Cybersecurity education is of prime importance in today’s world. Increasing threats from attackers are motivated by financial and other gains, and these bad actors have access to advanced tools, resources and services from the hacker community.
This growing problem is evident in numerous news reports on the impact of cyber-attacks on individuals and organizations across the globe, and it will only get trickier as more digital devices and services become available in the future. These challenges, coupled with the shrinking talent base of solutions expertise, highlight the importance of broader cybersecurity education.
We need a comprehensive and granular approach. While no single individual is an expert in all cybersecurity areas, foundational elements can help provide the needed professional skills. This foundation should foster deep knowledge of the history and origins of cybersecurity challenges and solutions, as well as a good understanding of their diverse range and interdisciplinary relevance.
For decades, we’ve seen significant research and security assurance initiatives—from the U.S. Department of Defense Orange Book in the 1980’s to the European Union’s General Data Protection Regulation (GDPR) today. These efforts point to the network security protocols, system security design principles, privacy enhancing technologies, threat modeling, and other foundational elements for cybersecurity education. These must be coupled with an understanding of today’s compute platform, not only PCs and cloud servers, but also internet of things (IoT) devices, connected cars, and the ever-evolving world of digital services.
This broader education effort must be grounded in how cybersecurity impacts us in both the cyber and physical world. The corresponding importance of safety, privacy and the long-term consequences to individuals and to society must also be considered.
To develop such a comprehensive approach, we need to nurture a diverse group of individuals—both teachers and students—to motivate and strengthen the defenses that become part of the design in every engineer’s respective field. The lack of diversity evident at RSA-2018, where women comprised only 17 percent of attendees, points to a problem that needs to be tackled. “Failure of imagination” has been cited as the reason we were caught off-guard by the Russian interference with the 2016 U.S. presidential election, and the same was said about Sept. 11, 2001. By bringing more types of people with a more diverse range of experiences and backgrounds into protecting our security, we can broaden the imagination brought to bear on future threats, especially in the cybersecurity domain.
It is great to see strong cybersecurity education efforts by notable leaders both in academia and industry. For example, Intel is leading initiatives with the academic community to bring diversity to high-tech in general and cybersecurity in particular. Intel focuses on outreach programs to universities and students of all genders, backgrounds, interests and various majors to talk about the comprehensive cybersecurity considerations.
For example, at the 2018 RSA Conference, Intel Vice President and General Manager of Platform Security Rick Echevarria announced The Design for Security Badge Program, a new collaboration between Intel and Purdue University.
At RSA 2018, Intel VP and GM of Platform Security Rick Echevarria announced the Design for Security Badge program with Purdue University.
The Design for Security Badge Program will train students and security professionals on a comprehensive approach to system and product design in which security is “baked in” to products, systems, and systems of systems from the beginning, rather than added at deployment.
Training cybersecurity professionals is now more critical than ever. A recent government and industry Task Force is predicting that 1.8 million cybersecurity-related positions worldwide will go unfilled by the year 2022. Collaborative programs such as this new one Intel is launching with Purdue will play a critical role in addressing this shortfall in needed professionals.
We at Intel are especially excited that the program will be available both for Purdue students on campus and online, as well as online for post-graduate professionals.
The Design for Security Badge Program will be available for registration beginning in Fall 2018. For more information, and to sign-up for notifications, visit Secure Design Badge at Purdue’s website.
Abhilasha Bhargav-Spantzel is an Intel Principal Engineer focused on identity, security and privacy. She has numerous patents and broad experience in identity management, cryptography, biometrics, hardware devices and system security. She leads multiple diversity and inclusion efforts at Intel, and actively drives development of women in engineering and cybersecurity. Find her on Facebook and follow her efforts and those of her colleagues on Twitter.