Cyber Security Training at U.S. Universities
Last week, Texas, A&M University-San Antonio, became the ninth institution to partner with Facebook to launch a cyber security training scheme.
The scheme will be the first in the state of Texas.
Incredible news for Cyber City USA! @TAMUSanAntonio is the first school in Texas to join Facebook’s #CyberSecurity University Program. Proud to have played a small role in this important partnership that will produce quality #tech talent to join San Antonio’s workforce. Congrats! pic.twitter.com/FJz6xE8oqf
— Rep. Will Hurd (@HurdOnTheHill) August 31, 2018
The course will involve hands-on training from university professors under a curriculum organised by Facebook on how to effectively deal with cyber attacks.
>See also: Staff training key in defending against cyber attacks
High-performing students may be eligible for internships with the social media platform after graduating from the scheme, and be able to attend cyber security conferences, such as the Black Hat Briefings.
Expected to begin this Autumn, the course’s material is estimated by instructors to span a total of 150 hours.
Capture the Flag
Facebook’s previously internal Capture the Flag game brings a more accessible platform for cyber security training in that it is open to the general public, being released onto GitHub in 2016.
Running on Ubuntu 14.04, the ‘Capture the Flag’ game consists of ethical hacking competitions that involve challenges related to web application security, reverse engineering, cryptography and other cyber aspects.
The aim is to provide a more entertaining alternative to simply reading about cyber security, but the jury is out as to whether it is effective for learners.
“When executed correctly, Capture The Flag events are some of the best training tools that exist for network defenders,” said senior director, intelligence services at CyberReason, Ross Rustici.
>See also: The new front line of cyber security is mobility
“Experience is the best teacher, and by creating live ranges where defensive teams must deal with and protect systems from an intelligent adversary defenders are going to learn more than they would in any other static lesson.
“However, the efficacy of this training is highly variable. The team simulating the adversary has to be very good at not only conducting the operations, but also in explaining what was easy and hard, based on how the defenders attacked the simulation.
“Running through the mechanisms of a response is always going to provide some value, but to maximise the return, the discussion between the two teams is really where Capture The Flag goes from a fire drill to a growth opportunity.”
Facebook Cybersecurity University for Veterans
A 12-week course for veterans of the United States military, Facebook’s Cybersecurity University for Veterans is operated in partnership with CodePath.org.
>See also: How retraining ex-military personnel could solve the UK’s IT skills shortage
The course, which is free of charge for those who enrol, focuses on the basics of cyber security, including learning about cyber threats, how they can affect hardware and software, and how they can be combated.
Military veterans from across the U.S. have completed the course at Menlo Park, CA, taking part in workshops, lectures and projects, in addition to taking in cyber security-related videos.
The first set of U.S. military veterans graduated from Facebook’s Cybersecurity University for Veterans in April 2018.
Investment in Cyber Security Research
At the 2018 USENIX Security Symposium on the 16th August, Facebook announced that they had awarded $200,000 in grants to cyber security researchers.
The top prize of $100,000 went to KU Leuven researchers Gertjan Franken, Tom Van Goethem and Wouter Joosen, who have published a study titled ‘Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies’.
#Facebook beloont #kuleuven-wetenschappers voor onderzoek naar betere internetbeveiliging en online #privacy 👏 https://t.co/MAxn7ZYxLu
— KU Leuven (@KU_Leuven) August 28, 2018
>See also: Companies are wasting millions on digital investment
Additionally, $60,000 was awarded to the Brigham Young University researchers behind the study ‘The Secure Socket API: TLS as an Operating System Service’, and $40,000 went to a group of Chinese University of Hong Kong and Sangfor Technologies researchers, who wrote a paper titled ‘Vetting Single Sign-On SDK Implementations via Symbolic Reasoning’.
A further $800,000 in grants was announced at the 2018 Black Hat USA conference, provided under the name ‘Secure the Internet Grants’.
Saving Facebook?
The establishment of Facebook’s cyber security outlets and subsequent emphasis on cyber security training could be seen as a response to criticism towards Facebook and other social media regarding controversy surrounding apparent filtration of news and data sharing allegations.
>See also: How do you solve a problem like Facebook?
“We try to show all the good that we’re doing for Facebook, so hopefully programs like this, the global outreach that we do, that they can see that we do have good intent when it comes to education and diversity,” said Facebook’s cyber security programs and operations manager, Stephanie Siteman.
Nominations are now open for the Women in IT Awards London and Women in IT Awards Silicon Valley. Nominate yourself, a colleague or someone in your network now! The Women in IT Awards Series – organised by Information Age – aims to tackle this issue and redress the gender imbalance, by showcasing the achievements of women in the sector and identifying new role models