Embed Size (px)
Citation preview
Computer Science and Engineering 1
Cyber SecurityCyber SecurityUniversity of South CarolinaUniversity of South Carolina
ColumbiaColumbia
Center for Information Assurance Engineering (CIAE)http://www.cse.sc.edu/isl
Who is Impacted by Cyber Who is Impacted by Cyber Attacks? Attacks?
Source: http://www.cagle.com/2010/05/internet-privacy/
Computer Science and Engineering 3
Ashley Madison adultery site hack: will I be found out?TheGuardian, http://www.theguardian.com/world/2015/jul/21/ashley-madison-adultery-site-hack-will-i-be-found-out-what-you-need-to-know
What can we do?What can we do?
Computer Science and Engineering 4
Computer Science and Engineering 5
Information Assurance ProgramAt
USC
Computer Science and Engineering 6
Center for Information Assurance Center for Information Assurance EngineeringEngineering
MissionMissionPROMOTE INFORMATION SECURITY
AWARENESS OFFER HIGH QUALITY EDUCATION AND
RESEARCH FOSTER COLLABORATION BETWEEN
ACADEMIA, INDUSTRY AND GOVERNMENT
Computer Science and Engineering 7
• IA&S Graduate Certificate ProgramIA&S Graduate Certificate Program• NEW: Cyber Security Studies CS2 NEW: Cyber Security Studies CS2 • Approved for 2016 Fall Approved for 2016 Fall
• Meeting National IA Training Standards Meeting National IA Training Standards • National Center of Academic Excellence in National Center of Academic Excellence in
Information Assurance Education and ResearchInformation Assurance Education and Research
IA EducationIA Education
What is Cyber Security? What is Cyber Security?
Highly Technical
• People, processes, and technology
• Legislation and Regulation
• Risk management
Understanding Cyber Security Understanding Cyber Security RiskRisk
dreamsmademe.wordpress.com
Cyber Security Threats
•Mobile Malware•Virtual currencies•Stealth attacks by state actors•Social attack•New PC and server attacks•Cloud-based attacks
Source: McAfee Labs 2014 Treats Predictions
• Business Policy Decision • Communication between technical and
administrative employees• Internal vs. external resources• Legal and regulatory requirements
• Developing security capabilities
Risk AssessmentRisk Assessment
Cost
Security level 0 % 100%
Optimal level of security at a minimum cost
Security Investment Cost of Breaches
Workforce Workforce
• Education• Certification• Government initiatives
National Center of Academic National Center of Academic Excellence in Excellence in
Information Assurance EducationInformation Assurance Education
Computer Science and Engineering 13
Courses and FacultyCourses and FacultyCourses• CSCE 201 – Introduction to Security• CSCE 517 – Computer Crime and Forensics • CSCE 522 – Information Security Principles• CSCE 557 – Introduction to Cryptography• CSCE 548 – Secure Software Construction• CSCE 590 – Penetration TestingFaculty
Caroline Eastman Csilla Farkas Chin-Tser Huang Ronni Wilkinson Wenyuan Xu
Undergraduate-Level IA Undergraduate-Level IA SpecializationSpecialization
• Majors: CS, CE, CIS + any other USC major – need necessary prerequisites for CSCE 522
• Courses to take:– CSCE 522 – Information Security Principles– 1 additional IA course – 1 additional course with IA component
Computer Science and Engineering 14
Computer Science and Engineering 15
Graduate-Level IA Graduate-Level IA SpecializationSpecialization
•Majors: CS, CE, CIS, MS, ME, PhD•Courses to take:
– CSCE 522 – Information Security Principles
– 2 additional IA courses or MS Thesis in IA
Computer Science and Engineering 16
IA&S Certificate Graduate IA&S Certificate Graduate ProgramProgram
Admission Requirements
• Baccalaureate degree in computer science, computer engineering, or a related field
• Admission requirements for graduate study at the Department of Computer Science and Engineering http://www.cse.sc.edu/graduate/ias
Meets Industry Certification
• Security +
• CISSP
Proposed Cyber Security Proposed Cyber Security Studies Graduate CertificateStudies Graduate Certificate
• Core Courses:
– CSCE 522 – Information Systems Security Principles (3 credit hours)
– CSCE 715– Network Security (3 credit hours)
• Elective Courses (6 credits of the following)
– CSCE 517 – Computer Crime and Forensics (3 credit hours)
– CSCE 557 – Introduction to Cryptography (3 credit hours)
– CSCE 548 – Secure Software Construction (3 credit hours)
– CSCE 727 – Information Warfare (3 credit hours)
– CSCE 813 – Internet Security (3 credit hours)
– CSCE 814 - Distributed Systems Security (3 credits)
– CSCE 824 – Secure Databases (3 credit hours)
– CSCE 798 – Directed Study and Research (max. 3 credit hours)
Computer Science and Engineering 17
Computer Science and Engineering 18
Global IA Global IA Workforce Trends Workforce Trends
• A Frost & Sullivan Market Survey Sponsored by International Information Systems Security Certification Consortium (ISC)2®
• Prepared by Robert Ayoub, CISSP, Global Program Director, Information Security
• Electronic survey, conducted through a Web-based portal
18
Computer Science and Engineering 19
Demand for IA Demand for IA Workforce Workforce
• Worldwide:– 2010: 2.28 million – 2015: 4.24 million (projected)– Compound Annual Growth Rate:
13.2%• Americas:
– 2010: 920,845– 2015: 1,785,236– Compound Annual Growth Rate:
14.2% Information Warfare - Farkas
19
Computer Science and Engineering 20
SalarySalary
• 2011 Annual salary(ISC)2®
Member/non-member• Worldwide: $98,600/$78,500• Americas: $106,900/$92,900
20
Computer Science and Engineering 21
IA JobsIA Jobs
• Job market– Civil (Join Information Systems Security Association, ISSA,
https://www.issa.org/ )
– Government (Internship available at USC-UTS, and SC Dept. of Probation, Parole, and Pardon Services)
– Military (Internship available at SPAWAR, Charleston)
• Education and training requirements (B.S. degree, certification, hands-on experiments)
• Salary• FUN
Computer Science and Engineering 22
IA ResearchIA Research
Wenyuan Xu (since 2007)Wenyuan Xu (since 2007)http://www.cse.sc.edu/~wyxuWireless networking and security, sensor networks, network security and privacy, jamming detection and avoidance
Chin-Tser Huang (since 2003)Chin-Tser Huang (since 2003)http://www.cse.sc.edu/~huangctIntrusion detection, wireless security, distributed systemsnetwork security, network protocol design and verification
Csilla Farkas (since 2000)Csilla Farkas (since 2000)http://www.cse.sc.edu/~farkasWeb data and application (WS & SOA) security, Access Control Policies, SCADA software reliability, economic and social impact of cyber attacks
Application layer
Transport layer
Internet layer
Network Interface
Computer Science and Engineering 23
Contact Information
Center for Information Assurance Engineering
Department of Computer Science and Engineering
http://www.cse.sc.edu/
