Conference September, 2005 Career Pathways for Student Success The Increased Importance of...
-
Upload
nikolas-fason -
Category
Documents
-
view
213 -
download
1
Transcript of Conference September, 2005 Career Pathways for Student Success The Increased Importance of...
Conference
September, 2005
Career Pathways for Student Success
The Increased Importance of Information Assurance Education
National Tech Prep Network
A Roadmap to a Career in Homeland Security
Moderator:
Phil HaleDean of Applied TechnologyOakland Community College
Information Assurance Information Assurance DirectorateDirectorate
Dr. Vic Maconachy
CongressCongressSpeaksSpeaks
CongressCongressSpeaksSpeaks
““We now live in a We now live in a world where world where
terrorists can do as terrorists can do as much damage with a much damage with a
keyboard and a keyboard and a modem as with a gun modem as with a gun
or bomb…Two or bomb…Two choices are available: choices are available:
adapt before the adapt before the attack or afterward.”attack or afterward.”
Sen. Edwards introducing Sen. Edwards introducing Cybersecurity Research and Education Act of 2002Cybersecurity Research and Education Act of 2002Sen. Edwards introducing Sen. Edwards introducing Cybersecurity Research and Education Act of 2002Cybersecurity Research and Education Act of 2002
How Bad Is It ?How Bad Is It ?
Winning the battle is dependent on knowing the enemy’s secrets, movements and plans.
Al Qaeda Manual: Declaration of Jihad Against the Country’s Tyrants, eleventh lesson: Espionage
Read Any Good News Lately?Read Any Good News Lately?Read Any Good News Lately?Read Any Good News Lately?
Internet Attacks During Third QuarterInternet Attacks During Third QuarterTech Web News Tech Web News
According to Internet Security Systems’ newest report, the According to Internet Security Systems’ newest report, the number of security threats climbed 9 percent in the third quarter number of security threats climbed 9 percent in the third quarter
over the previous three months.over the previous three months.
CSI – Cyberterrorism: More Sophisticated Than Past WormsCSI – Cyberterrorism: More Sophisticated Than Past WormsInformation World Information World
No hard evidence exists that shows a cyberterrorism attack on the No hard evidence exists that shows a cyberterrorism attack on the U.S., but when such an attack comes, it is likely to be much more U.S., but when such an attack comes, it is likely to be much more
harmful than the current crop of relatively unsophisticated viruses harmful than the current crop of relatively unsophisticated viruses and worms that have caused billions of dollars in damages…and worms that have caused billions of dollars in damages…
YES ! …Maybe ?YES ! …Maybe ?YES ! …Maybe ?YES ! …Maybe ?
2003 IT Security Budgets Increased Despite Flat Overall Spending, Says 2003 IT Security Budgets Increased Despite Flat Overall Spending, Says META GroupMETA GroupBusiness WireBusiness Wire
This year, companies spent an average of 8.2% of their total IT budgets on This year, companies spent an average of 8.2% of their total IT budgets on security, up from 7.6% in 2002 and only 3.2% in 2001, according to new security, up from 7.6% in 2002 and only 3.2% in 2001, according to new findings from META Group’s 2004 Worldwide IT Benchmark Report.findings from META Group’s 2004 Worldwide IT Benchmark Report.
Sobig’s Success Prompts Calls for Secure E-MailSobig’s Success Prompts Calls for Secure E-MailI D G News ServiceI D G News Service
In the wake of the Sobig attack, security experts uniformly credited the In the wake of the Sobig attack, security experts uniformly credited the worm’s sophisticated design for much of its success. However, the sheer worm’s sophisticated design for much of its success. However, the sheer magnitude of Sobig’s attack led to questions about whether the Internet’s magnitude of Sobig’s attack led to questions about whether the Internet’s current e-mail infrastructure is making things too easy for virus writers current e-mail infrastructure is making things too easy for virus writers and spammers.and spammers.
Talk about impact!A True Story
Talk about impact!A True Story
USA TODAY – Monday Sept. 8, 2004
Betty bought a brand new computer for Christmas. In June, COMCAST curtailed her outbound mail privileges after pinpointing her PC as a major source of e-mail spam. An intruder had turned her P C into a “Zombie”, spreading as many as 70,000 pieces of e-mail spam a day.
