Cybersecurity Education and Research: Experiences in Training the Next Generation of Cyber Professionals

By James Crabb and Assefaw Gebremedhin

May 14, 2024

Introduction

Cybersecurity continues to grow in importance as a national issue, impacting privacy, public safety, and national defense. This in turn highlights our need in the US to educate and train our cyber workforce to the highest standards possible in both civilian and military sectors. Several government initiatives in support of this mission have been realized, such as the National Initiative for Cybersecurity Education (NICE) [1], the Centers of Academic Excellence in Cybersecurity (CAE-C) [2],and a collection of resources put out by the Department of Defense Chief Information Officer [3]: the Cyber Workforce Strategy, DoD 8140, and DoD 8570. Programs such as these are aimed at standardizing how we talk about and teach cybersecurity in the United States. Another, more recent and unique government program is the Virtual Institutes for Cyber and Electromagnetic Spectrum Research and Employ (VICEROY) [4], whose stated mission is to “establish academic cyber institutes at institutions of higher learning, to develop foundational expertise in critical cyber and spectrum operational skills for future military and civilian leaders of the Armed Forces and the Department of Defense.” VICEROY achieves this goal, in part, by providing funding that directly supports undergraduate education programs in cybersecurity at designated VICEROY institutes.

Our organization, CySER [5] (VICEROY Northwest Institute for Cybersecurity Education and Research), is one such VICEROY institute founded in 2021 in the first cycle of the VICEROY program. Over the past three years, CySER has used its support from VICEROY to promote cybersecurity education within our region (the Pacific Northwest) and provide opportunities for students to gain valuable cybersecurity knowledge and experiential learning opportunities beyond what is typically found in the classroom. CySER is a partnership of higher education institutions led by Washington State University (WSU) [6]. Our partners include Montana State University (MSU) [7], University of Idaho (UI) [8], Central Washington University (CWU) [9], and in the first two years, Columbia Basin College (CBC) [10]. The goal of this article is to share our experiences as a VICEROY institute so that other cybersecurity programs can benefit from our lessons learned. We will give an overview of the educational experiences provided to our undergraduate participants and discuss our successes, challenges faced, and recommendations for similar cybersecurity programs.

CySER leverages three categories of components in order to ensure both breadth and depth of experience for its students. Research components in orange are AI & machine learning, cyber-physical systems, software security, software quality assurance, cyber education, and network/information security. Experiential activities in green include examples such as student research, summer workshops, and internships. Curricular programs in blue indicate culmination of coursework and program-specific requirements resulting in students achieving certificates and/or Bachelor’s degrees in cybersecurity.

CySER Organization

With VICEROY’s support, we have built a cross-cutting multi-institutional consortium of national reputation coordinated by faculty in WSU’s School of Electrical Engineering and Computer Science (EECS), with leadership by Principal Investigator (PI) Dr. Assefaw Gebremedhin (EECS), Co-PI and Reserve Officer Training Corps (ROTC) Lead Dr. Bernard Van Wie (Voiland School of Chemical and Bioengineering), and Co-PI and Industry Lead Dr. Noel Schulz (EECS). We have also enlisted the expertise of Dr. Olusola Adesope of WSU’s College of Education, who serves as Evaluator for the CySER program. Examples of additional faculty at WSU that are involved in the CySER program from outside EECS include Dr. Robert Crossler (Dept. of Management, Information Systems and Entrepreneurship), Dr. Jennifer Henrichsen (Murrow College of Communication) and Dr. Arda Gozen (School of Mechanical and Materials Engineering). Another six EECS faculty at WSU also contribute to the CySER program.

Site Leads at each of our partner institutions manage their local CySER activities: Dr. Clemente Izurieta at MSU, Dr. Jim Alves-Foss at UI, and Capt JonCharles Tenbusch and Dr. Sathy Rajendran at CWU. Each partner institution also has at least one ROTC staff member that serves as a point of contact for the CySER program. LT COL Matthew Sheftic is the Army ROTC contact at WSU, and Maj John-Anthony Ford is the Air Force ROTC contact at WSU and UI. At MSU, LT COL Christopher L’Heureux and LT COL Zachary Hegedish are the contacts for Army and Air Force ROTC, respectively. Capt JonCharles Tenbusch is the Air Force ROTC contact, in addition to being Site Co-Lead, at CWU.

