The topics we spoke with Dr. Yoon about yesterday evening:
We found that having skills in Python scripting is very useful as
there is currently a push within the space to integrate various technologies.
We recommend incorporating Python into multiple courses to help students
retain the knowledge they have learned.
Additionally, stressing the versatility of the language may be helpful
in relating how useful the language is in all roles within cybersecurity and
even outside of this field.
Include using linters and tools for static analysis
(Bandit is a great open source tools for static analysis)!
Also, it would be good to (at some point) expose them to style guides,
like PEP-8 for Python,
since they will most definitely be sharing code amongst peers and colleagues
at some point.
- Networking concepts
Although we did find the foundational courses at the beginning of the program (500 and 505) to be very informative, we realize now that having a course specifically covering networking concepts (protocols, routing, etc.) would have been extremely helpful in the long run. Basic principles like packet construction (and deconstruction) and analysis would be immensely beneficial to the students in the program.
- The lab
For some time now Mercy has had servers available to the program that
haven't been used in a manner that would most benefit the students.
When Ashley and I first joined the program many of the students expressed interest
in helping build and develop the virtual environment in the lab so that
we could gain knowledge of virtualization technologies,
networking in virtual environments and attacking and defending virtual environments.
It would be beneficial to carve out a section of the virtual environment for
each incoming class and allow them to develop their environment over time.
You could, for instance:
- split the incoming class into teams (red vs blue, operations, risk, etc)
depending on their interests
- give them a subset of resources they need to attack, defend, or assess
- allow them to develop, attack, and assess the environment
throughout the program
- have them switch roles at some point!
This will help with bullets 4 and 5.
- Open source tools
Exposing the students to open source tools like ELK, Snort, Suricata, etc.
(there's a good collection here - https://github.com/sbilly/awesome-security) will
aid them in their careers, as they'll gain operational knowledge of tools that are
widely used in the industry.
You mentioned not being able to learn or master the tools yourself in order to expose students to them, but you don't have to! If you give the students the foundational knowledge during a course, you could have them implement (if a virtual environment is made available to them) or evaluate a tool of their choosing as part of a project.
- Fostering the team
The last thing we spoke about was how to create an environment that fosters a team.
For us it had a lot to do with the projects and trying to understand
the more difficult concepts we were being exposed to.
We relied heavily on each other throughout the program in order to make sure
we completely understood what we were learning.
Part of what needs to be done is break down the traditional academic mentality of
the singular and begin growth of the [hacker|infosec] community mindset
that the community thrives on (after all,
we wouldn't have all of these awesome open source tools if this culture didn't exist).
Pushing students to challenge themselves and challenge each other will go
a long way in reinforcing this, as will forcing them to work as a team.
Give them tasks they can't possibly complete on their own.
Help them understand that in the real world ALL of the work that
they do will be part of a team effort.
I think utilizing the lab in the way we outlined can go a long way here.
Thank you for your time yesterday. If you would still like for me to meet and speak with the advisory board please let me know when and where!