Upload
eugene-scott
View
217
Download
0
Embed Size (px)
DESCRIPTION
Expert Team and Attendees Expert Team Hsinchun Chen, Melissa Dark, Ron Dodge (by phone), Beth Hawthorne, Cynthia Irvine, Stephen Northcutt, Chuck Pfleeger, Fred Schneider, Parisa Tabriz, Ray Vaughn Reporter Victor Davis From NSF Victor Piotrowski, Keith Marzullo and, from Ensemble, Boots Cassel and Lois Delcambre From ACM Andrew McGettrick, John Impagliazzo, Mehran Sahami (by phone) Yan Timanovsky, Cameron Wilson Non attendees (but remain involved) Matt Bishop, Deborah Frincke, Eugene Spafford, Jane Prey (NSF)
Citation preview
Andrew McGettrickACM Education Council, San FranciscoNovember, 2013
Report on Cyber Security Meeting
Cyber Security Meeting - Background
• The Education Board had been approached by the National Science Foundation (NSF) with a request to become involved in shaping and stimulating cyber security education in colleges and universities
• The Education Board accepted this challenge• A proposal was sent to NSF for some initial studies; this has been
approved• A team of experts was to be assembled and asked to provide
guidance on how higher education can best support the development of a highly skilled workforce in cyber security
• Team has been approached and (essentially) all accepted.• Date was 21st and 22nd February 2013 and venue was Atlanta.
Expert Team and Attendees Expert Team
Hsinchun Chen, Melissa Dark, Ron Dodge (by phone), Beth Hawthorne, Cynthia Irvine, Stephen Northcutt, Chuck Pfleeger, Fred Schneider, Parisa Tabriz, Ray Vaughn
Reporter Victor Davis From NSF
Victor Piotrowski, Keith Marzullo and, from Ensemble, Boots Cassel and Lois Delcambre
From ACMAndrew McGettrick, John Impagliazzo, Mehran Sahami (by phone)Yan Timanovsky, Cameron Wilson
Non attendees (but remain involved) Matt Bishop, Deborah Frincke, Eugene Spafford, Jane Prey (NSF)
Format of meeting
• Presentations interspersed with group discussions• Discussions were based on a set of pre-prepared questions• Pre-meeting documentation aimed to provide some background and
draw attention to important contributions from ITICSE workshops, to views from ACM (education not training, systems emphasis, etc), to some UK developments, etc.
• Presentations from– Victor Piotrowski on an NSF perspective– Beth Hawthorne and Ron Dodge on the CS 2013 view– Beth Hawthorne on CCECC developments – Parisa Tabriz on aspects of cyber security within Google– Stephen Northcutt on his reflections, and – Boots Cassel and Lois Delcambre on possible contribution from and
involvement of Ensemble
Some Conclusions - 1
• The group saw the priorities to be on the provision of high quality Masters degrees. Two different kinds were mentioned– High quality technical courses building on sound first degrees in
computer science, for instance; so these were the technical cyber security degrees
– Courses with a business perspective– The provision of these needed to be encouraged
• It felt that the two year colleges were doing excellent work and should be encouraged in their endeavours
• It made a range of comments about baccalaureate provision (see next slide)
• The establishment of cyber security community was important and Ensemble could have an important role here, e.g. it could provide a focus
Some Conclusions - 2
• The group did wish to encourage greater attention to security issues in undergraduate programs
• It saw CS 2013 assisting with this, e.g. by distribution security issues into many classes thereby drawing attention to the area
• It saw faculty having to play an important role in continually stressing the importance of security issues
• It felt that all students (of computing and even beyond) should have at least one course in security. Further they would welcome institutions having credentials in cyber security, and suggested the designation of security advocates within departments
• There was a role for undergraduate courses in cyber security, both technical and courses on cyber security for society
• It did not recommend the production of curricular guidelines along the lines of CS 2013
– The area was still immature– CS 2013 contained a lot of important information
Current state
• Final report has been produced and is on the ACM website (under educational activities)
• Thanks to Boots, a (successful!) proposal was sent to SIGCSE 2014 and a special session is to be held on cybersecurity
• A note on this is to appear in IEEE Security and Privacy• A presentation was made at an Intel summer school in Portland• IT also features in the editorial on the Communications of the
ACM, December 2013.
Possible follow-on activity
• The report makes various recommendations, e.g. to institutions about how they might encourage uptake of classes on security
• The report recommended the production of materials (e.g. three MOOCs) to help institutions launch appropriate courses. Funding agencies are mentioned.
• There is the issue about Ensemble and seeing it as a way of pulling together and supporting the cybersecurity education community
• Others?