CySER Activities

CySER’s main goal is to provide rigorous cybersecurity education both in the classroom and beyond by providing experiential learning opportunities for students as well as exposure to real-world cybersecurity careers prior to graduation. These are accomplished through a variety of components within the CySER program including new cybersecurity courses, a seminar series, summer workshop, mentored research, certificate programs, internships, and support for student club activities.

New Courses

At WSU, three new cybersecurity courses were developed and offered multiple times over the last two years, forming one of the key accomplishments of the CySER program since its inception. The three new courses developed as a direct outcome of VICEROY support are:

CPTS 327 is a junior-level course, CPTS 427 is a senior-level course, and CPTS 428/528 is a conjoint senior-level undergraduate and graduate course. Each course is 3 semester credits, and they were carefully designed to meet much of the CAE-CO (Center of Academic Execellence - Cyber Operations) Knowledge Unit (KU) requirements. Together, the three courses cover 5 of the 10 Mandatory KUs and 5 of the 17 Optional KUs. Many of the remaining Mandatory KUs are satisfied by foundational computer science courses that already were available in the computer science curriculum at WSU. 

The development and successful offering of these three cybersecurity courses, along with other CySER activities, served as a stepping-stone for the creation of a new Bachelor of Science in Cybersecurity degree program at WSU with emphasis in cyber operations. The degree program was launched in Fall 2023, thanks to additional support from the Washington state government. The degree is organized as a 4-year, 120-credit program of which 74 credits are in computer science and cybersecurity, 16 credits in math and statistics, and 30 credits in general education. The first two years of the program are very similar to the BS in Computer Science program and the last two years are heavy on cybersecurity courses. The cybersecurity course work consists of seven required and four elective courses. Out of the seven required courses, three of them are the CySER-developed courses CPTS 327, CPTS 427 and CPTS 428 mentioned earlier, indicating the crucial role VICEROY played in the launch of the new cybersecurity degree program at WSU.

Seminar Series

During each semester, CySER seminars are held every other week and feature presentations from a variety of researchers and professionals in the cybersecurity field. Seminars are held virtually to accommodate the geographic distribution of CySER students across our partner institutions and are recorded and made publicly available via the CySER website. These seminars provide opportunities for students to hear from cybersecurity experts in academia, industry, and government about current research, best-practices, career pathways, and to ask questions.

Our seminar series provides a great platform for researchers at our partner institutions and beyond to share their work and potentially spark interest among students for participating in undergraduate research or even graduate school. This is a key component of CySER, as cutting-edge cybersecurity research is vital across all sectors from academia to military and requires an influx of skilled and motivated new researchers.

Screenshots from the CySER website Seminars page showing info for seminars given in the Fall 2023 semester.

Several government employees have been invited and given CySER seminars. These speakers have been from the Office of the Washington State Auditor, the Cybersecurity and Infrastructure Security Agency, the Air Force Research Laboratory, and the Federal Bureau of Investigation. Speakers from industry have also been featured, representing companies such as Casaba Security, Crowdstrike, Schweitzer Engineering Laboratories, and Scythe. These professionals from government and industry discuss their organization’s mission and their own responsibilities and projects (to the extent possible), thereby giving students both an introduction to modern issues in cybersecurity from an application standpoint (as opposed to a research standpoint) as well as an idea of what cybersecurity careers are out there and what exactly they entail. This supports the missions of CySER, and VICEROY at large, by encouraging students to pursue careers as cybersecurity experts in the commercial and government/defense sectors.

Over past semesters, students have provided positive feedback on our seminar series, and in one case have even recommended a seminar speaker who ended up giving a talk. Recordings and materials from all past seminars can be found on our website’s Seminars [11] page along with any available details on upcoming seminars.

