Center for Cyber Security & Intelligence Studies
Encompassing five bachelor’s and master’s programs in the College of Liberal Arts & Education (CLAE), the Center serves as a multidisciplinary education and research entity focusing on the best practices in cyber security and intelligence analysis. The academic programs included in the Center are:
• Computer and Information Systems (B.S.), (M.S.)
• Information Assurance (M.S.)
• Criminal Justice (B.S.), (M.A.)
• Intelligence Analysis (M.S.)
• Security Administration (M.S.)
CLAE Dean Charles Marske describes the Center as “a marriage of UDM’s historical strengths in criminal justice, security and computer expertise. The beauty of having these disciplines in a center is that it creates an intersection of the liberal arts with its emphasis on logic, critical thinking and consideration of moral and ethical issues with the high tech aspects and applied approaches of computer information systems and information assurance. A major advantage of the Center is the ability to integrate the knowledge and skills from one discipline with those from another discipline.”
A proposal under review, for instance, would allow a high-achieving student to complete a bachelor’s and a master’s degree in five years with the following options:
• A bachelor’s in Criminal Justice, followed by a master’s in Criminal Justice or Intelligence Analysis or
• A bachelor’s in Computer Information Systems, followed by a master’s in Information Assurance or Intelligence Analysis
Students in established careers might also benefit from the Center’s offerings. A police investigator trained in law enforcement or criminal justice could benefit from courses in computer and information systems and computer investigations.
“Given the scarcity of police with training in computer investigations, pedophilia, for example, has increasingly become a cybercrime,” adds Marske. “Our classes and training are focused on how to protect American lives, businesses, universities and government in a world where the rate of cybercrimes and terrorist threats—both domestic and international—is exploding.”
He adds that the federal government lists cyber security as a national priority, and intelligence analysis is a critical need in a wide range of investigative and law enforcement areas.
Dan Shoemaker, director of Information Assurance and chair of the Department of Computer and Information Systems, concurs. “Cybercrime has surpassed the drug trade as number one in profitability for criminals,” he says. “I agree with those who believe the next 9/11-style event could be a cyber disaster that could target the country’s electrical power grids or transportation system. Imagine us living without electricity for half a year, and you can see why Washington is so concerned.”
Because of its significant role in addressing cybercrime, UDM received the Department of Homeland Security (DHS) and National Security Agency (NSA) designation as a Center of Academic Excellence in Information Assurance Education, now called Cyber Security, in 2004. As a designated center of excellence, UDM’s cyber security curriculum complies with specifications of the federal government. Similarly, the Intelligence Analysis curriculum is mapped to federal standards so that the knowledge, skills, and abilities students are taught are consistent with the standards and best practices of this emerging area of specialization. Additionally, in keeping with the NSA’s diversity goals, UDM’s program targets populations traditionally underrepresented in the field of cyber security.
UDM has a track record with federal agencies and programs. Since 2008, the U.S. Department of Defense (DoD) has awarded UDM $1.6 million ($800,000 for each of two years) as part of a multi-year grant to further its cyber security program and research. The funds received to date have enabled faculty in UDM’s Information Assurance Program to create the National Software Assurance Repository (NSAR), which contains all known articles, books and other writing about software assurance and to validate the information using 11 nationally known experts. In the second year, Shoemaker, principal investigator, explains, “We packaged that knowledge into instructional modules that will convey all of the content and tools to ensure that secure software assurance is disseminated into common practice.
“One of the federal mandates is to ensure the security of the nation’s software,” says Shoemaker, an author of cyber security textbooks, who also chairs the Workforce Training and Education Committee for the Department of Homeland Security’s Software Assurance Initiative.
Opportunities for students are also expected to grow. For example, the Center faculty is involved with UDM’s College of Health Professions in seeking approval for a new degree program in Health Informatics. That program is also the basis for a joint venture being developed with the University of Toledo’s College of Medicine and College of Business Administration to train health professionals in protecting the security and integrity of health information, Shoemaker explains. “These students will be uniquely valuable additions to the health care team,” he says. “As employees, they will be charged with assuring that health care information remains confidential and trustworthy.
