Welcome to Heinz College’s Intro to Information Security Management

30 06 2011

If you’ve made it here, you’re likely a student at Carnegie Mellon University and registered for Heinz College’s Introduction to Information Security Management – 95752. The learning objectives, schedule, syllabus and documents for the course will be discussed in class and distributed on the CMU Blackboard site.  This course blog and accompanying Twitter feed have been created and will be maintained to support the course in other ways. The main objective for the blog is to share posts with each other (and the broader Information Security community) about current events and relevant topics in Information Security. For example, the last 6 months have seen several high profile compromises, such as NASDAQ, RSA SecureIDs, and the Sony Playstation network, as well as significant publicity about the ongoing Wikileaks case and Lulzsec/Anonymous attacks. We need to cover a broad set of topics during class lectures, and we would be remiss to ignore these important events, but we would rather constrain the discussion on those current events to thoughtful posts and responses on this blog.

Being mildly omniscient (or perhaps just not that far removed from academic programs ourselves), you are probably asking some questions:

As a student, what am I going to have to do?

You will be required to compose more than 1, but less than 5, posts during the entire semester. The posts will be expected to be well researched, written, edited, clearly cited, and be generally thought-provoking. The length will vary, but you are all likely familiar enough with blog posts to know when one is rambling (or when it was clearly written with half a brain at 2am). An example or two will be posted later to show you what to do and what not to do. It may actually be harder to be concise and make a solid case for your argument in approximately 5-7 paragraphs than to blather for pages, so don’t leave these until the last minute.  It will not be a requirement for you to comment on others’ posts, but the blog will be so much the better if you do. The combination of these blog posts will be considered as part of your overall homework grade.

If we’re already using Blackboard, why not just use the built-in discussion board or blog functionality?

First, we will be using the discussion board, but for more administrative topics. The good thing about the discussion board is that anyone can post anything at any time, but the bad thing is that trawling through six different forums about current events often doesn’t lead to thoughtful discussions. Discussion threads decay into the author posting a link with a sentence or two, but very little analysis beyond that. So, rather than require that you post a certain number of posts to the discussion board per semester, we’d rather foment quality, not quantity. Furthermore, the Blackboard blog would permit similar functionality, but would be less flexible and less public. For example, if a new post appears and you want to read it on your mobile phone with an RSS reader, you can easily do that here.  Not so much on Blackboard. Finally, the blog posts will be mentioned publicly on Twitter and maybe, just maybe, the White House cybersecurity czar himself will comment on the terrific analysis you just posted.

So, if I only have to do a few posts and it counts as part of my homework grade, I never have to read others’ posts?

That’s right, you don’t. Then again, this is Carnegie Mellon University, you are almost all graduate students and professional enough to know that doing the bare minimum does not really contribute to an environment of growth and learning. So, this entire site will only be as good as the time you spend on the posts and the hopefully engaging discussion that takes place afterwards.

Why is there a Twitter feed and do I really have to do the tweeting?

The Twitter feed has been started to give you all a sense of some people out there who are active in social media AND influential in information security. I mean seriously, why wouldn’t you want some tweets from Bruce Schneier himself delivered to you? No, you don’t have to tweet, but you do have to create an account and follow our account (@CMU_95752) so you can see some things we tweet ourselves (maybe a quiz hint?) and retweet from others. Perhaps it will also help you amass a list of bloggers/tweeters that contribute to your learning for this class and well beyond. Heck, tell us if we’re missing one and we’ll add it.

The details of how many posts, how they’ll be assigned, applicable topics, the logistics of sending/posting and other things will be discussed elsewhere. If you’re reading this before class has started, we look forward to meeting you. If you’re reading this during the first class, start paying attention because you just missed something we said. In either case, welcome to 95752 and let’s have a good semester together.

Adam and Ron