Summer Workshop

A two-week summer workshop is another crucial activity included in the CySER program. The past two summers, 2022 and 2023, we have held two such workshops beginning in the last week of May and we are planning a third for the summer of 2024. These workshops consist of presentations, tutorials, and hands-on demonstrations led by cybersecurity researchers and professionals from academia, industry and government. A few of these presentations include past seminar speakers who are interested in returning to give an extended presentation (compared to the time-limited seminars) or even speak on different topics. Beyond that, presentations at the summer workshop extend the seminar series by introducing students to additional contemporary research, issues, and career opportunities in cybersecurity.

Hands-on demonstrations have included risk assessment, leadership and team building, cyber forensics, and software vulnerability analysis. The goal with these is to get real tools into the hands of students and walk them through the process of using them themselves. We have found that our hands-on demos are the first time a majority of our students have used these types of tools, and we believe it is important to introduce students to them as early as possible since the classes that teach these skills are typically higher level courses that come later in a curriculum, and students outside of computer science and cybersecurity majors are unlikely to ever take them. 

We have also used the summer workshop to provide an opportunity for other VICEROY Institutes to give presentations about their specific VI so that CySER students can get a sense of activities happening in sister VIs. For example, in the 2023 workshop, we invited the Vehicle Cybersecurity VICEROY Institute led by University of Detroit Mercy to give such a presentation, which they did virtually. This has the added benefit of fostering collaboration among the VIs within the VICEROY ecosystem. As with our seminar series, most of these sessions are recorded and made available on our website’s Summer Workshops [12] page. 

Leadership and team building workshop in 2022 led by Major Paul Hyde (center) of WSU ROTC, and Andrew Van Den Hoek (on projector screens) of CWU.

Each workshop also includes field trips to industry and Department of Defense sites involved in cybersecurity defense. Such field trips in the last two workshops included trips to Pacific Northwest National Laboratory (PNNL) [13], Schweitzer Engineering Laboratories (SEL) [14], Fairchild Air Force Base [15], and Naval Undersea Warfare Center (NUWC) [16] Keyport.

The trip to PNNL took place during our 2023 summer workshop and included tours of their Cyber Security Operations Center, Electricity Infrastructure Operations Center, IoT Lab, 5G Lab, Visualization Lab and a presentation on internship opportunities. The visit was concluded with a round-table discussion led by senior staff.

CySER students and staff at Pacific Northwest National Laboratory in 2023.

We visited SEL during both workshops. In 2022, the trip consisted of an extensive tour of their production and testing facilities, and although relevant to cybersecurity, for our second visit in 2023, we worked with our SEL hosts in developing an event with greater emphasis on cybersecurity. This trip started with a panel discussion led by cyber experts at SEL who discussed their individual roles there, the importance of cybersecurity to the US power grid, internship opportunities, and answered questions. This was followed by a tour of the manufacturing facilities, similar to the previous year but with more tie-in to how their design and manufacturing process accounts for safety and security concerns.

There were field trips to Fairchild AFB in both 2022 and 2023. In 2022, students visited the Cyber Operations Training Center of Excellence and Cyber Transport Systems facilities. The 2023 field trip included a tour through the facilities of the 256th Combat Communication Squadron which handles long-range communications, cybersecurity, and network infrastructure for military units in the field. Field trips in both years included presentations from leadership on the Air Force Base about their missions and opportunities in the Air National Guard.

CySER students and staff with Air National Guard personnel at Fairchild AFB in 2022.

NUWC Keyport was visited in 2022. Students were welcomed by the Chief Technical Officer (CTO) of the center, and the director of cybersecurity described the variety of tuition-paying programs (such as SMART and NREP) available at NUWC for students pursuing cybersecurity education. This was followed by a panel of NUWC employees who talked about what it is like to work there. The second day of the visit was entirely devoted to a tour of the facilities and various presentations by staff members. Although this was a highly relevant and informative field trip, the distance from the WSU Pullman campus made this trip prohibitive in 2023, allowing us to focus on locations closer to Pullman.

