Now the University is taking new steps to achieve these goals—by helping historically Black colleges and universities and minority-serving institutions develop similar programs of their own.

Strengthening cybersecurity programs at these institutions is the goal of the Cybersecurity Education Diversity Initiative Coalition, or CEDI, and in September, the National Security Agency (NSA) named Fordham as CEDI’s lead academic institution.

The NSA also awarded a $3 million grant to the Fordham-led effort.

“It has been known nationwide that there is a shortage in resources and expertise and opportunities for these minority institutions, and the NSA wants to shorten that gap,” said Thaier Hayajneh, Ph.D., director of Fordham’s cybersecurity center.

Hayajneh and Amelia Estwick, Ph.D., director of the National Cybersecurity Institute at Excelsior College, will serve as CEDI’s co-chairs.

About half of the grant will support institutions with cybersecurity programs as they devise plans to help minority- serving institutions develop their own programs, with the CEDI co-chairs overseeing their efforts, Hayajneh said.

The rest of the funds will directly support cybersecurity program development at historically Black colleges and universities and minority-serving institutions. The “ultimate goal,” Hayajneh said, is for these programs to earn a designation for national excellence in cybersecurity education that Fordham received from the NSA in 2017.

The coalition will help with curriculum support, guest lecturers, faculty hires, advisers and mentors for students, and opportunities to take part in competitions and other cybersecurity activities, he said.

Cybersecurity Is Everyone’s Business

Students, particularly those from underrepresented communities, can be intimidated by cybersecurity, thinking it involves only computer science and programming, Hayajneh said.

One way to address that misconception is to attract students from other disciplines, including business, criminal justice, and political science.

“The NSA and other agencies have realized that there’s a huge shortage in the cybersecurity workforce, so they are trying to encourage more of what we call the ‘soft side of cyber’ and encourage students from other disciplines to come to cyber,” he said. “Cybersecurity is way beyond just malware detection or operating system security.”

A Global Hub for Cyber Resilience

The University’s expertise in cybersecurity spans academic disciplines and departments, including those at the Gabelli School of Business and Fordham Law School. Fordham offers a master’s degree program in cybersecurity that has more than tripled in enrollment since 2016, two computer science master’s degree programs with an emphasis on cybersecurity, and a minor for undergraduates.

Since 2009, Fordham has also partnered with the FBI every 18 months to host the International Conference on Cyber Security, or ICCS, which features presentations by university researchers, top security and law enforcement officials, and executives from companies like IBM, Microsoft, and Google. The July 2019 conference featured the directors of the FBI and NSA as well as the U.S. attorney general.

Hayajneh, an expert on systems security, directs the master’s degree program and frequently collaborates with students on research. In one recent study, he and a student team devised a way to use blockchain technology to secure data collected from heart pacemakers, insulin pumps, and other cyber-physical systems. Their paper, published in the Journal of Medical Systems, has been cited nearly 200 times by other scholars since 2018.

Fordham’s program emphasizes competency-based learning and applied research to stay ahead of the latest threats and ever-rising cybercrime. “It makes students very successful when they go and seek jobs in the market,” Hayajneh said.

“We can’t just teach students math, programming, and then they can go and learn on the job. Nobody will hire you and give you their network to learn and to experiment with them,” he said. “Simple mistakes could bankrupt the whole company and cost them millions and billions of dollars.”

Graduates of the master’s program are working as software developers, digital forensic examiners, and directors of cybersecurity, among other roles. Their employers range from the United Nations to Con Edison, Sumitomo Mitsui Banking Corporation, and Marvel Entertainment.

Ileana van der Linde is an executive director at JPMorgan Chase, where she leads the asset and wealth management group’s global cybersecurity awareness program and works to educate the firm’s clients about cyber risks. In 2018, she joined Hayajneh to lead a seminar on cybersecurity for individuals and small business owners in the Bronx. She had been studying to become a certified information systems security professional, but after learning about the Fordham program, she decided to enroll part time.

She was drawn to Fordham’s designation as a National Center of Academic Excellence in Cyber Defense Education, she said, and to the “robust classroom discussion and networking” opportunities she found at the University. Her classmates include seasoned executives from the New York City Police Department, the FBI, and the NSA, as well as junior professionals and students she describes as “great programmers.”

“It’s a very big difference between what Fordham has and what other schools are offering,” she said.

—Kelly Kultys, FCRH ’15, is an assistant editor of this magazine.

Now, thanks to a $3 million grant from the National Security Agency (NSA), Fordham will be leading the charge to help Historically Black Colleges and Universities and Minority-Serving Institutions build their own cybersecurity programs, as well as gain access to established programs.

Fordham will serve as the lead institution for the Cybersecurity Education Diversity Initiative Coalition (CEDI), which aims to help address the “severe shortage” of cybersecurity programs at these institutions.

“It has been known nationwide that there is a shortage in resources and expertise and opportunities for these minority institutions,” Hayajneh said. “And the NSA wants to shorten that gap.”

