Search for: All records

Pervasive IoT applications enable us to perceive, analyze, control, and optimize the traditional physical systems. Recently, security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk. Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications. As an extension of the cloud, the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications. Although there are some research efforts in this area, edge-based security designs for IoT applications are still in its infancy. This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs. We first present an edge-centric IoT architecture. Then, we extensively review the edge-based IoT security research efforts in the context of security architecture designs, firewalls, intrusion detection systems, authentication and authorization protocols, and privacy-preserving mechanisms. Finally, we propose our insight into future research directions and open research issues. 

The need for cybersecurity professionals continues to grow and education systems are responding in a variety of ways. This study focusses on the “interdisciplinarity” of cybersecurity that contributes to the emerging dialogue on the direction, content and techniques involved in the growth and development of cybersecurity education and training. The study also recognizes the contributions of other disciplines to the field of cybersecurity by the discussion of relevant theories that contribute to understanding security in the context of legal, economics and criminology perspectives. Finally, quantitative analysis (security metrics) is done to understand the existing knowledge of security behaviors and beliefs among students from technical and non-technical majors, helps measure the interest fostered towards an academic pathway in cybersecurity and substantiates on the need for providing a level of cyber education for all individuals appropriate to their role in the society. 

Defending the cyberspace calls for troops of qualified cyber professionals (including architects, developers, managers, and various cyber operators) who possess the necessary set of knowledge and skills. Higher education institutions, especially computing related fields such as Computer Science, share the responsibility in producing the future cyber defense workforce. This paper describes our attempt in revamping a traditional CS curriculum at a teaching-oriented university in order to fulfill the Center of Academic Excellence in Cyber Defense Education (CAE-CDE) designation requirements. In details, we discuss how we overcome several resource constraints without sacrificing program quality. We also explain and illustrate the design rationale and process, which may interest other institutions with similar goals. Furthermore, we examine relevant frameworks and guidelines and show how they could be useful in our and other similar efforts. 

We discuss the NICE Cybersecurity Workforce Framework (NCWF), and its role in aligning cybersecurity jobs with candidates. As a workforce development tool, the NCWF can contribute to better retention, reduced new hire training, and cybersecurity education development. The effectiveness of the NCWF, however, requires discretion from hiring managers, academics, and job seekers. Through skills mapping and calibration, the NCWF helps to identify and resolve skill deficiencies; as a framework of core competencies for cybersecurity jobs, the NCWF helps employers to write job descriptions understood by applicants. We first review the NCWF, and then explain how it may enable mapping between jobs and qualifications. We also discuss the effects of job mapping on organizations and candidates, and its long-term benefits. 

Cybersecurity is a rapidly developing field in which job titles and role descriptions may vary from one organization to the others. The NICE Cybersecurity Workforce Framework (NCWF) provides a common language to categorize and describe cybersecurity work for organizations to build a strong workforce. As the predominant workforce prescribed by the NCWF is technical in nature, academic efforts targeted towards these career paths are likewise technical. Though technical security education is critical, an equal amount of knowledge outside the technical domain is pivotal to understand sophisticated challenges in cybersecurity. Articulating a concise, inclusive, meaningful, and unifying approach in cyber related education fosters a balanced motivation for students from both technical and non-technical majors (interdisciplinary) to pursue a career in cybersecurity. Towards this end, we analyzed competencies, knowledge, skills and abilities of interdisciplinary roles and other roles introduced in the NCWF; we then highlighted discrepancies observed.