网络安全实验示范班人才培养模式探索

分析网络空间安全人才培养过程中面临的问题,提出构建网络安全实验示范班的培养模式,介绍网络空间安全实验示范班的人才选拔考核机制和标准。在此基础上,围绕网络空间安全学科的人才培养目标,从多个方面阐述创新网络空间安全人才培养模式的方案,并给出面向网络空间安全实验示范班的人才激励与竞争机制。     

网络空间安全学科人才培养模式与途径探索

针对网络空间安全一级学科刚设立的现实,围绕网络空间安全学科人才培养过程中存在的不足,分析网络空间安全学科人才培养问题的根源。结合我国网络空间安全学科的建设目标和实际需求,指出如何培养服务国家安全战略的网络空间安全人才已成为当前我国高等工程教育的一个新课题,在此基础上,有针对性地提出一系列较为切实可行的网络空间安全学科人才模式及途径。     

从层次角度看网络空间安全技术的覆盖领域

网络空间安全是涉及计算机科学与技术、信息与通信工程、控制科学与工程、密码学等学科的交叉学科,具有明确而深入的学科内涵。给出了网络空间安全的定义,提出了网络空间安全的层次模型,并系统地梳理了目前网络空间安全学科中的八大研究领域在设备层、系统层、数据层和应用层所面临的主要研究问题和相关技术,包括信息安全、信息保密、信息对抗、云的安全、大数据、物联网安全、移动安全和可信计算等。为进一步凝练网络空间安全的技术体系和学科方向提供了指导和借鉴。     

网络空间安全学科简论

随着信息技术与产业的高速发展和广泛应用，人类社会进入信息化时代。在信息化时代，人类生活工作在网络空间中，因此确保网络空间安全成为信息时代的基本需求。我国已经发展形成了完整的网络空间安全学科体系，因此，全面论述网络空间安全学科的体系结构与理论基础成为网络空间安全学科建设和人才培养的当务之急，内容包括：网络空间与网络空间安全的概念，网络空间安全学科的内涵，网络空间安全学科的主要研究方向及研究内容，网络空间安全学科的理论基础和方法论基础。因此，正确理解和掌握网络空间安全学科理论与体系结构，不仅对我国网络空间安全学科建设和人才培养具有十分重要的指导意义，而且对我国网络空间安全领域的科学研究和产业发展也具有十分重要的指导意义。     

一流网络安全学院创新人才培养模式初探

网络空间安全事关国家安全，人才培养是重中之重。结合北京航空航天大学一流网络安全学院建设，分析了目前普遍存在的一些问题，从人才选拔、课程体系、综合培养平台、实践能力培养、学科竞赛等方面探讨了网络空间安全人才培养的思路、机制和模式，以期为网络空间安全专业的人才培养提供借鉴与参考。     

网络空间安全人才培养探讨

网络空间的竞争,归根结底是人才的竞争。当前,世界各国高度重视网络空间安全人才的培养。基于此,首先介绍了网络空间安全人才培养的现状;然后分析了网络空间安全人才的需求特点,并提出了网络空间安全人才培养的若干建议措施;最后给出了暨南大学在网络空间安全人才培养方面的一些探索。     

新工科背景下的网络空间安全人才培养模式

针对网络空间安全中的人才培养问题,提出网络空间人才培养建设目标,给出人才培养建设思路,以现有信息安全人才培养机制为基础,依据新工科理论,从强化课程思政、交叉学科融合、课内外实践互补、多主体协同育人和完善持续改进机制的网络空间安全人才培养体系几个方面,介绍新工科背景下人才培养模式改革的实践经验.     

面向人工智能的网络空间安全课程体系建设

分析网络空间安全学科建设起步较晚、课程体系不健全、培养目标不明确等实际存在的问题,阐述人工智能与网络空间安全交叉学科的课程体系建设和人才培养模式,借鉴信息安全专业和人工智能专业建设的经验,提出网络空间安全学科的建设应紧跟时代步伐、把握最新的计算机技术发展新趋势的观点,构建新型的以网络空间安全知识同人工智能相结合的交叉学科课程体系。     

面向网络安全创新人才培养的网络空间安全学院建设进展与成果

<正>习近平总书记对2019年国家网络安全宣传周作出重要指示强调,要坚持网络安全教育、技术、产业融合发展,形成人才培养、技术创新、产业发展的良性生态。国家高度重视网络安全教育工作,出台了一系列政策措施,包括设立网络空间安全一级学科、实施一流网络安全学院建设示范项目、推动网络安全产学研深度融合、网络空间安全卓越工程师培养等,旨在加快网络安全学科建设和人才培养进程,提升我国网络安全教育的质量和水平。     

探索“网安医生”人才培养模式

网络安全的竞争归根结底是人才的竞争，世界各国纷纷将网络安全人才培养放在了国家战略高度。网络空间安全学科作为一门新兴交叉学科，其学科的内涵外延还在更新发展，目前缺乏适合网络空间安全人才特点的培养模式及评价机制。根据多年的教学研究，参考国外的先进培养模式及评价机制，结合国内实际情况，提出适合网络空间安全学科特点的“网安医生”培养模式，该模式覆盖本科培养的全生命周期，以问题为导向，培养学生针对网络空间发现和解决安全问题的能力，高校与产业界、科研机构紧密互动构建人才培养的生态环境。以此提高学生掌握知识、技能和应用能力，培养学生探索最新前沿科技和核心技术的兴趣和能力，提升师资力量和教育水平，同时也有利于企业选拔优秀人才，提升企业研发能力和市场竞争力。最终实现合作方协同创新，优势互补，全面共赢的良好局面，促进网络空间安全人才培养和学科发展。     

