Deliverable 1.2 Report on EU practice for cyber security education EuropeanCommissionTempusProject: 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES ThisprojecthasbeenfundedwithsupportfromtheEuropeanCommission. Thispublicationreflectstheviewsonlyoftheauthor,andtheCommissioncannotbeheld responsibleforanyusewhichmaybemadeoftheinformationcontainedtherein. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Table of content 1. 2. Introductionandpreliminaries....................................................................................................................5 1.1 Principlesforcybersecurityeducation............................................................................................5 1.2 Approachestocybersecurityeducation..........................................................................................6 Formaleducationoncybersecurity............................................................................................................7 2.1 Bachelorstudyprogrammes................................................................................................................7 2.1.1 LiverpoolJohnMooresUniversity,UK....................................................................................7 2.1.2 Petersburg National Research University of Information Technologies, MechanicsandOptics,Russia....................................................................................................................10 2.1.3 UniversityofScienceandTechnologyofChina................................................................11 2.1.4 UniversityofMaryland,UniversityCollege,USA.............................................................11 2.1.5 SheridanUniversity,Canada....................................................................................................12 2.1.6 TheUniversityofSouthWales(UNSW),Australia.........................................................14 2.2 Masterstudyprogrammes.................................................................................................................15 2.2.1 TallinnUniversityofTechnology,Estonia..........................................................................15 2.2.2 UniversityofMarylandBaltimoreCounty(UMBC),Maryland,USA........................18 2.2.3 UniversityofSouthAustralia(UniSA),Australia.............................................................19 2.2.4 UniversityGreatBritain,UK.....................................................................................................20 2.2.5 TallinnUniversityofTechnology,Estonia..........................................................................21 2.2.6 UniversityofWarwickCoventry,UK....................................................................................22 2.3 Doctoralstudyprogrammes..............................................................................................................23 2.3.1 UniversityofOxford,UK............................................................................................................23 2.3.2 RoyalHollowayUniversityofLondon,UK.........................................................................24 2.3.3 DeMontfortUniversityinLeicester,UK.............................................................................24 2.3.4 GeorgeMasonUniversity,USA................................................................................................25 2.3.5 NorthcentralUniversity(U.S.).................................................................................................26 2.3.6 TheUniversityofRhodeIsland,USA....................................................................................26 2.3.7 UniversityofColorado,ColoradoSprings,USA................................................................27 2.3.8 TechnischeUniversitätDarmstadt,Germany...................................................................28 2.3.9 GjøvikUniversityCollege,Norway........................................................................................28 2.3.10 EURECOM,France.........................................................................................................................29 2.3.11 TallinnUniversityofTechnology,Estonia..........................................................................29 3. Informaleducationoncybersecurity......................................................................................................29 3.1 Professionaltraining.............................................................................................................................29 3.2 Domainspecifictraining......................................................................................................................32 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 4. Cybersecurityeducationforthebroaderpublic...............................................................................37 4.1 Risingawarenesscampaigns.............................................................................................................37 4.1.1 Campaign:SaferInternetDay..................................................................................................38 4.1.2 Campaign:GetSafeOnline........................................................................................................38 4.1.3 Campaign:Sicurinrete.it............................................................................................................38 4.1.4 Campaign:DataPrivacyDay....................................................................................................39 4.1.5 Campaign:DataProtectionDay2014..................................................................................39 4.1.6 Campaign:NationalCybersecurityAwareness................................................................40 4.1.7 Campaign:NationalCyberSecurityAwarenessMonth(NCSAM)............................40 4.1.8 Campaign:UKlaunchedpubliccybersecurityawarenesscampaign.....................41 4.1.9 Campaign:EuropeanCyberSecurityMonth(ECSM)2012.........................................41 4.1.10 Campaign:CouncilofAnti‐PhishingJapan.........................................................................42 4.1.11 Campaign:ASEAN‐JapanCyberSecurityInternationalSymposium.......................42 4.1.12 Campaign:AlertOnline,Netherlands...................................................................................42 4.1.13 Campaign:APECCybersecurityAwarenessDay.............................................................43 4.1.14 WebCampaign:GetSafeOnline..............................................................................................43 4.1.15 WebCampaign:BEESECURE..................................................................................................44 4.1.16 WebCampaign:BeCyberstreetwise.....................................................................................45 4.1.17 WebCampaign:Watchyourweb...........................................................................................46 4.1.18 WebCampaign:Semipostiticancello................................................................................47 4.2 Informativecampaignsoncybersecurity.....................................................................................48 4.2.1 Campaign: Universally Challenged – A national competition between UK universitiestotestcybersecurityskills‐CybersecurityChallengeUK....................................48 4.2.2 Campaign:Asia‐PacificandMEARound2014.................................................................49 4.2.3 Campaign:CybersecurityfortheNextGeneration–EuropeanRound2014......49 4.2.4 Campaign:StaySmartOnline,Australia..............................................................................49 4.2.5 Campaign:CybersecurityfortheNextGeneration–Russia&CISRound2014.50 4.2.6 Campaign:CybersecurityfortheNextGeneration–TheAmericasRound2014 50 4.2.7 Campaign:NewMalwareCampaignUsesFakeAnti‐VirusUpdateEmail.............51 4.2.8 Campaign:eSkillsUK–DMAcybersecurity......................................................................51 4.2.9 Campaign:ERM’sInformationSecurityAwareness.......................................................51 4.2.10 Campaign:Unavitasocial(Asociallife).............................................................................52 4.2.11 Campaign:TheDevil’sinyourdetails..................................................................................52 4.2.12 Campaign:SafeInternetBanking...........................................................................................53 5. Cybersecurityeducationassociations...................................................................................................56 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 5.1 IFIP–TC11[37],[38]...........................................................................................................................56 5.2 ISACA[39].................................................................................................................................................57 5.3 OWASP[40]..............................................................................................................................................59 5.4 IACR[41]....................................................................................................................................................60 5.5 ISSA[42].....................................................................................................................................................61 5.6 EDUCAUSE–HEISC[43]......................................................................................................................62 5.7 SANS[44]...................................................................................................................................................62 5.8 ISC2[45]......................................................................................................................................................63 5.9 NICE–NICCS[46],[47]........................................................................................................................64 5.10 NCSA[48]...................................................................................................................................................66 5.11 FISSEA[49]...............................................................................................................................................66 5.12 CyberWatch[50].....................................................................................................................................67 6. ConclusionandFollow‐Up..........................................................................................................................67 References....................................................................................................................................................................68 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 1. Introduction and preliminaries 1.1 Principles for cybersecurity education Academicinstitutionsaretakingdifferentapproachestocybersecurityeducation.Somebelieve in specializing early and focus more on the application of cybersecurity, making it a part of mainstream undergraduate education. Others aren’t advocates of specialized undergraduate degrees and think it is more important to have a strong grounding in the fundamentals of computersciencefirst. Existing cybersecurity educational programs, has some kind of limitations in focus and lack unity of efforts. In order to effectively ensure continued technical advantage and future cybersecurity challenges, education in cyber security should be developed over a technologically‐skilledandcyberworkforceandaneffectiveskillsofthefutureexperts. Currentcybersecurityeducationcanbedividedintoformalandinformalapproachesandother trainings.Formalapproachcouldbeconductedthroughtheelementaryeducation,highschool educationanduniversityeducation(Bachelor,Master,PhD,etc.). Cyber security Bachelor programs are at the university level of studying, mostly within the discipline of Computer Security or Computing, with honour for cyber security. This study programs includes broad scale from courses in fundamental computer science principles to morespecializedcoursescoveringallaspectsofinformationsystemssecurity. Programs on Master degrees include all aspects of defence of possible attacks that can be conduct through the network or directly to computer. Basically, these programs provide studyingthroughthecoursesinthefollowingareas:intrusionanalysisandresponse,critical infrastructureandcontrolsystemsecurity,electronicevidenceandpresentations,information assurance and security, principles of communications networks, cyber security risks, secure softwaredesign,malware,cryptography,legalaspectsofcybersecurity,etc. SomeoftheimportantcharacteristicsoftheformaleducationalBachelorandMasterprograms incybersecurityare: Interdisciplinary programs that cuts across different, but related fields – especially computerscience,engineeringandmanagement; Curriculumaddressesbothtechnicalandtheoreticalissuesincybersecurity; Bothundergraduateandgraduatedegreeprogramsareoffered; Facultycomposedofleadingpractitionersandresearchersinthefieldofcybersecurity andinformationassurance; Hands‐onlearningenvironmentwherestudentsandfacultyworktogetheronprojects thataddressreallifecybersecuritythreats; Emphasisonlearningoutcomesaswellascareerandprofessionaladvancement; Coursesonmanagement,informationsecuritypolicyandotherrelatedtopicsessential totheeffectivegovernanceofsecureinformationsystems; Graduatesofprogramsareplacedinprivateandpublicsectorpositions. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Bachelordegreesstudiesrepresentaseriouschallengetoenhancecybersecurityeducation. The curriculum for any computing major already has tight time allotments in cybersecurity knowledgeandisbalancedtothetopicsdeemedessentialinthecurriculum. Master degrees are essential for providing a cybersecurity workforce with advanced capabilities. Building on a sound of Bachelor degree in computer science or related area, additionaloneortwoyearsofeducation,couldcoverimportanttechnicalcybersecuritytopics. AMScdegreeincybersecurityinatwo‐yeartimeframeallowsuitablypreparedgraduatesto mastertheknowledge,skills,andabilitiesspecifictoadvancedtopicsincybersecurity. A very adequate approach of universities would be to provide several MSc degree options addressingcybersecurityissues: 1. Cybersecurity for computing professionals‐‐Strongly technical cybersecurity‐specific degree programs focusing on cybersecurity built upon a rigorous undergraduate backgroundincomputerengineering,computerscience,orsoftwareengineering. 2. Cybersecurityinsociety‐‐Master’sprogramsinnon‐computingdisciplinesthatemphasize cybersecuritychallengesandvulnerabilitiesandtheirimplicationsforvariousprofessions, includinglaw,business,economics,andmedicine. 3. Cybersecurity operations—Practical techniques and technologies for recognizing vulnerabilitiesandpreventingsecuritybreaches. Theaimoftheinformalcybersecurityeducationistoimprovecybersecurityknowledgeand skillsofcommonpeopleandit'snotavailableattheacademiclevelofstudying.Usuallyitis organized through the courses, trainings, workshops, roundtables, online courses, popular scienceTVshows,etc. 1.2 Approaches to cybersecurity education The analysis focuses on cyber security education practice worldwide. The most developed programs are in the USA, where many Bachelor and Master Programs exist. Programs are drafted with special attention to different cyber security areas. On the other hand, some countriesstilldon’thaveformaleducationattheuniversitylevelforthecybersecurity,evenif theyareawareoftheimportanceofdevelopingeducationalcapacitiesforcybersecurity. Itisobviousthat anyacademicprogramcannot onitsownaddressthefullrangeof trends, challenges, issues and differing perspectives. This is the aim of the leading cyber security educationandpracticetopromoteacollaborativeapproachandalong‐termfocus. Bachelorstudyprogramsincybersecurityusuallylastforthreeorfouryears,whereasthefirst threeyearsfocusoncorestudyingandthefourthyearisforspecializationinspecificareas. Masterstudyprogramsincybersecuritylastforoneyear,endingwiththeMasterthesis. EnrolmentconditionsforMasterStudiesrequestanappropriatepreviouseducationwithinthe ITareaandsometimesthereareprerequisitessuchasspecificcoursesthatshouldbepassed beforeenrolment. Approaches to formal education opportunities for students are critical to help building and shapingfuturecybersecuritycapacities.Thisappliestostudentsatalllevelsincludingcolleges, undergraduate, graduate, and post‐graduate students. The aim is to make such educational opportunitiesavailabletoeverystudent. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Another,importantapproachtocybersecurityeducationisthroughthecybercompetitionsor participation in projects. Cyber competitions are interactive, scenario‐based that help participantsdevelopcybersecurityskillsandincreaseinterestincybersecuritycareers.Cyber competitions foster talent in potential cybersecurity professionals who might otherwise be unidentifiable through traditional academic means, and encourage mentor‐led environment whereparticipantscanpracticeandhonetheircybersecurityskillsinacontrolled,real‐world environment. Cyber security projects for university level students consist from a set of activities and programs tailored to prepare scientists and engineers to extend their focus beyond the laboratory. While the knowledge gained from project based research frequently advances a particular field of science. Such results may be translated into technologies with near‐term benefits for the economy and society. Combining experience and guidance from established entrepreneurs with a targeted curriculum, the project could be a public‐private partnership programthatteachesgranteestoidentifyvaluableproductopportunitiesthatcanemergefrom academicresearch,andoffersentrepreneurshiptrainingtostudentparticipants. Business and government could encourage and improve cyber expertise by funding scholarshipstohelpstudentsaffordgraduate‐levelcoursesincybersecurity. One more widely popular approach is Open‐online‐courses (OOC) aimed at large‐scale interactiveparticipationandopenaccessovertheInternet.AnyonewithanInternetconnection could access OOCs teaching mathematics, computer science, technology, history and many otherfieldsfromtopuniversities.OOCsareanotherresourcethatinternetuserscanutilizeto begin their career in cybersecurity. To become a cybersecurity professional, basic math, engineeringandcomputerscienceskillsneedtobeacquired. Recommendationsforthegeneralapproachesandprinciplestocybersecurityeducationare: 1. 2. 3. 4. 5. Cybersecurityshouldevolveintoaformaldisciplineinthecurriculumsimilartoother existingdisciplines; Programs must teach a combination of theory and practice, and to have a holistic approach; Cybersecurityshouldbetaughtinanintegratedfashion,withallstudentslearningbasic principlesandrespectprincipleoftheinterdisciplinary; Governmentandindustrycollaborationisextremelyimportant; Collaborativeapproachandlong‐termfocus. 2. Formal education in cybersecurity 2.1 Bachelor study programmes ExamplesofBachelorstudyprogramsfromEUcountries,BRIC(Brazil,Russia,IndiaandChina), USA,Canada,AustraliaandBalkansarelistedbelow. 2.1.1 Liverpool John Moores University, UK. