Archives

The effort to secure cyberspace continues unabated. Yet, losses continue to mount. If we are to gain ground in this effort, we must understand our adversaries and the mechanisms they use to inflict losses. When we know the threats facing our information assets and the potential losses the assets face, we can begin to build more effective defenses using well defined risk management methodologies. This paper examines top computer executives’ perspectives on current threats to information security, and compares those threats to a previous study from 2002.

Student participation in cyber defense competitions provides an environment different from a normal classroom/lab situation and thereby providing an opportunity for alternative learning and motivation. These competitions are characterized by intense three-day situational exposure to real-life network management, administration and security issues. This experience appears to increase motivation and engagement in student’s learning. Students who participate in these competitions gain a perspective of the limits of their current knowledge, the benefits of a more extensive understanding of technical concepts, and the significance of integrating content from a number of areas.

The penetration testing process, or the evaluation of a system for potential vulnerabilities, is a crucial factor in ensuring system security and stability. At its core, this process involves the art of analyzing and subsequently decomposing an inherently complex system into its constituent interoperable subsystems. It seems intuitive that, for the purposes of standardizing and expediting this process, one might employ the use of the very tools used in the construction of a target system in its decomposition. To that end, our team has chosen to use a sufficiently robust architectural modeling framework – the Department of Defense Architecture Format (DoDAF) – to aid in the decomposition of a sufficiently complex, black-box system in the context of the penetration testing process.

The National Security Agency (NSA) began designating colleges and universities as Centers of Academic Excellence (CAE) in 1998 if they met several criteria [1]. The Department of Homeland Security (DHS) now works with the NSA to designate schools as centers of excellence. CAEs must be able to map their curriculum to the government’s standards and demonstrate they have the faculty, organizational structure, scholarship, and commitment to developing a rigorous program. The schools committing resources to obtaining this designation are making a major multi-year commitment and need to get a return on investment. Many schools assume that this return comes in increased student enrollment. To justify this assumption, this project will attempt to determine if the CAE designation impacts the school selection of students.