Corey Schou

Last updated January 27, 2024

Corey Schou is University Professor of Informatics and Associate Dean at Idaho State University,^[1] director of the National Information Assurance Training and Education Center (NIATEC) and the Simplot Decision Support Center (SDSC), and for ten years the chair of the Colloquium for Information Systems Security Education (CISSE).^[2]

In the early 1980s, organizations began to recognize that connected PCs in various locations were much more vulnerable than a mainframe locked away in a single building. These organizations began seeking qualified individuals responsible for selecting, recommending and implementing security policy and procedures. However, few schools were offering information security curricula, much less academic degrees, and organizations would have to take an IT professional at his or her word that they knew how to manage information security for the entire enterprise.

By 1989 Schou and others had established a unified common Body of knowledge for computer security. Schou, with Idaho State University hosted the finalization meetings Archived 2017-02-04 at the Wayback Machine in Salt Lake City. His work was later recognized by the organization with various awards in San Francisco (Founder's award and The need for a professional certification to maintain and validate a common knowledge, values, and ethics for individuals in the industry became a growing concern. Several IT professional societies recognized that a certification program attesting to the qualifications of information security personnel was needed.

Schou's work is recognized several organizations such as ISC2 Archived 2017-02-04 at the Wayback Machine as foundational to the Information Assurance discipline in academia. His work for three decades has resulted in standards used internationally by government, industry and academia.^{[ citation needed ]}

Teaching

Schou is a teacher and mentor whose style is described by his students and colleagues as Socratic. At all levels he encourages students to excel. Although he has had a full-service and research agenda, university records show that he has taught at least one class every semester for the past 30 years.

He currently heads one of the Scholarship for Service Cyber Corps programs that prepares individuals to be Information Assurance Professionals. In this program all students take a full MBA program. In addition they are exposed to both courses and practicum experiences. Upon completion of the program the graduates have completed all the requirements for certification by the Committee on National Security Systems. The program is one of only three in the nation that is certified at all levels for all certifications CAE. In addition, graduates are expected to sit for the Systems Security Certified Practitioner SSCP and CISSP examinations from (ISC)2. Currently the program has a 100% pass rate on the first try as documented in the university annual report to the National Science Foundation NSF.

In 1993 he was the first non-government employee to be recognized as Educator of the Year by the Federal Information Systems Security Educators Association FISSEA

Writing

He is the author of several books on information assurance called Information Assurance for the Enterprise: A Roadmap to Information Security McGraw Hill Catalog. and over 300 referred papers and monographs.

Recent Research Books

Schou, C., Lohse, E. (2009). The Crabtree Files, The assembled works and papers of Crabtree and Swanson. Idaho: Idaho Museum of Natural History, IRI.
Corey D., Shoemaker, Daniel; Information Assurance for the Enterprise: A Roadmap to Information Security, McGraw Hill, January 2007
Schou, Corey D., Kuhel, D., “Information Operations Education: Lessons Learned from Information Assurance”, Information Warfare Separating Hype from Reality, Edited by Edwin L. Armistead, Potomac Books, Washington DC, 2007 Book Chapter
Lohse, S., Schou, C., (2007)The Columbia Plateau-Snake River Region Cultural Sequence. In Projectile Point Sequences in Northwestern North America, edited by Roy Carlson and Marty Magne. Canadian Archaeological Association. Book Chapter

Refereed Journal Articles

Schou, C., Armistead, E. L., Ryan, J. (2009/10). International Academic Standards: A New Approach to Information Operations for Interoperability. Journal of Information Warfare.
Schou, C., et al. (2009/2010) Developing information assurance standards, ACM SIGCSE Bulletin Volume 41, Issue 4 (December 2009), Year of Publication: 2010, ISSN 0097-8418
Trimmer, K., Parker, K. R., Schou, C. (2009). Functional Requirements for Secure Code: The Reference Monitor and Use Case. Academy of Information and Management Sciences Journal, 12(2), 113-119.
Trimmer, K., Parker, K. R., Schou, C. (2007). Forcing Early Implementation of Information Assurance Precepts Throughout the Design Phase. Journal of Informatics Education Research, 9(1), 95-120.
Frost, James, Schou, Corey, The Missing Components of the Security Audit - A Case Study, in The Challenge of Managing System Integrity, 2006, ISBN 0-9772107-2-3.

Related Research Articles

The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.

Health informatics is the study and implementation of computer structures and algorithms to improve communication, understanding, and management of medical information. It can be viewed as branch of engineering and applied science.

CISSP is an independent information security certification granted by the International Information System Security Certification Consortium, also known as ISC2.

ISACA is an international professional association focused on IT governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only. ISACA currently offers 8 certification programs, as well as other micro-certificates.