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Bachelors of Science, with Honours (SW) in Cyber Security (level: university; discipline: Computing). Table1:ThecoursesinCyberSecurityofferedbytheLiverpoolJohnMooresUniversity PotentialAwardson completion BachelorofSciencewith Honours(SW) CORE OPTIONAL AwardRequirements Project Computingineducation 108corecreditsatlevel6 Level6 12optioncreditsatlevel6 0electivecreditsatlevel6 Computerandnetwork forensics Workplacementevaluation Cyberhackinganddefence Cloudcomputing Networksecurity Employabilityandthe workplace Greenandsustainable computing Technology entrepreneurship Mainframecomputing 120corecreditsatlevel5 Level5 Databasedesign, applicationsand management 0optioncreditsatlevel5 0electivecreditsatlevel5 Computernetworks Informationassurance Securesoftware development 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Computersciencefor security 120corecreditsatlevel4 Level4 WEBdesignandHCI 0optioncreditsatlevel4 0electivecreditsatlevel4 Introductiontocomputer programming Computingandsociety Computinginpractice Computersystems Theprogramisfocusedonthefollowingtopics:computerprogrammingasappliedtomedium to large systems; software development process, including secure software development; awareness of professional and ethical issue Networking: internet protocol, networking, network investigations; programming fundamentals: software development process, syntax and semantics, problem analysis, testing, debugging; professionalism: organisational theory, managementtheory,professionalethics;ITinfrastructure:hardware/networkconfigurations, communication, types of systems, development tools, developing technologies; security: physical and logical security, legal issues, privacy, internet security, protection including forensics. The main competences of the programme are the development of computer science skills relating to information security, and the associated software engineering, management and analysisskillsrequiredtoenactsuccessfulinformationsecuritywithinnetworkedcomputing environments. The main focuses of the program are: to provide students with the technical skillsrequiredforthedevelopmentofcybersecuritysoftwaresolutions;toenablehestudent toacquiretheskillsneededintheinvestigationofuserrequirementsandthedevelopmentofa suitable software design using the appropriate specifications and design methodologies; to preparestudentswiththemanagementskillsrequiredtoimplementcybersecurity;toprovide students with the knowledge of the wide range of issues involved in the implementation of cybersecurity,suchaslegal,ethicalandprivacyrequirements. Thisstudyprogramhasthreelevelsoflearningoutcomes: FHEQLevel4Outcomes: Developcomputerprogramsusingelementaryprogrammingconstructs; ApplyavarietyoftoolsandtechniquesforwebsitedesignincludingHuman‐Computer Interaction(HCI)principles; Discuss the technical challenges of social computing and investigate the ethical, commercialandeconomicissueswithinthisfield; Discussarangeofpracticalaspectsofcomputingandapplytheassociatedtoolsand techniquesusedinthem; Discusscomputerarchitectureatthehardwareandsoftwarelevelsandbasicsecurity concepts; 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES On the completion of Level 4 of the programme, the student will have a good understandingofthebasicsofthefieldofcomputing; They will understand the different approaches required to solve computer‐based problems; They will have the skills and ability to communicate their ideas and take personal responsibilityfortheirlearning. FHEQLevel5Outcomes: Useobject‐orienteddesigninformulatinganimplementation; Analysethestructureofcomputernetworks,architecturesandtheirprotocols; Identify software security requirements and use secure development methods in an implementation; Provideevidenceofexperienceinanumberofinformationassurancemethods(e.g.risk analysis). FHEQLevel6Outcomes: Developacriticalappreciationofcyberattackersandtherelateddefencemechanisms; Demonstrateanunderstandingofthethreatsandvulnerabilitiestonetworkedsystems; Demonstratethefundamentaltechnicalconcepts,implementation,andrestrictionsof networkforensics; Developpracticalandadvancedresearchskillsincybersecurity. BytheinformationbasedonstatementofJayBavisi,presidentofEC‐Council–Indianglobal certificationandtrainingorganisationininformationsecurity,itseemsthereisnouniversity orcollegeinIndiawhichoffersacademiccoursecoveringthewholescaleofcybersecurityin Bachelorprogram(TheHindu,December2,2013(www.thehindu.com).ThoughtheUniversity GrantsCommission(UGC)hasaskedtheuniversitiesandcollegestoprepareandofferacourse incybersecuritythereishardlyanyideaamongthevarsitiesonhowtogoaboutit. 2.1.2 Petersburg National Research University of Information Technologies, Mechanics and Optics, Russia Bachelor study programs in “Organization and Information Security Technology” and “InformationSaint”atPetersburgNationalResearchUniversityofInformationTechnologies, MechanicsandOptics(level:university;discipline:Computing). Shortoverviewofstudyprogram DepartmentofInformationTechnologySecurityprovidestraininginthespeciality "Organization and Information Security Technology". Bachelors program in "Information Security" is focused on information security and protection of telecommunicationcomputingsystems,thatincludes:Analysisofthevulnerabilityof automateddataprocessingsystemsandcomputerequipment;Designanddevelopment ofsecureinformationtransmissionsystems;CertificationofITsecurityandautomated systems with the available means of protection for compliance with certain class of security; Threat assessment information and information threats; Monitoring information flows in a natural language in public telecommunication networks; 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES MethodsforidentificationofusersontheInternet;Methodsofconstructionofintrusion detectionsystemsandMethodsofdesigningcryptographiccomputingsystemsthatare resistanttocurrenttypesofattacks. Department of Monitoring and Forecasting Information Threats provides and apply the methodology of address forecasting of threats to information technology systemsoperatedonthebasisofchangesinthenaturalenvironment.Thefocusand competences are to evaluate the possible effects of information attacks on complex systemssuchasrocketandspace,aviationtechnologies;submarinesandsurfaceships; nuclearpowerplantsandnuclearreactors;gasandoilpipelines,gasandoilcomplexes; positionofchemicalsynthesis;rail,road,seaandairtransport;urbancommunications, etc.Also,itprovidescompetencestodeveloprecommendationsandarrangementsfor support of systems of taking decisions of managers at various levels to reduce the probabilityofemergencysituationsinthefieldofinformationsecurity. 2.1.3 University of Science and Technology of China BScprogram(level:university;discipline:ComputerScience) The undergraduate program covers four academic years. Within the first two years, most coursesfocusesonthefundamentaltheories. Forthenexttwoyears,thestudentshavetheoptiontochoosedifferentcoursesaccordingto their own interests. Students may choose some courses from the following fields: High PerformanceComputing,IntelligentScienceandTechnology,NetworkandSecurityComputing, ComputerArchitecture,etc.TheUniversityofScienceandTechnologyisknownastheleading China's university in computer science, although don't have specific Bachelor programs on cybersecurity. 2.1.4 University of Maryland, University College, USA UniversityofMarylandgivesopportunitytostudentstochoosefrommajororminordegreein cybersecurity.Thecurriculafocusesonthetechniques,policies,operationalprocedures,and technologiesthatsecureanddefendtheavailability,integrity,authentication,confidentiality, andnonrepudiationofinformationandinformationsystems,inlocalaswellasmorebroadly baseddomains.Thisprogrampreparesgraduatestobeleadersintheprotectionofdataassets. Themajorincybersecurityfocusestoprotectanorganization'scriticalinformationandassets byethicallyintegratingcybersecurityriskmanagementandbusinesscontinuitybestpractices throughout anenterprise,implementcontinuousnetworkmonitoring andprovidereal‐time security solutions, analyse advanced persistent threats and deploy countermeasures and conduct risk and vulnerability assessments of planned and installed information systems; participate in forensic analysis of cyber incidents and assist in recovery of operations; formulate, update, and communicate short‐ and long‐term organizational cybersecurity strategies and policies. This degree prepares students for careers as information systems security professionals, senior system managers, and system administrators responsible for information systems and security of those systems. A degree with a major in cybersecurity requiresthesuccessfulcompletionof120creditsofcoursework,including33creditsforthe major;41creditsingeneraleducationrequirements;and46creditsintheminor,electives,and otherdegreerequirements.Atleast17creditswithinthemajormustbeearnedinupper‐level courses(numbered300orabove). 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Table2:ThecoursesinCyberSecurityofferedbytheUniversityofMaryland foundation Credits Required courses Foundations Cybersecurity of 9 Fundamentals Networking of 9 Ethics in Technology Information 9 Requiredcorecourses FoundationsofInformation 15 SystemSecurity SecurityPolicyAnalysis Security Implementation 15 Policy 15 NetworkSecurity 15 Digital Forensics in the 15 CriminalJusticeSystem Supplemental courses major CyberCrimeandSecurity Principles Analysis 6 Digital 6 of EthicalHacking 6 MalwareAnalysis 6 Digital Forensics Analysis 6 andApplication Advanced Information 6 SystemsSecurity MobileForensics 6 NetworkForensics 6 Required course capstone Practical Applications in 3 Cybersecurity Management 2.1.5 Sheridan University, Canada. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Bachelor of Applied Information Sciences (level: university; discipline: Information System Security) Thisdegreeprogramincludesbroadscalefromfundamentalcomputerscienceprinciplesand morespecializedcoursescoveringallaspectsofinformationsystemssecurity. Offeredcourses:ComputerSecurity,ISIntrusiondetectionandprevention,Networksecurity, Ethical hacking, Database security, IS Forensics and Investigation, E‐Commerce applications and Internet security, Applied cryptology, Malicious code: design and defence, Secure programming,Securityauditing. Thefocusandthecompetencesare:analyse,design,program,implement,secureandmaintain networkapplications;design,implement,testanddocumentobject‐orientedsoftwaresystems; install, configure, build, troubleshoot, secure, modify and maintain computer system architecturesandnetworkstomeetuserrequirements;initiateandundertakecriticalanalysis ofsecurityissuestodevelopandimplementsecuritypoliciesandtosolveproblems;design, implement, program, secure, troubleshoot and administer databases; communicate clearly, concisely,andcorrectlyinwritten,spoken,andvisualformthatfulfilsthepurposeandmeets theneedsofdiverseaudiences;reframeinformation,ideas,andconceptsusingthenarrative, visual, numerical, and symbolic representations which demonstrate understanding; interact withothersingroupsorteamsinwaysthatcontributetoeffectiveworkingrelationshipsand theachievementsofgoals;identify,evaluate,reporton,andunderstandwhen,howandwhere to refer security issues; identify and implement investigative techniques adhering to legal processes and case law; analyse, design, and implement, security and threat auditing procedures; identify, design, and implement processes and vulnerability assessments to countercorporate,state,andpoliticallysanctionedlosses. Sheridan'sInformation SystemsSecuritydegreeprogramincludesaninternshipof upto28 weekswithinthirdandfourthyear,aimingtoimprovetheskillsandprofessionalcontactswhile gainingreal‐worldinformationsystemssecurityexperience. Table3:TheBSccoursesSheridanUniversity Title Credits Term1 SystemsLossPreventionMethodologies 3 IntrotoObject‐OrientedProgramming 6 Finite/DiscreteMath 3 IntroductiontoCommunicationNetworks 3 IntroductiontoUnixOperatingSystems 3 CompositionandRhetoric 3 Term2 SecurityThreatsandRiskAssessment 3 IntermediateObject‐OrientedProgramming 6 ComputerMath 3 StructuredDatabaseModelling 3 BreadthElective 3 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES BreadthElective 3 Term3 AdvancedObject‐OrientedProgramming 6 StatisticalMethods 3 StructuredComputerOrganization 3 DatabaseImplementationandManagement 3 BreadthElective 3 Term4 Information Investigation Systems Forensics and 3 Multi‐tierProgramming1 3 AlgorithmsandDataStructures 6 Internetworking 3 BreadthElective 3 Term5 OperatingSystemsDesign 3 Multi‐tierProgramming2 3 UNIXSystemsProgramming 3 Information Systems Intrusion Detection and 3 Prevention DatabaseSecurity 3 BreadthElective 3 Term6 IntroductiontoCryptology 4 SecureSoftwareDevelopment 4 InformationSystemsSecurityAuditing 3 NetworkandDistributedSystemsSecurity 4 BreadthElective 3 2.1.6 The University of South Wales (UNSW), Australia. Bachelor study program in Computer Science, with honours in Cyber Security at School of ComputerScienceandEngineering TheBScstudyprogramatUNSWispartofthewiderprogrammeofferedbytheuniversityin computingandmathematics.Thiscoreprogramprovidesthefundamentalsingooddesignand techniquesthatareessentialforadeepunderstandingofthefield.Italsoprovidestheskills 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES thatmostemployersarelookingfor,likeproblemsolving,inawaythatmakestheirgraduates highlyflexibleandwidelysoughtafter. The Computer Science degree is a three‐year program with an optional fourth‐year with Honours.Thestudentswhoperformatasuperiorlevelwithinthefirstthreeyearsareeligible toentertheHonoursyear,whichcombinesadvancedcourseworkwithresearchprojectand thesis. Both degrees have core common courses. However, there are many optional courses whichofferthepossibilitytospecializeaspecificarea. UNSWhasastrongfocusonCyberSecuritycombiningadvancedsecuritytheorywithtechnical cyber‐attackanddefenceskills.TheyareknownastheleadingAustralianuniversityincyber securitytraining,despitenothavingspecificBachelorprogramsoncybersecurity. 2.2 Master study programmes 2.2.1 Tallinn University of Technology, Estonia The programme is managed by Tallinn University of Technology (Estonia) and it is a joint programmewithUniversityofTartu.[1] TheinternationalMaster'sprogrammewithtwomainspecialties‐CyberSecurityandDigital Forensics ‐ provides students with core skills in wide aspectsof the security of information systemsandspecializedskillsincomputersecurityincidentsandcrimeevidence.Studentsget auniquechancetostudyunderhigh‐levelcybersecuritypractitionersfromEstonianbanks, telecoms, law enforcement, CERT and the NATO Cooperative Cyber Defence Centre of Excellence. CyberSecuritymainspeciality Theprogrammeconveysthespecialistknowledgeandprofessionalskillsneededonacareer pathleadingtohigh‐endtechnicalroles(e.g.securityanalyst,architectorresearchengineer) or managerial roles (e.g. project/team leader or technology officer). Great networking possibilitiesandcollaborationwithleadingspecialistsinthefieldwillpresentgraduateswith arangeofcareeropportunities. Table4:CyberSecuritymainspeciality‐coursestructure ECTS MODULE:Generalstudies14.0ECTScredits Technologyandtheindividual:ethicsoflawandtechnology 3 IntroductiontoEntrepreneurship 4 optionalcourses EstonianLanguageandCultureI 3 ForeignLanguageforScienceandResearch 3 Techno‐psychology 4 Innovationandcreativeproblemsolving 3 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES IntroductiontoProgramming 4 IntroductiontoInformationTechnology 4 SocialInformatics 3 IntroductiontoInternetPsychology 6 MODULE:CoreStudiesinCyberSecurity9.0ECTScredits LegalAspectsofCyberSecurity 3 IntroductiontoCombinatoricsandElementaryCryptography 3 History of Art of War: From Ancient World to Network‐Centric 3 Warfare MODULE:Corestudies18.0ECTScredits compulsorysubjects NetworkTechnologyI 6 Malware 3 FoundationsandManagementofCyberSecurity 6 InformationSystemsMassAttacksandDefence 3 MODULE:SpecialStudiesinCyberSecurity39.0ECTScredits compulsorysubjects CyberdefenceSeminar 3 PrinciplesofSecureSoftwareDesign 3 PrinciplesofSecureSoftwareDesign:ProjectWork 3 optionalcourses OrganizationalTheoryandPsychology Design and Development of Data Exchange Layer for Government 6 InformationSystems DataMiningandNetworkAnalysis 6 NetworkTechnologyII 6 ComputerNetworkSecurity 4 SpecialCourseinCyberSecurity 3 MalwareII 3 InformationSystemsHackingAttacksandDefence 3 CyberDefenceMonitoringSolutions 6 SimulationofAttacksandDefence 6 InformationandCyberSecurityAssuranceinOrganisations 6 PracticalTraining 6 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 6 practical training CryptologyI 6 CryptologyII 6 CryptographicProtocols 6 SecureProgrammingTechniques 3 SecureProgrammingTechniques:ProjectWork 3 AppliedCryptography 6 ResearchSeminarinCryptography 6 SpecialAssignmentinCryptography 3 NetworkTechnologyII 6 SystemAdministration 6 MODULE:FreeStudy 10 MODULE:Thesis 30 DigitalForensicsmainspeciality Thecurriculumconveysthespecialistknowledgeandprofessionalskillsneededonacareer pathleadingtohigh‐endtechnicalroles(e.g.securityincidenthandlerinacompanyoradigital forensicexpertinalawenforcementagency)ormanagerialroles(e.g.project/teamleader). The studies are also an excellent addition to a previous background in legal studies or law enforcement, leading to unique career opportunities. The theoretical knowledge acquired is alsoadequateforcontinuingstudiesasaPhDstudent. Table5:DigitalForensicsmainspeciality‐courses ECTS MODULE:Generalstudies 14 compulsorysubjects Technologyandtheindividual:ethicsoflawandtechnology 3 IntroductiontoEntrepreneurship 4 EstonianLanguageandCultureI 3 ForeignLanguageforScienceandResearch 3 Techno‐psychology 4 Innovationandcreativeproblemsolving 3 IntroductiontoProgramming 4 IntroductiontoInformationTechnology 4 SocialInformatics 3 IntroductiontoInternetPsychology 6 MODULE:CoreStudiesinDigitalForensics 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 9 compulsorysubjects Privacyanddataprotectionlaw 3 OverviewoftheCurrentOperatingSystems 3 DigitalEvidence 3 MODULE:Corestudies 18 compulsorysubjects NetworkTechnologyI 6 Malware 3 FoundationsandManagementofCyberSecurity 6 InformationSystemsMassAttacksandDefence 3 MODULE:SpecialStudiesinDigitalForensics 39 compulsorysubjects Systemforensic 6 NetworkForensic 6 Methodsofsecurityincidencehandlingandcyberforensic 3 DigitalForensicsseminar 3 optionalcourses Rights,ObligationsandLiabilityofActorsontheInternet 3 DataMiningandNetworkAnalysis 6 NetworkTechnologyII 6 ComputerNetworkSecurity 4 MalwareII 3 InformationSystemsHackingAttacksandDefence 3 CyberDefenceMonitoringSolutions 6 IntroductiontoCombinatoricsandElementaryCryptography 3 SpecialCourseinDigitalForensicI 3 SpecialCourseinDigitalForensicII 3 PracticalTraining 6 CryptologyI 6 AppliedCryptography 6 practicaltraining MODULE:FreeStudy 10 MODULE:Thesis 30 2.2.2 University of Maryland Baltimore County (UMBC), Maryland, USA 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES MasterinProfessionalStudies(level:university;discipline:InformationCyberSecurity) The Master in Professional Studies is designed to prepare computer science, information systems,andothertechnologyprofessionalsworkingintheITandcybersecurityfieldstofill managementandleadershiprolesintheirorganization.Multidisciplinarycourseworkblends practical management‐oriented courses with more technically focused courses, allowing students to develop a formal graduate educational program that best meets their individual careerdevelopmentneeds. The ten‐course master’s degree combines courses in cybersecurity strategy, policy, and managementwithmoretechnicalcoursesthatallowsstudentstodevelopaformalgraduate educationalprogramthatbestmeetstheirindividualcareerdevelopmentneeds. Table6:Courses DegreeRequirements RequiredCoreCourses(21credits) CYBR620:IntroductiontoCybersecurity CYBR623:CybersecurityLaw&Policy CYBR624:CybersecurityProject CYBR650:CybersecurityManagement ENMG652:Management,Leadership,andCommunication ENMG658:FinancialManagementOR ENMG672:Decision&RiskAnalysis OneadditionalrelatedelectivecourseapprovedbyCybersecurityGraduateProgram Director ElectiveCourses(9credits) 2.2.3 University of South Australia (UniSA), Australia Master of Science in Cyber Security and Forensic Computing (level: university; discipline: InformationCyberSecurity) ThisprogramhasbeendevelopedtomeettheestablishedAustralianLawEnforcementdemand forMasterDegreelevelInformationAssurancetoestablishexpertisefortheAustraliancourts. Noother MasterDegreesinAustraliahavebeen developed aroundthese competencies.The suite of programs prepares students for the workplace by covering industry recommended competencies for Information Assurance, EE, FC and CIP professionals. This program undertakesanintegratedresearchproject.Insomecasesthisprojectmightfocusonarealissue withinemployment.Graduateswillhavetheskillstoenterprofessionswhichmaybefoundin law enforcement, federal and state government departments, defence, large accounting companiesandbanks.Someemploymentisavailableinsmallandmediumenterprisesbutthis is less common with the move towards IT outsourcing in general, security and forensic in particular. Applicantsarerequiredtohave: A completed undergraduate degree from a recognised University in science, engineeringortechnologywithanaverageofatleastcredit(65%); AcompletedGraduateDiplomainScience(Cyber Security andForensicComputing), withanaverageofatleastcredit(65%)orequivalent. