Having an Impact on Cybersecurity Education

Having an Impact on Cybersecurity Education

Having an Impact on Cybersecurity Education

Posted: 18 Mar 2010 12:08 PM PDT

The 12th anniversary of CERIAS is looming (in May). As part of the display materials for our fast-approaching annual CERIAS Symposium (register now!), I wanted to get a sense of the impact of our educational activities in addition to our research. What I found surprised me -- and may surprise many others!

Strategic Planning

Back in 1997, a year before the formation of CERIAS, I presented testimony before a U.S. House of Representatives hearing on "Secure Communications." For that presentation, I surveyed peers around the country to determine something about the capacity of U.S. higher education in the field of information security and privacy (this was before the term "cyber" was popularized). I discovered that, at the time, there were only four defined programs in the country. We estimated that there were fewer than 20 academic faculty in the US at that time who viewed information security other than cryptography as their primary area of emphasis. (The reason we excluded cryptography was because there were many people who were working in abstract mathematics that could be applied to cryptography but who knew extremely little about information security as a field, and certainly were not teaching it).

The best numbers I could come up with from surveying all those people was that, as of 1997, U.S. higher education was graduating only about three new Ph.D. students a year in information security, Thus, there were also very few faculty producing new well-educated experts at any level, and too small a population to easily grow new programs. I noted in my remarks that the output was too low by at least two orders of magnitude for national needs (and was at least 3-5 orders too low for international needs).

As I have noted before, my testimony helped influence the creations of (among other things) the NSA's CAE program and the Scholarship for Service program. Both provided some indirect support for increasing the number of Ph.D graduates and courses at all postsecondary levels. The SfS has been a qualified success, although the CAE program not so much.

When CERIAS was formed, one element of our strategic plan was to focus on helping other institutions build up their capacity to offer infosec courses at every level, as a matter of strategic leadership. We decided to do this through five concurrent approaches:

  1. Create new classes at every level at Purdue, across several departments
  2. Find ways to get more Ph.D.s through our program, and help place them at other academic institutions
  3. Host visitors and postdocs, provide them with additional background in the field for eventual use at other academic institutions
  4. Create an affiliates program with other universities and colleges to exchange educational materials, speakers, best practices, and more
  5. Create opportunities for enrichment programs for faculty at other schools, such as a summer certificate program for educators at 2 and 4-year colleges.

Our goal was not only to produce new expertise, but to retrain personnel with strong backgrounds in computing and computing education. Transformation was the only way we could see that a big impact could be made quickly.

Outcome

We have had considerable success at all five of these initiatives. Currently, there are several dozen classes in CERIAS focus areas across Purdue. In addition to the more traditional graduate degrees, our Interdisciplinary graduate degree program is small but competitive and has led to new courses. Overall, on the Ph.D. front, we anticipate another 15 Ph.D. grads this May, bringing the total CERIAS output of PhD.s over 12 years to 135. To the best of our ability to estimate (using some figures from NSF and elsewhere), that was about 25% of all U.S. PhDs in the first decade that CERIAS was in existence, and we are currently graduating about 20% of U.S. output. Many of those graduates have taught or still teach at colleges and universities, even if part-time. We have also graduated many hundreds of MS and undergrad students with some deep coursework and research experience in information security and privacy issues.

We have hosted several score post-docs and visiting faculty over the years, and always welcome more --- our only limitation right now is available funding. For several years, we had an intensive summer program for faculty from 2 and 4-year schools, many of which are serving minority and disadvantaged populations. Graduates of that program went on to create many new courses at their home institutions. We had to discontinue this program after a few years because of, again, lack of funding.

Our academic affiliates program ran for five years, and we believe it was a great success. Several schools with only one or two faculty working in the area were able to leverage the partnership to get grants and educational resources, and are now notable for their own intrinsic capabilities. We discontinued the affiliates program several years ago as we realized all but one of those partners had "graduated."

So, how can we measure the impact of this aspect of our strategic plan? Perhaps by simply coming up with some numbers....

We compiled a list of anyone who had been through CERIAS (and a few years of COAST, prior) who:

  • Got a PhD from within Purdue and was part of CERIAS
  • Did a postdoc with CERIAS to learn (more) about cybersecurity/privacy
  • Came as a visiting faculty member to learn (more) about cybersecurity/privacy
  • Participated in one of our summer institutes for faculty

We gathered from them (as many as we could reach) the names of any higher education institution where they taught courses related to security, privacy or cyber crime. We also folded in the names of our academic affiliates at which such courses were (or still are) offered. The resultant list has 107 entries! Even if we make a somewhat moderate estimate of the number of people who took these classes, we are well into the tens of thousands of students impacted, in some way, and possibly above 100,000, worldwide. That doesn't include the indirect effect, because many of those students have gone on (or will) to teach in higher education -- some of our Ph.D. grads have already turned out Ph.D. grads who now have their own Ph.D. students!

