Shaping Cybersecurity In The Classroom


Written by: Justin Ikpo (cehdcomm@tamu.edu)
Post date: November 08, 2017

In 2017, worldwide spending in the information security industry reached over $86.4 billion, according to a recent industry forecast. With that number expected to grow each year, Dr. Michael Workman, associate professor of human resource development, is working to help train the next wave of cybersecurity experts.

His research into security behaviors observes human interaction through technology. It shows how people view ads, discover new information and make decisions from online content.

“This is where I think the wave of the future is especially in a field like HRD and the tech management program,” Dr. Workman said. “I think this is a really ripe area for us, we can help people understand how information is weaponized and used in ways for an adversary to gain their objectives and outcomes.”

Dr. Workman teaches a cybersecurity class that focuses on applied skills and critical thinking — both of which apply to all aspects of cybersecurity. In addition, he includes learning scripting and coding along with countermeasures. These skills are at the center of all cyber attacks, says Dr. Workman.

The class uses concepts in social engineering to improve students’ cybersecurity skills. Students discuss ethical and lawful situations and are trained to use different techniques, both technological and human, to recognize and neutralize attacks.

Students in the class learn advanced intrusion detection applications and practice with simulations to understand how an attacker tries to compromise the user’s computer. The user must then use countermeasures to fix the problem and document the attack pattern for forensic analysis.

“As a professor, I’ve seen over many years that gradually technologies have become more sophisticated. Many students are coming in less prepared to understand what's underneath the hood of these technologies,” he said. “I want my students to have a better understanding of the behaviors of both attackers and defenders and to articulate what happens when a particular kind of attack occurs."

Most attacks strive to exploit vulnerable code or social engineer ways of excavating important information.

“Practically every aspect of human endeavor involves some kind of online presence. Anytime you have an online footprint, something is exploitable about that. This course trains students on how attackers use vulnerable code to their advantage,” he said.

The course concludes with students receiving a Secure Codebashing certification. This certification is meant to attest that students know how vulnerabilities are exploited and how to remediate them. Dr. Workman said the class would soon evolve to include more interactive programming like hackathons and partnerships with other Texas A&M units.

“Cybersecurity seems more important than ever. It’s becoming increasingly a part of the nationwide conversation as more and more things go through the cloud and involve social media online,” he said. “We want to make more programs available for folks to gain more practical experience.”

 More information can be found on the HRD technology management website.