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Inaddition,applicantswouldnormallyhavepassedcourseworkwiththefollowingcontent: Computerprogramming Datamodellinganddatabasedesign Projectmanagement Table7:Courses FirstSemester(StudyPeriod1or2) ElectronicEvidence1‐ForensicComputing ElectronicEvidence2‐NetworkandInternetForensics IntrusionAnalysisandResponse CriticalInfrastructureandControlSystemSecurity SecondSemester(StudyPeriod5) ElectronicEvidenceAnalysisandPresentation InformationAssuranceandSecurity e‐Crime,e‐DiscoveryandForensicReadiness SoftwareSecurityLifecycle FirstSemester(StudyPeriod2),SecondSemester(StudyPeriod5) CISResearchMethods MastersComputingMinorThesis1 MastersComputingMinorThesis2 2.2.4 Lancaster University Great Britain, UK MasterofScienceinCyberSecurity(level:university;discipline:InformationCyberSecurity) TaughtwithinthecontextofLancaster'sAcademicCentreofExcellenceforCyberSecurity,this Master’s degree in Cyber Security adopts an interdisciplinary skills based approach to information security. As such, it has been designed to deliver the skills and knowledge necessary for the current and next generation of Cyber Security Specialists to deal with the challenges of an increasingly risky online world. The Master’s degree blends world class academic teaching, research and the latest industry knowledge to deliver a comprehensive cuttingedgepostgraduateprogramme. Benefitfromauniquemulti‐disciplinaryapproachtotheprogramme,drawinguponexpertise fromtheUniversity'sdepartmentsofAppliedSocialScience,Psychology,Law,Politics,andthe SchoolofComputingandCommunications. Enjoyaflexiblerangeofstudyoptions.Studyfulltimeandgainmasteryofthesubjectwithin one year, or part time on tailored programme over two/three years for students already workinginindustry. Studyinblockmode,whichofferstheluxuryoffocusingononecourseatatimeasafull‐time studentspendingayearoncampusorconvenienceasapart‐timestudentbalancingthiscourse andyourroleinindustry. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES BuildupontheindustryrecognizedprogrammesembeddedintothecurriculumsuchasCISSP (CertifiedInformationSystemsSecurityProfessional),CEH(CertifiedEthicalHacker)andCHFI (ComputerHackingForensicInvestigator)togainindustrycertifiedqualifications. 2.2.5 Tallinn University of Technology, Estonia MasterofScienceinCyberSecurity(level:university;discipline:InformationCyberSecurity) TheinternationalMaster’sprogrammeinCyberSecurityaimstoprovidestudentswithskillsin allaspectsofthesecurityofinformationsystems.Itgivesstudentsauniquechancetostudy under high‐level cyber security practitioners from Estonian banks, telecoms, CERT and the NATOCooperativeCyberDefenceCentreofExcellence.Theprogrammeintroducesstudentsto thisexcitingenvironmentandprovidesthemwithanopportunitytoconductresearchwithin theEstonianCentreofExcellenceinComputerScience. Bychoosingelectablecourses,itispossibletospecializeinoneofthefollowingaspectsora suitablemixofthose: Organizationalaspects‐Law,organization,psychology,standards,etc. Technologicalaspects‐Networking,attack/defencetechnology,cryptography. Table8:Courses Subjectname: Keywords: Foundations and Management of Cyber Cyber security – foundations, management Security methods and principles, COBIT, ITIL, ISO 27000. LegalAspectsofCyberSecurity Criminallaw,informationsecurity,electronic communications. International cooperation. Soft‐law.Conceptionsandterminology. History of Art of War: From Ancient Evolutionofwarfare,roleofcyberspaceinthe WorldtoNetwork‐CentricWarfare modernwarfare Information Systems Mass Attacks and Methodsandstrategiesofdefence,teamwork Defence indefence PrinciplesofSecureSoftwareDesign Compromisesbetweenfunctionalandsecurity requirements, fault detection and recovery, integrityprotection Malware Worms, Trojans, rootkits, botnets. Early detection Introduction to Combinatorics and Cryptographic algorithms, crypto‐analytic ElementaryCryptography techniques, ciphers, Diffie‐Hellman key exchange, RSA cryptosystem, digital signaturesandHashfunctions Theprogrammeconveysthespecialistknowledgeandprofessionalskillsneededonacareer pathleadingtohigh‐endtechnicalroles(e.g.securityanalyst,architectorresearchengineer) or managerial roles (e.g. project/team leader or technology officer). Great networking possibilitiesandcollaborationwithleadingspecialistsinthefieldwillpresentgraduateswith arangeofcareeropportunities. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 2.2.6 UniversityofWarwickCoventry,UK Master of Science in Cyber Security and Management (CSM) (level: university; discipline: InformationCyberSecurity) TheMScinCyberSecurityandManagementisdesignedforthosewishingtodevelopacareer as a cyber‐security professional, or to take a leading technical or managerial role in an organizationcriticallydependentupondataandinformationcommunicationtechnology.Itis suitableforthosefromacomputerscienceorinformationtechnologyeducationbackgroundor courseswithasignificantcomponentofeither.Workexperiencewillalsobeconsidered. The goal of this MSc programme was to give focus to the strategic deployment and implementation of Cyber Security within an organization. They want to develop strategic thinkerswhounderstandtheCyberthreattoanorganizationanditsresourcesandareableto buildandsupportsecuresystemsthatsupportthestrategicgrowthofabusiness.Thecourse covers all aspects of Cyber Security including network security, computer security and information security. The Masters course covers the most important technical concepts of security—such as encryption, intrusion detection, penetration testing, access control, digital forensics/investigation, risk management, security governance and network security/computersecurity. Alongsidethis,thecoursefocusesonthebusinesscontextsothatstudentscanprogresstheir careers more rapidly through organisations and aim very particularly at management positions. AMasterscourseuniquelyembeddedinindustry StudyingtheMScinCyberSecurityandManagementatWMG,Warwick,thestudentswillgain an exposure to industry that is unparalleled in many HEIs. All the cyber security modules containaconsiderableinputfromindustry,forinstanceintheacademicyear2012‐2013alone, thefollowingcompanieshavegivenguestlecturestostudents:HP,AmethystConsulting,Deep SecureLtd,SiskinTechnology,SOCA(SeriousOrganisedCrimeAgency),CSC,VMware,OCSIA, NottinghamPolice,Mozilla,MetropolitanPolice,Kaspersky,BerwinLeightonPaisner,LWRisk Associates, Telefonica, IBM, Garren James Associates, Blackstage Forensics, Derbyshire NHS TrustandNettitude. CyberSecurityResearchNetwork CyberSecuritynowencompasseseveryaspectofbusiness,socialandgovernmentlifeandcan no longer be treated as a subject area that is isolated solely to the domain of Information Technology.TheE‐SecurityTeamisacorememberoftheCyberSecurityResearchNetwork which encompasses cyber security specialist knowledge from across a range of disciplines including secret intelligence and security, Cognitive Neural Systems, Computer Science, SecurityandCryptography,QuantumInformationProcessing,multi‐agentsystems,distributed artificial intelligence, image forensics, risk management and security governance, politics philosophy and cyber ethics, social network analysis, digital forensics and numerous other technologiesanddisciplines. Table9:CyberSecurityModules CyberSecurityModules 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES SecurityArchitecturesandNetworkDefence CryptosystemsandDataProtection InformationRiskManagementandGovernance IndustrialEspionageandCounterfeiting DigitalForensics,EvidenceandIntelligence ManagementModules InformationSystemsManagement GlobalisationandOutsourcing FinancialAnalysis&ControlSystems Leadership Organisations,People&Performance 2.3 Doctoral study programmes Tendoctoralstudyprogrammesarepresented:3fromU.K.,3fromU.S.,1fromGermany,1from Norway,1fromFranceand1fromEstonia. WhereasCyberSecurityiswellrepresentedamongmasterstudyprograms,thenumberofPh.D. programs specifically targeting Cyber Security is not very high. The PhD in Cyber Security usually does not stand on its own. The majority of the PhD programs in Cyber Security are actuallypartofthewiderComputerSciencefield. WealsonotedthatthemajorityofPh.D.programsinCyberSecuritystresstheinterdisciplinary aspects,yetfocusmoreontechnological/computerscienceaspectsthantheadministrative/ organisational aspects. There are exceptions too. For example, the Northcentral University offers a PhD in Business Administration with a specialization in computer and information security. 2.3.1 University of Oxford, UK University of Oxford offers a PhD in Cyber Security that consists in one year of intensive educationincybersecurity,followedbythreeyearsofresearch.Sixteenplacesareavailablein eachcohortofadmissions,ofwhich,fundingisavailablefor12only. IntenseeducationcoursesincludeascoremodulestheCyberSecurityPrinciples(Systemsand Operations), Usability, Security Risk Management, System Architectures, High‐integrity systemsengineering.Therewillalsobearangeofcoursesinresearchmethodsandtools.This understanding will be placed in the context of courses in business processes, policy and governance,internationalrelations,andcriminology. Following this intensive education, students will spend the summer of the first year undertakingtwo‘miniprojects’indiverseareas,usuallyinvolvingplacementinacompanyor governmentorganisation. Theresearchhasthefocusonthefollowingfourthemes: Securityof‘BigData’coverstheacquisition,management,andexploitationofdataina widevarietyofcontexts; 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Cyber‐PhysicalSecurityconsiderstheintegrationandinteractionofdigitalandphysical environments,andtheiremergentsecurityproperties;particularlyrelatingtosensors, mobiledevices,theinternetofthings,andsmartpowergrids; Effective Systems Verification and Assurance has been at the heart of Oxford’s longstanding strength in formal methods for modelling and abstraction applied to hardwareandsoftwareverification,proofofsecurity,andprotocolverification; Real‐Time Security arises in both user‐facing and network‐facing tools. This theme addressesthetechnologieswhichmakepossiblecontinuousauthenticationbasedon user behaviour, evolving access control making decisions based on past behaviour instead of a static policy, visual analytics and machine learning applied network securitymanagement,anomalydetection,anddynamicreconfiguration. 2.3.2 Royal Holloway University of London, UK Startingfrom2013,RoyalHollowayUniversityofLondonoffersaPhDinCyberSecurity.There arethreesuccessiveannualcohortsofaround10studentseach,startingfromOctober2013. Mostorallofthesestudentsarefullyfundedbytheuniversity. StudiesareconductedonthesimilarlinesasOxfordUniversity.Thestudentswillfollowa4‐ yeardoctoralprogramme:thefirstphaseconsistsofataughtcomponentcomprising25%of theprogramme.Theremainingthreeyearsfollowthemoretraditionalpathofdoctoralstudies, witheachstudentundertakingresearchinanadvancedtopicinthefieldofcybersecurity. The taught course element will consume around 25% of the doctoral programme, and will comprise two components: the body of knowledge and research development components. Thebodyof knowledgecomponent consistsof asuiteofmasters‐level modulesacrossthe cybersecuritydomain,andisdrawnfromtheInformationSecurityGroupMScinInformation Securitysyllabus.Additionaloptionalmodulesmayalsobeselectedfromothermasters‐level programmesacrosstheuniversity,includingfromComputerScience,Mathematics,Psychology, Geography, Management and Economics. The research development component, based on threededicatedCDTmodules,willprovideabridgebetweenthebodyofknowledgeandthe researchelement.Formoststudents,the balance oftaught moduleswillbe approximately 70%inthefirstyearand30%inthesecondone. Thestatedareasofresearchare: thebasiccomponentsofsecurityservices,suchascryptographicalgorithmsandtrusted hardware; managementofcryptographickeys; thecorrectnessofthedesignandimplementationofsecurityprotocols; thedesignofsecurityservicesforembeddedsystems; businessinformationsystems; telecommunicationsnetworksandcriticalinfrastructure; thedetectionandanalysisofmalware;and, thestudyofeconomics,psychology,organisationaltheory,designtheoryandsociology inthecontextofinformationandcybersecurity. 2.3.3 De Montfort University in Leicester, UK De Montfort University in Leicester offers a four‐year Cyber Security Doctoral Training Programme which teaches many disciplines across all faculties, including Psychology, Law, EnglishandComputerScience. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Importantfocusisonencouragingstudentstoreflectupon,andconceptualise,theboundary betweenthecyberandphysicalworldsandhowit,andthecyberdomainitself,canandshould be regulated. This will not only include legal considerations but also cultural, historical, psychological,economicandethicalissues. Thestructureofthetrainingprogrammeisdesignedtobeflexibleandtofitwithbothfull‐time andpart‐timePhDstudy.Modulesoffered(thisisanindicativelistandnotexhaustive): 2.3.4 FoundationsofCyberSecurity CyberThreatIntelligence CyberEngineering ProfessionalPracticeinForensicsandSecurity ApproachestotheStudyofWellbeing CyberLawandEthics ResearchMethods George Mason University, USA George Mason University offers a PhD in Information Technology with Concentration in InformationSecurity.Studentsseekingthisconcentrationmustsatisfyalltherequirementsfor thePhDinInformationTechnology. TosatisfythebreadthrequirementofthePhDdegree,eachstudentmustpassasetofqualifying examinations designed to test a student's fundamental knowledge. The general PhD IT requirementisthateachstudentmusttakefourexamsfromthreedifferentmaster'sprograms. TheexamsfortheInformationSecuritytrackare: 1. InformationSecurityandAssurance; 2. OneexamfromOperatingSystemsorNetworks; 3. Twoexamsfromthefollowing,atmostonefromeachmaster'sprogram: FoundationsofComputerScience OperatingSystems ComputerNetworks ArtificialIntelligence Databases LanguageProcessing SoftwareConstruction SoftwareModelling SoftwareTesting AppliedProbability AppliedStatistics NetworkForensics InadditiontocoursestakentopreparefortheQualifyingExam,studentsmusttakeatleast8 courses(24credithours)including:InadditiontocoursestakentopreparefortheQualifying Exam,studentsmusttakeatleasteightcourses(24credithours)including: ISA862‐ModelsforComputerSecurity Studentsmustselectatleastfourcourses(12credits)fromthefollowing: ISA640‐ProgrammingLanguageSecurity ISA650‐SecurityPolicy ISA652‐SecurityAuditandComplianceTesting 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES ISA656‐NetworkSecurity ISA673‐OperatingSystemsSecurity ISA674‐IntrusionDetection ISA681‐SecureSoftwareDesign ISA685‐EmergingTopicsinCyberSecurity ISA697‐TopicsinInformationSecurity ISA763‐SecurityProtocolAnalysis ISA764‐SecurityExperimentation ISA765‐DatabaseandDistributedSystemsSecurity ISA767‐SecureElectronicCommerce ISA796‐DirectedReadingsinInformationSecurity ISA863‐AdvancedTopicsinComputerSecurity SWE781‐SecureSoftwareDesignandProgramming INFS865‐NetworksandDistributedSystemsSecurity 2.3.5 Northcentral University (U.S.) Northcentral University offers a PhD in Business Administration with a specialization on computerandinformationsecurity. This specialization responds to the demand in business and industry for computer security professionalswhoaretrainedincyber‐terrorism,computerforensicsandcomputersecurity. ThePhDprogrammaybecompletedin60credithours.Uptoanadditional15credithourswill beallowedasneededtocompletedissertationresearch.TheUniversitymayacceptamaximum of12semestercredithoursintransfertowardthedoctoraldegreeforgraduatecoursework completedatanaccreditedcollegeoruniversitywithagradeof"B"orbetter. AllnewstudentsenrollingintheBusinessPhDprogramareautomaticallyenrolledincourses thatareeightweeksinlength. ThePhDinBusinessrequiresfivespecializationandsixresearchcourses,atotalof33credit hours. 2.3.6 The University of Rhode Island, USA The University of Rhode Island offers a Computer Science PhD degree with its coursework concentrationandresearchinDigitalForensicsorinCyberSecurity.Studentsmustmeetthe admissionandgraduationrequirementsfortheComputerSciencePhDDegreeprogram. Typically, students take the requirements for the Graduate Certificate and/or Graduate CertificateinCyberSecurity,gettheGraduateCertificatedegree,andthenapplythosecourses towardstheirPhDdegree.InadditiontothecoursesappliedfromtheirGraduateCertificate, PhD students work with their advisor to choose 4 more Digital Forensics or Cyber Security relatedcoursestotakeandsixtraditionalComputerSciencecoursesfromthesixgroups: Algorithms; ProgrammingLanguages; ComputerArchitecture; ComputerSystems; SoftwareDesign; TheoryofComputation. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Inadditiontotheeightcourses,PhDstudentsdoaresearchprojectinDigitalForensicsorin CyberSecuritydependingontheirdissertationtopic. The expected completion time for a PhD degree is 4‐6 years full‐time. The digital forensics coursesandcybersecuritycoursesaredoneonlinewhilemostoftheothercomputerscience courses are done in‐person. Also, up to three courses can be transferred from another institution,whichisawaythatstudentscanfillintheComputerSciencecourserequirements. Admission to the Computer Science PhD degree program requires a computer science background. 2.3.7 University of Colorado, Colorado Springs, USA UniversityofColoradooffersaPhDinEngineeringwithfocusonSecurity. ThePhDprogramoffersthepossibilityforstudentstoconductmulti‐disciplinaryresearchin areasofcybersecurity,physicalsecurity,andhomelandsecurity,whichhavebecomecritical andincreasinglyurgentintoday'spersonal,business,andgovernmentoperations.Thisnew multi‐disciplinaryapproachintegratestheexistingcurriculawithresearchinitiatives,meeting thechallengesofsecurityandthequalityexpectedfromtheUniversityofColorado. Theprogramisresearchorientedwithastrongself‐learningcomponent.Theplanofstudyis decidedbythePh.D.advisorandtheAdvisoryCommitteeaccordingtothestudent'sspecific research topic. Beyond the traditional learning component, the students in the program are requiredto have atleast3 monthsof operationalsecurityexperience,suchasinternshipor training,asdeterminedbytheAdvisoryCommittee.Thesecondfeatureoftheprogramisthe use of short intense workshops where students and faculty will meet to discuss emergent theoriesandtechniquesinsecurity,andcarryoutexercisessimulatingcriticalsecurityevents. Theyprovideopportunitiesforstudentstoapplywhattheylearnintheself‐pacedcoursesand to learn how to coordinate and cooperate in cyber war and homeland defence scenarios. Studentshavetocometotheworkshopatleastonceayeartoreporttheirresearchprogressin thepastyearandtheplanforthefollowingyear. TheNationalSecurityAgencyandtheDepartmentofHomelandSecurityhavedesignatedthe University of Colorado, Colorado Springs as a National Centre of Academic Excellence in InformationAssuranceEducation(CAE/IAE). The NSA (National Security Agency) Information Assurance Courseware Evaluation (IACE) ProgramhasvalidatedthatUniversityofColoradoatColoradoSpringscourseware,meetsall elementsoftheCommitteeonNationalSecuritySystems(CNSS)NationalTrainingStandards for: InformationSystemsSecurity(INFOSEC)Professionals,NSTISSINo.4011; SystemAdministrators(SA),CNSSINo.4013EntryLevel; IACECertificationRelatedCourses: CS3910‐SystemAdministrationandSecurity; CS4200‐5200‐ComputerArchitecture; CS5220‐ComputerCommunications; CS5910‐FundamentalsofComputer/NetworkSecurity; CS5920‐AppliedCryptography; CS5020‐SoftwareSecurity; CS6910‐AdvancedSystemSecurityDesign; 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 2.3.8 CS6930‐AdvancedTopicsinWebSecurityandPrivacy. Technische Universität Darmstadt, Germany Technische Universität Darmstadt offers a PhD program in Cybersecurity (Resilient Critical Infrastructures)attheCASEDlab. Relevant research topics in Cybersecurity range from adversary detection to network resilience, including mitigation and healing. Regarding the application domains, a main emphasis is put on critical infrastructures with Internet backbones. This comprises Smart Cities,SmartGrids,SmartTransport,andlarge‐scaleindustrialsites. Experience in IT security, preferably with a focus on Cybersecurity, as well as profound knowledgeincomputersciencearemandatory.CandidatesshouldholdaBScorMScdegree andshouldhaveanexcellentcommandofEnglishandpreferablysomecommandofGerman. 2.3.9 Gjøvik University College, Norway GjøvikUniversityCollegehasbeenofferingadoctoralprogrammeinInformationSecurityinits ownrightsinceaccreditationwasgrantedin2008.TheFacultyofComputerScienceandMedia Technology is home to the largest research group in information security in Norway and arguablyinScandinaviaandisalsohostoftheCCISCentreforCyberandInformationSecurity, linkingittokeygovernmentandindustrialresearchgroupsthroughitsacademicstaff. ThisPh.D.programmeconsistsofataughtcomponentwithintroductoryandresearchskillas wellasspecialisedcourses andseminars onresearchtopics and of guidedandindependent studiescomprisingthebulkofthetime.Itisofferedbothonafull‐timeandpart‐timebasiswith nominalfull‐timestudydurationofthreeyears. TheprogrammeisconductedentirelyinEnglish.Studentsarerequiredtotake30ECTScredit pointsintaughtcoursesatthePh.D.level,typicallytaughtintheformofresearchseminarsand adapteddynamicallydependingonongoingresearchandrequirements.Twocoursesortheir equivalentaremandatory,namely 'EthicsandLegalAspectsofScientificResearch'(IMT6001),and 'IntroductiontoInformationSecurity'(IMT6011) Upto10ECTScreditpointsmaybetakenattheM.Sc.level;thechoiceofmodulesismadeand adjustedaspartofindividualstudyplans Academicstaffareconductingandsupervisingresearchincludinginthefollowingareas: Biometrics,Identification,andAuthentication; ControlandEmbeddedSystemsSecurity; CriticalInfrastructureProtectionModels; Cryptology; CyberCrimeInvestigation,DigitalandComputationalForensics; HumanandOrganisationalAspectsofInformationSecurity; InformationSecurityManagementandGovernance; InformationTheoreticSecurityandCovertChannels; IntrusionDetection,Prevention,andIncidentManagement; Network,DistributedSystems,andCommunicationSecurity; OperatingSystems,Applications,andSoftwareSecurity; 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES PrivacyandAnonymity; SecurityEngineering,Testing,andStandardisation. ThemajorityofresearchwillbeconductedwithinthecontextoftheNorwegianInformation SecurityLaboratory(NISlab)andCCIS. 