U.S. data breaches hit a record high in 2014, according to a report by the Identity Theft Resource Center, and the trend is projected to continue. With recruiters actively seeking job candidates with expertise in information security, the University of Arizona is helping to fill the need.
The management information systems department, or MIS, at the Eller College of Management, ranked among the top five for 30 years, boasts a 100 percent placement rate for graduates of its master’s program.
"There’s an incredible need for people with cybersecurity expertise," said Paulo Goes, head of the MIS department and Salter Distinguished Professor of Technology and Management. "The big four consulting firms are all recruiting here. PricewaterhouseCoopers just hired 11 interns from our program."
Demand also is high from students for the master’s in MIS degree. The program was able to accommodate only 90 students from the 1,300 applications it received this year. An online version of the degree, which launched in 2013, serves an additional cohort of students, and the department also offers multiple certifications from the National Security Agency’s Committee on National Security Systems.
Now the UA, designated as a National Center of Academic Excellence in Information Assurance Education, or NCAEIAE, since 2009, has had that designation renewed through 2021. The rigorous approval process is governed by a set of nine criteria, including outreach, university-level support and multidisciplinary collaboration.
"The designation is particularly important for the UA because of our location and strong partnerships with the defense industry, border security and homeland security," Goes said. The National Security Agency and the Department of Homeland Security jointly sponsor the designation.
Although data encryption is a key element of information security, Goes said the MIS program emphasizes the human element. "We look at an organization holistically, including employee behavior," he said.
"One person clicking on a phishing link can set a chain reaction in motion," said Lance Hoopes, associate director of the Information Assurance and Security Education Center at Eller, who spearheaded the original effort to earn the NCAEIAE designation and was instrumental in securing its renewal. "Cybersecurity can have an impact at every level of an organization, including manufacturing and supply chain."
Hoopes teaches many of the classes in information assurance offered at Eller, and Goes also is a co-principal investigator on a $4.2 million National Science Foundation grant that established the Cybersecurity Scholarship-for-Service at the UA, known as AZSecure.
"AZSecure will support about 40 undergraduate, graduate and doctoral students over five years," Goes said. "The students will be immersed in advanced cybersecurity analytics and information assurance education for placement in government agencies and industry."
Ten students currently are supported through the program.
A second, related project is led by Regents’ Professor Hsinchun Chen, who is also a principal investigator on AZSecure.
"We have built an interdisciplinary team around the Hacker Web project," Chen said. "We aim to answer important questions about hacker behaviors, markets, community structure, communication contents, artifacts and cultural differences using big-data analytics."
The Hacker Web project is funded by the NSF through 2016 in the amount of $1.2 million. Chen is joined on the project by fellow principal investigators Salim Hariri, director of the Autonomic Computing Laboratory at the UA; Ronald Breiger, professor of sociology at the UA; and Thomas Holt, associate professor of criminal justice at Michigan State University.
In addition to programs focused on graduate students, the MIS department has several outreach programs in place. The most recent — an NSF-supported cybersecurity camp aimed at underserved high school students — launched last summer with close to 50 participants.
"Programs like these are essential to help build the pipeline of talent that will fill the complex and always-evolving information security needs of all organizations," Goes said.