Freeman Hrabowski and Richard Forno: Higher education must lead in cybersecurity
Recent news about the renegade computer program Stuxnet designed to invade operating systems in targeted power plants is a reminder of both the pervasive influence of technology on modern society and the resulting vulnerabilities. President Barack Obama, calling for the nation to focus on cybersecurity, remarked on this irony: "The very technologies that empower us to create and to build also empower those who would disrupt and destroy."
Within Maryland, the recent report "CyberMaryland" highlighted four cybersecurity priorities for the state: foster innovation, develop human capital, position Maryland as a cybersecurity leader and ensure our future competitiveness. It is clear that colleges and universities will play a critical role building America's capacity in this vital area.
Higher education must address three important priorities. First, we need to produce many more graduates with expertise in cybersecurity in response to what the Center for Strategic and International Studies recently called a "desperate shortage" of cybersecurity specialists. Currently, Maryland's institutions are quickly expanding existing programs and developing new ones to address this shortage.
However, although increasing the pool of cybersecurity experts is important, we also must recognize that America has a significant shortage of graduates across all areas of science, technology, engineering and mathematics (STEM). If over the next decade we fail to increase the number of students graduating in all these fields while encouraging more of our current science and engineering students to pursue careers in cybersecurity, we will face a deficit of workers in other STEM careers all of which are important to the nation's economy.
The University System of Maryland has made science and engineering education a priority, and several of its institutions are focusing on cybersecurity. For example, at UMBC we will continue to be a major producer of STEM graduates while also working closely with the corporate community, as well as state and federal agencies, to implement new graduate programs in cybersecurity that target the skills most needed.
University research should be the second priority for building cybersecurity capabilities. The security challenges we face require new approaches to using and securing the Internet. Douglas Maughan, a UMBC graduate and program manager for cybersecurity at the Department of Homeland Security, recently stated that only by encouraging innovation will America regain its position as a leader in cyberspace.
Basic and applied research are fundamental to reshaping the way we secure computer hardware, software and networks. University researchers (at UMBC and elsewhere) are already engaged in exciting and important work in this area with the Department of Defense, much of which also has potential for non-military applications.
The third priority is to develop partnerships with industry that support technology transfer and connect academic researchers with industry. To improve cybersecurity in our work sites and in our homes, we must develop programs linking universities with entrepreneurs and venture capitalists so that we're capable of rapidly commercializing new discoveries into products that enhance cybersecurity. In this area, UMBC has achieved great success through its ACTiVATE training program in which women entrepreneurs take research conducted in university and federal labs and find commercial applications for these technologies.
Long-term global leadership in information technology depends on developing and executing a comprehensive cybersecurity strategy. Strong partnerships among our universities, industry, the State of Maryland and the federal government will be critical to strengthening cybersecurity and reducing the mounting risks faced each day by government, business and American citizens using the Internet.
Freeman Hrabowski is president of the
University of Maryland, Baltimore County.
Richard Forno is director of UMBC's
graduate cybersecurity program.