2.3.10 EURECOM, France EURECOM at Sophia Antipolis is a graduate school and research centre in communication systems, formed as a consortium of 7 European universities and 9 international industrial partners. EURECOMoffersaPh.D.program„SecurityinComputerSystemsandCommunications“.The emphasisoftheprogramison: Understandingandanalysisofattacksonnetworks,systemsandsecurityhardware; Design and management of security mechanisms for fixed and mobile networks, computersystemsandsecurityapplicationsofimageprocessing. Thesecuritytopicsstudiedinclude: cryptographyanditsapplications; malwaredetectionandanalysis; specificmechanismsfortheprotectionofcommunications,networksanddistributed computerapplications; imageprotectionandbiometrictechniques. The program is taught entirely in English. French classes are included free of charge in the program. 2.3.11 Tallinn University of Technology, Estonia TallinnUniversityofTechnologyoffersafreefouryearPhDprogrammewithaspecialization inComputerScience.Theprogrammeisalsosupportiveofcybersecurity research on topics suchasattacktrees,anomalydetectionanddigitalprivacytools. While most of the PhD student research is founded on Computer Science concepts, the programmedoesallowforinterdisciplinaryresearch(forexample,securityeconomics).While thegeneral,basicandfreestudymodules(30ECPtotal)aresharedbyallComputerScience PhD students, cybersecurity topics are introduced in the specialization module (30ECP) as individualstudiesandspecialcoursesoncybersecurity.Theremaining180ECPareawarded forindividualresearchworkleadingtothesuccessfuldefenceofthethesis. 3. Informal education on cybersecurity 3.1 Professional training Oneofthemosttrustedandthelargestorganizationforprovidinginformationsecuritytraining andforsecuritycertificationintheworldisSANSInstitute.Morethan165000(12000peryear in USA and internationally) ICT security professionals around the world attended SANS’s 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES trainings. These trainings are focused on providing helpful and useful instructions and techniquesfordefendingsystemsandnetworksagainstthemostdangeroustreatstoICTstaff. Trainings address both – security fundamentals and awareness, and the in‐depth technical aspects of the key areas of ICT security. SANS offer three different places for training – in classroomsinInstituteheadquarters,inclients’headquartersoronlinecourseswhichisthe mostcost‐effectiveness.SANSoffersitsclientsamultitudeofopportunitiesforhighquality security training in network, computer, management, audit, and forensics and information security. Oneofthemostinterestingtrainingsforcompaniesthatwanttoincludenetworkevidenceinto their investigations and provide better findings, of overall nine course line‐up for mainland Europe's largest IT Security training event in 2014, which will be hold in Amsterdam is AdvancedNetworkForensicsandAnalysestraining(acronymFOR572).Durationoftrainingis sixdays,eighthoursperday,andpriceislittlelessthan5.000EUR. This training is focused on the knowledge necessary to expand the forensic mind‐set from residualdataonthestoragemediafromasystemordevicetothetransientcommunications thatoccurredinthepastorcontinuetooccurandbuiltfromthegrounduptocoverthemost critical skills needed to mount efficient and effective post‐incident response investigations. FOR572 covers the tools, technology, and processes required tointegrate network evidence sources into investigations and the full spectrum of network evidence, including high‐level NetFlow analysis, low‐level pcap exploration, ancillary network log examination, and more. Also training includes exercises how to leverage existing infrastructure devices that may containmonthsoryearsofvaluableevidenceaswellashowtoplacenewcollectionplatforms whileanincidentisalreadyunderway.Awiderangeoftoolsarecoveredbythistrainings,such as the venerable tcpdump and Wireshark for packet capture and analysis; commercial tools from NetWitness and NetworkMiner; and open‐source tools including nfdump, tcpxtract, Logstash,andmore. PrimarytoolkitforthistrainingisLinuxSIFTvirtualmachinewithover500digitalforensics andincidentresponsetoolsprebuiltintotheenvironment,includingspecificallyloadedsetof networkforensictools.Also,forallparticipantsWindows8StandardFullVersionLicense,Key for the Windows VMware Image and 64 GB USB disk loaded with case examples, tools, and documentationareprovided. ThistrainingenablesICTprofessionalstospecializefor: Extract files from network packet captures and proxy cache files, allowing follow‐on malwareanalysisordefinitivedatalossdeterminations; Use historical NetFlow data to identify relevant past network occurrences, allowing accurateincidentscoping; Reverse engineer custom network protocols to identify an attackers command‐and‐ controlabilitiesandactions; DecryptcapturedSSLtraffictoidentifyattackersactionsandwhatdatatheyextracted fromthevictim; Usedatafromtypicalnetworkprotocolstoincreasethefidelityoftheinvestigations findings; Identifyopportunitiestocollectadditionalevidencebasedontheexistingsystemsand platformswithinanetworkarchitecture; Examine traffic using common network protocols to identify patterns of activity or specificactionsthatwarrantfurtherinvestigation; Incorporatelogdataintoacomprehensiveanalyticprocess,fillingknowledgegapsthat maybefarinthepast; 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Learnhow attackersleverageman‐in‐the‐middletoolstointerceptseeminglysecure communications; Examine proprietary network protocols to determine what actions occurred on the endpointsystems; Analysewirelessnetworktraffictofindevidenceofmaliciousactivity; Use visualization tools and techniques to distil vast, complex data sources into management‐friendlyreports; Learn how to modify configuration on typical network devices such as firewalls and intrusiondetectionsystemstoincreasetheintelligencevalue oftheirlogsandalerts duringaninvestigation; Apply the knowledge you acquire during the week in a full‐day capstone exercise, modelledafterreal‐worldnation‐stateintrusions; Table10:Detailedplanandprogramofthetraining[2] FOR572‐AdvancedNetworkForensicsandAnalysestraining Day CourseContent 1 FOR572.1‐ OfftheDisk andontothe *GoalsofForensicInvestigation Wire *HypothesisManagementFundamentals *Foundational Network Forensics Tools: tcpdumpandWireshark Topics *NetworkEvidenceSourcesandTypes *Case Management Collection/Handling and Evidence *WebProxyServerExamination *Network Architectural Challenges and Opportunities *PacketCaptureApplicationsandData 2 FOR572.2 ‐ Network Protocols and *Dynamic Host Configuration Protocol CommercialNetworkForensics (DHCP)andDomainNameService(DNS) *HypertextTransferProtocol(HTTP) *SecureHTTP(HTTPS)andSecureSockets Layer(SSL) *FileTransferProtocol(FTP) *NetworkTimeProtocol(NTP) *CommercialNetworkForensics *MicrosoftProtocols *SimpleMailTransferProtocol(SMTP) 3 FOR572.3 ‐ Netflow Analysis and * Introduction to NetFlow WirelessNetworkForensics *NetFlowCollectionApproaches *Open‐SourceFlowTools 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES *CommercialFlowAnalysisSuites *VisualizationTechniquesandTools *WirelessNetworkForensics 4 FOR572.4 ‐ Logging, OPSEC, and *Syslog Footprint *MicrosoftEventing *HTTPServerLogs *FirewallandIntrusionDetectionSystems *Log Data Collection, Aggregation, and Analysis *Investigation OPSEC and Footprint Considerations 5 FOR572.5 ‐ Encryption, Protocol *IntroductiontoEncryption Reversing,andAutomation *Man‐in‐the‐Middle *EncryptedTrafficFlowAnalysis *PayloadReconstruction *NetworkProtocolReverseEngineering *AutomatedToolsandLibraries 6 FOR572.6 ‐ Network CapstoneChallenge Forensics *NetworkForensicCase *Analysis using only network‐based evidence *Reporting 3.2 Domain specific training Asemployeesareoftencharacterizedastheweakestlinkinthecompanyinformationsecurity link,specialattentionshouldbegiventotheireducation.Justbyoneclickingonamaliciouslink that installs an exploit kit employee can make a million costs for defence mechanism of company. On the flip side, security‐conscious employees can pick up the slack where the technology and processes fail, acting as a last resort in the security defence mechanism. Effective security awareness training is often represented as the one that can change employees' behaviour throughout an organization. Traditional training approaches that are simplisticandone‐dimensionalhavenotprovedadequate.Infact,aneffectiveapproachcalls foramultidisciplinaryteamandcollaborativeeffortsofdifferentsubjectmatterexpertsbesides information security. Undoubtedly, this approach requires sufficient funding by the management.Securityawarenesstrainingshouldbeginwiththeseniormanagement.Oncethey areclearhoweffectivetrainingultimatelymitigatestherisks,theyaremorelikelytoinvestin it.Thetrainingcontentshouldbecustomizefordepartments/groupsthathaveasimilarjob function,andprovidespecificexamplesofwhattheyencounterintheirday‐to‐dayactivities. Employeemotivationisakeyprerequisiteofsuccessfultrainingtoapointthatitcanmakeor 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES break the effort. The key is avoiding those workers who participate merely because it's requiredbyorganization'ssecuritypolicyandfinishitwithlittleknowledgegained.Toincrease thetraining'seffectiveness,thecontentshouldbebrokendowntoinformationnuggetsfocused onaspecificsubject,presentedtotheusercommunityondailybasisandrepeatedaftercertain periodoftime. InstituteofModernTechnologyMontenegroincooperationwithourpartnersfromMacedonia – “GenSet Cybersecurity” organize training named Corporate and IT Security. This type of training is adjusted to the company profile, and highlights security of the key aspects of business[2]. CorporateandITSecurityTrainingprovidesanoverviewofinformationsecurity.Itcoversthe CISSP10securitydomains,VulnerabilityAssessment,InformationSecurityRiskAssessment, privacyandEthicalHacking.Wewillalsolearnaboutthechallengesofinformationsecurityand itsoverallscope. Objectivesofcourse,areto: Allow learning and assimilation of security fundamental, risk management, security policies, standards of safety, security governance, privacy, operational security managementandEthicalhacking; Offer a comprehensive and interdisciplinary vision issues related to current information security challenges, and the control of information security for organizations; Provides understanding of methodologies, processes and solution components to ensuresafetyITandtelecomenvironments; Focuses on the managerial aspects of the security of digital information and the businesstoolsandsafetymanagement; Thiscoursewillfocusondevelopingandtoadoptentrepreneurshipapproach. Theoutcomeistounderstandandexplainthemajorgoalsofinformationsecurity,moreover, toidentifythemajortypesofthreatstoinformationsecurityandtheassociatedattacks.Aswell as,toexplainwhysecurityanditsmanagementareimportantforanymodernorganization. Further, to recognize threats to information systems and privacy and how an information securitymanagementsystemshouldbeplanned,documented,implementedandimproved,and aligned with information security management standards. Furthermore, assess information security risks that concern integrity of data and systems availability is important, and to identify the major techniques, approaches and tools used to discover network and system vulnerabilities. Last, develop strategies to protect organization information assets from common attacks and to protection of personal data and confidential information and intellectualproperty,aswellastoprepareavulnerabilityassessmentreport,riskassessment report,securitypolicy. This training is basic and intended to all employees, aiming to gain basic knowledge about cyber‐attacksandhowtoreactincaseofsomeattacks.Trainingcoversthirteenmodules,with planpresentedinthefollowingtable: Table11:Moduleplan CorporateandITSecurityTraining Module CourseContent 1 Topics Information Security Governance and *Fundamentalprinciplesofsecurity RiskManagementModule *Riskmanagementconcepts 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES *SecurityFrameworks *SecurityPolicies,Standards,Procedures andGuidelines *RiskmanagementandAnalysis *Informationclassification/ownership *Security education, awareness training and *Baselines *Certificationandaccreditation 2 InformationSystemsAccessControl *Identification, Authentication, AuthorizationandAccountability(IAAA) *Discretionary VS Mandatory Access ControlModels *Role‐basedAccessControl(RBAC) 3 SecurityArchitectureandDesign *CriticalComponentsofEveryComputer *AccessControlModels *CertificationandAccreditation *Countermeasuresprinciples *Fundamental Concepts of security models *Capabilitiesofinformationsystems *Vulnerabilitiesandthreats 4 Physical(Environmental)Security *Facility Location and Construction Issues *PhysicalVulnerabilitiesandTreats *InternalSecurity *FacilitiesSecurity 5 Telecommunications and Network *TCPSuit Security *LAN, MAN, and WAN Topologies and Technologies *FirewallTypesandArchitectures *NetworkAttacks 6 Cryptography *EncryptionConcepts *DigitalSignatures *Cryptanalyticattacks *PublicKeyInfrastructure 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES *Symmetric Algorithms 7 & Asymmetric Key Business Continuity and Disaster *Planning RecoveryPlanning *RolesandResponsibilities *RecoveryStrategy *BusinessImpactAnalysis *DisasterRecoveryprocess *Exercise 8 Legal,Regulations,Investigationsand *PrivacyLawsandConcerns Compliance *Compliancerequirements/procedures *TypesofEvidenceandCollection 9 SoftwareDevelopmentSecurity *Models *DatabaseModels&Security *Application environment and security models *Effectivenessofapplicationsecurity 10 SecurityOperations *OperationDepartmentsResponsibility *Incident response prevention and attack *Patchandvulnerabilitymanagement 11 RiskManagement *VulnerabilityAssessment *InformationSecurityRiskAssessment 12 Privacy *Confidentiality,PrivacyandSecurity *DataPrivacy *PrivacyPolicy *Explanation of treats to personal privacy posed by computer and the Internet *SocialNetworkingandprivacyissues 13 EthicalHacking The cybersecurity training for non‐IT professionals differs greatly from the professional trainingsdiscussedabove.Thistrainingaudience(theenduser)generallyhasknowledgeabout theuseofstandardofficesoftware,webbrowsing,e‐mail,etc.Assuch,theirtrainingshould covertheapplicableorganizationalsecuritypolicy(forexample,whataretherulesconcerning passwords),generalthreatawareness(forexample,howtorecognizephishinge‐mails),how tousethesecuritysolutionsimplementedbytheorganization(forexample,acorporatevirtual privatenetwork),etc.Suchtrainingsareoftenconductedin‐house. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Variousdomainsdo,however,havetheneedformorespecializedcybersecuritytraining.For example, the banking sector may need additional training on detecting on‐line fraud and money‐laundering,securityauditing,riskmanagement,etc.Thesecoursescancombinesome aspectofcybersecuritywithatopicfromadifferentfield. Examplesofspecifictraininginclude: SCADA Security Training by SANS/Red Tiger Security. This course is “designed to bridge the skills sets of Control System Engineers, Technicians, and IT Security professionals.” [3] Such courses are relevant for a wide variety of domains, such as utilities (power generation, water treatment, etc.), manufacturing (cars, electronic devices,etc.),trafficcontrol,foodprocessing,etc. LawofData SecurityandInvestigationsbySANS, which“coversthelawofbusiness, contracts, fraud, crime, IT security, IT liability and IT policy all with a focus on electronically stored and transmitted records. The course also teaches investigators how to prepare credible, defensible reports, whether for cyber, forensics, incident response,humanresourcesorotherinvestigations.”[4]Suchcoursesarerelevantfor lawenforcement,aswellasincidenthandlingcommunitiesacrossallsectors,andthey canbecomplementedwithvariousforensicscourses. JointC4I/CyberStaffandOperationsCoursebytheJointForcesStaffCollege(US)aims to“educateandtrainjointC4IdecisionmakersinC4Iandcyberspaceconceptsinthe joint/ interagency/multinational environments, the DoD's organization and how it supports the C4I process, and the management and operation of current joint C4I systems.” [5] While this course is aimed at the military, there is a need for similar coursesinotherdomainsaswell. ECDLITSecuritymodule[6].Thismoduleallowscandidatestounderstandthemain conceptsunderlyingthesecureuseofICTindailylifeandtouserelevanttechniques andapplicationstomaintainasecurenetworkconnection,usetheInternetsafelyand securely,andmanagedataandinformationappropriately. TrainingmodulesinEstonia Introductorycourseforlawenforcement(3‐days) OrganizedbyTallinnUniversityofTechnologyforlawenforcement.Itisoneoftheactivitiesof 2CentreEstonia. The goal is to give an overview of the IT aspects that may be relevant for law enforcement (investigators,policeman,prosecutors,judges,etc.)intheirworkofhandlingcrimeandoffense. Theprogramme: 1. Day–TheprinciplesofInternet: a. BasicsofInternet; b. DifferentservicesinInternet–client‐server,P2P,clouds; c. Locatinginternetaddresses; d. CERT,solvingincidences; e. PaymentsinInternet; f. Malware–viruses,Trojans,botnets. 2. Findingevidence: a. Findingevidencefromdevices,disks,mobiledevices; b. Findingevidencefrome‐mails; c. Cryptography – passwords, accessing encrypted devices and medium, digital signing. 3. Dangersandcrime: 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES a. SearchingInternetandsocialnetworks; b. TypicalfraudandcrimeintheInternet; c. Digitalevidence,relevantlaw. IntroductiontoinformationSecurity(1‐day) OrganizedbyEstonianInformationSystem’sAuthorityforemployersofthepublicsector.[7] Themodulegivesbasicknowledgeandterminologyforinformationsecurity.Theparticipant isabletounderstandtheroleofITsecurityintheorganization,findthecriticalaspectsinthe organizationandplantheriskmitigation.Theprogramme: Themethodsofinformationsecuritymanagement,bestpractices,mappingthecritical assetsandweaknesses; Riskestimationandmanagementbasedoncaseanalysisandpracticalexercises; Physical, organizational and technical means of information security. Prevention, discoveryandincidencehandling; Planningmitigationtechniquesandpriorities. 4. Cyber security education for the broader public 4.1 Rising awareness campaigns The European Union has published its goals for the digitalization in the Digital Agenda for Europe[8]. Thegoalsareresumedin7pillars: PillarI:DigitalSingleMarket; PillarII:InteroperabilityandStandards; PillarIII:Trust&Security; PillarIV:Fastandultra‐fastInternetaccess; PillarV:ResearchandInnovation; PillarVI:Enhancingdigitalliteracy,skillsandinclusion; PillarVII:ICT‐enabledbenefitsforEUsociety. PartofthesegoalsandobjectivesareundertheresponsibilityofEUMemberStatesactivities andinvestmentssuchas,forexample,broadbandcoverageandtodoublepublicinvestmentin ICT&R&D. Governments could only foster the other objectives, such as: 50% of the population to buy onlineby2015;33%ofSMEstomakeonlinesalesby2015,toincreaseregularInternetusage from60%to75%by2015,internet. ForwhatisconcerningthegrowthofInternetusage,itwillbeessentialtoattractpublicandto guaranteetheirsecurityonline. TheIIIPillar“Trust&Security”analysisanddata[9]mentionthatonlythe12%ofEuropean webusersfeelcompletelysafemakingonlinetransactions. EuropeanCommissionhasplannedspecificactionstostrengthenthefightagainstcybercrime andsupportreportingandinitiativeonillegalcontentonlineandawarenesscampaigns,above allforchildren(Actions28‐41;123‐125)[10]. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Inthelastfewyears,manyinitiativeshavebeenundertakentoincreasepublicawarenessin usinginternet. ThemaintargetsoftheinitiativesaresaferInternetusageforyoungpeopleandonlinebanking transactions. Mostofinitiativesandcampaignshavebeencreatedbynationalgovernmentalagencies(i.e. “Get Safe Online), supported by private sector and sometimes also co‐funded by European Commission(i.e.Sicuriinrete) SomeMemberStateshavedevelopedonlineportalcontaininginformation,brochures,video, guidelinesonseveraltopicsrelatedwithinformationsecurity. Thefirsteducationalachievementwillbetoincreasethetrustofcitizensindigitalmeans.This isalsothegoaloftheinitiativesbelowreported. 