CySER students and staff at NUWC Keyport in 2022.

Mentored Research

All undergraduate participants in the CySER program are given the opportunity to participate in real-world research projects mentored by graduate students and supervised by faculty at their home institution. This experience takes place over the course of a semester, although students who express interest in continuing to work with their graduate mentors are allowed to. For the certificates discussed below, at least one semester of research experience is a requirement.

Examples of past and present mentored research include an array of projects relating to internet-of-things (IoT) and industrial security such as smart inverters on distributed energy resources and sensors on bioreactors. Another category of projects relates to the security of journalism and media, and defending against the use of deepfakes in information operations. Some projects deal with cybersecurity education. Software security is also a prominent theme, with research looking at source code analysis, malware detection, machine learning applications, maintenance of government legacy systems, and more. Some specific titles of other projects include “Laser-Cutter System Password,” “Trusted Platform Module in Satellite Applications,” “US Military Offensive Cyber Capabilities,” “Microsoft Security: User Segmentation through Principal Component Analysis” and “Applications of Generative Adversarial Networks to Intrusion Detection Systems.”

The goal of the mentored research component of CySER is to give students some exposure to real-world research and the scientific process. By allowing students to see this side of cybersecurity, we hope it helps them with deciding whether to enter a career in cybersecurity research, which is an important facet of improving our national cyber capabilities.

A CySER student and graduate mentor (middle and right) discuss their project with CySER MSU Site Lead Dr. Izurieta (left) at the summer workshop poster session in 2022.

Internships

As a requirement of CySER certificates discussed later, students must also complete a cybersecurity-related internship. To help our students achieve this, CySER promotes a variety of internship opportunities that are available in both industry and government sectors. A lot of this promotion occurs during the summer workshop and seminar series, where presenters are happy to share details of internships available at their organizations. Examples of organizations that have promoted internships to our participants include the Cybersecurity and Infrastructure Security Agency, Pacific Northwest National Laboratory, Casaba Security, and Schweitzer Engineering Laboratories.

The premier internship we recommend to all our students is offered by the VICEROY program itself. This is the Maven program, an excellent mechanism designed to teach not only cybersecurity skills, but also important general skills such as leadership and communication. This is a preferred internship for our students for multiple reasons. First, because we are supported by the VICEROY program and are in close communication with VICEROY staff personnel, we know exactly what kind of experience and nurturing environment our students will have during the internship and that it is well-aligned with our goals. Second, the pay and benefits for the students are highly competitive compared with some other internship opportunities for college undergraduates. Third, the MAVEN program is operated by the Department of Defense (DoD), giving students the chance to learn about DoD careers, what life there looks like, and to make contacts there. For these reasons, the MAVEN internship program checks all the boxes of what we ideally want all our participants to experience.

Not all our students participate in a MAVEN internship, however. This is because MAVEN has a limited number of spots and they cannot accept all applicants, and some students have opportunities at other viable internships. Our key requirements for other internships when it comes to counting towards certificate requirements is that they are cyber-related and students meet a minimum requirement of hours worked. Because cybersecurity is relevant to all fields of commerce, industry, and defense, internships don’t need to be specifically at a cybersecurity company. They could be at a retail or medical company, for example, but the role of the internship must involve cybersecurity.

WSU CySER students who participated in the 2023 MAVEN internship.Left to right, back row: Alexander Hagood, Jacob Mitsourov, Jackson Kroon, Alexander Barran, Alan Sun. Front row: Mikayden Weise, Moises Carranza, Guinevere Fish, Adam Caudle (AFROTC), Wlliam Heinecke. Hagood and Fish were voted "Top 6" by their peers in the MAVEN program. Adam Caudle is selected to participate in the ACE program in summer 2024.Mikayden Weise was featured in a Student Spotlight of WSU’s chemical engineering major in Fall 2023.

