Information Assurance and Community Colleges - Erich Spengler, Moraine Valley Community College
Erich Spengler, professor at Moraine Valley Community College near Chicago, discusses:
Spengler has over 20 years experience in Information Systems and holds an MBA from Loyola University of Chicago and an MS in Computer Science from the University of Illinois - Springfield. In addition to serving as a tenured professor of Computer Integrated Technologies at Moraine Valley Community College, Erich also serves as a Guest Lecturer at Northwestern University and as the Director and Principle Investigator for the National Science Foundation (NSF) Regional Center for Systems Security and Information Assurance (CSSIA @ www.cssia.org). Erich holds several industry certifications including CISSP.
TOM FIELD: We are talking today about information assurance education, and we're talking with Erich Spengler. He is a tenured professor of computer integrated technologies at Moraine Valley Community College in Greater Chicago. Eric, thanks so much for joining me today.
ERICH SPENGLER: Great, thank you.
FIELD: Eric, just to introduce our audience to you, how about if you tell us a bit about your role please at the community college and then other roles that you are doing that are sort of relate to what your role is at the school.
SPENGLER: Well, I've been a Professor for the past 15 years at Moraine Valley. I've had over 20 years experience in information technology, many of those in areas that include security, network security. I'm the director of CSSIA, which is the Center for System Security and Information Assurance, and I've been the director for the past seven years. Within these two capacities, I teach both students and faculty in network, which is base networking skills and network security related course work. An example would be such as the Cisco Networking Academy. So lots of different opportunities, and again a lot of what I also do is faculty development, which is a great opportunity to meet and work with faculty throughout the country.
FIELD: Now, I've talked a lot recently with professors and directors at four-year schools. Tell us a little bit about Moraine Valley. What's unique about it, who are your primary students, and what do you find your objectives to be with them versus what objectives might be at a four-year institution?
SPENGLER: Well, Moraine Valley is a community college, about 25 miles southwest of Chicago. They offer degrees and transfer degrees to four-year colleges and universities, and they also have a lot of applied degrees in technologies and career programs. We also look at these as degrees and certificates. Moraine Valley itself has been teaching in the networking area for several years, actually back into the 1980's.
So a long history of need in the area, the Chicago area, for a network technicians, and they currently offer a degree in certificate programs and network administration and network security. Actually many of the technologies focus on Cisco and Microsoft, which are technologies that are widely used and adopted by many companies in addition to many other technologies and vendors out there. So we've had a lot of opportunity to not only impact our local students, but in our capacity with CSSIA we've been able to impact many, many institutions throughout the Great Lakes area.
FIELD: Now Eric, the second part of the question was about your primary students. Do you find that they tend to be people looking to start a career, or mid-career and looking to restart?
SPENGLER: Actually it's all over; it's all over the page. Many of the students will be actually coming from high school, and they'll be moving in and looking at network and network security careers, and those represent generally a lot of our day students. Then we have many night students, which have two objectives. One objective of course would be career change, so this would be our older students. And also many of the student objectives are to add networking security or network security information assurance onto current skills. So we'll get people that are already in the fields, and they'll come back in for enhancing their skills and enhancing their careers, and I think the focus is, you know you'll hear me mention this as you ask the questions. You'll here me mention the focus of skills, you know -- can they do the job? Can they program the firewall? Can they secure the network? Can they monitor? And these are all very important items. So that is what the students are looking for.
They want to make sure that when they go out in the job market, they have the skills to get the jobs, and the employers are looking for the students that have those skills when they come in. So by going and looking at a school like Moraine Valley, the students are able to know that their skills are going to be current and valid, and it's going to give them a good head up, a leg up on getting a good career.
FIELD: Well, that sounds like a great segue into my next question, which was looking at information assurance education, what's the role of a community college like yours? It sounds like you might have just nailed it.
SPENGLER: Yeah, and I can repeat it. The key is -- and I'll probably repeat it again -- the key is skills. The community college has a very important role in training technicians in the work force, in skills related to information assurance and network security, and these skills again are deploying the equipment, security the network, monitoring the network. And from a hands-on perspective, meaning most of the programs in the community colleges that are network related and network security related are very hands-on. So the community college has a great opportunity there to really train those skills, and within those skills again as the equipment and the security market starts to grow, community colleges are able to adapt that equipment and those knowledge skills back quickly into their programs. So it's again, more of looking at a community college being able to train the base skills, but then turning around and looking at cyber security information assurance as more of a commodity, so you can't really go and jump right into security. You've got to secure those base skills. So community colleges are able to train those base skills and then launch into these commodities such as cyber security, voice over IP, information assurance, wireless technologies, and it all relates around security the information and protecting the data.
