Special submission by the UCF M&S Behavioral Cybersecurity Program
In the fall of 2015, the Institute of Simulation & Training (IST) at the University of Central Florida (UCF), embarked on a first-of-its-kind graduate certificate program in the modeling & simulation (M&S) of behavioral cybersecurity. Dr. Randy Shumaker, director of IST, conceptualized the program in 2015 in order to fill a gap in education. Shumaker noted that, “there were plenty of universities teaching the tools of cybersecurity, but no institute of higher education was really getting at the behavioral side of cyber. Further, no university was teaching the M&S of behavioral cyber either.”
The program is interdisciplinary in nature and consists of 13 credit hours spanning five graduate-level courses in behavioral cybersecurity, focusing on the human element within cyber. Dr. Bruce Caulkins, director of the M&S of Behavioral Cybersecurity program said, “When I retired in 2015 after 28 years of active duty service in the Army, I came to IST to work in the program. Immediately I realized the importance of this new program.
“This program offers a unique educational opportunity for graduate students not found in other universities, while exposing the students to the latest cybersecurity issues and requirements seen in government, corporations, and academia.”
Caulkins also noted that much of the focus in the government revolves around the creation, acquisition, and execution of tools designed to protect government systems in cyberspace. This program will begin to address the capabilities gap in the human element in cyber, he said.
Sabrina Gordon, coordinator for the M&S graduate program at UCF, said, “The interdisciplinary nature of this program has been a key feature. The students and faculty have all been pleasantly surprised at how much each person has been able to contribute to the rich conversation on this topic.
“A lot of students have been relieved to find out that they can pursue this certificate regardless of their undergraduate degree – for many, it’s a chance to try something new. It’s been a great way for people to diversify their knowledge and build on their experiences.”
The first cohort of students is completing the certificate program this December, with 12 students expected to complete the curriculum this year. The interdisciplinary nature of the program allowed a diverse group of students – with backgrounds in psychology, technical analysis, computer science, and public policy – all completing the certificate successfully. The program runs for one year, fall term to fall term, so the second cohort of students are taking their first class – IDC 5602 – this fall. The courses are taken serially throughout the course of the program and are taught face-to-face in the evenings, with an option to take the course online.
The students can also use the courses themselves as electives within UCF’s Ph.D. program for M&S (Behavioral Cybersecurity track) or the master’s program for M&S (Behavioral Cybersecurity track). Descriptions of the five courses in the graduate certificate program are listed below. All courses are three credit hours in length, except for Cyber Issues, IDC 6600, which is one credit hour*:
Cybersecurity: A Multidisciplinary Approach (IDC 5602) – an interdisciplinary, graduate-level M&S course taught in the fall that introduces the behavioral aspects to cybersecurity to the student. The class also explores the other non-technical disciplines that support cyber efforts within the government, academia, and commercial arenas. Government-level cyber policy, cyber strategy, behavioral aspects of cyber, and cybersecurity training and education are selected subjects discussed in this class.
Cyber Operations Lab (CNT 5410L) – a hands-on class taught in the spring in which students immerse themselves in initial cybersecurity management and planning. Computer science expertise is not required; however, having a good understanding of computer science is beneficial in this class. Students of all related disciplines will discover the intricacies of cyber-related topics like port scanning, firewall administration, penetration testing, and operating systems security.
Behavioral Aspects of Cybersecurity (IDC 6601) – a course taught in the summer that continues the interdisciplinary discussion in cybersecurity, focusing heavily on the behavioral and cognitive aspects of cyber and what motivates cyber attackers. Threat modeling, digital ethics, culture, cyber training, and motives involved in cyber attacks are a few of the subjects discussed in this class.
Emerging Cyber Issues (IDC 6600) – this one-credit hour class is taught in the summer and is an interdisciplinary discussion of issues raised each week by guest speakers brought in to discuss the current and pressing issues facing cybersecurity personnel today. Lectures include cybersecurity policy and planning, open-source intelligence and the effect of social media, virtual economies, cyber penetration testing, and the human factor in data security.
Simulation Research Methods and Practicum (IDS 6916) – this is the capstone course of the program, designed to showcase the knowledge the students learned over the past year in the behavioral aspects of cybersecurity through the deployment of modeling and simulation techniques and processes.
With the first cohort of students completing their graduate certificate in these courses in fall 2016, it is obvious that research and education in the M&S of Behavioral Cybersecurity is an important aspect of UCF’s curricula. As the program moves forward, more collaboration with Team Orlando organizations is a must to augment the training and research objectives at IST.
*More information can be found in the University of Central Florida, “Graduate Catalog, M&S of Behavioral Cybersecurity,” http://www.ist.ucf.edu/grad/brochures/CybersecurityOnline.pdf, retrieved July 27, 2016.