Hayajneh and Amelia Estwick, Ph.D., director of the National Cybersecurity Institute at Excelsior College, will serve as the co-chairs of the CEDI Coalition.

About half of the grant will be given to “subawardees”—other institutions with established cybersecurity programs. They will come up with innovative solutions to help minority-serving institutions (MSIs) develop cybersecurity programs. Fordham’s Center for Cybersecurity and the two co-chairs of CEDI will oversee their plans and ideas, which could include turning existing cybersecurity clubs into full programs, inviting students from MSIs to join competitions, hosting workshops for faculty, and allowing for students to transfer from MSIs to colleges with a cybersecurity degree program.

“We will supervise them; we will make sure they deliver what they have promised to serve the minority institutions and historically black colleges and universities,” he said.

Hayajneh said with the other half of the grant, CEDI will reach out directly to HBCUs and minority institutions to provide funding for them to either establish a cybersecurity program or support an existing one. The coalition will then help these programs earn designation as a “Center for Academic Excellence in Cybersecurity Education,” which Hayajneh described as “the ultimate goal.” The Fordham Center for Cybersecurity received its CAE designation in 2017.

“We will provide them with whatever they need in terms of curriculum and we will allow other universities to share their curriculum,” Hayajneh said. “We will share faculty online or as guest lecturers. We’ll hire faculty from CAE institutions that are located, geographically at least, close to the universities.”

They will also provide advisers and mentors to minority students and support their participation in competitions or cybersecurity activities, he said.

Hayajneh said he’ll draw from his experience in developing hands-on, practical curriculum.

“We try to teach the students how to do things and how to actually get the job done when they are hired,” he said. “We focus a lot on how to tackle problems that they will face in their real life out in the real world.”

Hayajneh said that often when people, particularly those from underrepresented communities, think of cybersecurity they think it only involves computer science and programming.

“That was one of the obstacles that faced most of the students, and in particular children from underrepresented communities—they wouldn’t be confident to come and study cybersecurity,” he said. “They feel that they will be overwhelmed or they will not have a chance. So we’re trying to change that nature and bring more diverse backgrounds and more diverse students into cybersecurity.”

One of the ways to address that misconception and attract a more diverse workforce to cybersecurity is to attract students from other disciplines, including business, criminal justice, and political science, Hayajneh said.

“The NSA and other agencies have realized that there’s a huge shortage in the cybersecurity workforce, so they are trying to encourage more of what we call the ‘soft side of cyber’ and encourage students from other disciplines to come to cyber,” he said. “Cybersecurity is way beyond just malware detection or operating system security.”

The day ended with esteemed journalist Ted Koppel imploring the head of the National Security Agency to also open up about its role in cyberwarfare—to the American public.

“I don’t think the American public has a clue what our strategy is. I consider myself very well informed on this subject. I’m not sure I do either,” Koppel said to General Paul M. Nakasone, United States Army Commander, United States Cyber Command and Director of the National Security Agency/Chief, Central Security Service.

Koppel, who discussed the vulnerabilities of the nation’s power grids in a panel at the 2016 cybersecurity conference, sat with General Nakasone at Fordham’s Lincoln Center campus for what was billed as a “fireside conversation.”

Their hour-long chat touched on everything from the NSA’s establishment of a cybersecurity directorate, which the general said would make it easier for the agency to assist other agencies, such as Homeland Security, to the countries’ readiness for the 2020 elections.

Nakasone said that with regards to cyberwarfare, the posture of the United States is one of “defend forward,” which he said meant that the U.S. will not hesitate to act first on behalf of itself or its partners to disrupt actions it sees as potentially destructive.

Unfortunately, he said, success in this area is often defined not by what the American public can see, but rather what it doesn’t. ISIS, and its allies, for instance, no longer dominate the news cycle with gruesome videos of beheadings, he said.

The lessons of the 2016 elections have also been absorbed by the intelligence community as well, he said.

“Our adversaries are learning that we are no longer in a pattern of just waiting for it, and wondering if the United States is going to [respond],” he said.

Koppel repeatedly challenged Nakasone, asking him, for instance, how long it might take for the N.S.A. to identify the nationalities of people involved in a cyber-attack if it took place in Uruguay, or even Queens.

He also asked if Nakasone considered “thousands of individual self-appointed journalists on the internet who are putting out a lot of nonsense,” to be a security problem worth including in an overarching strategy.

“I have the responsibility both as a commander and the director of an agency to be up front, to be transparent, and to answer the questions from my overseers and from the media to the best of my ability. I think the American public expects that out of leaders in our government, and I think that’s what I have to focus on, Nakasone said.

Ultimately, he was cautiously optimistic about the country’s cybersecurity.

“Our capabilities are greater than our vulnerabilities, and the work we’ve done has mitigated some of those vulnerabilities,” he said.

]]> 122567