Education: New Lessons in Security

Education When we wrote about education for last June’s issue of CSO (www.csoonline.com/printlinks), we said that a one-stop shop for CSOs wasn’t there yet. But that’s changing.

Northeastern University’s new Master of Science in Information Assurance debuts this fall with the aim of bridging law enforcement and technology and systems development. And Carnegie Mellon is working toward a similar goal with a new executive education program.

Northeastern’s program is sure to have an interesting student body, mixing those who have a technical background with others from a social science background. Northeastern hopes to teach these groups a common language that they can take back to work with them.

Agnes Chan, associate dean and director of the graduate school of computer and information science at Northeastern, says officials from the National Security Agency agreed to partially fund the development of the program after she presented it to them in January 2003.

It had become clear to her, Chan says, that most information assurance programs are technical and have a management component, but they lack a law enforcement component. Northeastern’s criminal justice graduate program will help fill that void, providing the necessary guidance and the professors from the criminal justice school.

Northeastern built its program after soliciting feedback from Boston-area CSOs to help give structure and focus to the courses, a process that will be ongoing. The master’s program will be offered both full time and part time to accommodate working executives.

The curriculum (see “Northeastern University’s Converged Curriculum,” at right) will conclude with a project that will give students the opportunity to work on industry problems. “The idea of the final capstone project is to identify current problems that corporations and law enforcement agencies face. We will assemble a team of four to five students, consisting of both students who are interested in the technical side and students who are interested in the legal and human issues. The teams will work with the agencies and the faculty coordinator to design and implement a solution,” Chan says.

Bonnie Michelman, director of police, security and outside services at Mass General Hospital, is one of the CSOs giving feedback to the Northeastern program. She is an alumnus of Northeastern’s Master of Criminal Justice program, and has been teaching security management in that program since 1988. She says the new program addresses a need for educating future CSOs. “The educational path for CSOs is still siloed, which mirrors what’s happening in many organizations. This is starting to change, but it hasn’t yet. The corporate setting and the academic setting for CSOs is still evolving,” she says.

Michelman thinks that folks coming up through the security ranks need management courses in areas like investigations, IS security, intellectual property loss, workplace violence, physical security technology, economics and project management. Communication skills are also a must. “CSOs need to understand how to put together written and business communications, like public presentations,” she says.

In February, Pittsburgh-based Carnegie Mellon kicked off its executive education program in Washington, D.C., with professors and practitioners teaching a broad range of topics (see “Executive Education Classes at Carnegie Mellon,” at left). Bill Ferguson, manager of the CSO Executive Certificate Program, says education programs for CSOs will mature with the position, much like education for other C-level roles has done. “If you look at what’s happening in the security industry, it’s much like what happened to the CIOs who were tech professionals,” Ferguson says. “They got thrust into the executive and IT managerial role without having the business and executive skill sets. It took years to flesh out what those skill sets were to make those CIOs successful. I see the same for the CSO.”

CSOs need the skills of a boardroom executive, he adds. “When we talked to CSOs, we saw that there was a demand for executive ed. They already have the technical certifications. The structure of the program came from talking to” leading CSOs.