The National Centers of Academic Excellence (CAE) in Cyber Defense program launched in 1999 to contribute to the growing demand for cybersecurity expertise in the intelligence community workforce. As the years progressed, it became clear that cyber defense would be an integral element of national security, causing the program to expand its objectives to support the nation’s need for cybersecurity workforce development across industry, government, and academia.
This year, the CAE program celebrates 20 years of educating and developing our nation’s workforce in cybersecurity. Over the last 20 years, the CAE program has grown from its first seven designees to 272 CAE-designated schools across 48 states, the District of Columbia, and Puerto Rico.
To mark this significant milestone we are delighted to honor the inaugural seven – George Mason University, Idaho State University, Iowa State University, James Madison University, Purdue University, University of California at Davis, and University of Idaho – for their 20 years of participation and advancement in the CAE program.
George Mason University (Fairfax, Virginia)
For over two decades, George Mason University’s (GMU) Center for Secure Information Systems (CSIS) has provided a dedicated environment to encourage the development of expertise in both the theoretical and applied aspects of information systems security. Established in 1990, CSIS has the distinction of being the first academic center in security at a United States university, as well as, a nationally recognized CAE in Information Assurance Education. In 2008, CSIS earned an additional CAE designation in Information Assurance Research (now Cyber Defense Research). CSIS differentiates itself from other centers by working in a broad spectrum of security topics and issues, including Adaptive Cyber Defense, Automated Security Response, Cyber Situation Awareness, Configuration Analytics and Automation, and Document Generation.
GMU offers cybersecurity-related educational programs at the Bachelor’s, Master’s, and Doctoral degree levels, and graduate certifications. These programs include a Bachelor of Science degree in Cyber Security Engineering, Master of Science degree in Digital Forensics and Cyber Analysis, Information Security and Assurance, and Management of Secure Information Systems, and a Ph.D in Computer Science, and Information Technology: Concentration in Digital Forensics certification.
George Mason University Center for Secure Information Systems’ top achievements includes:
- Named No. 1 in the Virginia Governors' Cyber Talent Discovery Program;
- One of the top 3 percent of U.S. colleges in identifying students with a natural aptitude to excel in cybersecurity;
- After 17 days of Cyber FastTrack competition, George Mason University ranked No. 1 in Virginia and No. 1 in the nation out of 5,200 U.S. colleges in the number of students discovering their aptitude for cybersecurity careers; and
- George Mason University Ph.D student, Jiahao Cao’s research project titled "The CrossPath Attack: Disrupting the SDN Control Channel via Shared Links" was accepted by USENIX Security 2019.
Idaho State University (Pocatello, Idaho)
The Information Assurance Program (IAP) at Idaho State University is a CyberCorps®: Scholarship for Service (SFS) program for highly motivated, educated information systems professionals who are familiar with the principles of information assurance. IAP emphasizes information systems and security skills across all organizations and several technical disciplines and provides students with a broad spectrum of technical and managerial skills. Students use these skills to integrate information from seemingly different disciplines – such as National Security Affairs, Information Systems, Computer Science, Business, and Operations Analysis – into a coherent plan to support enterprise operations.
All IAP students are knowledgeable of the full spectrum of threats and vulnerabilities in information systems and have mastered the skills of data and information protection and processing. IAP students recognize that information assurance is more than technical solutions, but rather a defense that balances technology, policy and practice, and awareness, training, and education.
The Information Assurance Program at Idaho State University highlights includes:
- As of spring 2019, there are 83 SFS students with graduate degrees from Idaho State filling cybersecurity positions within the federal government. Of these 83 students, 22 percent are female, and 53 percent are female, former military, or a minority
- ISU alumni, Steven Hernandez, was in inducted into the inaugural SFS Hall of Fame class
- Dr. Corey Schou has been selected for the 2019 National Cyber Security Hall of Fame
Iowa State University (Ames, Iowa)
Over the last 20 years, the Iowa State University Information Assurance Center (IAC) has become a nationally recognized authority in information assurance research, teaching, and outreach. The IAC brings together experts across several departments – from Electrical and Computer Engineering to Mathematics, Political Science, Management Information Systems, and Computer Science – to develop curriculum and prepare students to be cybersecurity leaders and enhance awareness of the cybersecurity issues facing our nation and the world.
The IAC’s mission is to lead research initiatives of national importance and provide comprehensive education, training, and outreach programs through 1) a comprehensive research portfolio including both fundamental and applied research; 2) security education and training; 3) educational pathways to grow the cybersecurity workforce; 4) security literacy and outreach to all citizens; and 5) partnerships with government, industry, and academia.
Iowa State University’s CAE program has led to significant achievements in the cybersecurity department:
- Since 2005, the IAC has held over 45 collegiate cyber defense competitions as well as 14 high school cyber defense competitions.
- Additionally, there are over 12 faculty members working in cybersecurity and a new Bachelor of Science degree in Cybersecurity Engineering.
James Madison University (Harrisonburg, Virginia)
James Madison University (JMU) has invested substantial resources into information security education and gained extensive expertise in delivering cybersecurity education at the graduate and undergraduate levels. Now, JMU has positioned itself as a leader in information security education.
