Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
Computer Science and Engineering 1 Future of Cyber Security.
-
Upload
austin-watson -
Category
Documents
-
view
212 -
download
0
Transcript of Computer Science and Engineering 1 Future of Cyber Security.
Computer Science and Engineering 1
Future of Cyber Security
Top Security Threats Top Security Threats 20132013
• Threat #1: Social Engineering• Threat #2: Advanced Persistent Threats (APTs)• Threat #3: Internal Threats• Threat #4: Bring-your-own-device (BYOD) • Threat #5: Cloud Security
Source: Forbes Magazine, http://www.forbes.com/sites/ciocentral/2012/12/05/the-biggest-cybersecurity-threats-of-2013-2/
Computer Science and Engineering 2
What can we do?What can we do?
Computer Science and Engineering 3
Computer Science and Engineering 4
Information Assurance ResearchEducation
Computer Science and Engineering 5
IA ResearchIA Research
Wenyuan Xu (since 2007)Wenyuan Xu (since 2007)http://www.cse.sc.edu/~wyxuWireless networking and security, sensor networks, network security and privacy, jamming detection and avoidance
Chin-Tser Huang (since 2003)Chin-Tser Huang (since 2003)http://www.cse.sc.edu/~huangctIntrusion detection, wireless security, distributed systemsnetwork security, network protocol design and verification
Csilla Farkas (since 2000)Csilla Farkas (since 2000)http://www.cse.sc.edu/~farkasWeb data and application (WS & SOA) security, Access Control Policies, SCADA software reliability, economic and social impact of cyber attacks
Application layer
Transport layer
Internet layer
Network Interface
Computer Science and Engineering 6
• Information Assurance SpecializationInformation Assurance Specialization• Meeting National IA Training Standards Meeting National IA Training Standards
• CNSS 4011, Information Systems Security Professionals
• CNSS 4013, System Administrators
• CNSS 4014, Information Systems Security Officers
• National Center of Academic Excellence in National Center of Academic Excellence in Information Assurance EducationInformation Assurance Education
IA EducationIA Education
IA SpecializationIA Specialization
• Undergraduate and graduate students of CSE Dept.
• Receive National Training Standard for Information Systems Security (INFOSEC) Professionals, CNSS 4011
• Degree Requirements: 9 Hours of course work with B or better grade
– Required: CSCE 522: Information Security Principles (3 credits)
– 2 elective courses (6 credits)
• http://www.cse.sc.edu/undergraduate/iaspecialization
Computer Science and Engineering 7
Computer Science and Engineering 8
IA CoursesIA Courses
• CSCE 201 – Introduction to Security• CSCE 517 – Computer Crime and Forensics • CSCE 522 – Information Security Principles• CSCE 557 – Introduction to Cryptography• CSCE 548 – Secure Software Construction
• Projects in other courses, e.g., CSCE 520, 416, etc.• Magellan Scholar
Computer Science and Engineering 9
Global Demand for IA Global Demand for IA Workforce Workforce
• Worldwide:– 2010: 2.28 million – 2015: 4.24 million (projected)– Compound Annual Growth Rate: 13.2%
• Americas:– 2010: 920,845– 2015: 1,785,236– Compound Annual Growth Rate: 14.2%
Information Warfare - Farkas
9
Computer Science and Engineering 10
SalarySalary
• 2011 Annual salary(ISC)2® Member/non-member• Worldwide: $98,600/$78,500• Americas: $106,900/$92,900
10
Computer Science and Engineering 11
IA JobsIA Jobs
• Job market– Civil (Join Information Systems Security Association, ISSA,
https://www.issa.org/ )
– Government (Internship available at USC-UTS, and SC Dept. of Probation, Parole, and Pardon Services)
– Military (Internship available at SPAWAR, Charleston)
• Education and training requirements (B.S. degree, certification, hands-on experiments)
• Salary• FUN
Current IA NewsCurrent IA News
• Is the FBI Any Match for Cyber Criminals? , http://www.dfinews.com/news/2013/11/fbi-any-match-cyber-criminals?et_cid=3611017&et_rid=454822392&location=top#.Uo0bQydkHj4 – After 9/11: FBI shifted from organized crime to
fighting terrorism– Current: counter cyber attacks
Computer Science and Engineering 12
• US Ponders Ways Not to Destroy Bitcoin , http://www.dfinews.com/news/2013/11/us-ponders-ways-not-destroy-bitcoin?et_cid=3611017&et_rid=454822392&location=top#.Uo0cjSdkHj4 – Illegal use of bitcoin should it be destroyed?– Over-regulation bitcoin moves out of US control
Computer Science and Engineering 13
Current IA NewsCurrent IA News
• NSA Vowed to Fix Its Collection Errors, http://www.dfinews.com/news/2013/11/nsa-vowed-fix-its-collection-errors#.Uo0dNSdkHj4 – Admitted surveillance rule violations due to poor
management, lack of oversight, typographical errors– Promise of safety measures
Computer Science and Engineering 14
Current IA NewsCurrent IA News
More NewsMore News
• Miners Face Rising Threat of Cyber Attacks due to increased automation
• Cyber Deviance and Cyber Crime Start and Peak in Teen Years start around 15 and peak around 18
• Five More Suspects Arrested in $45 Million Global Bank Heist – loss 45 million from ATM
• Chicago hacker sentenced to 10 years, “hacktivist" Jeremy Hammond explained that his cybercrimes were altruistic acts of civil disobedience
Computer Science and Engineering 15
Computer Science and Engineering 16
Thank you!Thank you!