Certification is part of testing, inspection and certification and the provision by an independent body of written assurance that the product, service or system in question meets specific requirements. It is the formal attestation or confirmation of certain characteristics of an object, person, or organization. This confirmation is often, but not always, provided by some form of external review, education, assessment, or audit. Accreditation is a specific organization's process of certification. According to the U.S. National Council on Measurement in Education, a certification test is a credentialing test used to determine whether individuals are knowledgeable enough in a given occupational area to be labeled "competent to practice" in that area.

University of Advancing Technology (UAT) is a private for-profit university in Tempe, Arizona. Founded in 1983, UAT integrates technology into its general education requirements. The institution offers core classes, as well as deep sets of courses in each major. Each student is required to complete a "Student Innovation Project" and internship to graduate.

The Penn State College of Information Sciences and Technology, also known as the College of IST, opened in 1999 as the information school of The Pennsylvania State University. Headquartered at the University Park campus in University Park, Pennsylvania, the college's programs are offered at 21 Penn State campus locations. Dr. Andrea Tapia currently serves as the college's interim dean.

The University of Pittsburgh's School of Computing and Information is one of the 17 schools and colleges of University of Pittsburgh located on the university's main campus in the Oakland section of Pittsburgh, Pennsylvania, United States. The school was formed in 2017 with a focus on academic programs that teach contextually situated computing in an interdisciplinary manner. The school offers bachelor's, master's, and doctoral degrees as well as certificate programs and houses three departments: Computer Science, Informatics and Networked Systems, and Information Culture and Data Stewardship.

Imaging informatics, also known as radiology informatics or medical imaging informatics, is a subspecialty of biomedical informatics that aims to improve the efficiency, accuracy, usability and reliability of medical imaging services within the healthcare enterprise. It is devoted to the study of how information about and contained within medical images is retrieved, analyzed, enhanced, and exchanged throughout the medical enterprise.

The Information Networking Institute (INI) was established by Carnegie Mellon in 1989 as the nation's first research and education center devoted to information networking.

The Institute for the Certification of Computing Professionals (ICCP) is a non-profit institution for professional certification in the Computer engineering and Information technology industry. It was founded in 1973 by 8 professional computer societies to promote certification and professionalism in the industry, lower the cost of development and administration of certification for all of the societies and act as the central resource for job standards and performance criteria.

The Khoury College of Computer Sciences is the computer science school of Northeastern University in Boston, Massachusetts. It was the first college in the United States dedicated to the field of computer science when it was founded in 1982. In addition to computer science, it specializes in data science and cybersecurity. The college was also among the first to offer an information assurance degree program.

The National Information Assurance Training and Education Center (NIATEC) is an American consortium of academic, industry, and government organizations to improve the literacy, awareness, training and education standards in Information Assurance. It serves to develop professionals with IA expertise in various disciplines and ultimately contributes to the protection of the National Information Infrastructure.

The International Information System Security Certification Consortium, or ISC2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals. It has been described as the "world's largest IT security organization". The most widely known certification offered by ISC2 is the Certified Information Systems Security Professional (CISSP) certification.

The United Kingdom has a diverse cyber security community, interconnected in a complex network.

A Master of Science in Cyber Security is a type of postgraduate academic master's degree awarded by universities in many countries. This degree is typically studied for in cyber security. What is offered by many institutions is actually called a Master in Strategic Cyber Operations and Information Management (SCOIM) which is commonly understood to be a Master in Cybersecurity. This degree is offered by at least some universities in their Professional Studies program so that it can be accomplished while students are employed - in other words it allows for "distance learning" or online attendance. Requirements for the Professional Studies program include: 3.0 or better undergrad GPA, professional recommendations letters and an essay.

The National Cyber Security Hall of Fame, founded by Larry Letow and Rick Geritz, was established in 2012 to recognize the contributions of key individuals in the field of cyber security; its mission statement is, Respect the Past - Protect the Future. According to its website, it is designed to honor the innovative individuals and organizations which had the vision and leadership to create the fundamental building blocks for the cybersecurity Industry. The organization also highlights major milestones in the industry's 40-year history through a timeline representation, which includes inductees and their corresponding accomplishments.

Certified Penetration Testing Engineer (C)PTE) is an internationally recognized cyber security certification administered by the United States-based information security company Mile2. The accreditation maps to the Committee on National Security Systems' 4013 education certification. The C)PTE certification is considered one of five core cyber security certifications.

References

↑ "Who's Going to Train the Cyber Security Pros?". BusinessWeek . 2000-02-16. Archived from the original on February 29, 2000. Retrieved 2008-03-21.
↑ "AMERICA ON THE CYBER EDGE". Reuters . 2008-03-05. Archived from the original on 2012-09-09. Retrieved 2008-03-21.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Who's Going to Train the Cyber Security Pros?". BusinessWeek . 2000-02-16. Archived from the original on February 29, 2000. Retrieved 2008-03-21.

[2] "AMERICA ON THE CYBER EDGE". Reuters . 2008-03-05. Archived from the original on 2012-09-09. Retrieved 2008-03-21.

[1]

[2]