Understanding and overcoming cyber security anti-patterns

This article presents an empirical and practice-based analysis of the question, why despite substantial investments, there are still major security weaknesses in today’s information systems. Acknowledging that cyber security is not a purely technical discipline, the article takes a holistic approach and identifies four anti-patterns that are frequent in practice and detrimental to the goal of achieving strong cyber security. The first anti-pattern is that decisions about security are frequently based on intuition rather than data and rigor; this introduces cognitive biases and undermines decision quality. Second, many organizations fail to implement foundational security controls and consequently, are easy targets for opportunistic and novice attackers. Third, there is an overreliance on the relatively static threat knowledge in products such as virus scanners, while an inability to learn and adapt dynamically opens the door for advanced threats. Fourth, weaknesses in security governance create systemic control gaps and vulnerabilities. The article describes each anti-pattern and presents specific steps that organizations can take to overcome them.     

双一流视域下网络安全人才培养研究——以江苏省为例

面对新安全态势中网络安全人才培养发展的机遇和挑战,基于江苏省开设网络安全相关专业的本科类院校开展问卷调研,从布点规模、培养层次、课程体系等8个方面进行多维分析和比较研究,从政治保障、师资保障、社会保障、经费保障4个方面探索江苏省在“双一流”建设环境中网络安全人才培养的有效路径。     

信息安全与法学复合型人才培养模式

信息安全专业自 2001 年创设以来，其满足社会需求的网络安全人才知识和能力体系，以及相应的人才培养模式一直受到人们的关注。从社会需求出发，分析了网络安全人才的基本知识和能力要求，认为复合型人才是网络安全事业的重要需求；以南开大学信息安全与法学双学位班为例，介绍了信息安全与法学复合型人才的培养模式，以期为我国网络安全人才培养模式的构建提供参考。     

Information sharing vs. privacy: A game theoretic analysis

Sharing cyber security information helps firms to decrease cyber security risks, prevent attacks, and increase their overall resilience. Hence it affects reducing the social security cost. Although previously cyber security information sharing was being performed in an informal and ad hoc manner, nowadays through development of information sharing and analysis centers (ISACs), cyber security information sharing has become more structured, regular, and frequent. This is while, the privacy risk and information disclosure concerns are still major challenges faced by ISACs that act as barriers in activating the potential impacts of ISACs.This paper provides insights on decisions about security investments and information sharing in consideration of privacy risk and security knowledge growth. By the latest concept i.e. security knowledge growth, we mean fusing the collected security information, adding prior knowledge, and performing extra analyses to enrich the shared information. The impact of this concept on increasing the motivation of firms for voluntarily sharing their sensitive information to authorities such as ISACs has been analytically studied for the first time in this paper. We propose a differential game model in which a linear fusion model for characterizing the process of knowledge growth via the ISAC is employed. The Nash equilibrium of the proposed game including the optimized values of security investment, and the thresholds of data sharing with the price of privacy are highlighted. We analytically find the threshold in which the gain achieved by sharing sensitive information outweighs the privacy risks and hence the firms have natural incentive to share their security information. Moreover, since in this case the threshold of data sharing and the security investment levels chosen in Nash equilibrium may be lower than social optimum, accordingly we design mechanisms which would encourage the firms and lead to a socially optimal outcome. The direct impact of the achieved results is on analyzing the way ISACs can convince firms to share their security information with them.     

Institutions for Cyber Security: International Responses and Global Imperatives

Almost everyone recognizes the salience of cyberspace as a fact of daily life. Given its ubiquity, scale, and scope, cyberspace has become a fundamental feature of the world we live in and has created a new reality for almost everyone in the developed world and increasingly for people in the developing world. This paper seeks to provide an initial baseline, for representing and tracking institutional responses to a rapidly changing international landscape, real as well as virtual. We shall argue that the current institutional landscape managing security issues in the cyber domain has developed in major ways, but that it is still “under construction.” We also expect institutions for cyber security to support and reinforce the contributions of information technology to the development process. We begin with (a) highlights of international institutional theory and an empirical “census” of the institutions-in-place for cyber security, and then turn to (b) key imperatives of information technology-development linkages and the various cyber processes that enhance developmental processes, (c) major institutional responses to cyber threats and cyber crime as well as select international and national policy postures so critical for industrial countries and increasingly for developing states as well, and (d) the salience of new mechanisms designed specifically in response to cyber threats.     

信息安全专业课程体系设置的几点思考

分析了信息安全对专业人才的需求和现有信息安全专业课程体系设置存在的问题,给出了模块化、层次化的信息安全课程体系建设方案,该方案以教育部信息安全类教学指导委员会颁布的信息安全专业规范为指导,以西安邮电大学信息安全专业课程体系为例,设计了模块化、层次化的信息安全本科专业课程体系优化和实施方案,对信息安全专业人才培养具有较好的参考价值。     

Approach to the construction of the generalized functional-semantic cyber security model

In this paper, the functional-semantic model of cyber security is proposed as an initial step towards the development of a new unified methodological cyber security basis. This model makes it possible to formalize requirements for confidentiality, integrity, and availability, as well as to obtain ontological knowledge inferences about the system security state.