Professor teaches cyber defense tactics to grad students

by Scarlet Keolanui, Staff Writer

What if students could learn about the tactics of cyber criminals and cyber hackers and protect themselves from cyber crimes?

Management information systems professor Murray Jennex teaches students how to protect themselves from the threat of cyber crimes in his risk assessment class for graduate students. He teaches them about how vulnerable they are to these types of crimes and then shows them how to combat cyber criminals’ tactics.

“Dr. Jennex helps teach and train a unique combination of decision support, cyber security, knowledge management, and compassion in disasters,” said Eric Frost, the program director of SDSU’s homeland security graduate program and a colleague of Jennex.

Prior to his work at San Diego State, Jennex worked in the energy industry, specifically at Southern California Edison. Y2K, a computer problem based on date formats switching from the 20th century to the 21st century, helped him to realize systems’ vulnerability and led him to his research and work on cyber crimes and cyber hackers.

“We were so worried about productivity that we forgot about security,” Jennex said.

Today, the information systems specialist teaches his students to assume everything they post online is essentially permanently public and to not share anything they would not want the public to see. He explained people may think what they post or share online will remain private or that they own the rights to their posts, but this is far from the truth.

As an example, Jennex explained how on the ever-so-popular social media app Instagram, users may think they own the rights to the posts they share. In reality, Instagram is the owner of the content users share on their site.

Jennex said students who use Snapchat should also be aware of the security threat it poses. He said the app uses a relatively open public server and the threat of someone storing another user’s post on their device, even after it has “disappeared” from Snapchat, is real.

Jennex explained the popular online word processing site Google Docs, which students across campus use to collaborate on documents, is a cloud-based server. This means the law considers Google Docs a common server, so there is no clear owner of a document. A document saved on the common server has the capability of being infiltrated by someone outside of the collaborators working on the document. Jennex warns students to be mindful of this when sharing their intellectual property online.

The first thing Jennex asks his students to do in his class is run a risk assessment on themselves. Students must first inventory all devices possessing their data, including other people’s devices with their personal data stored. He also has students analyze their daily routines and tells them to remember predictability causes vulnerability, because hackers as well as predators can learn their victim’s habits.

He also cautions students to remember two things. First, the cyber world is vast and anything people can do in real life, people can also do online, including hacking and bullying. Second, people are not only after passwords, but victims’ entire cyber presence.

Jennex has one piece of advice he hopes to communicate most to students: “Don’t put anything on a mobile device that you would not want to share.”