Information Security Education and Training Resources, Policy Development and Implementation

The Center for Education and Research in Information Assurance and Security, or CERIAS, is the world's foremost University center for multidisciplinary research and education in areas of information security. Our areas of research include computer, network, and communications security as well as information assurance.

SANS Institute Online -- Cooperative Education The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization through which more than 96,000 system administrators, security professionals, and network administrators share the lessons they are learning and find solutions for challenges they face. SANS was founded in 1989.

Information Security Awareness: A Case Study [ PDF - 834K ] Geza Szenes, CISSP, Enbridge Pipelines Inc. "It has been long recognized that the weakest link in protecting information is not technology but rather people, specifically an understanding of the importance of information security by the end user community. The most cost effective way to instill information security within the corporate culture is to implement an awareness program. The presentation will provide an overview of Enbridge’s awareness program, highlighting successes and failures. Selected excerpts from a security training video will also be shown to illustrate key points."

Computer Security Institute Computer Security Institute (CSI) is the world's leading membership organization specifically dedicated to serving and training the information, computer and network security professional. Since 1974, CSI has been providing education and aggressively advocating the critical importance of protecting information assets. CSI sponsors two conference and exhibitions each year, NetSec in June and the CSI Annual in November, and seminars on encryption, intrusion management, Internet, firewalls, awareness, Windows and more. CSI membership benefits include the ALERT newsletter, quarterly Journal, and Buyers Guide. CSI also publishes surveys and reports on topics such as computer crime and information security program assessment (IPAK).

James Madison University - Security Masters Program People involved in information security must be able to understand and systematically employ and manage Infosec concepts, principles, methods, techniques, practices and procedures drawn from U.S. statutes, current or pending. Infosec experts also must understand procedures followed by the Department of Defense, federal, state and local governments, industry and businesses. The JMU Infosec program addresses these issues with an emphasis on the environment in which the class participants will function. The nature of information security education demands expertise concentrated in areas of information technologies, administrative operations, and law and regulation. The JMU Master of Science in Computer Science with a concentration in Information Security program will deliver this to the graduate student. The program is entirely Internet-based, with courses designed so that students and professors can maximize use of their time asynchronously.

Center for Secure Information Systems Information is an important strategic and operational corporate asset, and therefore, there is a need to have adequate security measures which can safeguard sensitive information. In spite of its importance, there are no comprehensive research programs in information system security at universities. The Center for Secure Information Systems (CSIS) has been created to provide a dedicated environment to encourage the development of expertise in both the theoretical and applied aspects of information systems security.

Computer Security Group Training Conference Computer Security Group training conferences provide a forum for DOE and DOE contractor personnel to share computer security information and concerns. The program offers workshops, "how to" presentations, reports from DOE Headquarters Offices of Information Management and Safeguards and Security, keynote speakers, panel discussions, birds-of-a-feather discussion groups, and presentations on what's happening in the field of computer security.

Information Security Research Centre The Information Security Research Centre (ISRC) was established within the Faculty of Information Technology in 1988 in response to the escalating incidences of computer crime worldwide. It has developed into one of the leading international research centres in the area of information security. Given the applied nature of this research field, and the rapid development of the topic, the Centre’s policy is to closely integrate its consultancy, research and teaching activities. The ISRC has developed an extensive program of education at both undergraduate and postgraduate level, as well as industrial training short courses in information security aimed at both public and private sectors over the last 8 years

Information Security Group This Group offers an active research environment with eight established academic posts and a large number of research students, making it one of the largest academic security groups in the world. The Group regularly hosts international visitors and has close links with leading companies in the area of Information Security. It has recently established a smart card laboratory with support from Gemplus and Hewlett-Packard.