Innovative model for information assurance curriculum (original) (raw)

An Information Assurance and Security Curriculum Implementation

2006

A holistic approach to security education is important to providing practitioners the scope of learning necessary for integration of their skills into the enterprise. Specifically domains of knowledge can easily be identified that allow for this holistic approach to be implemented into a new program of study or curriculum for information assurance and security. Within the Purdue Calumet CIT Department

A Draft Model Curriculum for Programs of Study in Information Security and Assurance

2004

With the dramatic increase in threats to information security, there is a clear need for a corresponding increase in the number of information security professional. With a lack of formal curriculum models, many academic institutions are unprepared to implement the courses and laboratories needed to prepare this special class of information technologist. This paper provides an overview of lessons learned in the implementation of both individual courses and a degree concentration in information security. It refers to a more comprehensive document, available on the Web, which includes the methodology used in developing the curriculum, individual course syllabi for recommended components, and laboratory development and implementation recommendations..

A delivery model for an Information Security curriculum

2004

This paper details the origin and content of a nationally accepted standard for a university curriculum in information security education. And it offers specific recommendations regarding the proper teaching and learning modalities for the fifteen common knowledge elements embodied in it. These recommendations are based on the cognitive and affective requirements of each element. This can serve as a model for designing a delivery system that fits the precise needs of students and the particular institution.

Teaching Information Security Courses: Objectives, Requirements, and Challenges

2005

Given the magnitude of real and potential loses associated with security breaches, public employers increasingly expect graduates of management information systems (MIS) programs to have a broad understanding of information security concepts. Support for requiring this broad understanding are based on industry estimates that security breaches affect 90% of all businesses every year and cost some $17 billion (Austin &

Integrating information assurance and security into IT education: A look at the model curriculum and emerging practice

Journal of Information Technology …, 2006

In December 2001 a meeting of interested parties from fifteen four-year IT programs from the US along with representatives from IEEE, ACM, and ABET (CITC-1) began work on the formalization of Information Technology as an accredited academic discipline. The effort has evolved into SIGITE, the ACM SIG for Information Technology Education. During this period three main efforts have proceeded in parallel: 1) Definition of accreditation standards for IT programs, 2) Creation of a model curriculum for four-year IT programs, and 3) Description of the characteristics that distinguish IT programs from the sister disciplines in computing.

Trial-By-Fire in Information Assurance Education

Force Academy, and the Naval Postgraduate School participated in the first ever Cyber Defense Exercise. Each school set up identical small networks running a typical suite of services. They then configured the network to be as secure as possible in advance of attacks by a NSA-led Red Team. After almost a week of attacks a winner was declared. This was the best educational experience any of the authors ever participated in and most students felt the same way. Although this exercise required a great deal of resources, the information assurance educational outcome was great. By following the principles of exercise design we suggest here a less ambitious exercise could become a standard feature of information assurance programs. Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to

Towards a comprehensive undergraduate information assurance program

Security Education and Critical …

This paper describes the experience of our institution in creating a comprehensive undergraduate information assurance (IA) program. An interdisciplinary approach was undertaken in order to include a larger portion of the student body and faculty and thus influence a broader audience. The program includes a wide variety of mutually supporting information assurance activities including a research center, coursework, an information warfare laboratory, a cyber defense exercise, an outreach program, conferences, trips, summer internships, a guest speaker program, a National Security Agency Liaison program, summer student internships, faculty sabbaticals and a student information warfare club. This paper organizes discussion of these activities into the student experience, building faculty expertise, and organizational support. The catalyst for these activities has been the formation of the Military Academy's dedicated information assurance research center, the Information Technology and Operations Center (ITOC), and the continuing support from and interaction with the National Security Agency. The primary goal of this paper is to provide a descriptive resource to educators who wish to implement an undergraduate or graduate level information assurance program. It is our sincere hope to inspire and aid others in starting similar programs.

Approaches to the teaching of information security

2008

Abstract: Information system security teaching is very complex because of the wide range of domains involved: computer architecture, criminology/law, cryptography, database, human-computer interaction, information retrieval, information theory, management/business, ...

Information Assurance Faculty Development Workshop

2006 Annual Conference & Exposition Proceedings

The Information Assurance Center at Iowa State University received support from the National Science Foundation to create an "Information Assurance Educational Support Program." Faculty members from universities in the Midwest participate in an intensive workshop on information assurance and security education, with the goal of introducing security concepts into courses in their academic departments. Participants were given access to streaming media version of the lectures from four of our core security classes. They also received support material to help integrate the subject material into their existing courses. Our target audience includes faculty members who are teaching computer science, computer engineering, information systems, or related fields, and are committed to initiating education or research efforts in security in their own departments. We have offered the workshop four times to a total over 60 faculty members from around the United States. This paper will describe the workshop, the intended outcomes, feedback from the faculty involved, the curriculum, and future plans. We will also discuss issues related to recruiting faculty, integration of faculty with different backgrounds, and ongoing faculty support.