4.1.1 Campaign: Safer Internet Day Safer Internet Day (SID) is organized by Insafe [11], a European network of 31 national awarenesscentres,eachyearinFebruary. Theobjectiveistofacilitateandtoincreaseonlinesurfingaboveallforyounggeneration.In 2014,thetopichasbeen“Let’screateabetterinternettogether”.107countriesparticipatesat thisinitiativeinEuropeandworldwide.19.000schoolsand54millionpeoplewereinvolvedin SIDactionsacrossEurope 4.1.2 Campaign: Get Safe Online Get Safe Online is a website providing practical advice on how to protect yourself, your personalinformation,yourbusinessandyourinternetdevicesagainstviruses,identitytheft, fraudsandotherissuesthatcouldbeencounteredonline[12]. Inthewebsite,thereare7areas: Protectingyourcomputer; Protectingyourself; Smartphones&Tablet; Shopping,Banking&Payments; SafeguardingChildren; SocialNetworking; Business. In each area there are sub‐areas with some specific tips. For example, “Protecting your computer” includes: avoiding ratting remote access Trojans, backups, downloading & file sharing, firewalls, online gaming, passwords, physical security, ransomware, replacing windowsXP,safecomputerdisposal,safeinternetuseandsoon. Moreovertherearesomequizzesthatinternetuserscoulddoinordertounderstandtheirlevel ofvulnerabilityonline 4.1.3 Campaign: Sicurinrete.it It’sayoungonlinecentrecreatedbyAdiconsum,SavetheChildrenandco‐fundedbyEuropean CommissioninsidetheprogrammeSaferInternet[13]. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES The audience are young people, parents, teachers and all people that want to have more informationonasaferinternet. Theobjectivesare: Promoteasaferuseofinternetanddigitalmediaandcontrastillicitonlineactivities; IncreaseawarenessofUnder18ontheirrightsandresponsibilitiesusingdigital devices; Makeparentsandteachersfeelresponsibleforchildren; Realizecommunication,educationalandawarenesscampaigns; Supportpeoplethroughthehelplinetoinformaboutissuesorillegalcontentsfound online. Theinitiativeincludesbrochuresandvideostofaceissuessuchaspedopornographyandcyber bullying. There is a specific channel with interactive videos for children, in order to convince kids to denounceonlinebehavioursthatcouldoffendthem. 4.1.4 Campaign: Data Privacy Day On26April2006,theCommitteeofMinistersoftheCouncilofEuropedecidedtolaunchaData ProtectionDay,tobecelebratedeachyearon28January.ThepurposeofDataPrivacyDayisto raiseawarenessandpromotedataprivacyeducation.Itiscurrently'celebrated'intheUnited States, Canada, and 27 European countries. In Europe this holiday is referred to as Data ProtectionDay[14] DataPrivacyDay'seducationalinitiativeoriginallyfocusedonraisingawarenessamongteens andyoungadultsabouttheimportanceofprotectingtheprivacyoftheirpersonalinformation online,particularlyinthecontextofsocialnetworking.DataPrivacyDaypromoteseventsand activitiesthatstimulatethedevelopmentoftechnologytoolsthatpromoteindividualcontrol over personally identifiable information; encourage compliance withprivacy lawsand regulations;andcreatedialoguesamongstakeholdersinterestedinadvancingdataprotection andprivacy. 4.1.5 Campaign: Data Protection Day 2014 The28thJanuaryisthedatecorrespondstotheanniversaryoftheopeningforsignatureofthe CouncilofEurope'sConvention108fortheProtectionofindividualswithregardtoautomatic processingofpersonaldatawhichhasbeenforover30yearsacornerstoneofdataprotection, inEuropeandbeyond. TheaimoftheDataProtectionDayistogiveEuropeancitizensthechancetounderstandwhat personaldataiscollectedandprocessedaboutthemandwhy,andwhattheirrightsarewith respecttothisprocessing. They should also be made aware of the risks inherent and associated with the illegal mishandlingandunfairprocessingoftheirpersonaldata. TheobjectiveoftheDataProtectionDayisthereforetoinformandeducatethepublicatlarge as to their day‐to‐day rights, but it may also provide data protection professionals with the opportunityofmeetingdatasubjects. This year they are celebrated the 8thedition of Data Protection Day. Like every year, a compilationoftheawareness‐raisingactivitiesorganisedonthisoccasionbydataprotection 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES supervisory authorities and some public or private sector stakeholders is available on the websitestarting24January2014andinformedontheeventstakingplaceineachcountry. 4.1.6 Campaign: National Cybersecurity Awareness U.S.DepartmentofHomelandSecurity,WhiteHouseCyberspacePolicyReview TheStop.Think.Connect.Campaignisanationalpublicawarenessefforttoguidethenation toahigherlevelofInternetsafetybychallengingtheAmericanpublictobemorevigilantabout practicinggood“cyberhygiene.”ItwillpersuadeAmericanstoseeInternetsafetyasashared responsibility—at home, in the workplace, and in our communities—and demonstrate that sharedresponsibilitybybringingtogetheracoalitionoffederal,stateandlocalgovernment,as wellasprivatesectorpartners.ItisledbytheDepartmentofHomelandSecurity. TheStop,Think.Connectprogramisanopportunityforpeopletospreadthewordofcyber security and do to enhance the safety and security online. It is work like a toolkit that all Americans have a role to play in Stop.Think.Connect. toolkit. In collaboration with National Centres of Academic Excellence, forums will be hosted across the country at community centres,townhalls,collegesanduniversitiestopromptdialogueandinspireactiontosupport thegoalsofStop.Think.Connect.incommunitiesfromWashington,D.C.,toSeattle.Bybecoming amemberoftheCyberAwarenessCoalition,organizationscanhelptheDepartmentingetting thewordoutaboutStop.Think.Connect.TheCoalitioniscurrentlyopentoallFederalagencies andState,TribalandTerritorialgovernments.Asamember,organizationswillreceiveaccess toCampaignmaterials,templates,resources,andtipstoassistwithpromotingcybersecurity andStop. Think. Connect. The Department of Homeland Security'sUnited States Computer Emergency Readiness Team (US‐CERT)leads efforts to improve the nation's cybersecurity posture, coordinate cyber information sharing, and proactively manage cyber risks to the NationwhileprotectingtheconstitutionalrightsofAmericans.FourproductsintheNational Cyber Awareness Systemoffer a variety of information for users with varied technical expertise.ThosewithmoretechnicalinterestcanreadtheAlerts,CurrentActivity,orBulletins. Userslookingformoregeneral‐interestpiecescanreadtheTips[15]. 4.1.7 Campaign: National Cyber Security Awareness Month (NCSAM) Celebrated every October ‐ was created as a collaborative effort between government and industrytoensureeveryAmericanhastheresourcestheyneedtostaysaferandmoresecure online. In 2013 they celebrate the 10th anniversary of National Cyber Security Awareness Month.U.S.DepartmentofHomelandSecurityandtheNationalCyberSecurityAlliance,NCSAM has grown exponentially, reaching consumers, small and medium‐size businesses, corporations,educationalinstitutions,andyoungpeopleacrossthenation[16]. Responsibilities TheyleadInternet‐connected,digitallives.EvenifnotdirectlyconnectedtotheInternet,the critical infrastructure and the vast, worldwide connection of computers, data, and websites supportingeverydaylivesthroughfinancialtransactions,transportationsystems,healthcare records,emergencyresponsesystems,personalcommunications,andmoreimpactseveryone. The Internet is a shared resource and securing it iscore responsibility of this event. Shared ResponsibilityisthethemeforNationalCyberSecurityAwarenessMonth2013. Individuals, organizations, and communities throughout the United States are promoting NationalCyberSecurityAwarenessMonth(NCSAM)andlettingothersknowthatallofushave 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES a role in protecting our digital lives. Tens of thousands of NCSAM participants across the countrywillbedoingtheirpartbypostingsafetyandsecuritytipsonsocialnetworks,educating theircustomersandemployees,engagingintraditionalmedia,displayingposters,postingtips, holdingevents,andmuchmore. 4.1.8 Campaign: UK launched public cyber security awareness campaign TheCabinetOfficeislaunchedapubliccybersecurityawarenessprogrammeearly2013year aimed at improving the online security of consumers and small and medium enterprises (SMEs).Theinitiativeispartofthegovernment’scybersecuritystrategy,aimedatensuringthe UKcanmanagetherisksandharnessthebenefitsofcyberspace.Thenewprogrammeisaimed atraisingpublicawarenessaboutthreatsonlineandwheretogoformoreinformation.The programmewillspecificallytargetschoolchildren,aswellasadultswhotakearecklessattitude topostingpersonaldetailsonline,accordingtoTheGuardian. ThenewpublicawarenessprogrammewilladdtoexistinginitiativessuchasGetSafeOnline WeekandtechnologybeingrolledoutbyHMRCtoalertsvisitorstotheirwebsitewhenthey haveanout‐of‐datebrowserwhichmayposeasecurityrisktothem[17]. 4.1.9 Campaign: European Cyber Security Month (ECSM) 2012 European Cyber Security Month (ECSM) is a European Union advocacy campaign that takes place in October. ECSM aims to promote cyber security among citizens, to change their perceptionofcyber‐threatsandprovideuptodatesecurityinformation,througheducationand sharinggoodpractices. In2014ENISA will seek to increasethe involvement of the private and public sectorin this initiativebyworkingtogether.Theprioritypillarsoftheplanning: EnhancedcontentofECSM Buildingsynergies Evaluateandscaleuptheresults Theobjectives generate general awareness about cyber security, which is one of the priorities identifiedintheEUCyberSecurityStrategy; generate specific awareness on Network and Information Security (NIS), which is addressedintheproposedNISDirective; promotesaferuseoftheInternetforallusers; buildastrongtrackrecordtoraiseawarenessthroughtheECSM; involverelevantstakeholders; increase national media interest through the European and global dimension of the project; enhance attention and interest with regard to information security through political andmediacoordination. InternationalContext 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES ThisEuropeanCyberSecurityMonth(ECSM)wasinspiredbysimilarprojectsthatwereheld successfully in other places of the world for some years now. The particularities of the Europeanterritorycomparedtootherareasintheworldsuggestthatasignificantamountof effortwillberequiredinorderforthisideatodeliveritsfullpotentialacrossEurope.Tothis effect,oneofthemostcriticalelementsforthesuccessofthisactivitywouldbetodevelopan effectivestructureandcoordinationschemeamongparticipatingentities[18]. 4.1.10 Campaign: Council of Anti‐Phishing Japan First in Asia to join nations in North America, Central America, and South America to have adoptedtheglobalcybersafetycampaign.Toraisecybersecurityandcybercrimeawarenessin JapanduringInformationSecurityAwarenessMonthandbeyond,theCouncilofAnti‐Phishing Japan joined the STOP.THINK.CONNECT. Messaging Convention to bring the STOP.THINK.CONNECT. cybersecurity campaign to Japan as a permanent public awareness resourcepromotedjointlybygovernmentandindustry. Theorganizationwillworktopromotecybersecurityawarenessattheindividualuserlevelin Japan and to promote the use of the Messaging Convention’s STOP.THINK.CONNECT. slogan andassociatedlogoaswellasitscybersecuritymessagingassetssuite.Thecampaignhasbeen adoptedbydozensofmultinationalcorporations,NGOsand,todate,fournationalgovernment ministries in addition to Japan [19]. The Memorandum of Understanding signed with the CouncilofAnti‐Phishing JapanforpromotionoftheSTOP.THINK.CONNECT.campaign isthe firstthatthemessagingconventionhasenteredintowithanationalgovernmentagencyfrom Asia. 4.1.11 Campaign: ASEAN‐Japan Cyber Security International Symposium While the information and communications technology such as smartphones and personal computersissociallyandeconomicallybenefitingtolivesamongsttheworld,Japanarefacing a borderless information security threats such as information leakage caused by suspicious emails.Suchthreatsarecommonproblemwhichhasnonationalboundariesandneedtotackle thisincooperationwithothercountries. Therefore,theJapanesegovernmentsetsupthe"InternationalCyberSecurityCampaign"tobe conductedeveryyearinOctoberinadditiontothe"InformationSecurityAwarenessMonth" whichisimplementedeveryyearinFebruary.Asapartofthecampaign,theyorganizeevents utilizing international collaboration with other countries, and provide information on informationsecuritymeasures.Inthatway,Japanisfacilitatesinternationalcollaborationand raisedomesticawarenessofinformationsecuritymeasures. Since2009,ASEANmemberstatesandJapanhavebeenholdingtheASEAN‐JapanInformation Security Policy Meeting. At the fourth meeting held in November 2011, it was agreed to implement joint information security awareness raising initiatives. On the basis of this agreement, it was decided that from October 2012, annual joint information security awareness‐raisingactivitiesareheld. 4.1.12 Campaign: Alert Online, Netherlands Since2012,KingdomoftheNetherlandshasdesignated"AlertOnline"campaign,andcarries out"Alertonline2013"from28thOctoberto5thNovember,2013.Therefore,theNCTVAlert 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Onlineintroducedin 2012.Participantscome fromindustry andthepublicsector.Together they draw attention to cybersecurity. Alert Online is a campaign to make their Internet and mobileuseandtherisksthatthisentails.Consciouspeopleandorganizationswillcampaignin 2014forthethirdtime.FromOctober27toNovember6differentpartiesjoinforcesthrough thecampaignandallkindsofactivitiestoaskforawarenessandsafeuseoftheInternetand mobilecommunications.PreparationsforAlertOnlinearenowinfullswing. 4.1.13 Campaign: APEC Cybersecurity Awareness Day In October 2010, the Asia‐Pacific Economic Cooperation (APEC) held the "2010 APEC TelecommunicationsandInformationMinisterialMeeting"inNago,Okinawa.October29,2011 wasdesignatedas"APECCybersecurityAwarenessDay"andawarenessraisingeffortswould beconducted.Onlineeffortshavebeenimplementedsince2010. ThissymboliceffortreflectsthecontinuedcommitmentofAPECTELeconomiestoadvancing cybersecurity domestically, within the APEC region, and with other partners globally. APEC leaders endorsed the APEC Strategy to Ensure a Trusted, Secure and Sustainable Online Environmentin2005andhavesincedevelopedaStrategicActionPlanthatcarriersforward many of the principles. These strategic documents have, over the past few years, not only highlightedtheimportanceofsafeandtrustedICT,butalsoguidedmembereconomyprojects, domestic initiatives and programs, collaboration, and capacity building.APEC Cybersecurity Awareness Day can serve as a reminder to all that have a shared responsibility to protect cyberspace. 4.1.14 Web Campaign: Get Safe Online Get Safe Online is the UK’s leading source of unbiased, factual and easy‐to‐understand information on online safety. Get Safe Online website providing practical advice on how to protectyourself,yourpersonalinformation,yourbusinessandyourinternetdevicesagainst viruses,identitytheft,fraudsandotherissuesthatcouldbeencounteredonline[20]. Inthewebsite,thereare7areas: 1. 2. 3. 4. 5. 6. 7. Protectingyourcomputer; Protectingyourself; Smartphones&Tablet; Shopping,Banking&Payments; SafeguardingChildren; SocialNetworking; Business. In each area there are sub‐areas with some specific tips. For example, “Protecting your computer” includes: avoiding ratting remote access Trojans, backups, downloading & file sharing, firewalls, online gaming, passwords, physical security, ransom ware, replacing windowsXP,safecomputerdisposal,safeinternetuse(SeeFigure1). 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Figure1:Webpageofthe“GetSafeOnline”campaign‐www.getsafeonline.org 4.1.15 Web Campaign: BEE SECURE The BEE SECURE initiative sees all actions in the area of raising awareness of safer use of information and communication technologies (see Figure 2). The Initiative has been coordinatedbySMILE(SecurityMadeInLEtzebuerg),ServiceNationaldelaJeunesse,Kanner JugendTelefon,supportedbyLuxemburgGovernmentandpartnerslikeCIRCLEandCASES. The objective is to raise awareness on a safe use of the modern technologies. Inside the initiativeBeeSecure,thereisaspecificinitiativeforkids(over3yearsold),calledBee.lu.The campaignsconductbybeesecureis“Beebalanced”,“Notfunny‐Beefair”,“SaferInternet”and “Polaroids”[21]. TheInitiativehasbeencoordinatedbySMILE(SecurityMadeInLEtzebuerg),ServiceNational delaJeunesse,KannerJugendTelefon,supportedbyLuxemburgGovernmentandpartnerslike CIRCLEandCASES[22]. The objective is to raise awareness on a safe use of the modern technologies. Inside the initiativeBeeSecure,thereisaspecificinitiativeforkids(over3yearsold),calledBee.lu. Insidetheportalthereareinformationandvideosdealingwith: Computervulnerabilities Humanvulnerabilities Threatsondigitalcommunication Onlinebanking 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Figure2:Webpageofthe“BeeSecure”campaign‐www.bee‐secure.lu 4.1.16 Web Campaign: Be Cyberstreetwise ThepromoteristheUKGovernment[23].Thecampaignaimsto:Changethewaypeopleview onlinesafety TheprojecthasbeensetupwiththeDepartmentforBusiness,InnovationandSkills,theprivate sector,thecampaignsfromtheNationalFraudAuthorityandtheportal“GetSafeOnline”. Theportalcyberstreetwisepresentsaseriesoftipsfor:avoidphishingattacks,avoidcommon passwords, bank safely on your mobile, bank safely online, create a safe wireless network, createasecurepassword,cybersafetyresourcesforteachersandparents,identifyinsecure websites,keepyourchild’sidentitysafe,keepyourcomputerhealthy,keepyourdevicessafe andup‐to‐date,keepyouridentitysafe,keepyoursmartphonehealthy,makepaymentssafely, protect sensitive customer and business information, sell products online safely, set‐up a securewebsite,shopsafelyonline,stayontherightsideoftheDataProtectionAct,storeyour passwordsecurely,usesocialmediaresponsibly,whatdoifyou’reinfected.Foreachtip,there areaseriesofinformationandstep‐by‐stepguideline,explanatoryvideosandsoon. The“BeCyberStreetwise!”campaign,runningforthreemonthsviaradio,outdoorandonline advertising,aimstochangethewaypeopleviewonlinesafetyandtoprovidethepublicand businesseswiththeskillsandknowledgetheyneedtotakecontroloftheircybersecurity.The campaignincludesaneweasy‐to‐usewebsiteandonlinevideos.Thelaunchofthecampaignis part of the government’s National Cyber Security Programme and comes at a time when an increasingnumberofpeopleusetheWebonlaptops,tabletsandsmartphones.Findingsfrom thegovernment’smostrecentNationalCyberSecurityConsumerTrackersuggestmorethan halfthepopulationarenottakingsimpleactionstoprotectthemselvesonline.Withmorethan 11 million Internet‐enabled devices received as gifts during the Christmas period, Cyber Streetwise will help in the fight against online criminals. People are encouraged to protect themselves and their families online by visiting the website for tips and advice. The new 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES websiteoffersarangeofinteractiveresources,tailoringanindividual’svisittoprovideclear adviceontheessentialsforenjoyingasafeexperienceonline. Theobjectives CyberStreetwiseisadvisingpeopleintheUKtoadoptsomeonlinebehaviourtomakepeople saferonline.Bytakingafewsimplestepswhileonlinethepubliccankeepcybercriminalsout andpeople’sinformationsafe[24]. 1. 2. 3. 4. Usingstrong,memorablepasswords Installinginternetsecuritysoftwareonnewdevices Checkingprivacysettingsonsocialmedia Shoppingsafelyonline–bycheckingthatonlineretailsitesaresecure Downloadingsoftwareandpatcheswhenpromptedprovidethepublicandbusinesseswiththe skillsandknowledgetheyneedtotakecontroloftheircybersecurity. Foreachtip,thereareaseriesofinformationandstep‐by‐stepguideline,explanatoryvideos andsoon[25]. Figure3:Webpageofthe“BeCyberstreetwise”campaign‐www.cyberstreetwise.com 4.1.17 Web Campaign: Watch your web The promoter is the IJAB, supported by Bundesministerium der Justiz und fur Verbraucherschutz. The project has been developed in partnership with Juuuport, Checked4you,klicksafe.deandotherprivatecompanies. Theportalaimstoraisetheawarenessoftheyoungpubliconthethreatstheycouldfaceon internet.Therearesometipsingeneralonintellectualproperty,mobilesecurity,information security,customers’rights,andsocialnetworkwithpracticalinformationtomanageallthese topics(seeFigure4).Therearealsovideoclipsorientedmoretowardsyoungpeople[26]. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Figure4:Webpageofthe“Watchyourweb”campaign‐www.watchyourweb.de 4.1.18 Web Campaign: Se mi posti ti cancello “Se mi posti ti cancello” is a campaign of awareness for young people to promote the responsible use of digital media (see Figure 5). The partners are MTV, Boing channel and CartoonNetworkChannel. Theobjectiveistopushyoungpeopletotelltheirsurvivalstrategiesoninternetinanironic way. Young people can post a short video of 2 minutes answering to some questions about cyberbullying,useofsocialnetworkandprivacy[27]. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Figure5:Webpageof“Semipostiticancello”(www.generazioniconnesse.it) 4.2 Informative campaigns on cybersecurity 4.2.1 Campaign: Universally Challenged – A national competition between UK universities to test cyber security skills‐ Cybersecurity Challenge UK TheCyberSecurityChallengeisanationalprogrammeofcompetitionsdesignedtoattractand inspire new talent into the cyber security profession. The main sponsor and backed by UK government and some industry sponsors. The Challenge sets competitions that test existing cybersecurityskills;runsresidentialcybercampsthathelpindividualsdevelopnewskills;and provides information through networking events and its website that helps guide potential employeesonwaystosecurejobsinthesector[28]. WhatisUniversityChallenged? The university challenge is a national competition between UK university departments that provides them a way to benchmark their cyber security skills, and pit their brightest cyber talent (including international and overseas) against budding professionals from other institutions.Eachuniversitydepartmentorteamthatwishtotakepartinthecompetitionmust designacodebreakingpuzzle/cipher‐adigitalpuzzledesignedtomystifyandflummoxother participants, which requires a combination of cyber relevant skills to crack and which fits within the competition rules. Each team’s cipher will be shared with every other registered University team and the challenge is to crack as many ciphers as possible before the competitionends.Thewinneristheteamjudgedtohavesuccessfullycrackedthemostcode breakingpuzzles/ciphers. Competition: the first Regional Cyber Event on Friday 4th July 2014 10am – 5pm at the BuckinghamshireNewUniversity,HighWycombe,UK. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 4.2.2 Campaign: Asia‐Pacific and MEA Round 2014 ”Cybersecurity for the Next Generation” is an annual international event financed and organizedbyKasperskyLab.Thislong‐termprojectbringstogetherstudents,youngscientists andresearchers,leadingITsecurityexpertsanduniversityprofessorsfromacrosstheworldin acollaborativeenvironmenttopresentanddiscusstopicalcybersecurityissues.Itprovidesthe nextgenerationwithanopportunitytoshareknowledgeandexperience,todevelopnewideas andimprovethelevelofITsecurity.Cybersecurityforthenextgenerationprogramisanannual worldwide event Cybersecurity for the Next Generation (CSNG), for which Kaspersky is honouredtogathertogethertheverybestoftheworld’sstudentswhohavebothknowledgeof andexperienceininformationsecurity. The latest round of the “Cybersecurity for the Next Generation 2014: APAC & MEA Round” student conference was held in South Korea on March 11‐13, and was hosted by Korea University.StudentsfromHongKong,Korea,India,Indonesia,Philippines,Malaysia,andSouth Africa were selected to attend the conference and present their work. Thejudgesincluded Kaspersky Labexperts,leadingacademicsfromthefieldof ITsecurity,keydecision‐makers fromITbusinesses,andmediarepresentatives. Theconferencepresentationsmainlycoveredcyber‐undergroundevolution;networksecurity; Bitcoin; Cassandra; multi‐touch behaviours on Android unlock patterns; IT security; BYOD; biometrics;cybercrimedetectionandonlinesecurityeducationtools[29]. 4.2.3 Campaign: Cybersecurity for the Next Generation – European Round 2014 The European round took place on December 10‐12 at thePolitecnico di Milano. 15 representativesofthebestuniversitiesfromalloverEuropeshowcasedtheirresearchpapers toaprogramcommitteeofKasperskyLabexperts,respecteduniversityprofessors,renowned industryexpertsandmedia.Thejuryselectedtheauthorsofthemostinteresting,strategically importantandinnovativecybersecurityprojects.Thewinnershavereceivedcashprizesaswell asaninvitationtoattendtheglobalfinalsof‘CybersecurityfortheNextGeneration2014’in Stockholm. This year’s “Cybersecurity for the Next Generation” includes four regional rounds: the EuropeanCup,theRussia&CISCup,theAsia‐Pacific&MEACupandtheAmericasCup.The winnersofeachcontestwillbeinvitedtotheFinalRoundwhichwillbehostedinStockholm, Sweden,inJune2014[29]. 4.2.4 Campaign: Stay Smart Online, Australia The Australian Government providing online safety and security information for Australian internet users on the simple steps they can take to protect their personal and financial information online. Stay Smart Online Week, formerly NationalCyber SecurityAwareness Week,aimstohelpAustraliansusingtheinternetwhetherathome,theworkplaceorschool understandthesimplestepstheycantaketoprotecttheirpersonalandfinancialinformation online. The2014StaySmartOnlineWeekistheseventhconsecutiveannualeventconductedbythe Australian Government in partnership with industry, the community sector and all levels of government. A range of activities are taking place around Australia, including seminars, industryeventsandcommunityactivitieswhichyoucanattendorparticipateonline. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES StaySmartOnlineprovidestoptipsforallAustralianstoimprovetheironlinesecurityunder thefollowingthemes: 1. Securingyourmobiledevice 2. Securingyourdesktoporlaptopcomputer 3. Protectingyouronlineaccounts 4. Safelyconnectingandsharing 5. Protectingyourchild 6. Buyingonline 7. Sellingonline 4.2.5 Campaign: Cybersecurity for the Next Generation – Russia & CIS Round 2014 TheRussia&CISroundtookplaceonFebruary19‐21inMoscow,Russia.Thisconferenceisa forum where students can demonstrate their specialized abilities and skills and, just as importantly, provides an opportunity to discuss and share experiences with both industry expertsandrenownedprofessors. ConferencecoveredwidevarietyofCyberSecuritytopicsandsystems.Thefirstprizegoesto ArtemShumilovfor"Using3DAnimatedHandGesturestoCreateaNewTypeofCAPTCHA". The second prize goes toSevak Harutyunyan for "Secret Sharing System Based on Error‐ CorrectingCodes"andthesecondprizegoestoSevakHarutyunyanfor"SecretSharingSystem BasedonError‐CorrectingCodes". 4.2.6 Campaign: Cybersecurity for the Next Generation – The Americas Round 2014 TheAmericasroundtookplaceonApril1‐2,2014atGeorgetownUniversityinWashington, D.C. Cybersecurity for the Next Generation 2014 consisted of four regional rounds: the European Round, the Russia & CIS Round, the Asia‐Pacific & MEA Round and the Americas Round.ThewinnersofeachlocalcontestearnedaspotintheFinalRoundaswellascashprizes to help further develop their projects. Topics suggested to participants this year included: emergingthreatsforemergingplatforms;securingcloud,virtualand“big‐data”infrastructure; futureprotectiontechnologies;securingcorporateinfrastructure;andsecurityeducation. ThewinnersoftheAmericasroundwere: First place – Danny Brothers from Georgetown University, Washington, D.C. for the presentation “NSA, The Market Maker.” He also was awarded a special prize for the best presentationskills. Second place – Kangkook Jee from Columbia University, New York, for the presentation “ShadowReplica:EfficientParallelizationofDynamicDataFlowTracking.” Thirdplace–SarahNancefromLipscombUniversity,Nashville,Tennessee,forthepresentation “ThePathwaytoSecurity–MitigatingUserNegligence.” CybersecurityfortheNextGenerationisanannualinternationaleventfinancedandorganized by Kaspersky Lab. This long‐term project brings together students, young scientists and researchers,leadingITsecurityexpertsanduniversityprofessorsfromacrosstheworldina collaborativeenvironmenttopresentanddiscusstopicalcybersecurityissues.KasperskyLab ispleasedtocongratulateallthewinnersofregionalroundsoftheconferenceandwelcomes themtotheglobalfinalstakingplaceinJune2014inStockholm,Sweden.Inadditiontothe 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES maincompetitioninwhichparticipantspresentedtheirprojects,theCybersecurityfortheNext Generation program included activities such as expert presentations; panel discussions, presentationskillstrainingandacybersecurityquiz[29]. 4.2.7 Campaign: New Malware Campaign Uses Fake Anti‐Virus Update Email AsreportedbySymantec,adversariesareusingsocialengineeringtacticstosendemployees personalized emails that appear to be from their anti‐virus vendor (e.g. Norton, McAfee, Kaspersky,TrendMicro,Avira,ESET,Avast,AVG,Baidu,andothers),inwhichtheyareurgently advisedtodownloadanattachmentandinstallasecurityupdate. However, instead of downloading the promised security patch, employees unwittingly download malware that connects to the adversaries’ server, which downloads yet more malware that is used to steal sensitive information, including banking data [30]. So far, this malwarecampaignappearstobetargetingenterprisesprimarilyintheUSandUK,althoughit hasbeenspottedinseveralcountriesaroundtheworld.Andregardlessofitsultimatereach andscope(researchershavespottedmorethan50,000oftheseemailsalready),enterprises should keep in mind that it only takes a single employee to open the door for a malware campaigntoinfectanetwork. 4.2.8 Campaign: eSkills UK – DMA cyber security E‐skillsUKrecentlylaunchedtheSecureFuturescampaign–agovernmentbackedinitiativeto addressthealarminglevelsofyouthunemploymentaswellasthecurrentcrisisinrecruiting UK cyber security professionals. DMA Media was asked to produce a film to promote cyber securityasanexcitingandlucrativecareeroption. The film will be part of a suite of innovative classroom resources available to schools throughsecurefutures.organd will tie in with lesson plans and an interactive, educational websitefortheUK’s14yearolds. E‐skillsUKworksonbehalfofemployerstodevelopthesoftware,internet,computergaming, ITservicesandbusinesschangeexpertisenecessarytothriveintoday’sglobaldigitaleconomy. 4.2.9 Campaign: ERM’s Information Security Awareness EnterpriseRiskManagementencouragespeopletosharetheirvideoswitheveryoneintheir organizations: As valuable and engaging learning tools, they'll not only help spread security awareness,butalsothatcriticaldiligencefordataprotectionthattoday'sorganizationsneedto thrive. Whenacompanysuffersadatasecuritybreach,everyonehearsreadsandtalksaboutit.But the bad press, social‐media assaults and viral word of mouth are just the tip of that ship‐ impalingiceberg. But ERM's cyber security awareness campaign produce and published videos to educate yourselfandyourteamontheimplicationsofpoorcybersecurity‐therealstoriesunderthose BIG,boldheadlines‐andimplementtheprovidedpracticalstepstoprevent"thatonemistake" thatruinscompanies,careersandreputations. Videosare: 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES EmailSecurity:WhenGoodNewsGoesBad; SmartphoneSecurity:When"BringYourOwn"BringsYouDown; DataSecurityROI:WhenMeasurementsMatter; SecurityVs.Compliance:WhenRegulationsRunThings; CloudSecurity:Don’tGetTooCozyInTheCloud; LaptopSecurity:ConvenientWiFiorRogueHotspot? DataLeaks:Don'tIgnoreThoseData"Drips"; DDoSAttacks:Don’tGetSmokedOut; SocialEngineering:Don'tTrustFancyTies&PolishedLies; BusinessContinuity:MotherNature,NotAlwaysYourFriend; Multi‐NetworkSecurity:TheRiskExposureofAMerger; SlySecurityBreaches:WhatYouDon'tKnowCANHurtYou. 4.2.10 Campaign: Una vita social (A social life) The promoter of the initiative was Polizia Postale e delle Comunicazioni (Italian Postal and TelecommunicationPoliceDepartment[31]. Thetargetswere500000Studentsandparentsofprimaryandsecondaryschools(8‐19years old). TheprojecthadalsothesupportofsomeSponsorsandPartners:MinistryofEducation;Poste Italiane,Facebook,FastWeb,Google,Tre,Libero,Vodafone,Telecom,Wind,Norton,Skuola.net; Youtube,Virgilio,H3G,Symantec. Theproject objectivesweretodevelopa toolto promotean awareuse ofsocial networkto preventcompulsoryandillicitbehaviors;toinformparentsandteachersofparentalcontrol toolsforinternet;toprovideinstructionsontheinstallationanduseofsoftwareforsecurity. Fortheproject,apreparedtruckvisited39citiesinItaly. In each stop‐over, there had been organized meetings composed of 3 modules (60 minutes each): one for students, one for parents and one for teachers. The topics were: the use of Internetandassociatedrisksandopportunitywithspecialfocusonsocialnetwork,bullying andenticement. 4.2.11 Campaign: The Devil’s in your details ThepromoteristheUKGovernmentthroughitsNationalFraudAuthority.Thetargetarethe citizens [32]. The campaign had the support of Action Fraud, The Telecommunications UK FraudForum(TUFF)andFinancialFraudActionUK,Vodafone,O2,GetSafeOnline,Sky,Virgin Media,CarphoneWarehouseandTMobile. Theobjectivewasraisingawarenessoftheimportanceofprotectingpersonalinformation.It aimed to remind and to check to citizens who share personal information on the phone or online.Thehopewastoincentivizereportingoffraud.IntheDevil’sinyourdetailsportalthere aresomeshortvideos(1.30minutescirca)ononlineandmobilefrauds. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Figure6:Webpageofthe“TheDevils’inyourDetails”campaign‐www.actionfraud.police.uk 4.2.12 Campaign: Safe Internet Banking The Febelfin (the Belgian Financial Sector Federation non‐profit association) launched 2 YouTube videos to aware citizens on the importance of sharing personal information on internetandtopreventonlinefrauds[33]. Thevideosare: “Amazing Mindreader” [34]: the video shows how a “mind reader” could collect information about random passers on internet, screening the public websites for informationabouttheunsuspectingvisitorswaitinginlineforaconsultationwiththis medium.ThevideowasawardedalsowiththeGoldenLionAwardattheCannesLions InternationalFestivalofCreativity. “Seehoweasilyfreakscantakeoveryourlife”[35]:thevideorepresentstheidentity theft.Anactormanagestotakecontrolofaninnocentvictim’slifeusinginformation thelatterhadbeenputtingontheinternetwithoutcare. Thenationalagencieshaveproducedaseriesofvideostofacilitatetheunderstandingofthe digitalworldandtoexplainthethreatscorrelated. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Themainissueisthatthesevideosareusuallytransmittedbyonlinechannels.Nextstepshould betospreadthemessagesthroughtraditionalchannels,suchasTVinordertoreachalarger numberofcitizens. The “Standard Eurobarometer 80 autumn 2013 – Media Use in the European Union” [36] revealsthat85%oftheEUpopulationwatchTVeveryday.Peoplehavinganagebetween40‐ 54yearsold,are86%whilepeoplehavinganageover55yearsoldare93%. TheTVwatchingovertheinternetdecreaseswithage(Table12). Table12:WatchingTVovertheInternet Agerange PercentagewatchingTVovertheInternet 15‐24 34% 25‐39 26% 40‐54 16% 55+ 8% These are statistics related to the TV channels only that could be used to spread better the messagesoncybersecurity. In the table below, there are some examples of videos, available online but that could be transmittedalsoonTV. Table13:Videosonrisingcybersecurityawareness Author Topics Link Language Action Fraud Identitytheft http://www.youtube.com/watch?v=U gl8bmZF9Pc#t=13 en Action Fraud PhoneFraud http://www.youtube.com/watch?v=0 N4MgKN3pkE en Agencia Dataprotection Espanolade Proteccion dedatos http://www.youtube.com/watch?v=6 Ipgi3y_3uo es Agencia Privacysettings Espanolade Proteccion dedatos http://www.youtube.com/user/desd elaAEPD es Beesecure Malware https://www.bee‐ secure.lu/fr/video/les‐logiciels‐ malveillants fr Beesecure Phishing https://www.bee‐ secure.lu/fr/video/how‐phishing‐ can‐happen‐facebook‐login fr 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Beesecure Password https://www.bee‐ secure.lu/fr/video/les‐mots‐de‐passe fr Beesecure Defamation https://www.bee‐ secure.lu/fr/video/film‐suis‐je‐la‐ seule fr Beesecure Sharing of https://www.bee‐ personal secure.lu/fr/video/captain‐kara‐ information jouer‐avec‐des‐inconnus de Beesecure Sexting fr Beesecure Digital Identity https://www.bee‐ Protection secure.lu/fr/video/film‐je‐peux‐ participer Beesecure Cybersex webcamvideo https://www.bee‐ fr secure.lu/fr/video/cybersex‐webcam‐ video Beesecure Cyber dependency https://www.bee‐ secure.lu/fr/video/digitale‐welten de https://www.getsafeonline.org/video / en Get safe Digital Identity https://www.getsafeonline.org/video online Protection / en Get safe Scam online https://www.getsafeonline.org/video / en Get safe Peer to peer https://www.getsafeonline.org/video online sharing / en Get safe Contentfiltering https://www.getsafeonline.org/video online / en Get safe Digital Identity https://www.getsafeonline.org/video online Protection / en Get safe Installanti‐virus https://www.getsafeonline.org/video online software / en Get safe Windows online updates https://www.getsafeonline.org/video / en Get safe Phishing online https://www.getsafeonline.org/video / en Get safe Moneymules online https://www.getsafeonline.org/video / en Get safe Digital Identity https://www.getsafeonline.org/video online Protection / en Get safe PCprotection online https://www.bee‐ secure.lu/fr/video/sexting‐si‐une‐ copaincopine‐te‐fait‐confiance‐ne‐ lela‐trahis‐pas 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES fr Get safe Shoppingonline https://www.getsafeonline.org/video online / en Get safe Stopspyware online https://www.getsafeonline.org/video / en Get safe Use online https://www.getsafeonline.org/video online auctionssafely / en Safe Internetban king Digital Identity https://www.safeinternetbanking.be/ Protection nl/dave‐campagne ensubtitle Safe Internetban king Digital Identity http://www.youtube.com/watch?v=R Protection n4Rupla11M ensubtitle Semipostiti cancello Young Internet http://www.semipostiticancello.it Usersinterview it Sicuriinrete Cyberbullying http://www.sicurinrete.it/video/ it Sicurinrete Pedopornograp hy http://www.sicurinrete.it/video/ it Watchyour web Onlinedating http://www.watchyourweb.de/p131 9686913_450.html#film_anschauen de Watchyour web Digital Identity http://www.watchyourweb.de/p180 Protection 7977693_450.html#film_anschauen de Watchyour web Digital Identity http://www.watchyourweb.de/p354 Protection 8375992_450.html#film_anschauen de 5. Cyber security education associations 5.1 IFIP – TC11 [37], [38] The IFIP (international Federation for Information Processing) is the leading multinational, apolitical organization in Information & Communications Technologies and Sciences, recognizedbytheUnitedNationsandseveralotherworldbodies.IFIPrepresentsITsocieties from56countriesandregions,coveringall5continents,andwithover500.000membersin total.IFIPinitiativesinvolvemorethan3500scientistsfromacademiaandindustry,organized in more than 101 Working Groups (WC), reporting to 13 Technical Committees (TCs). IFIP sponsors 100 conferences yearly which cover all aspects of information processing, from theoreticalinformaticstotherelationshipbetweeninformaticsandsociety,includinghardware andsoftwaretechnologies,andnetworkedinformationsystems. Inparticular,IFIPTC11focusesonSecurityandPrivacyProtectioninInformationProcessing Systems. It aims at increasing the trustworthiness and general confidence in information processing, and to act as a forum for security and privacy protection experts and others professionally active in the field. The main scopes of IFIP TC11 are therefore to promote 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES securityandprivacyprotectionasessentialelementsofinformationprocessingsystems,and toestablishacommonframeofreferenceforsecurityandprivacyprotectioninorganizations, professions and the public domain. Such scopes are pursued through: exchange of practical experience,disseminationofinformationonandevaluationofcurrentandfutureprotective techniques,andclarificationoftherelationbetweensecurityandprivacyprotection.Inorder to accomplish its objectives, TC11 has established 14 WGs, headed by leading academics of important research institutes from all over the world. Such WGs address specific areas of securityinterest,namely: WG11.1:InformationSecurityManagement; WG11.2:PervasiveSystemsSecurity; WG11.3:DataandApplicationSecurityandPrivacy; WG11.4:Network&DistributedSystemsSecurity; WG11.5:ITAssuranceandAudit; WG11.6:IdentityManagement; WG11.7:InformationTechnologyMisuseandtheLaw; WG11.8:InformationSecurityEducation; WG11.9:DigitalForensics; WG11.10:CriticalInfrastructureProtection; WG11.11:TrustManagement; WG11.12:HumanAspectsofInformationSecurityandAssurance; WG11.13:InformationSystemsSecurityResearch; WG11.14:SecureEngineering. AllfullmembersofIFIPareentitledtohaveonerepresentativeasamemberofTC11.TC11 meetsannually,anditsmembersareexpectedtoattendtheannualmeetingsandarerequired topresent a reportoninformationsecurityrelatedmattersinrespecttotheirowncountry. Other members of IFIP may appoint observers to attend TC11 meetings. Further, WG ChairpersonsareencouragedtoattendtheTC11meetingandarerequiredtoprovideanannual reportontheactivitiesoftheirrespectiveWGs,eventhoughtheymaynotbeabletoattendin person. InassociationwiththeorganizingIFIPmember,TC11sponsorsanannualsecurityconference duringthemonthofMay.AllexecutivemembersofTC11areexpectedtoattendandparticipate intheconference.Conferencesareattendedbydelegatesfrommanycountriesfromaroundthe world and provide opportunity for sharing ideas and experiences in all areas of security concern. 