Certificates

Developed as a result of CySER, WSU offers two cybersecurity-focused certificates for undergraduates: one designed for students majoring in computer science or cybersecurity, and the other for students in majors where cybersecurity is impactful but not necessarily included in the curriculum such as management information systems and various engineering disciplines. In both cases, students are required to take specific courses that may or may not be part of their original curriculum (in their chosen major) as well as participate in CySER activities such as the summer workshop, seminars, mentored research, and internship.

These certificates were developed with the CySER program in mind and include several requirements that are only satisfied through participation in CySER. Although WSU now has a full degree program in cybersecurity, these certificates are still relevant because they allow students in other majors, both computing and non-computing, to gain valuable cybersecurity knowledge and graduate with documentation reflecting that.

As part of their formal agreement upon joining CySER, students are required to pursue one of these certificates, to the extent possible. In some cases, juniors and seniors might not have enough time left before they graduate to complete the required courses for a certificate, but must still participate in research, seminars, etc.

Student Club Activities 

The CySER program supports various extracurricular student activities at its partner institutions through promotion and funding. We believe this is especially important for freshmen and sophomores in cybersecurity and computing majors who haven’t progressed far enough into their programs of study yet to begin taking cyber-specific courses. Clubs, competitions, and other events can give students a head start on learning about cybersecurity methods and tools, as well as opportunities to interact with more senior students who have begun taking such courses and can act as peer mentors. This early experience has the potential to better prepare students when they get to the higher-level courses and our hope is that this makes students more likely to succeed in those courses. At WSU, the PI on the CySER program is also the faculty advisor to the student cybersecurity club. CySER provides some financial support for club activities such as covering registration fees for both CySER and non-CySER students to participate in cyber competitions.

In 2023, students from WSU participated in three separate competitions. A team of twenty students, mostly CySER participants, competed in one of the National Cyber League competitions and placed 68th nationally out of 581 teams. Another group of five students, all CySER participants except one, placed first in a regional capture-the-flag competition [17], the Spokane Mayor’s Cup. Finally, WSU fielded two teams of five students each, eight of whom were CySER participants, in VICEROY’s own Dr. Boom competition. These teams placed second and sixth out of twenty teams.

Events like these are a great opportunity for students to learn and practice cybersecurity skills as well as to hone their teamwork and collaboration skills. Furthermore, the student club provides an excellent platform in which to acquire leadership skills. The club is a WSU Registered Student Organization (RSO) that has access to resources provided by the Voiland College of Engineering & Architecture’s “Club Hub.” CySER students Zach Werle and Alex Hagood serve as President and Vice-President of the student club.

Team of WSU CySER and non-CySER students who placed first in the Spokane Mayor's Cup competition.Front to back: William Heinecke, Guinevere Fish, Alex Hagood, Zach Werle, and Erick Pairault. 

Successes, Challenges, and Recommendations

Successes

In the three years we have operated, a total of 93 students have gone through the CySER program. Of these, 28 were ROTC cadets and the other 65 were civilian students. Given VICEROY’s focus on enhancing DoD cyber capabilities, we are happy that almost a third of our participants have been in ROTC. At WSU, our number of ROTC participants went from three in the first and second years to seven in the third year. We attribute this to increased interaction between CySER staff and the ROTC department at our university, as well as building word-of-mouth reputation thanks to the ROTC participants in the first two years sharing their experiences in CySER with their fellow cadets. At MSU and CWU, ROTC participation was consistent over all three years, with almost all CySER students at MSU and about half of students at CWU being ROTC cadets.

By the end of our third year, we will have held 33 seminars on cybersecurity research, careers, and other important topics. Almost all of these are available publicly on our website and YouTube. These are impactful because they give students a chance to learn about cybersecurity as a profession and what options are available to them after graduation. They also fill the same role as any seminar series, namely introducing people to important contemporary issues in the field.

