Making cyber security interdisciplinary : recommendations for a novel curriculum and terminology harmonization
Author(s)Ramirez, Robert B. (Robert Butler)
Technology and Policy Program.
MetadataShow full item record
Cyber security was historically a technical subfield of computer science. However, pervasive computing technology has recently made security a significant concern for management and policy. In this thesis, I review the academic literature of cyber security, and argue that security as a field comprises four different subdisciplines: policy, computer science, management, and social science. Furthermore, collaboration and communication between these fields is lacking, as evidenced by differing terminology between these fields and few interdisciplinary journal publications. The remainder of this thesis is devoted to answering the question "How can cyber security professionals, including academic researchers, better approach cyber security as an interdisciplinary field; and what are the benefits of doing so?" This thesis recommends two steps the cyber security community can take towards becoming more interdisciplinary: undergraduate multi-departmental education; and harmonizing terminology between subdisciplines. To the first step, I present a novel curriculum design: an interdisciplinary minor in cyber security, which would equip non-security professionals with basic knowledge of security, and equip security professionals with skills for approaching security with an interdisciplinary mindset. I create a balanced curriculum design based on the findings from my literature review regarding the four subdisciplines of security. MIT's entire subject catalog was sourced for classes, to design a model curriculum. While this curriculum proposal was developed for MIT, the design is institution-agnostic, and I discuss how to apply it to other universities. Second, to facilitate cross-disciplinary communication, I recommend instituting change at the higher, professional level. To achieve this, I recommend authors harmonize their jargon usage. This change would improve idea flow between authors from different disciplines, who work towards potentially mutually beneficial solutions, but who write for separate audiences in their publications. To identify areas in need of harmonization, I first examine the extent of differences in keyword usage in articles from each the four security subdisciplines. I also analyze time-series trends of terminology usage in cyber security journal articles, and I develop a methodology for authors or standards bodies to use when deciding whether a word or phrase is appropriately interdisciplinary, or has been accepted by the general cyber security community.
Thesis: S.M. in Technology and Policy, Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society, Technology and Policy Program, 2017.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (pages 88-97).
DepartmentMassachusetts Institute of Technology. Institute for Data, Systems, and Society.; Massachusetts Institute of Technology. Engineering Systems Division.; Technology and Policy Program.
Massachusetts Institute of Technology
Institute for Data, Systems, and Society., Engineering Systems Division., Technology and Policy Program.