5.2 ISACA [39] ISACA (Information Systems Audit and Control Association) is an international professional association focused on IT Governance. It is an affiliate member of IFAC (International Federation of Accountants), the global organization for the accountancy profession. ISACA originated in the USA in 1967, from the initiative of a group of computer systems auditing controls professionals, who identified a need for a centralized source of information and guidance in the field. In 1976 the association formed an education foundation to undertake large‐scale research efforts to expand the knowledge of and value accorded to the fields of governanceandcontrolofinformationtechnology. ISACA is organized as a network of so‐called ISACA chapters, with more than 200 chapters established in over 180 countries. Chapters provide education, resource sharing, advocacy, 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES networking and other benefits. ISACA currently serves more than 110,000 constituents, including both members and professionals holding ISACA certifications. ISACA members include IS auditors, consultants, educators, IS security professionals, regulators, chief informationofficersandinternalauditors. ISACAmajorpublicationscanbesummarizedasfollows: Standards,GuidelinesandProceduresforinformationsystemsauditing(Guidelinesco‐ developedwiththeIFAC) COBIT (Control Objectives for Information and Related Technology), a framework created for IT management and governance. It is a supporting tool‐set that allows managers to bridge the gap between control requirements, technical issues and businessrisks. VALIT,afurthergovernanceframeworkintegratedintoCOBIT,whichcanbeusedto createbusinessvaluefromITinvestments.Itconsistsofasetofguidingprinciplesand anumberofprocessesandbestpracticestosupportandhelpexecutivemanagement andboardsatanenterpriselevel.VALITreleasescoverprocessesandkeymanagement practices for three specific domains: value governance, portfolio management, and investmentmanagement. RISKIT,anend‐to‐end,comprehensiveviewofallrisksrelatedtotheuseofIT,anda similarlythoroughtreatmentofriskmanagement,fromthetoneandcultureatthetop, tooperationalissues. InformationSystemControlJournal ISACAprovidesfourmajorcertifications: CISA(CertifiedInformationSystemsAuditor),acertificationforISauditprofessionals.The CISAcertificatecanbeappliedforiftheindividualhasexperienceasanauditorofIS,is involvedincontinuoustraining,andexhibitscompliancewiththestandardsforaudits ofISandwiththeCodeofEthics. CISM(CertifiedInformationSecurityManager),acertificationforITsecuritymanagers. Togainthecertifications,individualsmustpassawrittenexaminationandhaveatleast five years of IT security experience, with a minimum three years of IT security managementworkexperienceinparticularfields. CGEIT(CertifiedintheGovernanceofEnterpriseIT),gearedtowardprofessionalswho playasignificantroleinmanaging,advising,and/orassuringITgovernance.Typicaljob rolesincludeseniorsecurityanalystandchiefinformationsecurityofficer.CGEITexam covers six domains that address strategic alignment, value delivery, IT governance framework, risk management, performance measurement, and governance and managementofIT. CRISC (Certified in Risk and Information Systems Control), a certification for informationtechnologyprofessionalswithexperienceinmanagingITrisks.Togainthis certification, other than passing a written examination, the candidates must have at leasteightyearsofinformationtechnologyorbusinessexperience,withaminimumof three years work experience in at least three of the five CRISC domains: risk identification, assessment and evaluation; risk response; risk monitoring; IS control, designandimplementation;IScontrol,monitoringandmaintenance. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES 5.3 OWASP [40] OWASP(OpenWebApplicationSecurityProject)isaworldwideopen‐sourceproject,focused on improving the security of software. OWASP aims at making software security visible, to allowindividualsandorganizationsworldwidetotakeinformeddecisionsabouttruesoftware securityrisks.EveryoneisfreetoparticipateinOWASPandalloftheproducedmaterialsare availableunderafreeandopensoftwarelicenseontheOWASPwebsite(www.owasp.org)or blog(owasp.blogspot.com).OWASPdoesnotendorseorrecommendcommercialproductsor services,allowingitscommunitytoremainvendorneutralwiththecollectivewisdomofthe bestmindsinsoftwaresecurityworldwide. TheOWASPcommunityincludescorporations,educationalorganizations,andindividualsfrom around the world. This community works to create freely‐available articles, methodologies, documentation, tools, and technologies. The OWASP Foundation is a 501(c) (3) charitable organization that supports and manages OWASP projects and infrastructure. It is also a registerednon‐profitinEuropesinceJune2011. OWASP is also an emerging standards body, with the publication of its first standard in December2008,theOWASPApplicationSecurityVerificationStandard(ASVS).Theprimary aim of the OWASP ASVS Project is to normalize the range of coverage and level of rigour availableinthemarketwhenitcomestoperformingapplication‐levelsecurityverification.The goalistocreateasetofcommerciallyworkable openstandardsthatare tailoredtospecific web‐basedtechnologies.AWebApplicationEditionhasbeenpublished.AWebServiceEdition isunderdevelopment. OWASP develops along projects that are collections of related tasks that have a defined roadmapandteammembers.OWASPprojectleadersareresponsiblefordefiningthevision, roadmap, and tasks for the project, as well as promoting the project and building the team. OWASPprojectsareorganizedintothefollowingcategories: Incubatorprojectsthatdevelopnewideas,stillbeingproven. LabprojectsthathaveproducedanOWASP‐revieweddeliverableofvalue. Flagshipprojects,thathavedemonstratedsuperiormaturity,establishedquality,and strategicvaluetoOWASPandtoapplicationsecurityasawhole. A(partial)listofOWASPprojectsfollows: OWASPApplicationSecurityVerificationStandard(ASVS),astandardforperforming application‐levelsecurityverifications. OWASPXMLSecurityGateway(XSG)EvaluationCriteriaProject. OWASP Development Guide, a practical guidance including J2EE, ASP.NET, and PHP codesamples.TheDevelopmentGuidecoversanextensivearrayofapplication‐level securityissues,fromSQLinjectionthroughmodernconcernssuchasphishing,credit card handling, session fixation, cross‐site request forgeries, compliance, and privacy issues. OWASPTestingGuide,includingabestpracticepenetrationtestingframeworkwhich users can implement in their own organizations, and a low level penetration testing guide that describes techniques for testing most common web application and web servicesecurityissues. OWASP Code Review Guide, a key enabler for the OWASP fight against software insecurity. OWASP ZAP Project, an easy to use integrated penetration testing tool for finding vulnerabilitiesinwebapplications.Itisdesignedtobeusedbypeoplewithawiderange 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES ofsecurityexperienceandassuchisidealfordevelopersandfunctionaltesterswhoare newtopenetrationtesting. OWASP Top Ten, aiming at identifying some of the most critical risks facing organizations,soastoraiseawarenessaboutapplicationsecurity. OWASPSoftwareAssuranceMaturityModel,committedtobuildingausableframework tohelporganizationsformulateandimplementastrategyforapplicationsecuritythat istailoredtothespecificbusinessrisksfacingtheorganization. Webgoat, a deliberately insecure web application created by OWASP as a guide for secureprogrammingpractices.Oncedownloaded,theapplicationcomeswithatutorial andasetofdifferentlessonsthatinstructstudentshowtoexploitvulnerabilitieswith theintentionofteachingthemhowtowritecodesecurely. 5.4 IACR [41] Cryptologyisthescienceofthemakingandbreakingofencryptionalgorithms,andisatthe baseofinformationsecurity.TheIACR(InternationalAssociationforCryptologicResearch)is anon‐for‐profitscientificorganizationdevotedtosupportingthepromotionofcryptologyin general,andoftheresearchincryptologyandrelatedfields,inparticular.IACRwasorganised attheinitiativeofDavidChaumatCRYPTO'82.CRYPTO'83wasthefirstconferenceofficially sponsoredbyIACR.In2000,IACRhadapproximately1600membersanditscurrentpresident isBartPreneel. Nowadays, IACR sponsors some of the major conferences and workshops in the field of cryptography: three annual conferences, Crypto, Eurocrypt and Asiacrypt, and four annual workshops, Fast Software Encryption (FSE), Public Key Cryptography (PKC), Cryptographic HardwareandEmbeddedSystems(CHES)andtheTheoryofCryptographyConference(TCC). A few other conferences and workshops are affiliated to IACR. Further, IACR publishes the JournalofCryptology,thepremieracademicjournalinthefieldofcryptology.AccordingtoISI itisalsooneofthetopjournalsinthewholeofTheoreticalComputerScience.Thejournalis editedbyanindependentEditorialBoardappointedbytheEditorinChief.TheEditorinChief isappointedbytheIACRBoardandthensitsontheBoardasoneoftheboardmembers.Finally, IACR maintains the Cryptology ePrint Archive, an online paper repository to enable timely dissemination of research results. Papers published there undergo no scientific reviewing process. Some papers may be published there long before they appear in a peer‐reviewed publication venue. The ePrint archive also contains different versions of papers published elsewhere(includingcorrectedorfullversionscontainingdetailsnotfound),orthefinalauthor versionsofpapersthatwillbepublishedinothervenues. IACRmaintainsanumberofservicesforitsmembersandthewidercommunity: The CryptoDB, a database of all IACR publications. It allows to easily find out informationsuchashowmanytimessomeonehasservedonaprogrammecommittee, howmanypublicationstheyhave,howmanyco‐authors,thelistofBest‐Paperawards, etc. TheCalendarofEvents,detailingavastarrayofconferencesandworkshopsinallareas ofsecurity. BookReviewsprovidedbythecommunitytohelpotherscholars. ThePh.D.Database,aDBofPhDthesesinthegeneralareaofcryptology,contributed byIACRmembers. VideosoftalksatIACRevents. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES IACR recognizes outstanding technical and professional achievements and contributions throughmultiplekindsofawards: The IACR Fellows Program is the primary award, recognizing outstanding IACR members for technical and professional contributions to cryptologic research. Each yearasetofFellowsisappointed,chosenbytheIACRFellowscommittee. TheIACRDistinguishedLectureseriesisanannualawardgiventosomeonewhohas madeimportantcontributionstocryptologicresearch.ThechoiceoftheDistinguished LecturerismadebytheBoardofDirectors. The Best Paper Awards and Invited Talks at IACR conferences and workshops are furtherrecognitionstotheleadersofthefield.Awardwinnersandinvitedlecturersare chosenbythecorrespondingProgramChairsandCommittees. 5.5 ISSA [42] The ISSA (Information Systems Security Association) is a not‐for‐profit, international professionalorganizationofinformationsecurityprofessionalsandpractitioners.Itprovides educational forums, publications and peer interaction opportunities that enhance the knowledge,skillandprofessionalgrowthofitsmembers.Membersincludepractitionersatall levelsofthesecurityfieldinabroadrangeofindustriessuchascommunications,education, healthcare,manufacturing,financial,andgovernment. The primary goal of ISSA is to promote management practices that will ensure the confidentiality,integrity,andavailabilityofinformationresources.Theassociationparticularly facilitates interaction and education to create a more successful environment for global informationsystemssecurityandfortheprofessionalsinvolved.Overall,ISSAprovidesseveral services to the information security community, that, at a high level, we can summarize as follows: Promote the education and expand the knowledge and skills of its members in the interrelatedfieldsofinformationsystemssecurityandinformationdataprocessing. Encourage a free exchange of information security techniques, approaches, and problemsolvingbyitsmembers. Provide communication to keep members abreast of current events in information processingandsecurity,providingbenefitstothemandtheiremployers. Communicate to management, and to systems and information processing professionalstheimportanceofestablishingcontrolsnecessarytoensurethesecure organizationandutilizationofinformationprocessingresources TheaforementionedgeneralobjectivesarepursuedbyISSAinseveralways: Organizinginternationalconferences,localchaptermeetingsandseminarsthatoffer educationalprograms,trainingandvaluablenetworkingopportunities. ProvidingmemberswithcontinuingeducationcreditsforattendingallISSA‐sponsored activities, as well as activities sponsored by other organizations that uphold similar membershipstandards. Informing members through the ISSA website as well as an online newsletter and monthlyjournal. Offering support for professional certification and development opportunities for securitypractitioners. Creating opportunities for members to join committees and boards, which provide significantleadershipforthesecurityindustry. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Facilitating discussion and feedback on key issues, such as the National Strategy to SecureCyberspace,inordertocreateaunifiedvoiceforsecurityprofessionalsaround the world that can influence public opinion, government regulations, the media and otherimportantaudiences. 5.6 EDUCAUSE – HEISC [43] Educauseisanon‐for‐profitassociationwhosegoalis"toadvancehighereducationthrough the use of information technology." Membership is open to institutions of higher education, corporationsservingthehighereducationinformationtechnologymarket,andotherrelated associationsandorganizations.Theassociationprovides: NetworkingandotherplatformsforhighereducationITprofessionalstogenerateand findcontentonbestpracticesandtoengagetheirpeers. Professionaldevelopmentopportunities. Print and electronic publications, including e‐books, and the magazine EDUCAUSE Review. Strategicpolicyadvocacy. Teachingandlearninginitiatives,andappliedresearch. Specialinterestdiscussiongroupsandawardsforleadership. AresourcecentreforITprofessionalsinhighereducation. Forwhatconcernscybersecurityeducation,inJuly2000EDUCAUSEestablishedHEISC(Higher Education Information Security Council), a council whose aim is to improve information security,dataprotection,andprivacyprogramsacrossthehighereducationsectorthroughits workinggroupsofvolunteersandprofessionalEDUCAUSEstaffthatcoordinateactivitiesand collaborate with partners from government, industry, and other academic organizations. ThroughtheannualSecurityProfessionalsConferenceandotherEDUCAUSEconferencesand websites, HEISC actively develops and promotes leadership, awareness and understanding, effectivepracticesandpolicies,andsolutionsfortheprotectionofcriticaldata,ITassets,and infrastructures. TheHEISCLeadershipTeam,composedofimportantacademicsandprofessionalsinthearea, isresponsibleforensuringprogressinmeetingthestrategicgoalsofthecouncil.Toaccomplish this,it: Createsandmonitorsworkinggroupsandsponsorsotheractivities. Annuallyreviewsthestrategicgoalstoseeifchangesareneeded. Annuallysetsobjectivesfortheworkinggroupsthatwillproducetangibleoutcomes furtheringthegoalsofthecouncil. HEISC'sstrategicprioritiesfor2014includestrengtheningitsownfoundations,continuingto build the information security profession, and advancing information security strategies in highereducation.Thecouncilwillalsocontinuetoaddresssecurityandprivacyhottopicsas theyarisewithinthehighereducationcommunity. 5.7 SANS [44] TheSANS(SysAdmin,Audit,Networking,andSecurity)InstituteisaprivateUScompanythat specializes in internet security training. It provides computer security training, professional 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES certificationthroughGlobalInformationAssuranceCertification(GIAC),andaresearcharchive ‐theSANSReadingRoom.ItalsooperatestheInternetStormCentre,anInternetmonitoring systemstaffedbyaglobalcommunityofsecuritypractitioners. The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world, ranging from auditors and network administrators, to chief information security officers.SANSisoneofthemosttrustedandlargestsourceforinformationsecuritytraining andsecuritycertificationintheworld.Italsodevelops,maintains,andmakesavailableatno cost,thelargestcollectionofresearchdocumentsaboutvariousaspectsofinformationsecurity, anditoperatestheInternet'searlywarningsystem‐theInternetStormCentre. SANSprovidesintensivetrainingdesignedtohelpdealingwithallthepracticalstepsnecessary for defending systems and networks against the most dangerous threats ‐ the ones being actively exploited. The courses are full of important and immediately useful techniques, developed through a consensus process involving hundreds of administrators, security managers, and information security professionals, and which address both security fundamentalsandawareness,andthein‐depthtechnicalaspectsofthemostcrucialareasofIT security.SANStrainingcanbetakeninaclassroomsettingfromSANS‐certifiedinstructors,self‐ pacedovertheInternet,orinmentoredsettingsincitiesaroundtheworld.Eachyear,SANS programseducatemorethan12,000peopleintheUSandinternationally.Theselectionprocess forteachersisextremelychallenging:in2013,overmorethan90applications,onlyfivenew teacherswereselected. SANS makes many resources freely available. They include the very popular Internet Storm Centre,theweeklynewsdigest,theweeklyvulnerabilitydigest,andmorethan1,200award‐ winning, original information security research papers. Services offered by SANS can be summarizedasfollows: SANSInformationSecurityReadingRoom‐Morethan2040originalresearchpapersin 78importantcategoriesofsecurity. SANS Weekly Bulletins and Alerts ‐ Definitive updates on security news and vulnerabilities. SANSSecurityPolicyProject‐FreeSecurityPolicyTemplates‐Provenintherealworld. VendorRelatedResources‐Highlightingthevendorsthatcanhelpmakesecuritymore effective. InformationSecurityGlossary‐Words,acronyms,etc. InternetStormCentre‐TheInternet'sEarlyWarningSystem. S.C.O.R.E. ‐ Helping the security community to reach agreement on how to secure commonsoftwareandsystems. SANS/FBI Annual Top 20 Internet Security Vulnerabilities List ‐ A consensus list of vulnerabilitiesthatrequireimmediateremediation. Intrusion Detection FAQ ‐ Frequently asked questions and answers about intrusion detection. SANSPressRoom–Theinstitutepressroom,designedtoassistthemediaincoverage oftheinformationassuranceindustry. 5.8 ISC2 [45] (ISC)2(InternationalInformationSystemsSecurityCertificationConsortium)isanot‐for‐profit consortium, among the global leaders in educating and certifying information security 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES professionalsthroughouttheircareers,withheadquarterintheUnitedStates,andwithoffices inLondon,HongKongandTokyo.Theconsortiumprovidesvendor‐neutraleducationproducts, careerservices,andGoldStandardcredentialstoprofessionalsinmorethan135countries.Its membershipiscomposedofanelitenetworkofnearly90,000certifiedindustryprofessionals worldwide.Aimingatinspiringasafeandsecurecyberworld,(ISC)2 supportsandprovides membersandconstituentswithcredentials,resources,andleadershiptosecureinformation anddelivervaluetosociety. (ISC)²developsandmaintainsthe(ISC)²CBK,acompendiumofinformationsecuritytopics. The CBK is a critical body of knowledge that defines global industry standards, serving as a commonframeworkoftermsandprinciplesthattheconsortium'scredentialsarebasedupon andallowsprofessionalsworldwidetodiscuss,debate,andresolvematterspertainingtothe field.SubjectmatterexpertscontinuallyreviewandupdatetheCBK. (ISC)2isrecognizedforGoldStandardcertificationsandworldclasseducationprograms.Its credentials are essential to both individuals and employers for the seamless safety and protectionofinformationassetsandinfrastructures.Thecertificationprogramsof(ISC)2areas follows: CertifiedInformationSystemsSecurityProfessional(CISSP); SystemsSecurityCertifiedPractitioner(SSCP); CertifiedAuthorizationProfessional(CAP); CertifiedSecureSoftwareLifecycleProfessional(CSSLP); CertifiedCyberForensicProfessional(CCFPSM); HealthCareInformationSecurityPrivacyPractitioner(HCISPPSM); InformationSystemsSecurityArchitectureProfessional(CISSP‐ISSAP); InformationSystemsSecurityEngineeringProfessional(CISSP‐ISSEP); InformationSystemsSecurityManagementProfessional(CISSP‐ISSMP). (ISC)² was the first information security certifying body to meet the requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for personnel certification. To date, the SSCP,CAP,andCISSPplusconcentrationshavebeenaccreditedagainstthisstandard,making (ISC)²credentialsamust‐haveamongprofessionalsandemployers. To safeguard the professionalism of the information security industry and the integrity and longevityofitscredentials,(ISC)2requiresallitsmembersandcandidatestosubscribetothe (ISC)² Code of Ethics. All information security professionals who are certified by (ISC)² recognizethatcertificationisaprivilegethatmustbebothearnedandmaintained. All (ISC)² credential holders must earn Continuing Professional Education (CPE) credits throughoutthelifeoftheircertification.Thisensuresthatmembersarecontinuallyaddingto their depth of knowledge in the field and keeping current with all new developments. CPE creditscanbeearnedinavarietyofways,including(ISC)²’sownevents,aswellasindustry events,conferences,volunteering,andmentoring. 