Our summer workshops also support these goals but go further by providing students with hands-on demonstrations for learning various cyber skills, such as digital forensics, and with field trips to DoD and national laboratory sites. As with seminars, workshop sessions (other than field trips) are recorded and made available on our website. While these summer workshops require a significant amount of work to set up and require students to attend during the summer, we consider them a major success in terms of student involvement, learning, and exposure to career paths in cybersecurity.

The summer internship component has been another area we feel we have had much success with. Ten CySER students from WSU, three from MSU, and two from CWU were selected to participate in the inaugural MAVEN 2023 internship. Two of those students were voted among the Top 6 Distinguished Graduates by their peers out of all MAVEN participants that year. As part of the recognition for this, they were taken on a tour of the Pentagon. This was an incredible experience for the students and an event that will certainly leave a long-lasting impression on them and likely impact their future careers. 

Another win when it comes to student involvement and learning is the outcome of our student club’s participation in various cyber competitions. Funding these opportunities for students both in our program and outside our program has helped them build skills that will benefit them in future classes and careers. The strong performances described in the previous section speak to the expertise of the advanced students who can both instruct and motivate their peers through participation in these exercises.

Our program also has other follow-on benefits to Washington State University and our partner institutions that enrich the environment of cybersecurity education. The existence of our program satisfies some of the requirements for achieving designation as a Center of Academic Excellence in Cybersecurity, of which WSU is in the process of applying for both Cyber Defense (CAE-CD) and Research (CAE-R) designations. For example, we expect activities of our summer workshops, seminar series, and mentored research to satisfy CAE-R requirement C9, “External Professional and Scholarly Service in Cybersecurity-Related Research.” Also, CAE-CD Designation Requirement 4 is to have an “Established ‘Center’ for Cybersecurity.” Our program is well positioned to fulfill this requirement with only minimal adjustments. Considering this, VICEROY is boosting other national programs such as the Centers of Academic Excellence in Cybersecurity by helping institutions meet requirements of these other programs.

Similarly, MSU is applying for CAE-CD and CAE-R for its Master’s Degree in Cybersecurity program. As part of that effort, a new graduate course was developed, CSCI 591 “Malicious Code Analysis,” and an existing course, ESOF 422 “Advanced Software Engineering and Secure Software Practices,” was updated to include digital forensics components.

The newly launched BS in Cybersecurity [18] degree program at WSU is an outgrowth of the VICEROY CySER program. Three of the seven required cybersecurity courses in the new degree program were developed as a direct result of VICEROY funding to the CySER program. Additionally, the various CySER program elements, including the seminar series and summer workshop, helped inform the design of syllabi for the other four required cybersecurity courses in the new degree program. Finally, the new degree program has also opened more opportunities to recruit CySER trainees. Out of the newest cohort of 38 CySER students at WSU, 10 of them are pursuing the new cybersecurity degree program. 

Image: CySER

Challenges

Operating a program like CySER comes with its share of challenges. Probably the most important challenge we have faced year-to-year is maximizing ROTC participation. There are a couple main reasons this can be difficult. First, ROTC cadets generally have more demands on their time than civilian students. This is not only an issue during semesters, but also in the summer when cadets may be required to participate in training exercises or similar activities. Depending on the timing, this can preclude them from attending our summer workshop or doing an internship over the summer. This is partially mitigated by the fact that CySER has existed over three years so far, giving participants multiple opportunities to attend summer workshops and internships. A real solution to this, though, would require a higher level of coordination with ROTC leadership to ensure cadets have one summer during their time at college to participate in summer activities like internships and our summer workshop.

The second main concern is that ROTC cadets can have a very wide variety of backgrounds and academic interests which may not necessarily include cybersecurity or computing majors. While the broader student population has the same variety, the overall population itself is much larger, making it easier to find enough participants interested in cybersecurity. While we encourage students from diverse majors to join CySER, ROTC cadets in other majors may already have commitments with other organizations and activities or may simply not be interested in cybersecurity, thus limiting the number of potential participants. Other than doing our best to promote the benefits of CySER to ROTC cadets, which local ROTC leadership has been very helpful with, the other main way to overcome this barrier is to further incentivize CySER participation. For example, the ROTC program at MSU has established an agreement with the university by which ROTC cadets participating in CySER get college credit that counts toward a specific ROTC course requirement. This has resulted in MSU securing participation of outstanding ROTC cadets with non-cyber and non-computing majors.

