Information Assurance at James Madison University

1
Information Assuranceat James Madison University

• Charles W. Reynolds, Director
• Allan Berg, Deputy Director
• Center for Research in Information System
  Security Education
• James Madison University

2
Can Higher Education Respond?

• PCCIP (1997) recognizes the dependence of all our
  critical infrastructures on our information and
  communications infrastructure.
• PDD63 (1998) calls for a national plan and
  recognizes the central role of awareness,
  training and education.
• The Presidents Plan for Information System
  Protection (7 Jan 2000)

3
The Role of Higher Education

• Creating the IA Profession
• with graduate and undergraduate programs
• Creating a security-literate technology workforce
• as part of every college education
• Public Awareness
• through our role in teacher education

4
CRISSE Goals

• JAMES MADISON UNIVERSITY
• CENTER FOR RESEARCH IN INFORMATION SYSTEM
  SECURITY EDUCATION
• Build national consensus in higher education
• Develop instructional materials
• MS and MBA programs concentrating in Infosec
• Development of a practitioner doctorate
• Support K-12 instruction in information ethics
• Administrative support for NCISSE

5
CRISSE Today

• Master of Science
• in Computer Science
• concentrating in Information Security

6
CRISSE Today

• The MS concentrating in Information Security
• 1997 - 40 students including NSA contract
• 1998 - 40 students
• 1999 - 80 students including NSA and DISA/JTF

7
Student ProfileM.S. Information Security

• Industry 63
• NSA 24
• JTF-CND 20
• FBI 8
• DOD 2
• DIA 2
• CIA 1
• DOS 1
• CIA 1
• MILDEPS 12

• DOE 1
• FAA 1
• Federal Reserve Board 1
• Public Law Enforcement 1
• NRO 1
• Public Education 3
• Other Government 2
• NASA 2
• U.S. Hse of Rep 1
• DISA
  3

8
The Information Security Program

• Three Preparatory Courses
• Three Required Core Courses
• Six Information Security Courses
• Capstone Project Course or Thesis Option

9
Instructional Methods

• Ten Courses Over 21-Months
• Students complete the INFOSEC curriculum, taking
  one course at a time in succession.
• Internet-Based WebBoard Collaboration
• Instructional material are available on the
  Internet study assignments are submitted
  electronically.

10
CRISSE Today

• The National Colloquium
• in
• Information System Security Education

11
NCISSE Objectives

• Bring together industry, government and academia
  to define current and emerging requirements for
  INFOSEC Education
• Discuss the future direction of INFOSEC Education
  at the undergraduate and graduate levels
• Form an advisory group to act as a forum for
  continued communications in INFOSEC Education

12
National Colloquium on Information Systems
Security Education NCISSE

• Launched by NSA in 1997
• Self-sustaining organization whose chair rotates
  between government, education and industry
• 1997 Vic Maconachy, NSA
• 1998 Charles Reynolds, JMU
• 1999 Kathy Kincaid, IBM
• 2000 Jeffery Hunker, NSC
• 2001 Academia

13
4th Annual National Colloquium on Information
System Security Education

• KEYNOTE
• Richard Clarke
• The National Plan for Information System
  Protection
• RESPONSE
• from Business, Congress, Universities,
• Government and Corporate Trainers

14
4th Annual National Colloquium on Information
System Security Education

• 23-25 May 2000
• The Doyle Hotel, Washington, D.C.
• http//www.infosec.jmu.edu/ncisse

15
The Question

• How can we ensure that our nations colleges and
  universities develop needed information security
  curricula?

16
The Issues

• Broad education or Professional education
• Last year college or first year employment

17
A Genuine Partnership

• A partnership that shares the expense.
• BUT ALSO
• A partnership that shares the effort.

18
Business and government employers must

• Participate in development of an IA curriculum
• Offer supervised internship experiences for
  students
• Deliver IA lecture series at universities
• Offer on-line career mentoring for IA students
• License instructional materials to universities.
• Benefit from a growing pool of IA professionals

19
Educational institutions must

• Encourage employer participation in IA curriculum
• Offer an IA curriculum that it does not now offer
• Require supervised internship experiences for
  students in that curriculum
• Host industry IA speakers on campus
• Facilitate on-line career mentoring for IA
  students
• Benefit from enlarged teaching capacity without
  additional faculty

20
How To Contact Us

• Charles Reynolds, Director
• Center for Research in Information Systems
  Security Education
• James Madison University MSC 4103
• Harrisonburg, VA 22807
• Phone (540) 568-8772 Fax (540) 568-6023
• Email reynolds_at_cs.jmu.edu
• Web site http//www.infosec.jmu.edu