The Internet, smartphones, and tablets—all cloud-connected tools—increase our productivity and interconnectedness, but they also make us less secure. And it's not just our personal privacy that is at risk. Intellectual property, financial transactions, aviation, energy grids, medical devices, automobiles, and national security face threats as never before.
Twenty-five years ago, before the words cybercrime and cybersecurity existed as part of our everyday vocabulary, before major corporations like Home Depot and Anthem experienced data breaches, George Mason University established the Center for Secure Information Systems with one researcher and a handful of students. That began a journey that led cutting-edge research and saw George Mason emerging as a national leader in cybersecurity education and research.
"Today, cybersecurity is in our DNA," says University Professor Sushil Jajodia, the center's director. "Almost every school or college at Mason has some program that deals with information security. But it wasn't always that way."
Now cybersecurity is everywhere and Mason's center, the first academic center in security at a U.S. university and one of the National Security Agency's original Centers of Academic Excellence in Information Assurance Education, has earned additional recognition, garnered millions in research funding, and educated scores of students. The changes in the cybersecurity field during the last 25 years have created unprecedented opportunities for Mason and its researchers.
In 2014 Mason was ranked seventh in the nation for cybersecurity by the Ponemon Institute, and this year Universities.com has named Mason to its Top 10 grad schools for cybersecurity. The university also recently partnered with the U.S. Army Reserve Cyber Private Public Partnership Program to create educational pathways for future "cyberwarriors."
Unconventional Risks, Innovative Solutions
The threats continue to evolve and they are becoming more sophisticated. To the experienced cyber criminal, the act of taking down an entire network system is very much a game between the defender and attacker.
To combat these threats, the field of cybersecurity must constantly change," says Jajodia. "As researchers, it is our job to understand and even set the rules of this game so that we can outsmart the attackers before they have the opportunity to create severe damage."
Tackling these unconventional, technology-enabled security risks requires innovative solutions, but technology alone won't solve the problem. Cybersecurity needs to be informed by criminology, psychology, law, diplomacy, data analytics, and more. Mason's programs draw their strength from a multidisciplinary approach.
"The cybersecurity industry is no longer focused solely on technical experience," says Mason computer scientist Angelos Stavrou, director of the Center for Assurance Research and Engineering in the Volgenau School of Engineering. "It has moved from the backroom to the boardroom, and security leaders need to manage the business impact of security incidents."
Educating Future Leaders
Over the years, Jajodia has supervised many students who have gone on to become tenured professors at American universities, the nation's military service academies, and foreign universities. Other former students have founded their own companies and assumed leadership positions in international corporations.
A notable example is Peng Ning, PhD Information Technology '01. Ning came to the United States from his native China to work on a PhD. He is now a tenured professor at North Carolina State University, where he researches issues in cIoud computing security, with an emphasis on cloud infrastructure security. He is currently on leave working with an R&D team at Samsung Mobile in Santa Clara, California, developing smartphone technology that will enable users to separate personal and professional data without using two devices.
Five degree programs within the Volgenau School deal with some aspect of cybersecurity; the newest is the B.S. in Cyber Security Engineering, which started in January 2015.
"We have worked with industry leaders to develop this program, and it's by partnering with these leaders that Mason is able to best prepare students for today's challenges as well as tomorrow's," says Dean Ken Ball of the school's newest degree program.
Increasing Economic Opportunities
Given the number of national security agencies, government contractors, and information technology leaders in Northern Virginia, it is not surprising that the Washington, D.C., metropolitan area has emerged as a cybersecurity hub.
Ironically, the cyber threats are also creating economic opportunity, and Northern Virginia stands to benefit. President Barack Obama's budget proposal for the 2016 fiscal year seeks $14 billion for cybersecurity efforts across the U.S. government.
"Mason's proximity to Washington, D.C., makes it a natural center of this kind of research activity," says Stavrou. "Our academic instruction has a research-to-practice mindset. Our partnerships with government and industry have helped our students and faculty take products from the academic research setting to the marketplace."
In 1990, Jajodia saw a need and decided to act. He now finds great satisfaction as he looks back and sees the advances in the cybersecurity field. "Where there are needs, there are opportunities for research, which informs education and practice."
"Cybersecurity is Mason's crown jewel. Its success is a testament to the quality of the work, our students, and our research."
A version of this story by Martha Bushong appeared in the fall 2015 issue of Mason Spirit.