Another operational challenge of CySER is organizing and executing the mentored research component. An ideal ratio of mentees to mentors would be two to four mentees per mentor. We expect this ratio to give the students the best possible experience while also limiting the workload placed on graduate student mentors who have a lot of other responsibilities outside of CySER. This ratio is achieved at our partner institutions, who have historically had three to four undergraduate students in CySER and a single graduate student to mentor them. In past years at WSU, we have also been able to achieve this target ratio, however, our 2023 class is the largest yet at 38 undergraduates of which 34 are participating in mentored research this year. Achieving our target mentee-to-mentor ratio would require nine to twelve mentors. We came very close this year by recruiting eight graduate students to be mentors, many of whom are supported not by VICEROY but other funding sources that WSU provides. Thanks to this, only two mentors have more than four mentees assigned to them. Maintaining this ratio is important to keep in mind when recruiting both undergraduate and graduate students to the program.

The expected time investment for mentored research is also a consideration that needs to be balanced against the other obligations of undergraduates and graduates. The ultimate goal of CySER is to improve student learning, so the last thing we want is for our activities to interfere with a student’s curriculum. On the other hand, we also want this research experience to be beneficial which requires a certain minimum effort on the part of students. We have set a weekly hour requirement for research participation that we believe to be reasonable, while at the same time emphasizing that this is a minimum and we hope that students with the time and motivation will put additional effort into their projects. We leave the setting of milestones to the mentors on each project, with the only global milestone being that students present the outcomes of their research in a poster session at the summer workshop. This gives students the chance to share what they have accomplished and learned over the course of their research and gives us a way to verify their participation along with confirmation from their mentors.

Recommendations

Strong institutional support is vital for our program. Similar programs may find that even with critical funding from an organization like VICEROY, there are still gaps in support for various planned program elements. As an example, leadership at WSU’s School of Electrical Engineering and Computer Science agreed to provide financial support for our graduate mentors, thereby enabling our mentored research component. There is also a significant amount of work required of departmental staff in support of our program, such as setting up and distributing stipend payments to undergraduate participants, processing purchase orders, and handling logistics on other resources we periodically require such as classrooms and student housing for the summer workshops. Without this support from university staff, administration of our program wouldn’t be possible.

When it comes to recruitment, we have had great success with enlisting the help of departmental staff for delivering our recruitment materials into the hands of students. Many departments will share opportunities such as clubs, student assistance, and programs like ours with students enrolled in their programs via email and social media. Rather than trying to do all the outreach and promotion ourselves, this year we provided our recruitment materials to staff in a couple relevant departments who were happy to in turn share the information with their students. As a result, we experienced a much higher volume of applications compared to previous years. We recommend making good use of department- and university-wide communication channels for recruiting and promotion.

Faculty at our university and partners are also an important resource, even those who don’t have a direct affiliation with our program. These faculty members are ideal candidates for giving seminars and speaking at our summer workshops about their research, which often involves work that has been done alongside various government entities such as the DoD or Department of Homeland Security. We also source research projects for our mentored research experience from faculty that are both directly involved and not directly involved with our program.

Given the DoD relevance of our mission, it is also important to have a strong relationship with our ROTC department and clear lines of communication with them. We rely on ROTC leadership to help promote our program to their cadets. In our third year of operation, we have appointed a senior member of the program as the dedicated ROTC lead responsible for coordinating with all ROTC branches at our university.

