Post on 31-Jul-2020
transcript
Cyber Security Education 2.0:Minding the Gap for Computational Sovereignty in Computational Sovereignty in Norway and the Nordic’s
Professor Dr. Stewart KowalskiInformation Security Vice Dean of EducationFaculty of Computer and Media TechnologyNorwegian Information Security Lab (NISlab)Center for Cyber and Information Security
2
Education your Stairway to Heavenly Security
(2016/2017)
PhD in Information Security
Cisco Lab & Cyber range
Information Security Management Group
Bachelor in IT-Operations and Information Security (BITSEC)
Master in Information Security (MIS)
- Cybersecurity
- Forensics
- Information Security Management
Experienced Based Master in Information Security (MISEB)
Forensic Lab
Biometris Lab
3
NISLAB STUDY PROGRAMS
100
120
140
160142
108
Bachelor IT-Operations and Security (BISTSEC – merged Program 2016/17)*
Master Information Security (MIS) * Experienced Based Master Information
Security (MISEB) ** PhD Information Security (PhD-IS)*
0
20
40
60
80
100
BITSEC MIS MISEB PIS
1622
Number of Students
* Status intake 2015** 1st /2nd year only
(PhD-IS(PhD-IS
Norwegian Information Security Laboratory
(Practical Models vs Theoretical Models for Education Systems)
Find NTNU in the school of Athens?
Find HIG, NISlab, MTL, CCIS in the School of Athens
https://www.youtube.com/watch?v=uOrG6jfBzEU
A Systemic Gap
7
WHY IS THERE SUCH A GAP“AS CHANGE IN QUANTITY = CHANGE IN KIND”“COMPUTATION AS A COMMODITY” A NEW GAP
8
PROBLEM 1 CYBER SECURITY ANDCOMPUTATIONAL SOVEREIGNTY
Computation and IT Technology research and development, adoption and implementation is driven to a large extent by “hype” and security and privacy issues and legal constraints are neither thought about or taught correctly!
9
EXAMPLE GARTNERS SECURITY HYPE CURVES 2003
10PROBLEM 1 CYBER SECURITY ANDCOMPUTATIONAL SOVEREIGNTY
Computation and IT Technology research and development, adoption and implementation is driven to a large extent by “hype” and security and privacy issues and legal constraints are neither thought about or taught correctly!
Do you want to buy a parachute?
What ???????We need to make this thing a light as possiblle!
11
PROBLEM 1
Computer and Media Technology research and development, adoption and implementation is driven to a large extent by “hype” and security issue and other constraints are neither thought about or taught correctly correctly!
http://ca.news.yahoo.com/blogs/good-news/airplane-recovery-parachute-saves-three-lives-connecticut-crash-171749029.html
:Problem: A GAP in our Society between
Hypothesis: It is SystemicThere is always a control GAP with new technology !
13The idea of these lunch seminars is to create an informal setting, where a topic is presented during the first 15-20 minutes, and where the remaining time is set aside for discussion.
A 100,000,000 Reason to propose a Nordic Executive Masters in Business AdministrationSecurity & Privacy Technology and Law?
Computer World May 8th 2015
14The idea of these lunch seminars is to create an informal setting, where a topic is presented during the first 15-20 minutes, and where the remaining time is set aside for discussion.
Conceptual Socio-Technical Model of Nordic Executive MBA in Security Technology, Privacy and Law
15THE FIRST SWEDISH DOT
Swedish information security university education begain with the forming of IFIP TC 11 in 1983.
15
16
DETAILS OF THE FRAMEWORK
Context, geographical/space and time bound "system point"
Design/architecture
Theory/model
Process-Store- Communicate- Collect-Display
Technical Aspects Non-Technical Aspects
Theory/model
Physical constructionOperational
Administrative Managerial
Legal Ethical
Content subject areas
Systemic module - an epistemological device, - meta-science, and - criteria for control
16
Cyber Security Education 1.0
https://oldplay.dsv.su.se/hypercaster/3762/width=640/height=360/link.js
20Mapping to NIST NICE
21
Sept 2015
22
23MIND THE GAP “IS IT A THREE BODY PROBLEM?”
EXECUTIVE MBASECURITY & PRIVACY TECHNOLOGY AND LAW
Business
Technologies and Innovation Legal Informatics
Security and PrivacyManagement Governance
Public & PrivateSectors
24
FUTURE COMMON PROJECTS: EDUCATION
NordSecMob:
Dual Degreewith
Concordia University,
Canada (Autumn
Bachelor in IT-Operations
and Security
PhD in Information
Security
Norwegian MOOC
Common Body of Knowledge
Cyber Security and Privacy
Nordic Master: InfoSec Mgmt
& Privacy (Spring 2017)
NordSecMob: Nordic Master in Security &
Mobile Computing
(Autumn2016)
Master in Information
Security
Bachelor/Master Information
Security Introduction
Courses
Experience
Based
Masters
Police/Cyber
Defense
25
NISlab hosts COINS: Norway’sSecurity PhD Student Network
– Networking (Security Divas, SWITS, NordSec, NISK)Support students with travel grants
– Finse winter school (FRISC/COINS); Metochi summer school– Ph.D. student seminar (autumn): Ca. 30%-40% of students
plus Swedish/European partner network and invited speaker– Capture the flag team: International visibility of Norwegian
applied IT security– Increased visibility: Attract more and better candidates for – Increased visibility: Attract more and better candidates for
positions
26
END-TO-END SECURITY RESEARCH AND EDUCATION
Div
isio
ns/
Div
isio
ns/
Sci
enc
eA
ndE
ngin
eeringTech
nolo
gy/
Docu
me
nts
/Co
yl
NTNU NISlab CCIS NORSIS http://w
ww
.ndia
.org
/Div
isio
ns
eA
ndE
ngin
eeringTech
nolo
gy
e%
20N
DIA
NORSIS
27
NISlab hosts CCIS: Norway’s most important Partner Network in Security
28
PLEASE JOIN US