November 2014 MIDS Immersion: Day Three
On the final day of the November MIDS immersion, students had the opportunity to learn more about the career services offered by the I School. This eye-opening session covered resumes, job boards, networking, and much more, and was then followed by two academic sessions: Benjamin Stokes on data science and gaming, and Steve Weber and Jesse Goldhammer on cybersecurity.
Data Science and Gaming
MIDS instructor Benjamin Stokes and Dr. Nick Yee, a research scientist at Ubisoft, gave an engaging talk on why data scientists should look to game studies for models. Stokes described games as a petri dish for social science, saying that “games are interesting to study because many retail companies have pretty poor models of customer engagement compared to games.” His own research looks at in-game versus out-of-game behavior, asking whether people act in predictable ways in both settings. How to tell? That’s where data science comes in. In analyzing altruism and political leanings in gamers, Stokes identified a transfer between civic duty and game play. His cross-disciplinary approach to gaming caught the attention of many MIDS students:
Ben Stokes’ session on data science in the gaming industry was eye-opening. His approaches of using games to enhance teaching and the state of human knowledge gave me a glimpse into an aspect of data science I didn’t know existed.
[The] immersion has built a sense of community amongst my classmates in just three days. It was amazing to interact with individuals from so many different backgrounds and experiences. This immersion has left me with friendships that I know will live on past the length of the program.
— Nitin Kohli, May 2014 cohort
In the afternoon, Deloitte’s Jesse Goldhammer and I School professor Steve Weber presented a workshop on cybersecurity, a key topic in the data science field. Students were tasked with brainstorming risky actions they’ve observed in organizations they’ve worked for or with, and a number of scenarios were offered, including sending personally identifiable information and passwords over email, misplacing IDs, or even the theft of entire wallets or laptops.
Weber pointed out that, on their own, none of these security violations ended catastrophically, and noted that that’s part of the problem (as employees are not scared straight). He cited a study where the Department of Homeland Security purposefully dropped flash drives in corporate parking lots, and 60 percent of people who discovered them ended up plugging them into networked drives without ever knowing the contents. Weber then asked students a critical question: Is data security cybersecurity? He reminded them of the many recent data breaches that have occurred in large corporations, like Target in 2013, and said that 2013 was the “year of transition from geopolitical attacks to large-scale attacks on payment card systems.” While this may change again in the future, it’s an interesting trend to observe.
Cybersecurity is no joke. Students were surprised to hear that about 0.6 percent of the U.S. GDP is lost to cybercrime. By contrast, U.S. e-commerce is about 6.4 percent of GDP. In addition, Jesse Goldhammer pointed out that the U.S. government treats cybersecurity as a realm of military operations. In fact, the Department of Defense spends $5 billion on cybersecurity annually, and with good reason, too — since 2006, there have been more than 87 million sensitive or private records exposed by breaches of federal networks. Even more sobering, the DOD network (all .mil websites) gets attacked 100,000 times per minute. Goldhammer and Weber proposed five metaphors for corporate approaches to cybersecurity:
- Rational Deterrence Theory: Criminals will attack if the subjective expected utility is positive. The question then becomes, how can we make costs to an attacker credibly positive and robust?
- Insurance Metaphor: How much should be spent to protect intellectual property from theft? Should it be appraised on future revenue or market value?
- Liability Metaphor: Who bears the cost of a loss? Who is responsible if something happens?
- Public-Private Metaphor: Government and private sectors must work together to manage the cybersecurity problem.
- Opportunity Cost Metaphor: What (valuable) activities are foregone due to real and perceived security risks?
After advising that data may change the landscape in two ways — as a new source of problems (data security) and as a lever for solutions (data-enabled cybersecurity) — Weber split the students into groups to first research the cybersecurity measures of major companies and then to role-play a situation where the NIH creates a centralized data exchange. Students were tasked with discovering how to best reduce risks to the databases without hampering medical research, using what they’d learned during the cybersecurity seminar.
Though I attended without any notion of cybersecurity, the lecture showed me that it’s tied inextricably to data science. It was the highlight of my immersion experience, not just for this new perspective on discrete issues in our field, but also for the renewed appreciation the session gave me for my peers. The breakout groups in particular let me hear their unique perspectives and reminded me how many new things I could learn from working with every member of the program.
— Nihar Patel, September 2014 cohort
The day concluded with a dinner in downtown Berkeley, where students were given the chance to ask questions to Dean Saxenian in a town hall format. Questions ranged from interest in future classes to comments on the program itself, and students expressed their thanks for an enjoyable immersion.