Creating an Online Cybersecurity Capstone Simulation. Alan Carswell Jim Cook

Similar documents

FERRIS STATE UNIVERSITY SCHOOL OF NURSING POLICY SERVICE LEARNING REQUIREMENT UNDERGRADUATE (BSN) PROGRAMS

Multiplayer Game Programming ITP 484x (4 Units)

LOURDES UNIVERSITY Graduate School Master of Science in Nursing NUR 698 NURSING CAPSTONE

COMPUTER SCIENCE/ COMPUTER NETWORKING AND TECHNOLOGIES (COSC)

USF Graduate Catalog SECTION 23.

USF Graduate Catalog SECTION 18.

FERRIS STATE UNIVERSITY SCHOOL OF NURSING PORTFOLIO GUIDELINES AND EVALUATION PROCESS PRELICENSURE BSN PROGRAM. Introduction:

I n t r o d u c t i o n

COURSE SYLLABUS BMIS 342 CYBER SECURITY

Wyoming Community College Commission Request for New, Pilot or Revised Degree or Certificate Program

Service Availability Metrics

How To Become A Cybersecurity Consultant

PENN STATE - ERIE, BLACK School of Business MIS 445 (4 CR):Business Intelligence: Fall 2011, Ido Millet

Enterprise Cybersecurity: Building an Effective Defense

Physical Assessment & Clinical Judgment Rubric

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Psychology 4978: Clinical Psychology Capstone (Section 1) Fall 2015

Course Design Document. Information Security Management. Version 2.0

Department of Mathematics and Computer Sciences

LEARNING, DESIGN AND TECHNOLOGY CAPSTONE PROJECT GUIDELINES

A DIGITAL SOLUTIONS AGENCY Queen Anne Ave N. Ste. 337 Seattle WA,

Cyber Defense Operations Graduate Certificate

INFORMATION SYSTEMS AND TECHNOLOGY MANAGEMENT

LEARNING OUTCOME ASSESSMENT APPROACH FOR COMPETENCIES IN BUSINESS ADMINISTRATION

National Initiative for Cybersecurity Education

Threat Intelligence Pty Ltd Specialist Security Training Catalogue

How To Get A Forensic Vocational Rehabilitation Certificate

CLOUD MIGRATION STRATEGIES

CyberSecurity: Trends, Careers, & the Next Generation

Assessment Plan for the MBA Program Department of Business University of Wisconsin - Parkside

(BDT) BDT/POL/CYB/Circular

CIS 244: Web Server Management (3 Credits) Course Description

Information Systems and Tech (IST)

Blended Course Evaluation Standards

2. SUMMER ADVISEMENT AND ORIENTATION PERIODS FOR NEWLY ADMITTED FRESHMEN AND TRANSFER STUDENTS

Assessment Plan for the Undergraduate Criminal Justice Program GOAL A

EDME 532: TESOL INTERNSHIP AND SEMINAR SUMMER / 2015

University of North Dakota Department of Electrical Engineering Graduate Program Assessment Plan

Unit Number Unit Name Person Responsible Business Management and Supervision (MST) Wanda Markie Hunter

COMPUTER SCIENCE, BACHELOR OF SCIENCE (B.S.)

Course Facilitator. Course Description

MS Health Informatics ( )

BS in Social Sciences

Report on CAP Cybersecurity November 5, 2015

PSY 7810 Spring, 2013 Advanced Internship in School Psychology Syllabus. James O. Rust Phone: Fax:

Outcomes Assessment and Program Improvement Master of Business Administration

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

QUESTIONS & RESPONSES #2

2013 Review of the MS in Sport Management

How To Pass A School Counseling Course

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

Teachers College, Columbia University. Department of Mathematics, Science and Technology

Computer and Information Science

Cybersecurity The role of Internal Audit

Management Consulting Systems Integration Managed Services WHITE PAPER DATA DISCOVERY VS ENTERPRISE BUSINESS INTELLIGENCE

Advancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching, and Software Development

Lesson 12. Software Development

Bachelor of Information Technology

Department of Communication Studies M.A. Program Annual Report

Distance Education at USD

UNC LMS Test Environment and Procedures Last Revised

Portfolio Options Option 1 Option 2

List all of the program s learning outcomes: (regardless of whether or not they are being assessed this year)

