Cyber Security Education: My Personal Thoughts. Bharat Doshi bharat.doshi@jhuapl.edu



Similar documents
Introduction to Cybersecurity Overview. October 2014

Cyber Watch. Written by Peter Buxbaum

SCADA Security Training

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Internet threats: steps to security for your small business

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Bellevue University Cybersecurity Programs & Courses

Network Support. Technical Certificate. Program Outcomes: FOUNDATION COURSES. 1 of 7

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

The Information Security Problem

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

CyberNEXS Global Services

Certified Cyber Security Analyst VS-1160

Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS QUARTER 2 NETWORKING AND OPERATING SYSTEMS ESSENTIALS. Module 1 - Office Applications

How To Protect Your Data From Being Hacked

Capacity Building in Cyber Security Literacy: An Inter-disciplinary Approach

Who s Doing the Hacking?

Christos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.

Into the cybersecurity breach

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

Big Data, Big Risk, Big Rewards. Hussein Syed

CPSC 467: Cryptography and Computer Security

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

Using Entrust certificates with VPN

Computer Network Engineering

WCA WEBINAR SERIES: The Case for Cyber Security Training

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cybersecurity: An Innovative Approach to Advanced Persistent Threats

Microsoft Technologies

National Cyber Security Strategies: United States

Promoting a cyber security culture and demand compliance with minimum security standards;

Managing IT Security with Penetration Testing

EC-Council Certified Security Analyst (ECSA)

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

Web Application Security

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Cybersecurity Health Check At A Glance

Cyber Learning Solutions

Cisco Advanced Services for Network Security

Certified Cyber Security Analyst VS-1160

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Middle Class Economics: Cybersecurity Updated August 7, 2015

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Introduction to Cyber Security / Information Security

Cybersecurity and Collaborative Research Projects. Hiroto Yasuura Executive Vice President Kyushu University

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Defending Against Data Beaches: Internal Controls for Cybersecurity

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Computer Security Literacy

TUSKEGEE CYBER SECURITY PATH FORWARD

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

PENETRATION TESTING GUIDE. 1

Internet Governance and Cybersecurity Patrick Curry MACCSA

Identity & Privacy Protection

UNM Information Assurance Scholarship for Service (SFS) Program

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College

Presented by Frederick J. Santarsiere

SMALL BUSINESS PRESENTATION

What is Really Needed to Secure the Internet of Things?

Cybersecurity Definitions and Academic Landscape

NETWORK SECURITY (W/LAB) Course Syllabus

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

POLICIES TO MITIGATE CYBER RISK

Research Topics in the National Cyber Security Research Agenda

IT Security Training. Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules

THE OPEN UNIVERSITY OF TANZANIA

Software Development: The Next Security Frontier

CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia

Comprehensive i-safe Curriculum International Scope of Lessons and Language Availability

Team Members: Jared Romano, Rachael Dinger, Chris Jones, Miles Kelly Supervising Professor: Dr. George Collins Industry Advisor: Dr.

Cisco RSA Announcement Update

DeltaV System Cyber-Security

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

IBM Security Strategy

Information Technology Cluster

Certified Secure Computer User

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

2) trusted network, resilient against large scale Denial of Service attacks

A Systems Engineering Approach to Developing Cyber Security Professionals

Computer Security and Investigations

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Cisco Network Specialist CCNA

Department of Management Services. Request for Information

Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance

Developing Secure Software in the Age of Advanced Persistent Threats

Transcription:

Cyber Security Education: My Personal Thoughts Bharat Doshi bharat.doshi@jhuapl.edu

Topics Personal Background Other situations: Similarities and Differences Cyber Vulnerabilities Student Types and Education/Training Needs Dynamics and Continuing Education Concluding Thoughts

Driving Safety: Similarities and Differences Concept Design Supply Chain and Manufacturing Maintenance and Repair Road Building Road Operations and Maintenance User Driving Errors/Failures Vs Attacks Rate of Change Early users

Telephony: Similarities and Differences Infrastructure and end device architecture Designs Supply Chain and Manufacturing Deployment Operations and Maintenance User Errors/Failures Vs Attacks Rate of Change??

Cyber-security: Users, Attacks, Sources of Vulnerabilities Types of Infrastructure and Users DoD and IC (.mil), other Government users (.gov), Critical non- Governmental Infrastructure (.com..edu,..), general users (.com.,.edu,..) Types of Attacks Hacking for fun or attention, identity theft and other economic motivation, espionage, terrorism, pre-emptive strike Other Attacks and/or Damages Actions in social media Privacy issues and persistence in social media Cyber-vulnerabilities Architecture, Design, Development Manufacturing and Supply Chain (Globalization) Operations (Configuration, Controls,.) User Behavior

Student Type and Education/Training: Designer/Developer Core curriculum in Computer Science, Electrical Engineering, or similar Discipline Supplemented with courses on secure programming, applications of crypto, network security, trust establishment, etc. Supply chain issues, verification, anti-tamper techniques, etc. Policies,.. Cyber threat analysis Red teaming and classroom games Experimental science for Cyber Secure systems engineering where cyber is a major component of all modern systems (Domain Aware Cyber Architecture and Operation) 4+1?? Special Graduate Degrees?? Specialization during education and on the job

Student Type and Education/Training: IT Operations Broad Training (Cisco, Microsoft,..) including courses on Threat analysis Security equipment (firewalls, IDS, etc) Commercial tools Use existing Open Source software (spam filters, honeypots, etc) Some specialization Professional Exams and Certification?? Red Teaming Games (e.g. CyberCIEGE, NetWars, CyberLink Duo, CyberLink Solo, ) Continuing Education/Training

Dynamics and Interplay How do we keep Designers, Developers, and Operations people to remain current in the face of rapid changes? How do we make the above groups interact?

Student Type and Education/Training: General College Students, Adult Population, etc. Courses on Cyber: Basic awareness of the presence of cyber, terminology, etc. Online risks (financial, reputation,..) and secure usage practices (passwords, clicking on links, installing software, etc.) Identities in cyberspace - who are we and how do we prove it? Once we know who you are, how do we decide what to let you do (authentication)? Ethical behavior in cyberspace. Use of social media. How to be responsible cyber citizens? How to protect your data and the data entrusted to you? How to maintain desired degree of privacy and propriety? History of computer security - what do we know, who are the "heroes" of early and modern cyber security. How do we keep from repeating the same mistakes over and over again Security issues with cell phones, smart phones, etc. Cyber-security Games in courses

K-12 Simple course on computers, cell phones, social media, proper usage and behavior Classroom exercises and games Career in cyber

Special Needs DoD and IC Systems, DHS and Critical Infrastructure Level of sophistication in attack Ease of Use Vs Security Trade-off Restrictions on Cyber Workforce Supply Chain Issues

Concluding Thoughts/Questions Education and training for different segments of population and Cyber Workforce Awareness training for users More interplay among education and training for different population than in other disciplines How do we attract bright young students to opt for Cybersecurity as a career? How can that be made as attractive as writing cool code for an exciting application? How do we provide the continuing education that is needed to remain current in the face of rapid changes?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information