In a conventional program on cybersecurity, you would assume that a professor in computer science would largely teach on a typically technical topic. Not at EMCS where our goal is to create integrative strategic decision-makers prepared to address the multidisciplinary nature of cybersecurity.
We spoke to Brown Professor of Computer Science and EMCS Associate Faculty Director, Software Security Shriram Krishnamurthi about his EMCS track,Human Factors in Computer Security and Privacy, to better understand the program’s interdisciplinary approach to developing cybersecurity leaders, or what Krishnamurthi calls, “the EMCS difference.”
According to Krishnamurthi, EMCS’s exceptionalism lies in its full embrace of cybersecurity as a technical, policy, privacy and human factor challenge. No attack or vulnerability is limited to one of these aspects. As such, no effective solution can afford to ignore the breadth of the field.
EMCS gives students a cybersecurity framework that spans all these fronts to proactively deal with potential threats. The program cultivates this integrative thinking through a hands on and dynamic approach to teaching that results in immediately applicable cybersecurity solutions for organizations.
For example, one of the modules in Krishnamurthi’s track, Insider Threats, taught by Elise Axelrad looks at the technical, policy, privacy and human factor angles that cybersecurity leaders must consider to defend against attacks that originate from within the organization.
Students read and analyze real cases of insider threats to gain a better understanding of key predictors of an insider attack (motivations, dispositions, means, opportunities). Based on these cases, they develop a full fictional case of an insider attack that their peers need to defend against. Students explore each other’s defense strategies and develop ethical arguments for and against each approach. They compare and select the best defense approaches and develop performance measures, standards, and controls on breaches of ethics. Finally they learn about key organizational stakeholders and how to anticipate their concerns.
The end result for students: a comprehensive, cutting-edge strategy to maximize protection against insider threats for their own organizations.
Like Insider Threats, all the modules in Krishnamurthi’s track treat cybersecurity as a cross-silo challenge that can not be mastered from a particular disciplinary perspective. They are also all designed exclusively for professionals that need solutions NOW. Students learn to get inside a hacker’s head; discover why disingenuous sites engender user trust; master the principles of least authority to minimize risk; use Microsoft’s STRIDE to model threats; deconstruct workflows to see how attacks ripple through systems; role play how to gather and generate system requirements; learn how to cultivate a work culture to retain talent.
The Human Factor Track is just one example of how EMCS reflects the disciplinary breadth of this industry and cultivates leaders ready to protect.