A Technical History of the SEI
ihQTwP
ihQTwP
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
CERT website. 11 Free downloadable materials enabled faculty to start teaching SIA quickly. The<br />
materials are so extensive that faculty could use <strong>the</strong>m as “turn-key” courses, or educational institutions<br />
could adapt <strong>the</strong>m to suit <strong>the</strong>ir needs. Also, <strong>the</strong> materials are not only appropriate for twoyear<br />
colleges but also for four-year institutions; portions are applicable at <strong>the</strong> graduate level. A<br />
read-only (“general”) version <strong>of</strong> course materials is available to students and o<strong>the</strong>r system administrators.<br />
The Consequence: System Administrators Who Support <strong>the</strong> Business<br />
Mission<br />
System administrators make <strong>the</strong> connection between technology and business mission, using technology<br />
to help <strong>the</strong> business operate effectively and efficiently. They understand how a specific<br />
piece <strong>of</strong> technology fits into <strong>the</strong> overall business, its contribution to that business, and its importance.<br />
Their understanding <strong>of</strong> business and risk issues enables <strong>the</strong>m to sustain and improve <strong>the</strong><br />
enterprise’s functionality and to add new functionality without a negative impact on <strong>the</strong> business<br />
mission. They are able to communicate with business decision-makers to explain, “This is what<br />
we’re doing; this is why we’re doing it; and this is why it makes business sense.” They are able to<br />
answer questions such as “What’s <strong>the</strong> impact on business? What are <strong>the</strong> metrics <strong>of</strong> performance?<br />
What does this cost? What’s <strong>the</strong> benefit? Are we avoiding costs; are we reducing costs?” They<br />
help <strong>the</strong> enterprise networks to be better able to survive in an increasingly internet-oriented world.<br />
The <strong>SEI</strong> Contribution<br />
The SIA curriculum has filled a gap in system administrator education. It is a practical and realistic<br />
curriculum that layers skills training on a firm educational foundation and presents new ideas<br />
and new approaches to many <strong>of</strong> <strong>the</strong> traditional tasks <strong>of</strong> system administrators. The quality <strong>of</strong> <strong>the</strong><br />
material and credibility <strong>of</strong> <strong>the</strong> <strong>SEI</strong>, its well-known CERT program, and Carnegie Mellon enable<br />
faculty to use <strong>the</strong> course material with confidence. The <strong>SEI</strong> influence is widespread. As <strong>of</strong> 2012,<br />
access to <strong>the</strong> faculty version <strong>of</strong> <strong>the</strong> curriculum was granted to 382 qualified faculty members representing<br />
235 colleges and universities located in 43 U.S. states, <strong>the</strong> District <strong>of</strong> Columbia, and one<br />
Canadian province. The general, read-only version was downloaded 3,287 times by groups in 130<br />
countries: 862 by organizations, 744 by educational institutions, 674 by government agencies, and<br />
151 by o<strong>the</strong>rs. The general version was also downloaded 856 times for personal use.<br />
O<strong>the</strong>rs contributed to <strong>the</strong> influence <strong>of</strong> <strong>the</strong> SIA curriculum. The Regional Center for Systems Security<br />
and Information Assurance (CSSIA) 12 has mapped <strong>the</strong> SIA courses to two <strong>of</strong> <strong>the</strong> national<br />
standards for security-related training 13 and found that <strong>the</strong> courses meet approximately 95 percent<br />
<strong>of</strong> <strong>the</strong> standards’ objectives.<br />
11 Curriculum and lab overviews, and downloadable materials can be found at http://www.cert.org/curricula/sia-curriculum.cfm.<br />
12 CSSIA is funded by <strong>the</strong> National Science Foundation.<br />
13 NSTISSI 4011 National Training Standard for Information Systems Security (INFOSEC) Pr<strong>of</strong>essionals<br />
, Committee on National Security Systems,<br />
(https://www.cnss.gov/CNSS/openDoc.cfm?U5Wzl9pAb0QOxSawdnQmTA==)1994 and<br />
CNSS 4013 National Information Assurance Training Standard for System Administrators, Committee<br />
on National Security Systems (http://www.scis.nova.edu/documents/cnssi_4013.pdf)<br />
CMU/<strong>SEI</strong>-2016-SR-027 | SOFTWARE ENGINEERING INSTITUTE | CARNEGIE MELLON UNIVERSITY 78<br />
Distribution Statement A: Approved for Public Release; Distribution is Unlimited