Closing Remarks

The CySER program has grown considerably over the past two and a half years. By building on our successes and learning from our mistakes, we have increased overall student participation as well as ROTC participation while simultaneously improving the quality of our program. We hope that by sharing some of our experiences here, we can help other similar programs around the US grow and improve, as well as give new programs a head start. We enjoy working with the people at VICEROY, who are clearly devoted to helping students across the US develop strong cyber skills, and we feel that a program such as VICEROY is key to our nation’s long term cybersecurity goals.

References

[1] National Institute of Standards and Technology’s National Initiative for Cybersecurity Education. https://www.nist.gov/itl/applied-cybersecurity/nice . Accessed 30 Jan 2024.

[2] National Security Agency Centers of Academic Excellence in Cybersecurity. https://www.nsa.gov/Academics/Centers-of-Academic-Excellence/ . Accessed 30 Jan 2024.

[3] US Department of Defense Chief Information Officer. https://dodcio.defense.gov/Cyber-Workforce/Resources.aspx . Accessed 27 March 27, 2024.

[4] Griffiss Institute. http://www.griffissinstitute.org/what-we-do/viceroy . Accessed 30 Jan 2024.

[5] VICEROY Northwest Institute for Cybersecurity Education and Research. https://cyser.wsu.edu/ . Accessed 30 Jan 2024.

[6] Washington State University. https://wsu.edu/ . Accessed 30 Jan 2024.

[7] Montana State University. https://www.montana.edu/ . Accessed 30 Jan 2024.

[8] University of Idaho. https://www.uidaho.edu/ . Accessed 30 Jan 2024.

[9] Central Washington University. https://www.cwu.edu/ . Accessed 30 Jan 2024.

[10] Columbia Basin College. https://www.columbiabasin.edu/ . Accessed 30 Jan 2024.

[11] VICEROY Northwest Institute for Cybersecurity Education and Research. https://cyser.wsu.edu/seminars . Accessed 30 Jan 2024.

[12] VICEROY Northwest Institute for Cybersecurity Education and Research. https://cyser.wsu.edu/summer-workshop/ . Accessed 30 Jan 2024.

[13] Pacific Northwest National Laboratory. https://www.pnnl.gov/ . Accessed 30 Jan 2024.

[14] Schweitzer Engineering Laboratories. https://selinc.com/ . Accessed 30 Jan 2024.

[15] Fairchild Air Force Base. https://www.fairchild.af.mil/ . Accessed 30 Jan 2024.

[16] Naval Undersea Warfare Center Keyport. https://www.navsea.navy.mil/Home/Warfare-Centers/NUWC-Keyport/ . Accessed 30 Jan 2024.

[17] Washington State University Insider. “CyberCougs place first at regional competition”. https://news.wsu.edu/news/2023/03/15/cybercougs-place-first-at-regional-cybersecurity-competition/ . Accessed 30 Jan 2024.

[18] Washington State University Insider. “Degree in cybersecurity gets underway”. https://news.wsu.edu/news/2023/06/15/degree-in-cybersecurity-gets-underway/ . Accessed 30 Jan 2024.

About the Authors

Dr. James Crabb (jamescrabb@wsu.edu) is the Program Coordinator for the VICEROY Northwest Institute for Cybersecurity Education and Research. He originally studied horticulture, earning Bachelor's and Doctorate Degrees in Horticulture from Washington State University. During his previous graduate studies, James recognized the importance of computer science to all other scientific domains, leading him to earn a second Bachelor's Degree, this time in Computer Science. This was followed by a Master's Degree in Computer Science again at Washington State University, with a focus on cybersecurity and data analytics.

Dr. Assefaw Gebremedhin (assefaw.gebremedhin@wsu.edu) is the PI for the VICEROY Northwest Institute for Cybersecurity Education and Research, and currently an associate professor with the School of Electrical Engineering and Computer Science at Washington State University, where he leads the Scalable Algorithms for Data Science Laboratory. He earned the MSc and PhD degrees in computer science from the University of Bergen, Norway. His research interests include data science, AI, network science, and cybersecurity. He also directs a Department of Education Graduate Assistance in Areas of National Need (GAANN) program at WSU focused on training PhD students in AI for engineering applications.