Sep 22 2020

How to Train the Next Generation of InfoSec Pros Through Real-World Threats

Fairfield University has opened a new cybersecurity lab that gives students hands-on learning experiences.

In an increasingly digital world, cybersecurity has become more important than ever. But according to Cybercrime Magazine, the number of unfilled cybersecurity jobs is expected to reach 3.5 million by 2021. Surveys have found that fewer than 1 in 4 current cybersecurity job applicants are qualified for the positions they are applying to. What lies at the heart of the issue is that many university students who desire a career in cybersecurity often lack hands-on experience. And Fairfield University is working toward changing that.

This fall, Fairfield’s School of Engineering launched a new master’s-level cybersecurity program. It includes two semesters of training at Fairfield’s new cybersecurity lab, where students use real-world security applications from vendors such as Pulse Secure.

To learn more about the lab, EdTech spoke to Justin Hickey, CISO at Fairfield; Dr. Adrian Rusu, chair of computer science and engineering at Fairfield; and Scott Gordon, certified information systems security professional at Pulse Secure.

EDTECH: What is this cybersecurity lab trying to accomplish?

HICKEY: The goal of the lab is to put students in front of real threats and technology they will encounter — every day — as cybersecurity professionals. This is a career where hands-on experience is critical. It takes an extraordinary amount of trust for an organization to provide administrator access security solutions such as their firewalls.The purpose of a firewall is to block malicious activities while allowing legitimate traffic. Inexperienced engineers’ with good intentions are often responsible for creating system outages or unseen network exposures.The reality is that engineers have as much potential to do harm as they do good. These are often hard lessons to learn. As an employer, I’d feel much better knowing this knowledge was gained in a lab. Much better there than in a production environment.

RUSU: We wanted to be able to customize and be creative with our academic offerings. They’re getting the real experiences, using real tools like Pulse Secure’s tools. What we offer is unique. It doesn’t exist somewhere else. We offer two semesters worth of real-world experiences, which really separates our students from others. These are really important experiences because the main complaint from employers is that current cybersecurity students receive cybersecurity training, but they don’t have any real experience.

GORDON: The key is giving the students an opportunity to get this real-world experience. How do you coordinate controls and communications to satisfy business needs and security requirements — whether it’s data protection obligations or privacy obligations. While students can read about these things in a book, having the experience of using these products, meeting with teams to solve problems, and coordinating capabilities with different tools is the kind of operational experience sought out and desired by enterprises. This lab allows students to get that experience and to go through those hands-on exercises that they may not go through otherwise.

EDTECH: Did the pandemic play a role in your decision to launch this lab?

HICKEY: We came to the decision to create the lab before the pandemic hit. Obviously, COVID complicated everything but we didn’t let it deter us from moving forward. It’s always best to stay on the offensive especially in times like these. Security threats thrive off distraction and working through stressful situations is an important part of the job. These are good lessons for our students. Stable and secure communications is what’s allowing businesses to stay open. It’s critical that we prepare the next generation of engineers to face and overcome challenges similar to what we are facing today.

EDTECH: What tools can help train cybersecurity students for real-world scenarios?

GORDON: We have a broad product range of products that work together with a customer’s existing infrastructure as well as other security tools. Our Secure Access Suites cover mobile, network and cloud access security.

We have a virtual private network solution. It is a secure access solution that takes into account things such as an endpoint’s security posture, identity authentication, endpoint visibility and access enforcement. We also have a network access control solution, which can identify endpoints, IoT devices to classify them to apply security policies surrounding access to on-prem resources. We also have cloud security solutions that enable a user and their device to have authenticated access to applications that would exist in the cloud.

All these tools work with each other and with other popular security tools. For example, the next generation firewall essentially controls access into a corporate network. It’s based on IP addresses. It also has additional services such as web filtering. It can determine what external websites and applications an internal user device or device can communicate with. In this case, we can interoperate where a firewall can identify a network device that is exhibiting an unusual activity going outside the network — or going to a particular risky website or application.

READ MORE: Here is a look at higher ed's new approach to pandemic cybersecurity.

It can be flagged by the firewall. By setting up an information exchange between the firewall and our network access control product — the firewall can block access at the point of egress. The firewall can be configured to send information to the network access control system. And through policy, the NAC can remove that endpoint off the network so it will no longer present a threat. That would be an example of how different tools can work together to satisfy a policy or a business need —and reduce risk.

Another example is an application delivery controller solution. It’s called an ADC solution. It provides load balancing and allows applications to be more responsive and resilient.

In this case, students can configure the application delivery control solution to make sure that key applications — whether they’re Pulse Secure applications or other business applications — remain available. By using the product, students understand what types of business traffic is going to those applications. What service levels could they apply to those business applications? Are additional resources needed for one application or another? Again, students are not just learning how to use these products. They are doing exercises under real-world, business conditions.

EDTECH: Will students also be doing their own research and working with agencies?

HICKEY: There are a lot of possibilities when it comes to research. And law enforcement agencies have expressed interest. New vulnerabilities and attacks are discovered every week. Students in our lab could be commissioned to test software for weaknesses, test the effectiveness of patches, test attack or defense strategies — the possibilities are endless. Any discoveries would lead to more questions, and eventually, to more research. This cyclical process could take on a life of its own. I’m very excited to see what comes of this.

EDTECH: There’s a lot of debate about the value of higher education at the moment. How does a lab like this improve the quality of higher education during times of uncertainty?

HICKEY: The business world is eager to hire seasoned security professionals. The needs range from small businesses — all the way to national defense. The stakes are high. And the best positions will go to candidates who are educated, certified, and experienced. The lab serves as a tool to build experience and confidence in our graduates. Fairfield University has a history of providing quality education through innovation. This isn’t a departure for us, just another way to deliver employees who can make an immediate impact.

GCShutter/ Getty Images