills or compliance requirements relevant to their roles. 

• Engagement Strategies: Students may benefit from various teaching methods, including lectures, discussions, and group projects, to foster critical thinking. In contrast, employee training often involves hands-on workshops, simulations, and table top exercises to engage them in real-life situations. 

• Assessment Methods: Student assessments might include exams, essays, and projects to gauge theoretical and skill understanding. For employees, assessments, such as hands-on tests or simulations, are often more practical to measure their ability to apply skills in real-world scenarios. 

• Feedback and Adaptation: In an academic setting, feedback can focus on personal and professional growth and deeper understanding, while in corporate training, it is crucial to provide immediate, actionable feedback to improve job performance quickly. 

• Motivation and Mindset: Students may be motivated by grades and learning for the sake of knowledge, while employees are often driven by career advancement, job performance, and the application of skills, which can shape how I present material and relate it to their goals. 

Q: As cyber threats keep changing, how do you balance providing a broad foundation in core cybersecurity principles with keeping your curriculum up-to-date on the latest threats? 

Dr. Jim Furstenberg: It is undoubtedly challenging, but since I am actively involved in the profession and not just teaching, I often look for and bring the business reality into the classroom by engaging top-notch vendor solutions into the classroom for practical skills engagement.  

I am grateful for partnerships with vendors like ANY.RUN, which allows me to do this. While many vendors focus solely on short-term profits, several best-in-class companies we partner recognize the importance of providing low or no-cost access to their products for students. This approach enables real world application/learning and helps create future advocates for their solutions. 

Q: How do you measure the success of your cybersecurity curriculum? Is it based on student feedback, job placement rates, or other factors? 

Dr. Jim Furstenberg: We measure success by assessing our students’ employability, gathering feedback from their internships, and the overall feedback from the government and industry regarding our alums. Additionally, our program holds national recognition and rigorous accreditations. For instance, in 2017, the ISI undergraduate program earned ABET Engineering Accreditation for Cybersecurity, becoming one of the first seven universities in the nation to achieve this distinction.  

Moreover, the National Security Agency and the Department of Homeland Security have designated Ferris State University as a National Center of Academic Excellence in Cyber Defense Education, as well as The Department of Defense Cyber Crime Center (DC3) and the Air Force Office of Special Investigations has named Ferris State University as the first university in the United States to obtain designation as a National Center of Digital Forensics Academic Excellence. 

On training methods and hands-on practice 

Q: Which methods have you found work best for teaching complex cybersecurity concepts?  

Dr. Jim Furstenberg: In short, experiential learning is essential—it involves hands-on experience while bridging the gap between academia and real-world realities. Our profession requires both knowledge and skills (technical & professional), along with a lifelong commitment to continuous learning and re-skilling oneself as it is constantly evolving, and our adversaries are highly skilled. 

Q: How do you incorporate real-world scenarios and hands-on labs into your teaching? 

Dr. Jim Furstenberg: There are numerous ways, but I will focus on three 

• Hands-On Labs: Practical exercises allow students to engage with real tools and scenarios, helping them understand abstract concepts through direct experience. 

• Case Studies: Analyzing real-world incidents provides context and relevance, illustrating the implications of cybersecurity practices and failures. 

• Interactive Simulations: Using cyber warfare games and simulations, immerse students in threat detection, incident response, and other critical areas, enhancing their problem-solving skills. 

Q: Where does ANY.RUN’s interactive malware sandbox come into play in your curriculum? 

Dr. Jim Furstenberg: ANY.RUN provides students with access to a top-tier interactive malware sandbox, allowing them to understand the intricacies of malware hands-on. We integrate ANY.RUN labs with MITRE ATT&CK mapping and process enumeration, a collaboration made possible by ANY.RUN’s partnership and generosity.  

Students gain experience with a best of breed vendor and tools they are likely to encounter in the industry. ANY.RUN’s partnership with our program affords students to observe firsthand the full interaction of malware and its consequences. This real-world application enhances their understanding of how to respond to incidents with concrete artifacts and facts.  

Ultimately, ANY.RUN helps students articulate their findings and teaches them to adopt a pragmatic approach when creating defensive solutions and more importantly the ability to communicate visually what is happening and why to leadership and executives.

On advice to cybersecurity students 

Q: Students often struggle with balancing specialization and being a jack-of-all-trades. What advice do you give them for managing this throughout their career? 

