23rd Colloquium June 10th to 12th - Las Vegas, Nevada
Vol 5 No 2 (2018)
Journal of The Colloquium for Information System Security Education
In the latter days of the last Century, 1996 to be precise, the Colloquium for Information System Security Education (CISSE) became the voice of the academic field of cybersecurity. Since then, the members of the CISSE community gather annually to explore new ideas in the field. The CISSE forum packages the thinking of a variety of governmental, industry, and academic leaders into a exhibition of all of the new and emerging ideas for the form and content of a curriculum for cybersecurity teaching and education.
We feel that it is our duty to ensure the highest academic standards for the ideas presented and discussed at the Colloquium. The conference itself, is held in a different part of the Country every year. Participants present and discuss the ways to maintain a high standard of excellence in cybersecurity education. The aim of the overall process is to develop and ensure the continuing quality of the field through the infusion of new knowledge.
In our opinion, the purpose of this journal is to present the best possible scholarship in the field of cybersecurity education for a given year. Therefore, the process for selecting those presentations is both systematic and rigorous. It is the aim of this Journal to include only the most outstanding research presentations at each CISSE forum. However, the editors and publishers also work with new authors as a means of helping them to bring their work to publishable standards.
In that respect, the papers submitted to the conference undergo a rigorous double-blind refereeing process and the contributions that are deemed the most outstanding are presented in individual sessions at the Conference. Once the Conference is ended an Editorial Board selects a small set of the papers that contain meaningful and innovative ideas for presentation to the community at-large. These are the ideas that you will discover in this Journal.
Given this background it must be understood that the ideas contained here are considered to be our best effort to develop and present outstanding examples of methods and practices for cybersecurity teaching. Cybersecurity is an emerging discipline. And make no mistake, it is its own discipline, separate from any of the conventional computer studies. Therefore, it is critical that we develop and publicize the broadest and most comprehensive range of viable new ideas about where the discipline is evolving, going forward.
Consequently, the ideas presented here are not constrained by any preconceived notions of what the field ought to be. Instead we are focusing on the merit of their usefulness as a means of solving difficult cybersecurity problems. That is the case because there are a number of systemic and cultural challenges that must be overcome before we can obtain a full and holistic understanding of the many demanding protection requirements in this critical field. In that respect, our goal is to present every point of view.
The articles in this Journal address ways to more effectively leverage the range of sub-disciplines in the defense of an organization. Spreading the net as wide as possible is a particularly obvious and justifiable way to address threat. And that is our mandate and challenge to the researchers, and cybersecurity professionals of the future.
Effective strategies for protecting the organization against relevant electronic, human and physical threat require understanding the state of the various existing common communities that comprise the educational landscape. The contents of this Journal focus on developing and maintaining insight into every legitimate approach to cybersecurity. We will present the wide range of approaches and provide solutions in the form of up-to-date ideas about ensuring a continuously capable response. We will focus on best practices for practical education and training for the modem cybersecurity profession as well as transformative thinking for the profession as a whole.
What you will find in this issue are nine carefully selected articles that discuss aspects of existing ideas or new issues that are arising. The articles here represent many avenues of thought. It is our considered opinion that this sort of wide-ranging dialogue constitutes the first steps in overcoming the silo effect that has hampered the field from its inception.
We are dedicated to taking the first steps in ensuring that cybersecurity education evolves into the kind of main tent profession that we all want it to be. We would not have been able to do this alone, and so we would like to acknowledge Tamara Shoemaker for her outstanding work in managing the review and production process, and our colleagues who served as reviewers for this issue: Paul Beard, Christopher Brew, Steven Brown, Yuntai Chang, Anku Chattopadhyay, Joseph Ekstrom, Chani El Kari, Erik Fretheim, Eric Hulderson, Yesem Kurt-Peker, Derek Manwaring, Themis Papageorge, Julio Perez, Jason Pittman, Huw Owain, Lyndon Read, Ken Sigler, Paul Wang, Kevin Wu, Koukeng Yang. And a special thanks to our production editor Andrew Belón.
Editor Dan Shoemaker, Ph.D., Professor and Graduate Program Director University of Detroit Mercy