5.9 NICE – NICCS [46], [47] The Comprehensive National Cybersecurity Initiative (CNCI) was established by President GeorgeW.BushinNationalSecurityPresidentialDirective54/HomelandSecurityPresidential Directive 23 (NSPD‐54/HSPD‐23) in January 2008. The initiative outlines US cybersecurity goalsandspansmultipleagenciesincludingtheDepartmentofHomelandSecurity(DHS),the OfficeofManagementandBudget(OMB),andtheNationalSecurityAgency(NSA). 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES The NICE (National Initiative for Cybersecurity Education) has evolved from the CNCI, and extends its scope beyond the federal workplace to include civilians and students in kindergarten through post‐graduate school. The goal of NICE is to establish an operational, sustainable and continually improving cybersecurity education program for the US to use soundcyberpracticesthatwillenhancethenation’ssecurity.Byacceleratingtheavailabilityof educationalandtrainingresources,NICEexpects“toimprovethecyberbehaviour,skills,and knowledgeofeverysegmentofthepopulation”. The National Institute of Standards and Technology (NIST) is leading the NICE initiative, comprisedofover20federaldepartmentsandagencies,toensurecoordination,cooperation, focus, public engagement, technology transfer and sustainability. Many NICE activities are alreadyunderwayandNISTisexpectedtohighlighttheseactivities,engagevariousstakeholder groupsandcreateforumsforsharinginformationandleveragingbestpractices.NISTwillalso belookingfor"gaps"intheinitiative—areasoftheoverarchingmissionthatarenotaddressed byongoingactivities. NICEwillberepresentedbyfourComponents: Component1:NationalCybersecurityAwareness‐Lead:DHS. Toboostnationalcybersecurityawareness,DHSwillusepublicservicecampaignsto promotecybersecurityandresponsibleuseoftheInternet,andmakecybersecuritya populareducationalandcareerpursuitforolderstudents. Component 2: Formal Cybersecurity Education – Co‐Lead: Department of Education (DoED)andNationalScienceFoundation(NSF) The mission of the DoED and the NSF is to bolster formal cybersecurity education programs encompassing kindergarten through 12th grade, higher education and vocationalprograms,withafocusonthescience,technology,engineeringandmaths disciplines, to provide a pipeline of skilled workers for the private sector and government. Component3:CybersecurityWorkforceStructure‐Lead:DHSsupportedbyOfficeof PersonnelManagement(OPM) ThethirdComponentfocusesontalentmanagementofcybersecurityprofessionals.It aimstoevaluatetheprofessionalizationoftheworkforce,torecommendbestpractices for forecasting future cybersecurity needs, and to define national strategies for recruitmentandretention. Component4:CybersecurityWorkforceTrainingandProfessionalDevelopment‐Tri‐ Leads: Department of Defence (DoD), Office of the Director of National Intelligence (ODNI),DHS. TheDoD,theODNIandtheDHSareappointedtointensifytrainingandprofessional developmentprogramsforexistingfederalcybersecurityworkforce.ThisComponent isdividedintofourfunctionalareasthatcover: ▪ FunctionalArea1:GeneralITUse‐Co‐Leads:DHSandFederalCIOCouncil; ▪ Functional Area 2: IT Infrastructure, Operations, Maintenance, and Information Assurance‐Co‐Leads:DoDandDHS; ▪ Functional Area 3: Domestic Law Enforcement and Counterintelligence ‐ Lead: NCIX,DOD/DC3,DOJandDHS/USSS); ▪ FunctionalArea4:SpecializedCybersecurityOperations‐Lead:NSA. TheNICCS(NationalInitiativeforCybersecurityCareersandStudies)isapartofNICE,designed tobeanonlineresourceforgovernment,industry,academia,andthegeneralpublictolearn aboutcybersecurityawareness,education,careersandworkforcedevelopmentopportunities. TheideaistoprovidetheUSwithcredibleandreal‐timeinformationrelatedtocybersecurity, 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES asopposedtothehugeamountofcybersecurityinformationthatcanbefoundontheweb,but whosedependabilitycanhardlybeconfirmed. Toensure a securecyberspace,theUSismaking asubstantialinvestment indevelopingthe workforce of cybersecurity professionals and informing the public about how to manage personalsafetyonline.ThepurposeofNICCSistodevelopatechnologically‐skilledworkforce, acyber‐savvypublic,andaneffectivepipelineoffutureemployees.NICCSisakeyresourceof cybersecurity information, directly supporting the three components of NICE that focus on enhancing awareness, expanding the pipeline and evolving the field. NICCS is a national resourceavailabletoanyonefromgovernment,industry,academia,andthegeneralpublicwho seekstolearnmoreaboutcybersecurityandopportunitiesinthefield. 5.10 NCSA [48] The NCSA (National Cyber Security Alliance) is a 501(c)(3) non‐for‐profit public private partnership, founded in 2001, working with the Department of Homeland Security (DHS), privatesectorsponsors(foundingsponsorsincludedSymantec,CISCO,Microsoft,SAIC,EMC, McAfee),andnon‐for‐profitcollaboratorstopromotecybersecurityawarenessforhomeusers, smallandmediumsizebusinesses,andprimaryandsecondaryeducation.TheNCSA'smission istoempowerandsupportdigitalcitizenstousetheInternetsecurelyandsafely,protecting themselvesandthecyberinfrastructure. In a climate of persistent threats, NCSA aims at securing the Internet and the shared global digital assets, so as to achieve the potential of an empowered digital society capable of leveraging robust and widely available content, community, communication, commerce, and connectivity.NCSAbuildsstrongpublic/privatepartnershipstocreateandimplementbroad reachingeducationandawarenesseffortstoempowerusersathome,workandschoolwiththe information they need to keep themselves, their organizations, their systems, and their sensitiveinformationsafeandsecureonlineandencourageacultureofcybersecurity. NationalCyberSecurityAwarenessMonthisaprojectoftheNCSA,asistheUSGovernment's “Stop. Think. Connect.” campaign for broader public cyber security awareness (the Anti‐ PhishingWorkingGroupandtheDepartmentofHomelandSecurityarealsoinvolved). 5.11 FISSEA [49] TheFISSEA(FederalInformationSystemsSecurityEducators'Association),foundedin1987, isanorganizationrunbyandforinformationsystemssecurityprofessionalstoassistUSfederal agencies in meeting their information systems security awareness, training, education, and certification responsibilities. FISSEA conducts an annual fee‐based conference and free workshopsduringtheyear. The main purpose of FISSEA is to elevate the general level of information systems security knowledge for the federal government and federally‐related workforce. It serves as a professionalforumfortheexchangeofinformationandimprovementofinformationsystems securityawareness,trainingandeducationprogramsthroughoutthefederalgovernment,and itprovidesfortheprofessionaldevelopmentofitsmembers. TheFISSEAorganizationseekstobringtogetherinformationsystemssecurityprofessionals. Eachyear,anawardispresentedtoacandidateselectedasEducatoroftheYear,honouring 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES distinguishedaccomplishmentsininformationsystemssecuritytrainingprograms.Members are encouraged to participate in the annual FISSEA conference, and to serve on the FISSEA adhoctaskgroups. 5.12 CyberWatch [50] CyberWatchisanAdvancedTechnologicalEducation(ATE)Centrefundedbyagrantfromthe NationalScienceFoundation(NSF).TheCyberWatchmissionistoincreasethequantityand qualityoftheinformationassurance(thatis,cybersecurity)workforce.TheCyberWatchgoals are focused on information assurance (IA) education at all levels, from elementary through graduate school, but especially the community college level, and include curriculum development, faculty professional development, student development, career pathways, and publicawareness. As a national centre in cybersecurity education, the role of the National CyberWatch Centre (NCC)includes: Advocator:advocatefortheroleofcommunitycollegesincybersecurityeducationand workforcedevelopment; Builder:buildnovelsolutionsforournation'scybersecurityeducationandworkforce developmentchallenges; Collaborator: collaborate with educational institutions, businesses, government entities, and professional organizations to strengthen cybersecurity programs nationally; Coordinator: coordinate and support regional and national cybersecurity education programs; Promoter:promoteeducationalandworkforcedevelopmentmodelsofexcellence. Accordingly,thegoalsoftheNCCcanbedescribedmorepreciselyas: Buildingacultureofcollaboration; Building, collaborating, coordinating, and promoting program, faculty, and student capacitybasedonmodelsofexcellence; Promotingthecybersecurityfield; AdvancingresearchinPractice‐CanteredCybersecurityEducation. 6. Conclusion and Follow‐Up IndevelopedWesterncountries(e.g.USA,Canada,UK,Australia),themostwidelyusedtypeof educationincybersecurityisformaleducationwhichcouldbemetatalllevelsofuniversity education(i.e.Bachelor,MasterandPhDstudies). Veryimportantfactofcybersecurityeducationisthatitislinkedwithmilitaryandsecurity institutions,especiallyinUSA. Also,therearedifferentsublevelsofcybersecurityeducationwithinthelevelsofuniversity education (Bachelor, Master and PhD studies), with different outcomes and from which emergestheapproachesinchoosingsubjectsforstudying.Atmostuniversitiesthathavecyber securityprograms,therearedeterminedcriteriaforenrolment. Cybersecurityeducationisstillattheearlystageofdevelopmentbothinformalandinformal education.Thereisstillhugegapbetweenpracticalneedsandeducationaloutcomes.Inmany 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES countriescybersecurityisnotrecognizedasastudyprogramattheuniversitiesandeducation ismostlyinformal1. The notices and recommendations are focusing on increasing and improving openness and collaboration, along with addressing both immediate priorities and longer‐term strategies. Programsmuststrivetobalancethenear‐termrequirementsofindustryandgovernmentwhile educating future faculty members and researchers, developing more internships and fellowships,andcontinuinginvestmentsinresearch. These are the key initiatives of prime importance in the development of cybersecurity education. 1. Increase awareness and expertise – improve resources on work to raise the level of awareness across the academic community. Cybersecurity is no longer a hidden area embeddedincomputerscienceorengineeringdisciplines.Programsneedtograduatemore computer scientists and engineers with hands‐on training and the ability to design and developsecuresystemsfromthestart. 2. Treatsecurityeducationasaglobalissuecybersecurityissuesarenotrelegatedtoasingle country.Theyknownoboundaries.Institutionsneedtoshareandcollaboratewithother programsaroundtheworld.Academicsfrommorematurecountriesshouldincreasetheir formalcollaborationwiththoseinemergingcountriestohelpaddresstheskillsgap.Such initiativescouldincludedistancelearningprogramsandthesharingofcurriculumandbest practicesamongeducators. 3. Approach security comprehensively, linking technical to non‐technical fields –adopt a curriculum that has a holistic and interdisciplinary approach. Security education should coverinfrastructure,people,data,applications,ethics,policyandlegalissues.Businessand publicpolicyschoolsshouldfocusoncreatingbettersecuritypolicyandgovernanceand trainingfutureinformationsecurityleaders,suchasChiefInformationSecurityOfficers. 4. Seekinnovativewaystofundlabsandpursuereal‐worldprojects–Resourceswillalwaysbe toughtocomeby.Industry,governmentandacademiamustcomeupwithnovelwaysto givestudentspracticalexperience.Moreinternshipsanddesigncontestsareonewayto overcome this challenge. Other alter‐natives include cloud‐based or virtualized ranges, simulatorsandtestbeds. 5. Advancea“scienceofsecurity”–moreemphasisonthecreationofadisciplineofsecurity science with fundamental concepts and a common vocabulary. This new science should focus on anticipating security problems, not just reacting to attacks. It must include scientific methodologies and incorporate reproducibility and proofs in the design of securitysystems. We believe that these recommendations offer ways to make cybersecurity education more effectiveintheshortandthelongterm.Bybreakingdownbarriersandworkinginconcert,it ispossibletobetteraddresscurrentandemergingchallenges. References 1 By the information based on statement of Jay Bavisi, president of EC‐Council – Indian global certification and training organisationininformationsecurity,itseemsthereisnouniversityorcollegeinIndiawhichoffersacademiccoursecoveringthe wholescaleofcybersecurityinBachelorprogram(available:TheHindu,December2,2013‐www.thehindu.com). 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES [1] TUT, “Cyber Security Master Programme www.ttu.ee/cybersecurity.[Accessed042014]. in TUT,” [Online]. Available: [2] Gen‐SetCybersecurity,IMTMPodgorica,“CorporateandITSecurity,”Skopje,2013. [3] SANS, “SCADA Security Training,” [Online]. Available: https://www.sans.org/event/scada‐training‐houston‐2014/course/scada‐sec‐training‐ 2012.[Accessed25April2014]. [4] SANS, “Law of Data Security and Investigations,” [Online]. Available: http://www.sans.org/course/law‐data‐security‐investigations. [Accessed 25 April 2014]. [5] Joint Forces Staff College, “Joint C4I/Cyber Staff and Operations Course,” [Online]. Available: https://jfsc.ndu.edu/schools_programs/jc2ios/c4i/general_info.asp. [Accessed25April2014]. [6] ECDL, “ECDL IT Security,” [Online]. Available: http://www.ecdl.org/programmes/index.jsp?p=2928&n=2944.[Accessed042014]. [7] RIA, “Introduction to Information Security,” [Online]. Available: https://www.ria.ee/infoturbe‐sissejuhatus/?op=training_detailview. [Accessed 04 2014]. [8] European Commission, “About our goals,” 2014. [Online]. Available: http://ec.europa.eu/digital‐agenda/en/about‐our‐goals.[Accessed14May2014]. [9] EuropeanCommission,“Trustandsecurity‐analysisanddata,”2014.[Online].Available: http://ec.europa.eu/digital‐agenda/trust‐and‐security‐analysis‐and‐data. [Accessed 14 May2014]. [10]European Commission, “Pillar III: Trust & Security,” 2014. [Online]. Available: http://ec.europa.eu/digital‐agenda/en/our‐goals/pillar‐iii‐trust‐security. [Accessed 14 May2014]. [11]Insafe,“SaferInternetDay,”2014.[Online].Available:http://www.saferinternetday.org. [Accessed20May2014]. [12]Get Safe Online Limited, “Get Safe Online,” 2014. [Online]. Available: https://www.getsafeonline.org.[Accessed15May2014]. [13]SavetheChildren,Adiconsum,“Sicuriinrete‐centrogiovanileonline,”2014.[Online]. Available:http://www.sicurinrete.it.[Accessed20May2014]. [14]“DataProtectionDay,”CouncilofEurope,December29,2013.. [15]“National Cyber Security Awareness Month (NCSAM),” National cybersecurity alliance, 2014. [16]“National Cybersecurity Awareness,” U.S. Department of Homeland Security, [online]. Avaliable:www.dhs.gov/stopthinkconnect.,2009. [17]W. Ashford, “ UK to launch public cyber security awareness campaign,” [online]. Avaliable:www.ComputerWeekly.com.,2013. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES [18]“European Cyber Security Month (ECSM),” http://cybersecuritymonth.eu/whats‐ecsm,2014. [online]. Avaliable: [19]P. Cassidy, “Council of Anti‐Phishing Japan Joins the STOP. THINK. CONNECT.,” in "Cybersecurity wareness Campaign”, Anti‐Phishing Working Group, 2014. [online]. Avaliable: http://finance.yahoo.com/news/council‐anti‐phishing‐japan‐joins‐ 055500019.html,2014. [20]“Get Safe Onile,” Get Safe Online Limited, 2014. [Online]. https://www.getsafeonline.org.[Accessed06/06/14June2014]. Available: [21]“BEEsecure,” Service National de la Jeunesse, Economic Interest Grouping , [Online]. Available:https://www.bee‐secure.lu/.[Accessed06/06/14June2014]. [22]“BEESECURE,”2014.[Online].Available:https://www.bee‐secure.lu.[Accessed15May 2014]. [23]UK Government, “Be Cyber Streetwise,” 2014. https://www.cyberstreetwise.com.[Accessed14May2014]. [Online]. Available: [24]“Newcampaignurgespeopletobe'CyberStreetwise',”inNortonbySymantec,[online]. Avaliable:http://uk.norton.com/cyber‐streetwise/article,2014. [25]“Cyberstreetwise,” homeoffice.gsi.gov.uk, [Online]. https://www.cyberstreetwise.com.[Accessed6/6/14June2014]. Available: [26]“WatchYourWeb,”IJAB–FachstellefürInternationaleJugendarbeit,[Online].Available: http://www.watchyourweb.de/.[Accessed6/6/14June2014]. [27]“Semipostiticancello(GenerazioniConnesse),”SICItaly‐NationalCenterforSecurity on the Internet,co‐funded by the European Commission through the Safer Internet Programme, 1999. [Online]. Available: http://www.generazioniconnesse.it. [Accessed 6/6/14June2014]. [28]“UniversallyChallenged–AnationalcompetitionbetweenUKuniversitiestotestcyber securityskills,”CyberSecurityUK,2014. [29]“Asia‐PacificandMEARound2014,”inCybersecurityforNextGeneration2014Asia‐Pacific &MEARound,SouthKorea,March,2014. [30]D.Cohen‐Abravanel,“NewMalwareCampaignUsesFakeAnti‐VirusUpdateEmail,”inon‐ demand webinar, . [online],Available:https://www.seculert.com/blog/2013/12/new‐ malware‐campaign‐uses‐fake‐anti‐virus‐update‐email.html,2013. [31]Italian Postal and Telecommunication Police, “Una vita da social,” 2014. [Online]. Available: http://img.poliziadistato.it/docs/Una%20Vita%20da%20Social%20DEFINITIVA.pdf. [Accessed15May2014]. [32]UK National Fraud Authority, “The Devil's In Your Details,” 2014. [Online]. Available: http://www.actionfraud.police.uk/thedevilsinyourdetails.[Accessed20May2014]. [33]Febelfin, “Safe Internet Banking,” 2014. [Online]. https://www.safeinternetbanking.be/en.[Accessed13May2014]. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES Available: [34]Febelfin, “Dave campaign,” 2014. [Online]. Available: https://www.safeinternetbanking.be/en/dave‐campaign.[AccessedMay2014]. [35]Febelfin,“Seehoweasilyfreakscantakeoveryourlife‐Video,”2014.[Online].Available: https://www.youtube.com/watch?v=Rn4Rupla11M.[Accessed13May2014]. [36]European Commission, “Media Use in the European Union,” November 2013. [Online]. Available: http://ec.europa.eu/public_opinion/archives/eb/eb80/eb80_media_en.pdf. [Accessed22May2014]. [37]“IFIPOfficialWebsite,”2014.[Online].Available:http://www.ifip.org/. [38]“IFIPTC11OfficialWebsite,”2014.[Online].Available:http://www.ifiptc11.org/. [39]“ISACAOfficialWebsite,”2014.[Online].Available:http://www.isaca.org. [40]“OWASPOfficialWebsite,”2014.[Online].Available:http://www.owasp.org. [41]“IACROfficialWebsite,”2014.[Online].Available:http://www.iacr.org/. [42]“ISSAOfficialWebsite,”2014.[Online].Available:http://www.issa.org/. [43]“EDUCAUSE HEISC Official Website,” 2014. [Online]. http://www.educause.edu/focus‐areas‐and‐initiatives/policy‐and‐ security/cybersecurity‐initiative/about. Available: [44]“SANSOfficialWebsite,”2014.[Online].Available:http://www.sans.org/. [45]“ISC2OfficialWebsite,”2014.[Online].Available:https://www.isc2.org/. [46]“NICEOfficialWebsite,”2014.[Online].Available:http://csrc.nist.gov/nice/. [47]“NICCSOfficialWebsite,”2014.[Online].Available:http://niccs.us‐cert.gov/. [48]“NCSAOfficialWebsite,”2014.[Online].Available:https://www.staysafeonline.org/. [49]“FISSEA Official Website,” http://csrc.nist.gov/organizations/fissea/. [50]“CyberWatch Official Website,” http://www.cyberwatchcenter.org/. 2014. 2014. [Online]. [Online]. Available: Available: [51]“SANSInstitue,”2000.[Online].Available:http://www.sans.org.[AccessedApril2014]. [52]“WikipediaISACAPage,”2014.[Online].Available:http://en.wikipedia.org/wiki/ISACA. [53]“ISSEA Official Website,” http://csrc.nist.gov/organizations/fissea/. 2014. [Online]. Available: [54]European Commission, “European Cyber Security Month,” 2014. [Online]. Available: http://cybersecuritymonth.eu.[Accessed20May2014]. [55]“Partners,”[Online].Available:http://cybersecuritymonth.eu/partners. [56]IJAB, “Watch your web,” 2014. [Online]. Available: http://www.watchyourweb.de. [Accessed20May2014]. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES [57]Generazioni Connesse ‐ Safer Internet Centre, “Si mi posti ti cancello,” 2014. [Online]. Available:http://www.semipostiticancello.it.[Accessed15May2014]. 544088‐TEMPUS‐1‐2013‐1‐SI‐TEMPUS‐JPHES