The STAGEnet Security Model

Cybersecurity Strategy

Five keys to a more secure data environment

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

AC : GEO: A WEB-BASED EVENT REGISTRATION AND COMMUNICATION TOOL

CAPSTONE Master s Degree in Instructional Technology

Custom Software Development Approach

Cybersecurity Awareness for Executives

The Future of Cybersecurity Education

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

ECU ASSESSMENT REPORT - Version 2. COE Program - Counselor Education (MS)

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

Minnesota State Community and Technical College Detroit Lakes Campus

CIO Council Updated IT Strategic Plan

MJC Online Course Review Process DRAFT

REQUEST FOR PROPOSALS: CENTER FOR LONG-TERM CYBERSECURITY

Transcription:

Creating an Online Cybersecurity Capstone Simulation Alan Carswell Jim Cook FISSEA Conference March 21, 2013

Overview Cybersecurity Programs MS in Cybersecurity CSEC 610 MS in Cybersecurity Policy MS in Digital Forensics and Cyber Investigation Six-credit courses 100% online Cybersecurity CSEC 620 Cybersecurity Policy Digital Forensics and Cyber Investigation Interdisciplinary Simulation a part of CSEC 670 CSEC 670 (Capstone)

Overview Simulation Objectives Multi-player collaborative online game Simulation of a national environment Technical and Policy Issues Synthesis of prior learning Bridge to career 3

Overview Simulation Organization 4

UMUC Cybersecurity Capstone Simulation Mission Protect the US Critical Information Infrastructure against cyberattack 5

UMUC Capstone Simulation Combines Technical and Policy Skills RedTeam vs BlueTeam Technical insight Tabletop exercises Policy insight Objectives are to protect - system security profitability popular sentiment national security minimize system downtime Maintain Business & Infrastructure Budgets 6

Game Master Instructor Student Teams represent Critical Infrastructure businesses Individual Students take on Roles for managing cybersecurity CIO Net Admin Cyber Sec Officer Cyber Policy Coord Etc. Roles 7

Operation Weekly Cycle Game Master introduces Attacks Students Teams Receive Alerts About Attacks Select controls to counter Cooperate to stay within budget Adjust cost and strength of controls Finalize selections 8

Student Teams Outputs and Evaluation choose controls write rationale for control selections Model runs in background Output Indexes rise or fall for Security and Business Health Charts show effects of student choices on Output Indexes Instructor uses special tools for analysis evaluates indexes and rationale comments on effectiveness of choices made by each team. 9

Grading Rubric Changes in key indices from previous round (not applicable for Round 1) Consideration of environmental effects such as events and previous rounds outcomes. Demonstration of understanding of controls effects on security. Demonstration of knowledge of the sector s contribution to national security Acknowledgement of trade-offs between conflicting objectives. Demonstration of team coordination. Proper writing, including grammar, punctuation, sentence structure, and typography. Compliance with APA format. Excellent Satisfactory Needs Improvement Comments 10

Managing the Project Project Scope Quality Standards Value to the University Project Schedule Project Costs and Resources 11

Coordination LMS Administrators Video Team Faculty IT Senior Management Contracting Software Testers Academic Dept. (Project Owner) Software Developer (Vendor) Subject Matter Experts General Counsel Game Masters Editors and IPR 12

Coordination LMS Administrators Video Team Faculty IT Senior Management Contracting Software Testers Academic Dept. (Project Owner) Software Developer (Vendor) Subject Matter Experts General Counsel Game Masters Editors and IPR 13

Coordination LMS Administrators Video Team Faculty IT Senior Management Contracting Software Testers Academic Dept. (Project Owner) Software Developer (Vendor) Subject Matter Experts General Counsel Game Masters Editors and IPR 14

Project Phases Design Development Deployment 15

Design Phase SMEs and software designers conceptualize product Functional specifications document 16

Development Phase Prototypes and components Alpha, Beta, and Gold subphases-- delivery and testing of software User manuals Technical architecture design Server hosting Load testing 17

Deployment Phase Training of faculty Additional documentation for students and faculty Facilitating deployment in semester 18

Results and Plans Student reaction generally positive Using what they learned in their previous courses Simulation visually interesting, easy to use But a steep learning curve Unclear relationship between decisions and outcomes (maybe a virtue?) Future plans cross-team effects 19

Questions? 20

Controls Decisions on technical and policy measures like: Frequency of software updates RAID levels implemented Level of encryption Investment in training Optimization 21

Events Injected by Game Master Examples DDoS attack Phishing expedition Economic downturn Natural disaster 22

Outcomes Indicators measuring the performance of each team. Examples: Profitability (Surplus for the Federal Government team) Employee Morale Security Index Budget 23