Auctions.Search engines,Comparison shopping
Creates spam relay
ShoppingOn the net
Download malicious Code/keystroke reader
Betty is not aloneBetty is not aloneNational Cyber Security Alliance
Study with AOL:
Approximately three-fourths of users falsely believed their computers were at least somewhat safe from on-line threats and viruses, and 60% believed they were safe from hackers.
Two-thirds of the users had no firewall protection nor current anti-virus protection
TECHNOLOGYTECHNOLOGY
OPERATIONSOPERATIONS
PEOPLEPEOPLE
Fundamentally, only THREE countermeasuresFundamentally, only THREE countermeasuresavailable to protect critical information infrastructuresavailable to protect critical information infrastructures..
Defense-In-DepthDefense-In-Depth
Information AssuranceInformation Assurance
TriadTriad
FinanceFinance
Federal Federal GovernmentGovernment
IndustryIndustry
Network Protection Is No Longer Just an Insurance Policy,Network Protection Is No Longer Just an Insurance Policy,It Is Now a Core Business RequirementIt Is Now a Core Business Requirement
Education
Growing the Information Assurance
Work Forcefor Today and Tomorrow
Growing the Information Assurance
Work Forcefor Today and Tomorrow
Awareness, Literacy, Training and Education:Weave a thread of continuity through
The National Plan
I
II
III
IV
V
National Response System
Threat & Vulnerability Reduction
Awareness and Training
Secure Govt.
InternationalCooperation
Jan. 2003
The National Strategy The National Strategy to Secure Cyberspaceto Secure Cyberspace
•Priority III : A National Cyberspace Awareness and Priority III : A National Cyberspace Awareness and Training ProgramTraining Program
• In addition to the vulnerabilities in existing information In addition to the vulnerabilities in existing information technology systems there are at least two other major technology systems there are at least two other major barriers to users and managers acting to improve barriers to users and managers acting to improve CybersecurityCybersecurity
•(1) a lack of familiarity,knowledge and (1) a lack of familiarity,knowledge and understanding of the issuesunderstanding of the issues•(2) an inability to find sufficient numbers of (2) an inability to find sufficient numbers of adequately trained and/or appropriately certified adequately trained and/or appropriately certified personnel to create and manage secure systems.personnel to create and manage secure systems.
CNSS National Training Standards Map
127 U.S. Institutions in 40 States and the District of Columbia Map to the CNSS National Training Standards
CNSS National I A Education and Training Standards:
CNSSI 4011 The I A ProfessionalCNSSI 4012 Senior Systems ManagerCNSSI 4013 Systems AdministratorCNSSI 4014 Information System Security OfficerCNSSI 4015 System CertifierCNSSI 4016 Risk Analyst (Pending)CNSSI 4017 Information Systems Security Engineer
(in development)
CNSS National Training Standards Map
This program offers tremendous opportunity for 2 year programs/
http://www.nsa.gov/ia/academia/acade00001.cfm
National Centers of Academic National Centers of Academic Excellence in Information Excellence in Information
Assurance EducationAssurance Education Partnerships with AcademiaPartnerships with Academia
Reducing the vulnerability of ourReducing the vulnerability of ourNational Information Infrastructure National Information Infrastructure by promoting higher education in by promoting higher education in
information assurance and information assurance and producing a growing number ofproducing a growing number ofprofessionals with IA expertiseprofessionals with IA expertise
in various disciplines.in various disciplines.
Centers of Academic Excellencein Information Assurance Education
19992000200120022003
2004
New National Centers of Academic Excellencein Information Assurance Education
2005
New National Centers of Academic Excellencein Information Assurance Education
California State Polytechnic (CA)
DePaul University (IL)
East Carolina University (NC)
Eastern Michigan University (MI)
Nova Southeastern University (FL)
Oklahoma State University (OK)
United States Air Force Academy
(CO)
Virginia Polytechnic Institute and
State University (VA)
Partnership Partnership for for
Critical Infrastructure Critical Infrastructure SecuritySecurity
NSA-DesignatedNSA-Designated
Centers of Academic ExcellenceCenters of Academic Excellencein Information Assurance Educationin Information Assurance Education
Geo location is very goodGeo location is very good.
