CeTUSS Dec 2005 Margaretha Eriksson A holistic view on information security training and education Margaretha Eriksson Ph.D. Student DSV / SU margaretha.eriksson@ieee.org

Download CeTUSS Dec 2005 Margaretha Eriksson A holistic view on information security training and education Margaretha Eriksson Ph.D. Student DSV / SU margaretha.eriksson@ieee.org

Post on 19-Dec-2015

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

<ul><li> Slide 1 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson A holistic view on information security training and education Margaretha Eriksson Ph.D. Student DSV / SU margaretha.eriksson@ieee.org </li> <li> Slide 2 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson DSV / SU and SecLab Laboratory for research and education in Computer Security and Security Informatics. Professor Louise Yngstrm Mission to advance theory and practice in computer and information security, for the benefit of society. Holistic approach To investigate problems of security from technical, social, managerial, economic, and legal perspectives In computer and systems sciences context, utilizing disciplines, such as sociology, pedagogy, jurisprudence, economics, etc. Some Research Areas: Education and Awareness in Security (alternative methods for teching and learning security,... Management of Information Security (to understand, explain, control, predict...) </li> <li> Slide 3 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson Information Security Courses DSV / SU Introduction to Cryptography Generell systemteori med tonvikt p styr- och kontrollfunktioner Informations- och dataskerhet KTH Principles of Computer Security Introduction to Information Security and its Environment Network Security Value based Risk Management </li> <li> Slide 4 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson Systemic-holistic framework for IT security (Yngstrm) Design/ Architecture Theory/ Models Physical construct Process, store, communicate, collect, displayOperational Administrative, ManagerialLegalEthical Technical aspect Non-technicalaspects Context </li> <li> Slide 5 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson </li> <li> Slide 6 </li> <li> The Missing Human IT security in a holistic manner - in real life... Attend lectures, read the literature and scan Internet Play with IT security in a safe sandbox Write reports on findings on technical issues But... Where are the users of the system? The system limits is excluding the human users! </li> <li> Slide 7 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson More than technology... </li> <li> Slide 8 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson Cross-over areas Steel milling vs Pulp and Paper industry - similar format, different density of material Content Management vs Configuration Management - similar structuring, html document vs products SW Object Orientation vs Structured writing (IMAP method) - similar structuring method, source code vs text chunks </li> <li> Slide 9 </li> <li> CeTUSS Dec 2005 Margaretha Eriksson A working method... TI/SU IT for translators course designing and teaching Computer based Translation tools to non-engineers Process and work-flow related Life-cycle approach of the translation </li> </ul>