For our second interview in "Application Security Education Spotlight" We caught up with renowned professor and avid researcher, Dr. Lei Chen. Dr. Chen earned his B.Eng. in Computer Science and Applications from Nanjing University of Technology (Nanjing, Jiangsu, China) in 2000. He received Ph.D. in Computer Science from Auburn University (Auburn, Alabama, USA) in August 2007. In the same month he joined the Department of Computer Science at Sam Houston State University (Hunstville, Texas, USA) as an Assistant Professor. He is currently an Associate Professor with tenure.
As of Summer 2013, Dr. Chen has taught 18 different courses in Computer Science, Information Security and Assurance, and Digital Forensics at both undergraduate and graduate levels. Courses taught more than 5 times include: Introduction to Digital Forensics and Information Assurance, Network Security, Information Security, and Network Security at graduate level. He has authored or co-authored 50 peer-reviewed scholarly works, including 8 journal papers, 12 book chapters, and 30 conference proceeding papers. His edited book "Wireless Network Security: Theories and Practices", published by Springer (U.S.) and Higher Education Press (HEP), is available in 2013.
1. Tell us a little about your experience before becoming a Professor at Sam Houston, Why did you choose education over field work?
Lei: I spent 6 years at Auburn University, Alabama on my Ph.D. study and research before joining SHSU in 2007. I chose academia over industry mainly because I love the university environment and I love to work with students. Another reason is that professors have summer and winter breaks which allow me to spend more time with family and on what I love to do in research. (Note: Between 2009 and 2013, Dr. Chen has secured four internal research grants and one external research grant with total amount of $81,600.)
2. How did you originally gain interest in information security?
Lei: My doctoral dissertation was related to network security and how to secure the routing information in a network. That has lead me to a much broader area of network and information security.
3. What do you find most rewarding about information security and assurance education?
Lei: My students got great jobs related to information/network security and digital forensics, also the papers our students and I had published at international conferences and journals.
4. Since information security is always changing, what is the process you take when writing a text book on the subject?
Lei: We and the other authors in the textbook tried the best effort to use the most up-to-date references in the literature.
5. What advice do you have for companies with today’s emerging BYOD trend?
Lei: Companies should have well established security policies regarding what outside devices can be brought in and how they are allowed to access what resources in the company networks. The security policies must be strictly enforced with no exception. Employee training and awareness education is also important. There should also be regular auditing and security reviews on BYOD.
6. What do you see as the biggest challenges facing information security education?
Lei: Most people have not yet realized how important information security is, and how closely it is related to everyone’s daily life.
Cheers to Dr. Chen for participating in our interview and for his contributions to the infosec community. Are you trying to build an information security program? Feel free to ask Lei further questions in the comments!
Do you run a similar information security program? If so let us know, we'd love to hear what you're up to (and perhaps feature you too!)