by Geoff Larcom, Published January 22, 2014
YPSILANTI – The United States needs to drastically shift its approach to cyber security, from a reactive to a proactive model that gathers and interprets intelligence and data to pinpoint future threats, Eastern Michigan University professor James Banfield told a group of Michigan lawmakers this week.
The growing sophistication of online threats and the broad reach of terrorism demand a new level of urgency in order to prevent massive and damaging data breaches, Banfield says.
Banfield spoke in Lansing on the topic of cyber security Tuesday, Jan. 21, before the Energy and Technology Committee of the Michigan Senate.
Banfield, a professor at EMU and coordinator of the University’s Information Assurance Program, spent 25 years as an engineer and executive in information technology and information assurance. He oversees an academic department with more than 500 undergraduate and graduate students.
The term “information assurance” encompasses the scientific, technical, and management disciplines required to ensure computer and network security.
Cyber threats today can take a variety of highly damaging forms, according to Banfield. Those include what is called an advanced persistent threat (APT), which occurs when unauthorized users employ multiple phases to break into a network, avoid detection and harvest valuable information over the long term.
A second threat comes in the form of a distributed denial of service (DDoS) attack, which is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Hackers flood legitimate services with illegitimate traffic resulting in a service outage.
Traditionally, the approach to solve such problems is to log the damaging events as they occur, then search for the root cause, Banfield said.
EMU is training students to find new ways to make informed, proactive decisions in guarding against cyber threats, a highly relevant and crucial career path in today’s sophisticated technical marketplace, Banfield told committee members.
More than 50 percent of students in Eastern Michigan’s Information Assurance Program are offered jobs by the end of their junior year, at an average salary of $52,000, Banfield said, adding that more than 83 percent of students are employed in the field after graduation.
The average salary for graduates who’ve spent five years out in the field is $64,000, Banfield said.
Such figures are only likely to improve. Banfield said that the rate of growth in information security and administration professionals ranks only behind that of health care professionals, according to figures from the U.S. Department of Labor.
“The big takeaway from the senate meeting is that EMU is a leader in answering the call for data security and administration professionals, with a proven track record of student employment in the field,” Banfield said Wednesday in summing up his message to Michigan lawmakers. “We are focused on creating students who are critical thinkers, deeply technical, and innovative applied problem solvers. We offer high return on your educational dollar in the form of solid career opportunity, research, innovation, and applied learning.”
EMU’s information assurance curriculum has been accredited by the National Security Administration. Some students find work there after graduation, while others move on to corporate security and other administration environments.
Eastern students in information assurance learn about incident response, intelligence analysis, secure systems administration and network security and forensics, that is, the diagnosing of problems.
EMU serves as a site for the Michigan Cyber Range, built by Merit Network. Additionally, the IA Department at EMU has used grant and university funding to construct a data center isolated from campus networks for secure testing. These networks function as a sort of test track or firing range for cyber security professionals for detecting, preventing, and thwarting cyber-attacks in a real-world setting.
The University also conducts a variety of community and school training events, including the popular annual Digital Divas program, in which middle school and high school girls throughout the area come to EMU for a day to learn about opportunities in the profession. This year’s event will be held on Friday, April 25.
For more on EMU’s information assurance program, please visit http://www.emich.edu/ia/