Open-source might actually mean better cybersecurity defenses for government networks.
Credit: U.S. Department of Defense
Nasir Memon is department head and professor in the computer science and engineering department at the Polytechnic Institute of New York University (NYU-Poly). He contributed this article to LiveScience's Expert Voices: Op-Ed & Insights.
In his 2013 State of the Union Address, President Barak Obama stressed the United States' tremendous need for strong cybersecurity, asserting, "America [is facing a] rapidly growing threat from cyberattacks. . . . We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy."
The president has justifiable cause for concern. The U.S. Computer Emergency Readiness Team, a division of the U.S. Department of Homeland Security, has reported some staggering figures: The energy company BP says it suffers 50,000 attempts of cyberintrusion a day, and the Pentagon reports 10 million tries a day on its servers.
Nicole Perlroth, blogging in April for the New York Times, a major news organization that was itself the victim of a recent attack, framed the situation: "Security experts like to say that there are now only two types of companies left in the United States: those that have been hacked and those that don't know they've been hacked."
The pressing need for more cybersecurity experts is strikingly evident, and the United States' colleges and universities have an obligation to educate a sufficiently large and qualified work force to meet that demand, which grew by almost 75 percent from 2007 to 2012 alone.
Young people must be persuaded to flock to the field — not merely as a matter of civic obligation, but because it can be a fun and compelling pursuit. Given the fact that the United States is lagging in science, technology, engineering and mathematics (STEM), with less than a third of our high school graduates prepared for college-level science courses, persuading students to pursue cybersecurity might seem a tall order.
Motivated, dedicated educators hold the key. As part of its Cyber Security Awareness Week (CSAW) programming starting Nov. 14, NYU-Poly is hosting a series of National Science Foundation-funded summer camps for high-school teachers and college professors. During their sessions, the high-school teachers prepare a curriculum that will guide their students toward STEM mastery and participation in the largest student cybersecurity competition in the world. Participating college professors conduct research alongside NYU-Poly faculty members and learn how to ignite students' interest in cybersecurity careers.
Thanks to funding from the National Security Agency, CSAW 2013 also includes a summer camp for young women in high school, since they comprise a particularly underrepresented demographic: Although women fill close to half of all jobs in the U.S. economy, they hold less than 25 percent of STEM jobsand make up only 13 percent of the country's cybersecurity professionals, according to the report Women in STEM: A Gender Gap to Innovation by David Beede of the U.S. Department of Commerce and his colleagues.
CSAW chose the young women, in part, because of their proficiency in math, and over the summer they receive a solid introduction to computer science. Fellow organizers and I hope that these young women can help us determine exactly why their cohorts are not attracted to STEM fields and what we can do to turn that situation around.
There are some indications that young women mistakenly view cybersecurity as too solitary a pursuit, but being at the summer camp and seeing the teamwork required to solve a challenge rids them of that notion. And while some studies have indicated that young women still hold an outdated stereotype of scientists as being "nerds," CSAW participants meet plenty of real scientists over the summer who immediately lay that misconception to rest. Most of the instructors are women, and the students meet leading female cybersecurity experts and executives from such companies as J.P. Morgan, Johnson & Johnson and PricewaterhouseCoopers, all of whom serve as exemplary role models.
Even if you're not here at a summer camp or another CSAW program, you can participate in NYU-Poly's global conversation through social media, using the hashtag #STEMNOW. Tell us your thoughts about the state of STEM education and cybersecurity training — and the measures we should be taking as a nation to improve both.
The views expressed are those of the author and do not necessarily reflect the views of the publisher. This article was originally published on LiveScience.com.