$2 million but little to show for it as plans to teach cybersecurity fizzle

Share with others:

Print Email Read Later

At City College of San Francisco, program director Suzanne Korey fumes at the wasted time and taxpayer money.

Thousands of dollars of classroom computer equipment was purchased for her school and boxes of promotional material were ready. Faculty flew back and forth to Pittsburgh at federal expense so they could be trained at the Community College of Allegheny County for courses they would never teach.

Her school was to be a charter partner in a new cyber-security curriculum, developed for use at community colleges nationwide under a Defense Department award of nearly $2 million that went to CCAC and Carnegie Mellon University's Software Engineering Institute starting in 2003.

The grant, part of a widening flow of Homeland Security dollars earmarked by Congress after the Sept. 11, 2001, terrorist attacks, was supposed to safeguard America's businesses from threats to their computer systems and databases. But months before her school was to start recruiting students, Ms. Korey said, it and other colleges were told the program was shutting down and that curriculum updates and support were no longer guaranteed. She said no official reason was given to her school, which decided last fall it had no choice but to cancel the rollout.

"It was pretty shocking," Ms. Korey said.

"It was supposed to be this big deal. Just when we were getting ready to put it on the ground and get the labs going, it ended," she said. "We should have known after three years this wasn't going anywhere."

Other schools that went ahead and offered the certificate program in Survivability and Information Assurance found student demand for the training far less than was envisioned.

Documents obtained from CCAC under the federal Freedom of Information Act show the government invested in a plan to pilot and build a program for at least 1,000 students. The actual enrollment, about 70 over three years, hasn't come close.

The institute formed at CCAC to fuel the program's spread with licensing fees has shut down and a phone number on its now-defunct Web site rings into the summer program.

Five of the eight charter colleges contacted by the Pittsburgh Post-Gazette said they either suspended the classes for lack of interest or, as was the case with San Francisco and Darton College in Albany, Ga., gave up trying to implement them amid confusion and delays. No more than 30 students finished the certificate, all at CCAC, which also dropped the courses.

"We did not have the interest that we suspected," said Peggy Williams-Betlyn, CCAC senior vice president of work force development and north campus chief executive officer.

The award required that the curriculum also be delivered to the U.S. National Guard Bureau for its use, but a spokesman, Lt. Col. Mike Milord, could not say how many personnel, if any, had used the program. Nor could Cindy Abrams, a spokeswoman for U.S. Rep. John Murtha, D-Johnstown, a longtime supporter of SEI whose office was instrumental in securing the award.

"Every once in a while, for whatever reason, a program does not get the result that the program's sponsor had hoped for," she said.

Earmarks criticized
Taxpayers for Common Sense, a nonpartisan watchdog group in Washington D.C., called it a case of academic pork that illustrates the problem with Congress ordering up money for pet projects.

"Seventy people were educated and we paid $2 million for that? I thought private school was expensive," said Keith Ashdown, the group's vice president for policy.

Initially, the program was seen as having great promise. The money would allow one of the nation's pre-eminent designers of computer security software, Carnegie Mellon, to join with a local community college to test and then roll out affordable instruction.

CCAC President Stewart Sutin said at the time it would position his school "as a national leader in cyber-security training." The institute's Carol Sledge said in a news release that her organization looked forward to developing the curriculum "for broad adoption nationally in community colleges."

In 2003 and 2004, a total of $1,975,000 was added to the Army National Guard Operations and Maintenance Appropriation. But the project, as conceived, had less to do with the military than with using community colleges to help businesses guard against a cyber threat that suddenly seemed more real after the 9/11 terrorist attacks, said Roy Flores, who was CCAC president when the collaboration was developed.

He left the college to become chancellor of Pima Community College in Arizona months before the initial award in 2003.

"America was under attack," Dr. Flores said. "The question becomes, how do you secure the databases at the local bank, the vital statistics of the state of Pennsylvania, or birth records? Everyone was working with honorable intentions."

Project employees made elaborate plans to build and promote the curriculum, including $600,000 for coordination and development of courses and a Web-based delivery platform; $115,000 for 40 classroom computers and related costs; and $160,000 for rollout preparation that included $60,000 for instructor training, $60,000 for Web and print marketing material and $40,000 for conference travel and other meetings.

They discounted tuition. They even wooed employees of other prospective partner colleges by doling out 300 chocolate CDs, purchased for $1,700 and billed to CCAC's marketing department.

Officials with the college and the institute said they met the grant's obligations by successfully developing a pilot program and delivering the curriculum to the National Guard. Kelly Kimberland, an SEI spokeswoman, said curriculum pertaining to information assurance and security is available on its Web site to anyone, including community colleges, though she declined to say if she knew of any who were using it, calling that proprietary.

CCAC officials blame an unforeseen decline in demand for information technology courses across the Pittsburgh region. They say the program's narrow target audience, system administrators, made it harder to fill seats.

The school said it opted not to participate in the final rollout phase.

"I would not say it's disappointing. This is part of what I believe goes on in terms of grants," Dr Williams-Betlyn said. "When you get a grant ... you make some assumptions and you go out and get money to see if those assumptions hold true."

Support problems
The information technology slump wasn't the only problem, say some schools involved in the program. They pointed to tensions between CCAC and the institute over a number of issues, including intellectual property rights.

Darton College said its agreement dissolved in November after it learned there would be no technical support. The school was given courses on CDs but said it could not get definitive answers on whether there were guidelines for their use or if legal permissions were required if changes were made.

The school ultimately created its own cyber-security program.

"We waited and waited," spokeswoman Caroline Fielding said. "Finally, our tech people said we could do it ourselves."

One official involved in the CCAC/institute project who asked not to be identified said the grant partners and the National Guard all seemed to have different agendas. He said he believed the curriculum was sound, if delivered at a high cost.

"You do the math," he said. "If we spent that kind of money and have [dozens] who we officially trained, that's certainly not a cost-efficient way of getting information out there."

Shoreline Community College in Washington state suspended the program after it drew seven and three students, respectively, over two quarters. In Colorado, Community College of Aurora suspended the program when no one signed up, and officials there haven't decided whether to try again, spokeswoman Liz VanLandingham said.

But three of the charter schools still are actively pursuing the program.

Houston Community College plans to debut it in the fall and will do its own curriculum updates, instructor Reginald Dyson said. Salt Lake Community College in Utah intends to use it but has not secured space. Pennsylvania Highlands Community College in Johnstown had 12 students when the program debuted in the spring and has eight registered for fall.

Ms. Korey, from San Francisco, said she believed her school could have marketed the program, noting her college's proximity to the Silicon Valley and the city's information technology industry.

"It's sad," said Judy Yu, director of communications at Shoreline Community College.

She said grant-funded projects often aren't subjected to the same rigorous market research that occurs in business before a product is rolled out.

"All these programs are created with good intentions. They fit somebody's needs," she said. "I'm just not sure if they're meeting the students' needs."

Bill Schackner can be reached at bschackner@post-gazette.com or 412-263-1977.


Create a free PG account.
Already have an account?