“The answer to cybercrime is not more technology.” Shoemaker estimates that seventy percent of all cyber attacks come from trusted insiders, not outside hackers. “The technology can’t help there, since insiders are already behind the organization’s defenses. Our role as an institution of higher education is to provide the comprehensive and holistic understanding that is needed to address the entire problem,” he says.
Marske adds, “It is our mission as a Jesuit/Mercy-sponsored institution not to sit on the sidelines, but to be agents of change in positive ways. If cyber security programs aren’t on campuses where students must study philosophy, religion, ethics and values, then where should they be? I want all our students and graduates to make sound ethical judgments.
“Not surprisingly, Mercyhurst College in Pennsylvania, founded by the Sisters of Mercy, and Regis University, a Jesuit school in Denver, were two of the first universities in the areas of Intelligence Studies and Information Assurance,” he continues. “The exposure to the College of Liberal Arts & Education core curriculum will be as important in exposing our students to the mission, vision, and values of a Jesuit/Mercy education as the ethical components embedded in their major courses taken through the Center. Many members of our faculty have been here a long time. They know, believe in and understand the Jesuit/Mercy mission and values that we are dedicated to making a part of our curriculum.”
Marske also notes the advantages of the scope of course offerings, especially the opportunities for interdisciplinary learning.
Students in intelligence studies will be educated in “data mining,” for instance. They will learn to analyze and interpret large data sets focusing on a wide range of political, economic, and historical information with an eye to forecasting areas of increasing tension. This information would then be used by policy makers to increase foreign aid, private relief efforts, or as the basis for further research.
“UDM and its new Center present real opportunities for students interested in a career in this growing, critically important field,” Marske says.
Chair and Professor of Criminal Justice Robert Homant says that UDM’s Criminal Justice program has seen continuing changes in the content of its curriculum over the years, yet most of the traditional topics remain relevant. Despite the increase in cybercrime, criminal justice is still about understanding the bio/psycho/social forces that generate crime and criminals, understanding law enforcement responses to offenders, and understanding the correctional process. “This is not likely to change,” says Homant. “But since it is our role to prepare students to take their places in various roles in the criminal justice system, the content of our courses focuses on the types of social forces that are most salient today.
“The computer age has now reached the point that we expect most people to be computer literate,” says Homant. “This means that the use of computer skills in committing, preventing and solving crimes will only continue to grow. Add to this the likelihood that various types of terrorist attacks and threats of such attacks will continue to raise concerns about computer security, identity theft and misuse of information, and it seems likely that more and more of society’s resources will be dedicated to security and law enforcement.”
Homant explains that the partner in the Center is the Information Assurance component. “It is more than mere convenience to link this program with Criminal Justice,” says Homant. “Some joint research has already come from the association—for example, a typology for profiling computer hackers—and we often encounter students who are still unsure about which area to specialize in. Because the courses overlap, having all the programs in one center allows for this type of exploration.”
The new Center is housed in the Briggs Building on the McNichols Campus. Students engage in hands-on activities using sophisticated, specialized tools and technology, including exposure to simulated environments using virtual machine technologies. One goal of the Center’s program involves students developing software toolkits that use virtual machine technology to help teach students enrolled in cyber security courses.
In the new facility, students work in a state-of-the-art laboratory using equipment that was specified in collaboration with Ford Motor Company, says Jeff Ingalsbe, assistant professor of Computer & Information Systems. “It includes things like digital forensic workstations, portable data acquisition devices, threat analysis software, wireless antennae, advanced encryption software and malware debugging software, to name just a few.”
He explains that the laboratory has a three-fold purpose:
• to familiarize students with the equipment and processes used in industry so that they are the most desirable candidates for jobs,
• to provide a place for advanced research on emerging cyber security problems, and
• to provide outreach to the surrounding community in the form of awareness activities.
One class that Ingalsbe teaches focuses on “ethical hacking.” He says, “Students are taught about the phases of cyberattacks and the technologies and processes that allow the attacks to be successful. But most importantly, they learn about the methods that can be used to thwart those attacks. While there is certainly something cool and hip about working with the latest technologies, the seriousness of cyber security is the strongest theme in my classroom.”