FIELD: Eric, one of the things that has interested me lately is hearing the NSA talk about bestowing Centers of Academic Excellence status upon on two-year programs for the first time, and it sounds like this might be pretty much in response to the types of things that you are doing. What do you see as the significance of the CAE awards for two-year programs?
SPENGLER: I'd say there are two significant pieces to that. The first part is the community colleges being able to participate in this program, means that the program is able to identify and outline a number of requirements that an institution or school must need to be part of the program. And this would be such things as program development, program support, partnerships, outreach, and dissemination of information assurance knowledge throughout the institution and beyond. And this is what NSA looks for in Centers of Excellence, and if by community colleges being able to participate in this, students are able to understand the significance and hopefully that is communicated well that these schools can provide a great opportunity to get a career started in information assurance and cybersecurity. The school that would participate in this type of program would meet these requirements, which are very important to NSA and should be very important to any student that wants to make a career in cyber security discipline.
FIELD: Now it seems to me that information assurance is on everybody's mind these days. You see it in the agenda set by the president; you see it in the news that we are reading every day. Given that, what do you find to be the biggest challenges and opportunities for educators such as yourself?
SPENGLER: Well, the biggest challenges I really like to look toward is the program. So when an institution tries to develop a program, what are some of the challenges that they are going to face? Well, they have to have faculty that are qualified, or an opportunity to train those faculties to build those skills. So faculty development is probably one of the greater challenges just to make sure faculty are up to date, and they have the ability to maintain those skills to support the new programs. Of course curriculum is very important and adding in other items such as student skills experiences.
I always, I'm a big supporter of cybersecurity skills competitions, and one example is the cyber defense competition which community colleges and universities participate in yearly nationwide. So that when they are able to go out and look for employment, they are really able to connect with the employers in a real world sense and understand the need, understand the threats, and understand how they can be part of the improvement of the process. Of course, equipment and maintenance is always a challenge as well, because we know things change all the time. So schools really and institutions have to look at all these items, and if they get a good handle on it.
FIELD: So given the attention paid to the fields right now, what career advice do you offer to your students looking to either start or restart their careers?
SPENGLER: Well what I do, and I work here in what we would call one of the mentoring programs, and so I talk to students and I try to give them some direction and counseling as to how they can get their career going. But it all really comes down to what students need to do, and I'm not talking about specifically about just Moraine, but when a student -- whether it's a Moraine student or it is somebody in another state -- they really need to understand that there are great career opportunities especially for technicians and information assurance, cybersecurity related disciplines. But the students need to examine the programs. They need to ask the questions.
They need to find out if it is a skills oriented program. Is the program focused -- do some research on the jobs that are in their local area. What are the skills that they are looking for, and do the programs actually match those skills, and then what other type of supplementary support are the students going to get during the program that is going to help them launch into a career job right away. And of course, if they want to transfer that is another important piece. Do the students -- can they go through a skills based program, and can they transfer to a four-year institution to complete that program. I mean just a very, very big proponent of education and students continuing their education, even if they go for a two-year program and they decide they want to go and gain employment. They really need to think about continuing their education, continuing their program. And it is another reason why I think that the NSA Centers of Academic Excellence -- what a wonderful opportunity because now students can look and they can say, 'Oh is this institution I'm attending a center of academic excellence? Does it have a partnership with a four year institution? Can I transfer and can I continue my information assurance education while I'm working or while I'm a full time student?' So definitely examining the program, asking the questions, talking to students that have graduated, and find out what opportunities students have gained are really just important, and again I regularly question the students to find out where they are going and what they want to do.
FIELD: So final question for you Eric. Coming back to the person, whether they are looking to start a career or restart it given what you laid out for them, what is the first step they can take?
SPENGLER: Well the first step they can take certainly is seek out a local community college and just, as I mentioned before, ask the questions, check out NSA.gov and look at their IA coursework evaluation program up on NSA.gov. They of course list schools that are mapped and have relationships with the Centers of Academic Excellence and the courseware, the course requirements to be part of that. If students are able to understand that the schools have participated in that, quite often they are going to know that the program has really been taken seriously and they've taken that step to identify themselves as a group or institution that has taken those programs seriously. Of course, make sure they really understand the career path.
What I think is bad sometimes if a student is getting involved in a career and then of course that is maybe not the direction they wanted to go. There are so many areas in information assurance and cybersecurity from networking to operating systems that there is certainly a career in there for most people. So generally, do the research up front, but there are great opportunities here, and I can't stress that enough.
FIELD: Eric, that's wonderful. I appreciate your time and your insight today. Thank you very much.
SPENGLER: Why, thank you very much.
FIELD: We've been talking with Eric Spengler with Moraine Valley Community College. For Information Security Media Group, I'm Tom Field. Thank you very much.