Safety Net Q&A
In the wake of increasing computer breaches, the need for cyber security professionals is likely to increase 18 percent by 2024, says the U.S. Bureau of Labor Statistics. At Embry-Riddle Aeronautical University’s Prescott Campus’s College of Security and Intelligence, Department Chair and founding faculty member Jon C. Haass leverages decades of experience as a leading expert in digital security to arm students with the real-life skills to fill that demand. We recently spoke to Haass, who joined Embry-Riddle in 2013, about the Cyber Security Lab and the importance of research to combat hacking concerns.
Q: The Cyber Security Lab, also known as the Hacker Lab, is where students get hands-on experience analyzing and finding solutions to real-world cyber security issues and threats. Why is that so important?
A: Employers are looking for employees to help solve problems, and this requires critical and creative thinking. Understanding the theory is important and applying this theory to perform work for a client in government or industry is like an internship while still in school. As we grow the number of partnerships, students gain a broad view of the 31 different areas of cyber security as outlined by the National Initiative for Cybersecurity Careers and Studies (NICCS). Our cyber adversaries are talented, well-funded and constantly probing, so our students must be spending time in the lab to keep up.
Q: How important is research in the cyber world?
A: Research is critical, and it comes in many different flavors. Some spend time analyzing the latest malware because thousands of new variants are discovered each day. Others research vulnerabilities in new products or systems. For instance, what are the cyber security issues related to the introduction of unmanned aerial systems (UAS) into our airspace? Are the communications secure? Too often, developers rush to get product to market with cyber security relegated to version 3.0 or until something goes terribly wrong. In this field where we are still playing catch up, research and the real world overlap daily. Some effort also has to look ahead and imagine what might be possible a few years from now.
Q: What research projects have you been involved in recently?
A: I co-authored a guidebook on best practices for airport security as part of an Airport Cooperative Research Program led by the Transportation Research Board (TRB), and I recently presented a paper, “Cyber Security: Research Opportunities,” to the 96th annual TRB convention in Washington, D.C. My current activities include working with agencies and companies to better understand cyber threat intelligence sharing. Since we are faced with not just individual cyber attackers but also organized groups with financial and intellectual resources, countering that requires a network of defenders. The research is exploring value based on response times, improved detection of threats and the potential for rapid machine-to-machine threat sharing. Many threats are not discovered within a network for 45 days or more. Threat sharing holds the potential to reduce this dramatically, saving lost data, intellectual property and financial loss.
Q: Describe your role as both department chair and associate professor in the nation’s first College of Security and Intelligence?
A: In the classroom and lab, my favorite part is introducing students to the exciting questions and challenges facing industry, government and academia under the broad umbrella of cyber security. As chair, a critical aspect of my job is being an ambassador of the program and introducing our college to industry and government. I am still finding too many groups and individuals surprised to find out about our excellent cyber intelligence program. We do more than aeronautics!
Editor’s Note: This article was originally published in the Fall 2017 edition of ResearchER magazine (Vol. 1, No. 2). The ResearchER archives can be found on Scholarly Commons.