The JMU faculty has a wide range of expertise in cybersecurity, is actively involved in cutting-edge cybersecurity research, and is commitment to excellence in cybersecurity education. JMU’s Information Security Master’s program started in 1997 and was one of the nation’s first Master’s programs in information security. Today, JMU has two Information Security Master’s degree programs, an undergraduate Information Security certificate, an Intelligence Analyst program, and a graduate certificate in Intelligence Analyst.
Students receive a highly technical cybersecurity education and many actively participate in the Cyber Defense club and Digital Forensics group, and local and national cybersecurity competitions and challenges.
Since its inception, the computer science department has graduated:
- Over 350 students through the Information Security Master’s program;
- Awarded Information Systems Security Professional certificates to over 400 undergraduate students; and
- Graduated several Department of Defense (DoD) scholarship and SFS Service recipients.
These cybersecurity graduates are in high demand and have held important positions in the government and industry, including:
- Director of National Cyber Security Division, U.S. Department of Homeland Security
- Director of Information Security Technology, U.S. Senate
- Vice President and Chief Information Officer, Zel Technologies
- Director of Security Technologies, Northrop Grumman Mission Systems
Purdue University (West Lafayette, Indiana)
Since the mid-1980s, Purdue University has been a leader in cybersecurity research and education and continues to be an innovative force in this field. Founded in 1998, Purdue’s Center for Education and Research in Information Assurance and Security (CERIAS) is an interdisciplinary education and research center dedicated to the study of information security, assurance, privacy, and cybercrime. CERIAS brings together a team of highly respected faculty, graduate student researchers, industry and government partners with the shared goal of advancing the state and practice of cybersecurity through research.
Purdue spearheads an innovative research experience for students through the INSuRE – Information Security Research Education – project. INSuRE is a coalition in cybersecurity research, specifically among CAEs in Research and Cyber Defense, and federal agencies and national laboratories. By organizing the research capabilities of universities and matching this supply to the research needs of federal agencies and national laboratories, INSuRE is synergizing cybersecurity research of the nation. By bringing research problems from federal agencies and national labs into the CAE universities, INSuRE is integrating cybersecurity research into the education of information security students. To date, over 600 students have benefited from enrolling in INSuRE.
Since becoming a CAE, Purdue has produced 215 graduates with Doctoral degrees in Cybersecurity and 329 graduates with Master’s degrees in Cybersecurity. Purdue’s cybersecurity academic programs have flourished since 1999, and the institution now offers:
- Undergraduate Cybersecurity Degree Track in Computer Science
- Undergraduate Cybersecurity Major in the Department of Computer and Information Technology
- Cybersecurity Master’s Area of Specialization in Information Technology
- Cybersecurity Ph.D Area of Specialization in Computer Science
- Interdisciplinary MS and Ph.D in Information Security
University of California at Davis (Davis, California)
In 1986, Professor Karl Levitt founded the University of California at Davis Computer Security Laboratory (Seclab). Since then, the research conducted by the members of Seclab has crossed both computer science and disciplinary boundaries, including work with political science, government policy, and law. The research projects conducted by Seclab students have covered an array of topics prevalent in today’s society, from the use of argumentation in system security analysis, and social network and "fake news" security, to analyzing e-voting systems and the process of how an election is run. Graduates of Seclab have gone on to implement their knowledge and abilities into industry, academia, and government, and have made many significant contributions to those sectors.
Additionally, UC Davis faculty conducts research in computer security and information assurance education and teaches several computer security-related courses for undergraduate, graduate, and non-Computer Science major students.
Since 1986, the members of the Seclab have pioneered many areas of computer security including:
- First network IDS (NSM)
- First distributed IDS (DIDS)
- Modeling large scale attacks for IDS (GrIDS)
- First modeling of scenario attacks (Requires/Provides)
- Property-based testing and property-based models of vulnerability analysis.
Additionally, one faculty member co-led the Association for Computing Machinery, Institute of Electrical, and Electronics Engineers Computer Society, and Association for Information Systems’ Special Interest Group on Information Security and Privacy and International Federation for Information Processing Working Group 11.8 Joint Task Force on Cybersecurity Curricular guidelines. This collaboration resulted in the release of the "Cybersecurity Curricula 2017: Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity" (also called CSEC 2017).
Finally, Professor Matt Bishop published the second edition of his widely used textbook "Computer Security: Art and Science." It was one of the first textbooks to provide rigor for the field of cybersecurity.
University of Idaho
The Idaho State Board of Education established the Center for Secure and Dependable Systems (CSDS) at the University of Idaho in response to the overwhelming need for cybersecurity education and research. Completely self-funded, the center brings together collaborative research efforts and serves as an educational focal point for the design, development, analysis, and use of technologies resulting in secure and dependable computing systems. CSDS brings together experts in computer science, business, sociology, electrical and computer engineering, civil and environmental engineering, and more. CSDS is also a proud member of the Institute for Information Infrastructure Protection (I3P).
University of Idaho’s Center for Secure and Dependable Systems successes include:
- In 2012, CSDS received an Idaho Global Entrepreneurial Mission award, enabling the center to add faculty for cybersecurity research in computer science, electrical engineering, civil engineering, and sociology.
- This funding supports the growth of research in cybersecurity as well as helping establish partnerships with industry in Idaho. CSDS faculty members have also secured over $5 million from the SFS program. CSDS faculty and researchers have excellent working relationships with industry, national labs, other universities, and government agencies.