OIT in the Cybersecurity Classroom
Practitioners in the Office of Information Technology share real-world expertise with Pratt graduate students
Earlier this fall, Duke was the target of a vicious email phishing attack. The attack was quickly extinguished, but they are becoming more common and will unfortunately continue, making cybersecurity a critically important field of study.
Richard Biever, Duke’s chief information security officer in the Office of Information Technology, serves as an adjunct professor in the Pratt School of Engineering’s M.E. in Cybersecurity program, teaching “Foundations of Cybersecurity.”
On Tuesday and Thursday mornings this fall, Biever and nine graduate students discuss topics from public issues centered on device encryption and government surveillance to understanding how to threat hunt by mapping the stages an attacker will take in infiltrating an organization.
Through Biever, experts within Duke’s Office of Information Technology are invited to share their expertise in the classroom, providing real-world perspective and contributing to the university's mission to create innovative learning experiences.
Students bring different knowledge and experience to the table, with many having come straight from undergraduate study. Being able to interact with working professionals offers them ideas about career paths.
Mary McKee, deputy chief information security officer and senior director of Identity Management and Security Services in OIT, spoke with students about identity management concepts. This included federated identity, reinforcing authentication systems and developing directory services which make Duke service work better and more predictable for the community.
“During a discussion, the class was willing to debate why they should or shouldn't believe the credentials I provided in introducing the session and we dug into important themes like identity proofing and assigning levels of trustworthiness to outside sources,” McKee said.
“Cybersecurity is all about complex problems, and I hope that the students came away from the discussion with greater appreciation for the Identity Management parts of that puzzle.”
Likewise, Alexander Merck, an information security architect in OIT, and Hugh Thomas, a visiting professor of computer science, spoke with Biever’s students about the Shared Threat Intelligence for Network Gatekeeping and Automated Response, or STINGAR, a threat intelligence platform developed at Duke for use in higher education and fortune 5000 enterprises.
“They are very engaged in class and bring good questions, and the information they bring to the table enhances the conversations we have,” Biever said.
While cybersecurity is a career path for some, Biever emphasizes the importance of every one having some understanding in order to protect themselves.
“Technology permeates our lives as daily tasks are tied to technology,” Biever said. “It’s good to understand how technology can harm us through issues such as phishing and social engineering because these issues have serious consequences that can destroy your life.”
With one of cybersecurity’s biggest challenges being the number of unfilled jobs as the industry quickly grows, Biever hopes he is not only able to help develop technical skills and managerial talent.
“There are a ton of opportunities for people who want to get involved,” Biever said. “The thing that struck us about what we could do at Pratt was develop that leadership talent while preparing them to be practitioners not just in theory, but in addressing very real issues.”
By inviting practitioners to the classroom, McKee sees the opportunity as a way to demystify the post-graduation world of cybersecurity.
“When I was a student, I often worried about how my studies would translate in the professional world,” McKee said. “Whenever I have the opportunity to work with students now, I try to walk through how I bridged educational theory to professional practice over time so students feel more comfortable focusing on their education and not skipping ahead to things they have their entire careers to learn.”
By Lesa Bressanelli, OIT Communications Intern, '22