Suzanna Schmeelk works at the forefront of cybersecurity research. In her role as both Berkeley R&D Engineer and a member of the Team for Research in Ubiquitous Secure Technology (TRUST), she examines critical cybersecurity issues. TRUST is a university and industry consortium that's focused on cybersecurity issues and it significantly impacts computer technologies around the globe. Specifically, TRUST examines cybersecurity issues related to health care, national infrastructures, law and other issues facing the general public. Learn more in this Discovery.
Credit: DETER Testbed
Hackers are capitalizing on new chinks in Internet security as the public gains greater access to sophisticated web operations, according to cybersecurity experts. "Websites are the next battleground in the war for computer security," said computer scientist Michalis Faloutsos, who, with collaborator and fellow computer scientist, Anirban Banerjee, cofounded the company StopTheHacker.com to counter the threat. Learn more in this Discovery.
Credit: Zina Deretsky, National Science Foundation
The mission of the Division of Undergraduate Education (DUE) of the Directorate for Education and Human Resources is to promote excellence in undergraduate science, technology, engineering, and mathematics (STEM) education for all students. DUE's current programs constitute a comprehensive approach to strengthening STEM education at two- and four-year colleges and universities by improving curricula, instruction, laboratories, infrastructure, assessment, diversity of students and faculty, and collaborations.
Researchers from North Carolina State University and IBM Research have developed a new natural language processing tool that businesses or other customers can use to ensure that software developers have a clear idea of the security policies to be incorporated into new software products.
To catch a thief, you have to think like one. University of Texas at Dallas computer scientists are trying to stay one step ahead of cyberattackers by creating their own monster that can cloak itself as it steals and reconfigures information in a computer program.
"Control-Alt-Hack," a new card game developed by University of Washington computer scientists gives teenage and young-adult players a taste of what it means to be a computer-security professional defending against an ever-expanding range of digital threats.
January 28, 2013
Community College Cybersecurity Program Trains 21st Century Workforce
Advanced Technological Education program produces skilled workforce for the front lines of cyber defense
The stakes are high at Collegiate Cyber Defense Competitions (CCDC), where top-notch security professionals pose as computer hackers and try to break into simulated business computer networks--the kinds you'd find on Wall Street, in banks, hospitals, or even your home.
As the "bad guys" try to compromise computer systems, teams of students have to think like hackers and compete against each other to keep the attackers out. It's a great way for students to be noticed by potential employers, and it's great practice for what students are learning in class at the Center for Systems Security and Information Assurance (CSSIA) at Moraine Valley Community College, outside Chicago.
"Cybersecurity provides a great career path. There are thousands of different types of jobs out there," says Erich Spengler, CSSIA director.
With support from the National Science Foundation (NSF), CSSIA has become a national leader in cybersecurity education. The center provides hands-on, complex laboratory exercises and real-world learning experiences. In fact, some of the students are actually educators themselves. Since 2004, CSSIA has instructed more than 2,000 teachers and college faculty in cybersecurity-related areas.
NSF's support for CSSIA comes from the Advanced Technological Education (ATE) program that is housed in the agency's Directorate for Education and Human Resources. The ATE program focuses on the education of technicians for the high-tech fields that drive the U.S. economy, and it places special emphasis on two-year colleges. Through the ATE program, institutions are able to bolster curriculum development and the professional development of college faculty and secondary school teachers, as well as develop career pathways to two-year colleges from secondary schools and from two-year colleges to four-year institutions.
"Community colleges can play a critical role in giving students the hands-on skills that are needed on the front lines (of) defending computer networks," explains NSF's Corby Hovis, program director for cybersecurity in the ATE program.
"CSSIA and the program's three other centers that focus specifically on cybersecurity education are preparing students for the workforce, as well as for more advanced study. There are so many opportunities in this area. There are cybersecurity-related jobs for students with a variety of skill levels and expertise, from associate degrees to Ph.D.," says Hovis.
In 2010, CSSIA was one of the first community colleges to receive the National Security Agency's (NSA) and Department of Homeland Security's new National Center of Academic Excellence in Information Assurance 2-Year Education (CAE2Y) designation. The NSA established the National Centers program in 1998 and extended it to two-year colleges in 2010. The goal of the program is to reduce vulnerabilities in America's information infrastructure by promoting higher education in cybersecurity and producing well-qualified professionals to work in the field.
On this particular day at CSSIA, professor John Sands is showing his class the insides of a router. "Today we're going to start off covering routers and switches," announces Sands, who also chairs the Information Technology Department. "So, do we have a motherboard on a router? It almost looks like a PC, doesn't it?" he asks.
"Whether we're teaching a very entry-level class or whether we're showing the students how hardware and software work, we try to incorporate security as part of the curriculum." Sands explains.
The Virtualization Data Center at CSSIA is an online practice field of sorts, made up of simulated computers and networks that can be strung together in any number of configurations. Center Director Erich Spengler explains how he and other faculty members use this unique virtual environment to teach students how to keep computer networks buttoned up tight.
"This is a full functioning network," says Spengler, pointing to a computer screen filled with images that represent computers. "I'm on this machine here and going through a firewall; I'm scanning a different machine here. And I can look at what type of software might be running, as well as what types of ports are open, and doorways that might allow a hacker inside the system."
Students and faculty from other institutions can log in to the Virtualization Data Center for training from virtually anywhere. At Moraine Valley, students use it in class and to practice for cyber defense competitions.
The students who choose to specialize in cybersecurity come from all walks of life.
"I'm an electrican," says student Martin Lapinski, "but I've been forced to retool my career."
"I was in printing for 13 years and that industry was kind of dying," adds student Fabian Cambron.
Companies are partnering with Moraine Valley. "In a lot of cases,students are hired before they finish the program," says Spengler.
One partner, Dell SecureWorks, hired recent Moraine Valley graduate Carlos Marquez. "Oh, I love it," he says. "It's a great team, it's good people, good culture."
Spengler is proud to point to Marquez as an example for others. Marquez has a good job, his dream car, and at his next cybersecurity competition, he won't be a student playing defense--he'll be one of the cybersecurity pros creating the challenges to test the students' skills.
Any opinions, findings, conclusions or recommendations presented in this material are only those of the presenter grantee/researcher, author, or agency employee; and do not necessarily reflect the views of the National Science Foundation.