IMPACTIMPACTSchools designated as CAEs are eligible for special congressional funding are reporting students specifically searching for schools with CAE recognition are starting to support and receive support for state level cyber and homeland security issues and research are producing students immediately employed in the work force
Areas having CAEs Can boast having IA education and training and education programs to potential corporations considering relocation Can boast presence of IA research capability Can use CAEs to improve security posture
Congress Passes Cyber-Service Bill (October 20, 2000)Congress Passes Cyber-Service Bill (October 20, 2000)• Provides for:
– Scholarships for Service– Infrastructure Support: Faculty Development– Infrastructure Support: Program Development– All based on NSA Centers of Academic
Excellence in Information Assurance
Administered by National Science FoundationAdministered by National Science FoundationNSA representative co-chair of executive steering groupNSA representative co-chair of executive steering group
Implementing -Implementing - Defending America’s Cyberspace National Defending America’s Cyberspace National Plan for Information Systems Protection Plan for Information Systems Protection Version 1.0Version 1.0An Invitation to a DialogueAn Invitation to a Dialogue The White House 2000The White House 2000
NSA Designated Executive AgentNSA Designated Executive AgentNSA Designated Executive AgentNSA Designated Executive AgentAssistant Secretary of DefenseCommand, Control, Communications and IntelligenceMEMO Dated July 2, 2001
Assistant Secretary of DefenseCommand, Control, Communications and IntelligenceMEMO Dated July 2, 2001
“I hereby delegate to the Director, National Security Agency, the authorities and responsibilities of the Secretary of Defense under the following statute: Public Law 106-398”
“I hereby delegate to the Director, National Security Agency, the authorities and responsibilities of the Secretary of Defense under the following statute: Public Law 106-398”
Department of DefenseDepartment of DefenseScholarship for Service ProgramScholarship for Service Program
Department of DefenseDepartment of DefenseScholarship for Service ProgramScholarship for Service Program
Recruitment
Initial Scholarships
Awarded
Returning Scholarships
Awarded
AY 2001 - 2002 12 naAY 2002 - 2003 30 11AY 2003 - 2004 29 24AY 2004 - 2005 34 34AY 2005 - 2006 33 38
Total Recruitment student awards 138
Retention*
Initial Scholarships
Awarded
Returning Scholarships
Awarded
AY 2001 - 2002 17 naAY 2002 - 2003 14 17AY 2003 - 2004 4 29AY 2004 - 2005 10 28AY2005 - 2006*+ 23 26
Total Retention student awards 68
BREAKOUT OF STUDENTSBREAKOUT OF STUDENTS
http://www.ncisse.orghttp://www.ncisse.orghttp://www.ncisse.orghttp://www.ncisse.org
National Colloquium forNational Colloquium forInformation Systems Security EducationInformation Systems Security Education
National Colloquium forNational Colloquium forInformation Systems Security EducationInformation Systems Security Education
PurposePurpose:: Academic colloquium with academia, Academic colloquium with academia,
government, business and industry INFOSEC government, business and industry INFOSEC
experts to discuss direction of INFOSEC experts to discuss direction of INFOSEC
undergraduate and graduate curricula; academic undergraduate and graduate curricula; academic
disciplines; common requirements; specific disciplines; common requirements; specific
knowledge, skills and abilities; certification knowledge, skills and abilities; certification
requirements and feasibility of certification board requirements and feasibility of certification board
formulation.formulation.
PurposePurpose:: Academic colloquium with academia, Academic colloquium with academia,
government, business and industry INFOSEC government, business and industry INFOSEC
experts to discuss direction of INFOSEC experts to discuss direction of INFOSEC
undergraduate and graduate curricula; academic undergraduate and graduate curricula; academic
disciplines; common requirements; specific disciplines; common requirements; specific
knowledge, skills and abilities; certification knowledge, skills and abilities; certification
requirements and feasibility of certification board requirements and feasibility of certification board
formulation.formulation.
Partnerships with Business,Partnerships with Business,Academia, & GovernmentAcademia, & Government
Partnerships with Business,Partnerships with Business,Academia, & GovernmentAcademia, & Government
Conference: June, 2006Conference: June, 2006MarylandMaryland
Conference: June, 2006Conference: June, 2006MarylandMaryland
Sources of Help & InformationSources of Help & Information
The Twenty Most Critical Internet Security Vulnerabilities (Updated) ~ The Experts’ Consensus
Non-GovernmentNon-Government
NIATEC
http://niatc.info/niatec2/index.htm
http://www.cert.org/
AcademiaAcademia
Sources of Help & InformationSources of Help & Information
PURPOSE:PURPOSE:
•Enhance AwarenessEnhance Awareness
•Encourage Information Systems Education and TrainingEncourage Information Systems Education and Training
•CD-ROMSCD-ROMS
•VIDEO’SVIDEO’S
•BROCHURESBROCHURES
•BOOKLETSBOOKLETS
Self-Help Self-Help Awareness Awareness ProgramProgram
WHERE CAN I FIND
INFORMATION ON DEVELOPING AN
AWARENESS PROGRAM?
