In light of national conversations surrounding Internet security, University of Minnesota technology experts say the institution could amp up its efforts in ensuring safe online practices.
By expanding curricula and raising awareness, some say the University could play a stronger role in combating cyber threats on campus and throughout the nation. Staff and faculty members from the University’s Technological Leadership Institute discussed the issue while highlighting new national Internet security guidelines released last month.
“Cybersecurity challenges must be faced by people with skills that come from places like the University of Minnesota,” National Institute of Standards and Technology fellow Ron Ross said to a crowd at the McNamara Alumni Center last month.
In addition to hosting the University event in May, Ross co-authored new national guidelines which could lead to the creation of national standards for systems security.
But Karl Mattson, a senior fellow at the Technological Leadership Institute, said a more comprehensive plan is needed because threats are intensifying as technology develops.
“We have sophisticated criminals now that have cyberattack tools,” said Brian Isle, a Technological Leadership Institute senior fellow.
Isle said he thinks the University should expand its degree programs to train students about cybersecurity.
Currently, the University’s Carlson School of Management and the Computer Science and Engineering Department offer courses related to studying safe online practices. The Technological Leadership Institute’s Master of Science in Security Technologies program provides graduate-level training.
“The only way an organization today can stay ahead of cyber criminals is to have an overall security apparatus,” Isle said, noting that investing in security should be a top priority.
Because of the University’s high level of research activity and amount of computers, assistant computer science professor Stephen McCamant said cybersecurity is important to address. He also said students are a prime target for phishing — the action of tricking people to provide secure information.
Mattson said protecting University researchers’ intellectual property from “malicious use or theft” is crucial because of the magnitude of work created.
Isle said he predicts major security breaches will occur this year because of the growing complexity of cyberattack techniques, such as presenting malicious software as real software products.
“There’s a gradual process by which cyberattacks are getting more advanced, because the attackers and defenders are, over time, trying new strategies,”
McCamant said.
Last year marked a change from geopolitical attacks to large-scale attacks on payment card systems, according to a 2014 Verizon Data Breach Investigations Report.
Cyberattacks are usually financially driven, McCamant said, and more sophisticated attacks often occur between countries, which affect the government more than individual people.
“[Cyber] threat is real, vulnerabilities are widespread and the consequences could be disastrous,” Technological Leadership Institute director Massoud Amin said at the May 13 event.