There is no alternative to the study program “Cyber Security Engineering” in Latvia
Since the beginning of the autumn semester last year, doctoral student Viesturs Bambāns has been working at Vidzeme University of Applied Sciences (ViA), thus contributing to the achievement of the goal of the project “Academic Staff and Human Resources Development at Vidzeme University of Applied Sciences” – to involve doctoral students in the academic work of the university and to promote the attraction of new academic staff in the long term.
As part of the project at the Vidzemes University of Applied sciences, Viesturs Bambans presented lectures in Incident Response and Digital Forensics courses. Students become familiar with the development of Forensic Science, Scientific Methodology, and its application to the investigation process. The course is divided into two parts – The Overview and Practical.
At the Vidzemes University was created Digital Forensics laboratory, which allows each student to go through the adapted process of investigation for the academic environment. It starts with data acquisition and ends with creating the report, in the form, which can be presented at the court.
Digital Forensic laboratory was created with the partnership of Access Data, which allows being part of their Academia program.
The task is to provide students with academic and practical skills using an environment that supports/deploys certified forensic software, which is one of the industry standards. And later in their life – whether they will be working in law enforcement or business environments, they will be able to adapt faster to the standards and procedures to whom adhere to those organizations. The average time for an alumnus of a university to adopt guidelines, procedures, and standards in an organization, which is involved in Forensic services is between 6 months to 1 year.
It is important that the academic process is built to maximum closeness to daily work reality. By doing that it will allow shortening the time of education and building skill sets in a particular organization for an alumnus from M.p in Cybersecurity engineering at the Vidzemes University. One of the skills, that I teach to students is to understand the limits. Why it is important? There are countless examples when after a company sustained a data breach, their personnel during the data breach mitigation process overestimates their skills and loses evidence. And by doing that company sustains losses and the malicious actor gets a “jail free card”.
Both subjects Incident Response and Digital Forensics can be sometimes very dry and formal. However, there is always some facts, skillsets, which brighten the study process. For example, during the Overview course – I tech about the beginning of DNA analysis. In the late 19th-century Western scientists found out that in the 13th century in China was created coroner service and publish a book about how to investigate wrongful person death, physical injuries, poisoning, and resuscitate a human after his/her death. The book was written by Sung T’zu “Washing Away of Wrongs”(written in 1247) provides unique skillsets. The only other country which investigates the violent death of their citizens in Europe at that time was England by establishing crowners - today coroner service. One illustration from the book – what was an approach preventing children from trafficking from outside China to inside China. It was applied in various situations in China. If border guards suspected that a family, which coming through one of the gates of Great Wall have children, which are not their biological children, then official can ask on of the suspected parents to make a cut into his/her hand and drop the blood into newly baked clay bowl with water, the same is requested to the child, if blood mixes they are relative, if blood does not mix, they are not.
Cybersecurity engineering M.p. program is unique for Latvia, due to its built-in approach to make emphasis on academic and practical skillsets. Today the program doesn’t have an alternative in Latvia.
Regarding Covid-19 and cybersecurity and compliance. The majority of information Security Frameworks are built on the notion, that personnel will be always available. Covid-19 creates the challenge of scarcity of personnel and companies need to re-evaluate their approach to maintaining the Security Posture at the same level as before Covid-19. It requires finding personnel that can replace current information security personnel if there is sudden crisis with a particular individual. Such an approach requires re-adjust Information Security Frameworks to continue to support daily business transactions for a particular company.