I remember taking courses as a college student and at times thinking “…is this material relevant? Will I actually use this information in my current or next job?” At Regis University, we are dedicated to bringing the “real world” into the classroom. Not only are we interested in theory and knowledge, but we also want students to apply that knowledge in solving real world problems impacting their communities.
As a recent example, I was teaching MSIA 682, Network Forensics, when news broke about the Heartbleed Bug. The Heartbleed Bug is a very serious vulnerability in the popular OpenSSL cryptographic software library. Basically, this vulnerability allows a hacker to read otherwise encrypted communications, steal data including usernames and passwords, and impersonate valid users. Not good! Even more concerning is that the attack against a vulnerable server is very difficult, if not impossible, to detect.
In cyber security, we like to say, “Never let a good security incident go to waste.” So, in cooperation with the Chief Technology Officer of Qualys, a Silicon Valley-based security solutions company, an example website containing the vulnerability was created for students and others to attack and learn from.
Over the course of the next week, I adjusted the assignment and required students to analyze network traffic showing how the demonstration site was attacked and exploited. Students were required to analyze the traffic and develop an attack signature that would identify the Heartbleed attack and either stop it or notify appropriate security staff that an incident had occurred.
Although this is just one example, Regis’ dedicated faculty of Regis' information assurance graduate program constantly challenges students by bringing the real world to the classroom. Not only does this bring the course material and theory to life, but it provides students with the immediate skills they need to advance their careers.