Dr. Jim Furstenberg: This profession is not…Tube Socks… “one size does NOT fit all.” We emphasize the importance of self-discovery for students to seek out what they are genuinely passionate about. In cybersecurity, there are numerous horizontal and vertical paths to explore, all based on individual interests and passion. This passion for the profession makes it feel less like work and more of a mission. You have to be passionate about what you do…or why do it? 

However, a significant challenge is the vast knowledge domain and hands-on practical skills required. Students must navigate to their strengths to find their niche within it. This profession may not be for everyone, as it can lead to high burnout rates due to the extensive knowledge, skills, and the never-ending reality of “Cyber never sleeps”… an adage that continues to remain true as we face relentless attacks on our nation’s infrastructure and industries. 

I advise that a student’s approach to college should be to learn a profession, not just earn a degree. As professionals, we are passionate about our work, continually applying and updating our skills constantly, learning and even unlearning… as our profession constantly changes exponentially. In this profession, one never really “arrives,” but it is possible to be passionate about and master a specific niche. 

Q: What technical and soft skills do you notice students often lack when they enter the workforce? 

Dr. Jim Furstenberg: Get your face up from the device, look around, and actually talk to people. Behind all the cyber…there are real people. As time passes, I see students who are more introverted and anxious, often challenged to look at the person talking to them. After all, this is still a people business and people skills are critical. 

Technical Skills can be taught, however interpersonal and team player skills are acquired by first having a willingness to understand that interpersonal skills matter… and matter a lot; it’s a huge mistake to think that its only about the technical.  

Q: What essential recommendations would you give to students looking for their first job in cybersecurity? 

Dr. Jim Furstenberg: What separates a good cybersecurity analyst from a poor one is a combination of critical thinking, creativity, and persistence;  the emotional courage to keep going when things don’t work as expected. In cybersecurity, giving up is never an option. You need to buckle down and figure things out. 

Notice how technical skill is not on my list – because it can be learned; the attributes I listed above are a conscious choice. Furthermore, if cybersecurity were easy, anyone could do it. The truth is, it’s not easy, and not anyone can succeed in this field. 

As a student, it’s crucial to go beyond basic instructions and not give up when the first problem arises. Effective cybersecurity work often demands that you dig deeper to uncover issues that are not immediately obvious, as things are constantly changing. It’s about being resourceful, thinking critically, and persevering through challenges rather than stopping at the surface.  This mindset and discipline are essential for identifying and solving real-world security threats. They will set you apart as you grow in the field. 

On the future of cybersecurity education and work 

Q: How do you see AI affecting both the education and the tools and techniques used in professional cybersecurity settings? 

Dr. Jim Furstenberg: We have used AI for years in the infrastructure backend of appliances, so this is not new in my opinion. Only now is AI consumable so to say…  AI is and has been critical in cybersecurity to do what we do.  

I see more integration into areas where perhaps we had low to no visibility and time saving so the analyst can get Good Findings Fast (GFF)… AI’s speed and its ability to sort signal from noise more provides deeper integration pragmatically.  

Q: What factors, trends, or technologies do you see having the most significant impact on how we approach cybersecurity in the next three years? 

Dr. Jim Furstenberg: I see a deeper integration of Zero Trust. Companies finally understand that Cybersecurity is not an IT problem; it is an enterprise privacy and security issue, and it deserves a seat at the boardroom table.  

Cybersecurity is and should not be a department within IT — it is an integrated whole enterprise approach toward everything in the enterprise, not some bolted-on blinky appliance that IT manages; thankfully, this Luddite mentality appears to be finally waning. GDPR put some teeth into cybersecurity at the board and ownership level, and rightly so.

About ANY.RUN   

ANY.RUN helps more than 500,000 cybersecurity professionals worldwide. Our interactive sandbox simplifies malware analysis of threats that target both Windows and Linux systems. Our threat intelligence products, TI Lookup, YARA Search, and Feeds, help you find IOCs or files to learn more about the threats and respond to incidents faster.    

With ANY.RUN you can:  

• Detect malware in under 40s.  
• Interact with samples in real time.  
• Save time and money on sandbox setup and maintenance  
• Record and study all aspects of malware behavior.  
• Collaborate with your team  
• Scale as you need.  

Try all features of ANY.RUN for 14 days by requesting a free trial →