GW requires all CSIA scholarship students to complete Computer Science 6534, Cybersecurity and Governance, for all four semesters of their scholarship programs. CSci 6534 is GW's distinctive weekly course that underlies its success in educating and placing Cyber Corps graduates in federal agencies. Students' participation in this course begins the process of building working relationships that become a very important success factor in their future careers. It is the unifying and reinforcing experience that prepares students with the knowledge, perspective, and expertise to perform competently in their future government positions, repay the federal government its hefty investments in their education, and serve their country.
The course brings CSIA students together and guides them through a curriculum designed to give them a thorough understanding of the roles and responsibilities of the Federal Government in cyber security. It offers an overview of the technical aspects of cyber security: familiarity with the Federal Information Security Management Act (FISMA) and with currently proposed cyber legislation. Over the two-year period, the course essentially grooms GW's CyberCorps students to succeed by developing their technical, analytical, managerial, presentation, and writing skills with regard to CSIA issues. It provides a baseline of common knowledge of relevant federal policies and mandates and an informed picture of federal government roles, responsibilities, and processes. It reviews basics of U.S. Constitution and law and steeps students in the CSIA elements necessary to planning federal computer systems within a framework that is cognizant of privacy, cost, risk, civil liberties, and public acceptance.
The students study current federal civilian and Defense Department policy and compliance programs by examining the FISMA process and the related set of security controls. They engage in the entire Security Certification and Accreditation, audit, and System Security Plan processes. The course readies students to contribute to a government cybersecurity environment on their first day in the federal workforce.
The course begins each fall with second-year students presenting their federal agency summer internship experiences to the cohort of their peers and new first year CSIA students. With input from both faculty and second-year students, first-year students prepare resumes, develop and refine interview skills, and discuss how their background, education and experience will contribute to their success in the federal workplace. The opportunity to videotape practice interviews and review the results is provided.
Ongoing topics of discussion include threats, attacks, and vulnerabilities as well as mechanisms for mitigation, detection, and reconstitution of systems. Students are constantly called on and engaged to consider these matters. In the laboratory, students have hands-on opportunities to develop System Security Plans incorporating Plans of Action and Milestones to secure the lab system. They practice making workstations Federal Desktop Core Configuration compliant and hardening all servers to the DoD Gold Disk standard. They follow this by performing audit, Certification and Accreditation for each system.
Each week, the instructor assigns students to discuss a current attack affecting Federal systems. In examining each attack, students study the system vulnerabilities, effective mitigation strategies that are both technical, policy-oriented, and correspond to the FISMA controls that would have prevented the attack. These student presentations lead to lively and informative discussions among the students, instructor, and guest lecturers who are able to add key insights, knowledge and observations. In addition, the process effectively builds esprit de corps and public speaking skills, both essential to the development of these future government cadres.
More experienced students develop a System Security Plan for a fictitious Government system that is iteratively critiqued and refined through interaction of both the instructor and student. By the end of students' two years of participation in the course, they are well-versed in the use of government processes to analyze computer systems, perform risk assessments and document systems' FISMA compliance. As a result of these exercises, one student reported a sense of "standing out from the veteran employees" and subsequently received a job offer during his summer internship
Almost every week, a government official or industry expert speaks, reinforcing concepts, sharing insights, and meeting informally with scholarship students. The field is fast moving and in response, we frequently update Seminar topics, exam questions and answers in technology, law, and government policy. The following represents a small sample of the questions, terms, and readings on which we recently tested students:
- Who is in charge of Cyber for the Federal Civil Executive Branch?
- Why is monitoring the Departments and Agencies different than monitoring the DoD?
- What laws apply on the Internet?
- Who are the Federal CTO and the Federal CIO?
- Where by authority can the NSA monitor? The CIA? The FBI? US-CERT? Departments and Agencies? Private Sector?
- Who must report their computer incidents to US-CERT?
- What law prevents monitoring of private citizens in the US without a warrant or permission?
- When does Microsoft release their patches?
- Name all of the speakers from this semester and give a short description of their roles in the industry.
- Define and explain these terms at an overall level: CIP, ISAC, PII, C&A, HSPD-54, IV&V
- What are these and what is their importance and relationship to CSIA:
- Federal Information Security Management Act
- President's Management Agenda
- National Information Assurance, Certification and Accreditation Process
- Explain the main ideas in
- NIST 800-18 Guide for Developing Security Plans for Federal Information Systems
- NIST 800-30 Risk Management Guide for Information Technology Systems
- OMB Memorandum 06-19 Reporting Incidents Involving Personally Identifiable Information and
- Incorporating the Cost for Security in Agency Information Technology Investments
- OMB Circular A-130, Appendix III Security of Federal Automated Information Resources, November 2000
Finally, the course provides students valuable informal networking and contacts. Personal interactions with speakers, program alumni, and instructors have led to internships and jobs. Students and graduates establish and rely on these personal and professional friendships and contacts to serve as sounding boards for work-related advice and to provide assistance in their searches for their next positions.
Students also take advantage of our Washington location to visit congressional hearings and other events where they see CSIA issues debated and policy formulated. Often, professors asked to speak at these events invite the students along. Typical conferences attended by many students include BlackHat, FOSE, the State of the Net Conference, and recent events sponsored by the WashingtonPostLive (and CSPRI) and the Future of Privacy Forum (and CSPRI). Many have also taken a field trip to the National Cryptologic Museum adjacent to the headquarters of the National Security Agency in nearby Fort Meade, Maryland.
Students visit various conferences that match their security interests. For example, we have had CyberCorps students travel to Crypto, the annual International Cryptography Conference, and to the RSA Conference. GW has also had a team of master's and undergraduate students compete at the Mid-Atlantic Regional Competition of the National Collegiate Cyber Defense Competition.
A number of laboratories are available to students for their security-related experiments. One is a completely stand-alone network that allows research and teaching while not having the possibility to disrupt the campus network or the Internet. There is another computer systems lab at GW used for the Computer Network Defense course as well as for GWU's Collegiate Cyber Defense Competition team. There is also a forensic sciences lab with several Windows- and Linux-based forensic and steganography tools. Finally, as part of its participation in CyberWatch, GW students may use CyberWatch virtual lab facilities where GUI-interface firewall devices are available to offer challenging security oriented-technical training to managerially-oriented students who are not accustomed to using command line interfaces.
Tompkins Hall of Engineering
725 23rd St NW
Washington , DC 20052