NSU Horizons Spring 2017

16 NSU HORIZONS There are the three types of social engineering— impersonation, vishing (via phone), and phishing (via email, social media messages, etc.). “The key is that all types are being used to gain access to systems that later can be used via cyber to inflict financial damages to organizations and individuals,” Levy added. Hueca, currently working in Washington, D.C., as a federal government contractor, became interested in the social engineering aspect of cybersecurity through his research coursework with Levy. Hueca is focusing his doctoral research on insider cyber threats. “Insider’s threats are categorized as individuals who have mali- cious intent or are careless on a network. They have been trusted by an organization, and they abuse policies and procedures. They disclose confidential information or steal intellectual property,” said Hueca. “They are Edward Snowden [the former NSA contractor who leaked top-secret documents] or Chelsea Manning [an Army Private First Class whose prison sentence for leaking sensitive information to Wikileaks was commuted].” As part of his studies, Hueca conducts research that investigates the motivating factors of these individuals. He’s also developing a tool that would help organizations pinpoint those individuals who could become insider threats. “While we understand that it may be very sub- jective, it is something that is needed,” he said. Hueca is delving into behaviors, backgrounds, and other factors that could indicate or lead to certain types of people suspected to be malicious on a network. He said his idea for the research evolved after he and Levy began talking about human behavior in cybersecurity. “We were asking, why is it happening, and how can we detect it early on?” In addition to having the credential on his résumé, Hueca said that the advanced degree gives him credibility in the competitive job market in Washington, D.C. “It is also for me, to prove to myself that I’m going to be an expert in my field.” Aviv, who received an M.B.A. with an emphasis in information systems from NSU and is now pursuing his Ph.D., said the college’s designation as a Center of Academic Excellence in informational assurance and cyber defense by such esteemed agencies as NSA and DHS brings value to the program. “This is not just another university. We have these approvals from well-recognized government organizations in the sec- urity area,” he said. A senior manager for Global Solu- tions Architecture at Verizon Enterprise Solutions, Aviv previously worked with the Israeli Defense Forces managing a team of network and software engineers for the Israeli military in Tel Aviv, Israel. “The research that we do as part of the program at NSU is extremely innovative, futuristic. The program forces you to do research in a very aggressive way and focuses on what exists in the marketplace. It forces you to develop research in an area that’s going to be used in the industry,” said Aviv, who is focusing his research on business email compromise. “Cybersecurity has been a constant drumbeat” in equipping NSU students to be competitive in their careers, according to Jon M. Garon, J.D., dean of the NSU Shepard Broad College of Law. This year, the college created a new concentration for students in its four online Master of Science degree programs for non-lawyers. “The Cybersecurity Law program helps professionals across all enterprises, but particularly in our concentration areas affecting employment, health, and education law and law and policy,” said Garon. “This specialization allows students to explore the legal, ethical, and professional aspects of information security.” The cybersecurity law concentration is available to students within any of the four online Master of Science programs: Health Law, Employment Law, Education Law, and Law and Policy. While the M.S. program doesn’t enable graduates to practice law, it does help them to manage the regulatory, compliance, and legal constraints that shape modern business. Courses offered in the cybersecurity law concentration include Principles of Information Security, Cyber and Information Crimes, Electronic Commerce and Digital Trade, and Cyber Law and Modern Mass Communications Policy. Any M.S. student in the college can take the courses as an elective. Students choose from 14 credits of electives to earn the cybersecurity law concentration. Garon said that within the first two weeks of the offerings, there was an immediate demand. “We had more than 20 students who moved into the program,” he said. The NSU Shepard Broad College of Law and the NSU College of Engineering and Computing teamed up in February to present a faculty symposium on cybersecurity and the vulnerability of university procedures and online courses. “Cybersecurity is now a critical part of any enterprise organization,” said Garon, who is teaching the Cyber Law and Modern Mass Communications Policy course. “It is a very different environment than it was just 24 months ago. This is a very interesting time to be doing this kind of research.” n LAW SCHOOL GRADUATES MASTERING CYBERSECURITY continued from page 15