Awareness Toolkit Awareness Toolkit
nietptoolkit@nsanietptoolkit@nsa
Educational Solutions for a Safer WorldEducational Solutions for a Safer World
National Security AgencyNational Security AgencyInformation Assurance DirectorateInformation Assurance Directorate
http://www.nsa.gov/ia/academia/acade00001.cfmhttp://www.nsa.gov/ia/academia/acade00001.cfm
Jenny Griffith
CIS Secondary Tech Prep Liaison
Walled Lake CentralHigh School
Beginning the Educational PathBeginning the Educational Path
Building a model for a career focused on Building a model for a career focused on Information Assurance education and Information Assurance education and
training through High School curricula training through High School curricula
Building a model for a career focused on Building a model for a career focused on Information Assurance education and Information Assurance education and
training through High School curricula training through High School curricula
• 28 local school districts• 44 high schools• four technical campuses• business/industry/labor affiliates• five campuses of Oakland Community
College • Oakland Schools, the intermediate school
district of Oakland County.
• 28 local school districts• 44 high schools• four technical campuses• business/industry/labor affiliates• five campuses of Oakland Community
College • Oakland Schools, the intermediate school
district of Oakland County.
The Oakland County Tech Prep Consortium is comprised of:
An Overview of Oakland County, Michigan An Overview of Oakland County, Michigan
• Geography: Located north of Detroit; 910 square miles. The county has 450 lakes within its boundaries.
• Population: 1,134,195. For the year 2000, the estimated median age of the county was 36.7 years.
• Median Income: The median income per household based upon 1999, which is the latest data, is $61,907 (U.S. average = $41,994).
• Commerce: Forty-five Fortune 500 companies do business in the County. It is the third wealthiest county in the nation. One-third of all U.S. auto production takes place within 70 miles of the County. Robotics firms in Oakland County account for more than 50% of all U.S. robotics sales.
• Geography: Located north of Detroit; 910 square miles. The county has 450 lakes within its boundaries.
• Population: 1,134,195. For the year 2000, the estimated median age of the county was 36.7 years.
• Median Income: The median income per household based upon 1999, which is the latest data, is $61,907 (U.S. average = $41,994).
• Commerce: Forty-five Fortune 500 companies do business in the County. It is the third wealthiest county in the nation. One-third of all U.S. auto production takes place within 70 miles of the County. Robotics firms in Oakland County account for more than 50% of all U.S. robotics sales.
Step one in “the process”Step one in “the process”
Agreeing upon specific measurable competencies which fulfilled requirements of degree and certificate programs at Oakland Community College
0 1 2 3 4
1. Recognize important Internet committees
2. Understand basic workings of the Internet
3. Identify most common Web browsers
4. Understand FTP
5. Demonstrate basic workings of e-mail and newsgroups
6. Differentiate real time and asynchronous communications
7.
Understand Web technologies, helper applications, and plug-ins (what are they used for and when is their use appropriate.)
8. Identify and understand anti-virus software
9. Know and perform internet searching using various browsers
10. Understand HTML and its function as a markup language
0 1 2 3 4
1. Recognize important Internet committees
2. Understand basic workings of the Internet
3. Identify most common Web browsers
4. Understand FTP
5. Demonstrate basic workings of e-mail and newsgroups
6. Differentiate real time and asynchronous communications
7.
Understand Web technologies, helper applications, and plug-ins (what are they used for and when is their use appropriate.)
8. Identify and understand anti-virus software
9. Know and perform internet searching using various browsers
10. Understand HTML and its function as a markup language
Competencies
Poster
Careercruising.com
GovernmentGovernment
Sources of Help & InformationSources of Help & Information
http://www.nsa.gov/ia/academia/acade00001.cfmhttp://www.nsa.gov/ia/academia/acade00001.cfm