Seeing the scope of that impact is gratifying. And knowing that we will do more in the years ahead is great motivation, too.

Of course, it is also a little frustrating, because we could have done more, and more needs to be done. However, the approaches we have used (and are interested in trying next) never fit into any agency BAA. Thus, we have (almost) never been able to get grant support for our educational efforts. And, in many cases, the effort, overhead and delays in the application processes aren't worth the funding that is available. (The same is true of many of our research and outreach activities, but that is a topic for another time.)

We've been able to get this far because of the generosity of the companies and agencies that have been CERIAS general supporters over the years -- thank you! Our current supporters are listed on the CERIAS WWW site (hint: we're open to adding more!). We're also had a great deal of support within Purdue University from faculty, staff and the administration. It has been a group effort, but one that has really made a positive difference in the world....and provides us motivation to continue to greater heights.

See you at the CERIAS Symposium!

Institutions

Here is the list of the 106 107 educational institutions (updated 3/18, 1745):

  • Air Force Institute of Technology
  • Amrita Vishwa Vidyapeetham, Coimbatore, India
  • Brigham Young University
  • Cairo University (Egypt)
  • California State University Sacramento
  • California State University Long Beach
  • Carnegie Mellon University
  • Case Western Reserve University
  • Charleston Southern University
  • Chunggnam National University, Korea
  • College of Aeronautical Engineering, PAF Academy, Risalpur Pakistan
  • College of Saint Elizabeth
  • Colorado State University
  • East Tennessee State University
  • Eastern Michigan University
  • Felician College
  • George Mason University
  • Georgia Institute of Technology
  • Georgia Southern University
  • Georgetown University
  • Hannam University, Korea
  • Helsinki University of Technology (Finland)
  • Hong Kong University of Science & Technology
  • Illinois Wesleyan University
  • Indian Institute of Science, Bangalore
  • Indiana University-Purdue University, Fort Wayne
  • Indiana University-Purdue University, Indianapolis
  • International University, Bruchsal, Germany
  • Iowa State University
  • James Madison University
  • John Marshall School of Law
  • KAIST (Korea Advanced Institute of Science and Technology)
  • Kansas State University
  • Kennesaw State University
  • Kent State University
  • Korea University
  • Kyungpook National University, Korea
  • Linköpings Universitet, Linköping Sweden
  • Marquette University
  • Miami University of Ohio
  • Missouri Univ S&T
  • Murray State University
  • Myongji University, Korea
  • N. Georgia College & State Univ.
  • National Chiao Tung University, Taiwan
  • National Taiwan University
  • National University of Singapore
  • New Jersey Institute of Technology
  • North Carolina State University
  • Norwalk Community College
  • Oberlin College
  • Penn State University
  • Purdue University Calumet
  • Purdue University West Lafayette
  • Qatar University, Qatar
  • Queensland Institute of Technology, Australia
  • Radford University
  • Rutgers University
  • Sabanci University, Turkey
  • San José State University
  • Shoreline Community College
  • Simon Fraser University
  • Southwest Normal University (China)
  • Southwest Texas Junior College
  • SUNY Oswego
  • SUNY Stony Brook
  • Syracuse University
  • Technische Universität München (TU-Munich)
  • Texas A & M Univ. Corpus Christi
  • Texas A & M Univ. Commerce
  • Tuskegee University
  • United States Military Academy
  • Universidad Católica Boliviana San Pablo, Bolivia
  • Universität Heidelberg, Heidelberg, Germany
  • University of Albany
  • University of Calgary
  • University of California, Berkeley
  • University of Cincinnati
  • University of Connecticut
  • University of Dayton
  • University of Denver
  • University of Florida
  • University of Kansas
  • University of Louisville
  • University of Maine at Fort Kent
  • University of Maryland University College
  • University of Memphis
  • University of Milan, Italy
  • University of Minnesota
  • University of Mississippi
  • University of New Haven (CT)
  • University of New Mexico
  • University of North Carolina, Charlotte
  • University of Notre Dame
  • University of Ohio
  • University of Pittsburgh
  • University of Texas, Dallas
  • University of Texas, San Antonio
  • University of Trento (Italy)
  • University of Virginia
  • University of Washington
  • University of Waterloo
  • University of Zurich
  • Virginia Tech
  • Washburn University
  • Western Michigan University
  • Zayed University, UAE

Career Bobs

Posted by Rohan ingale at 1:17 AM

0 comments:

Post a Comment