Dean of EPPS discusses rise in demand for interdisciplinary approach, policy understanding within cybersecurity job industry
Starting fall 2020, UTD will be offering an interdisciplinary cybersecurity master’s degree.
Although housed in the school of Economic, Political and Policy Sciences, the degree is a joint effort with the school of Engineering and Computer Science, and will contain courses from those schools along with the school of Behavioral and Brain Sciences and the school of Management. Dean of EPPS Jennifer Holmes said the degree is designed to combine both the technical and policy aspects of cybersecurity.
“If working for the government or an agency, you’re always trying to anticipate new types of threats using new venues, new vectors of attack, that sort of thing,” Holmes said. “We want them to be trained broader, more strategically and also understand, most importantly, the policy, legal and ethical implications of this new area of cybersecurity. They can’t be just merely technical. They need that policy component.”
Holmes said the degree was first discussed in spring 2017, and she began having conversations with ECS founders chair professor Bhavani Thuraisingham about the need for an interdisciplinary approach to cybersecurity since it was in demand. She said few universities across the country have a strong policy component within their cybersecurity master’s programs, and that the focus remains mostly on the technical side. The policy component is usually taught on the job, Holmes said.
“Let’s say you care about border security. Well, you could shut down the border, right? You could search every car, search every individual, but you’re going to kill trade. You’re going to kill tourism, right? You’re going to cause all sorts of other problems if you only care about one thing,” Holmes said. “You want to promote security, but you also need to keep in mind, what is this agency supposed to be doing? What is the institution supposed to be doing? What’s the mission? And of course you’d have to deal with privacy and … legal regulatory frameworks. They learn those things on the job or they’ll learn that with us.”
The degree does not require any prior technical or computer science experience. To cover the technical aspects, Thuraisingham said she and eight to nine other CS professors will be teaching two CS courses.
“Not everyone needs to go into the nitty gritty, the nuts and bolts of a system and look at the malware and do analysis. But of course you need a computer science background, but then there are also what sort of policies that you have to enforce, right?” Thuraisingham said. “So we (as) computer scientists work on policy aspects, but then our work on policy is how you specify the policy in a computer language and how you enforce the policy.”
Thuraisingham said the there are multiple roles within the field of cybersecurity, and the degree includes concepts such as hacker psychology and risk analysis, which both BBS and JSOM classes will cover.
“Cybersecurity also deals with policy issues, and psychological issues, things like how do hackers think,” Thuraisingham said. “There is ethics, there’s auditing, there’s risk analysis. (There are) mathematicians, policy specialists, cost economies and brain and behavioral scientists, psychologists, lawyers. They all have a role to play in cybersecurity.”
Assistant professor of political science Vito D’Orazio plans on teaching “Political Violence and Conflict in Cyberspace” next fall as part of the courses being offered within the degree. D’Orazio was approached to cover the policy side of cybersecurity, much of which he already covers in his undergraduate courses such as “Data and Policy.”
“In my classes, we’re talking a lot about the incentives that actors have to use and manipulate the information in cyberspace to achieve their political objectives. So when I think of cybersecurity, I’m not speaking from a strictly technical side like ‘how do I prevent hackers from accessing my data?’ That’s a computer science question,” he said. “I’m more thinking about the incentives that adversaries have to get your data, or not even adversaries necessarily, the incentives that governments have to get your data and what they might want to do with it, and the incentives that countries have to get into the network of another country.”
Holmes said the bridge between technology and policy within the degree is necessary for cybersecurity jobs where policy specialists are currently in demand. She said aspiring students at the master’s level need the policy aspect, or they won’t get jobs.
“I think UT Dallas has a lot to offer, not just of course in our school, but across the university … we can really do well when we work together,” Holmes said. “What I like is UT Dallas is known for strategic areas of strength, historic areas of strengths in engineering, computer science, and the tech side. Well, if we can partner with them, we can create a whole other area for students to go into.”