News

Illinois Receives $4.2 Million to Train Students in Cyber Security

From financial to medical information, our most private data is increasingly online—and so are the cyber criminals who seek to sabotage the information systems that support the data. But while the number of cyber crimes has steadily risen over the years, the number of cyber security experts needed to stop them has not kept pace.

Roy Campbell (left) and other ICSSP faculty and students gather during the Hacking 101 workshop put on by the students on December 5.
Roy Campbell (left) and other ICSSP faculty and students gather during the Hacking 101 workshop put on by the students on December 5.

The University of Illinois at Urbana-Champaign has received a four-year, $4.2 million grant from the National Science Foundation to renew a program that trains students in cyber security, a field that is projected to experience an annual shortage of 20,000 to 40,000 skilled workers for the foreseeable future, according to a 2012 Reuters report. The Illinois Cyber Security Scholars Program (ICSSP) teaches students how to protect the nation’s cyber infrastructure by designing more secure systems and methodologies, as well as better cyber policy.

“From cell phones to online banking, our daily functions are extremely digitized, which means they are also vulnerable to attacks,” said Roy Campbell, the lead researcher for the ICSSP initiative and the Sohaib and Sara Abbasi Professor of Computer Science. “Our goal with ICSSP is to train students to have an immediate impact in the field, especially at government agencies and laboratories.”

Cyber security education has become a national imperative. The White House recently called for “a national strategy, similar to the effort to upgrade science and mathematics education in the 1950s,” to meet the growing demand for skilled professionals.

Illinois has a strong tradition in security, graduating about 100 students each year with expertise in the area. When the ICSSP program was added in 2009, it gave computer science undergraduates the opportunity to enhance their cyber security skills. However, the new ICSSP will offer a multidisciplinary approach to cyber security, bringing together computer science and engineering undergraduate and graduate students and law students, who are needed to write policies that better protect the technology systems of the 21st century. Law students and computer science students will take courses in the other discipline to enhance their knowledge of both fields. Graduates of the program will receive a certificate in cyber security.NSF logo

Participating students will take cyber security courses as part of their regular degree program, dedicating the elective courses built into both the engineering and law programs to cyber security training. ICSSP, which takes two to three years to complete and will train 14 students in the 2014 cohort, provides scholarships that cover tuition, professional development, and travel and also offers a stipend to participants. In return, students are required to intern with a government agency or laboratory, and, upon graduation, work for the government for as many years as they spent in the scholarship program.

ICSSP students and faculty members gather during the Hacking 101 workshop put on by the students on December 5.

“We’re one of the few programs that offer training to undergraduates and one of the few that incorporate law students,” said Masooda Bashir, an assistant professor of library and information science. Bashir, Campbell, and their collaborators are researchers in the Information Trust Institute, which administers the ICSSP program as part of its mission to create a more resilient, reliable and secure online world. “With the core education students receive from our highly ranked engineering and computer science programs, along with the specialized training they get through ICSSP, students are equipped to help defend our national security and civil systems,” she added.

Through the program, computer science and engineering students prepare for jobs in which they will do everything from the front-end analysis of cyber threats to developing robust and state-of-the art tools, programs and systems for the cyber world. Law students will train for careers in the government, private companies, and law firms dealing with how our civil and criminal legal systems can advance protection for our cyber infrastructure and deter cyber attacks, while operating within current and future legal constraints, and maintaining important privacy protections.

“We all know that this is a new frontier in national security,” said Professor of Law Jay Kesan, an ITI researcher and co-PI on the ICSSP grant. “You really want lawyers to understand both the technical side of information systems as well as the legal and policy issues, so that we can have the kind of regulatory regimes and policy discussions that move this field forward.”

ICSSP has enjoyed a 100 percent placement rate of its graduates since its inception—placement with agencies isn’t guaranteed and graduates who are not chosen must pay back the scholarship money—demonstrating the strength of Illinois’ expertise in the area, Bashir said. Many graduates are now working at high-level research labs such as Sandia National Laboratories and Los Alamos National Lab, along with numerous government agencies such as the Department of Homeland Security and the CIA.

The professors hope that if students are introduced to cyber security early in their educational careers, they will become excited about working in this important field of study.

“I once had a student tell me, ‘I see this as a way to defend my country without picking up a gun,’” Bashir said. “It’s really critical work.”