Slides
Abstract: This workshop will introduce the Community of Practice in Cyber Defense (CoP CD) Faculty Opportunities Initiative to the CAE Community, present work on the initiative completed so far, and elicit feedback from workshop participants. The goals of the Faculty Opportunities Initiative platform are to allow job seekers to easily identify colleges and universities with matching criteria to apply to, and for colleges and universities to search for job seekers who fit their needs. This CoP-CD initiative will provide a platform for students and recent graduates in cybersecurity or closely related computing fields who are interested in obtaining a faculty member academic position in one of the NCAE-C designated institutions around the nation to showcase themselves, their work experience, their CV/Resume, areas they can teach, extracurricular activities they can lead, and/or other professional interests. Moreover, professionals from various industries and government agencies who have the credentials needed and seek to teach cybersecurity at one of the NCAE-C designated institutions are welcome to showcase themselves. Additionally, academics who are currently faculty members around the nation who are seeking additional adjunct faculty overload opportunities, are allowed by their current institution, and have the capacity to serve as adjuncts (either locally in their area or online) will also be able to showcase themselves. This CoP-CD initiative will provide a platform to NCAE-C designated colleges and universities to advertise open positions with criteria such as full/part time, tenure/not tenure, courses/topics desired, degree requirements, time period of job opening, link to application portal, and other relevant information.
Presenters:
Michael Nowatkowski, Augusta University: Dr. Michael Nowatkowski is a Professor, Head of the Cyber Programs of Study, and Director of the Cyber Institute at the Augusta University School of Computer and Cyber Sciences. He leads the Augusta University efforts on Center of Academic Excellence programs, the Department of Defense Cyber Scholarship Program, the CyberCorps® Scholarship for Service program, the Virtual Internship and Varied Innovative Demonstrations (VIVID) Coalition, the VICEROY award, and the National Cybersecurity Workforce Development Program. He holds a PhD and Master of Electrical and Computer Engineering from Georgia Institute of Technology and a Bachelor of Science in Electrical Engineering from Rose-Hulman Institute of Technology. Michael joined Augusta University in 2016 after serving over 26 years as a Signal Corps and Cyber Branch officer in the U.S. Army, including eight years teaching at the United States Military Academy at West Point. His research interests include industrial control system security, medical device security, electronics, and cyber operations education.
Kim Muschalek, San Antonio College: Kim Muschalek has over 26 years of higher education experience in computer applications management and computer science. Kim has experience teaching client operating systems (Windows and Linux), TCP/IP, network design and architecture, and hardware configuration and software integration. In 1995, Kim joined the faculty at San Antonio College. She has mentored the San Antonio College/ Information Technology and Security Academy (ITSA) CyberPatriot Team for 10 years and taught cyber security concepts and team strategies aimed at solving real-world cyber security issues. Kim is the Director of the San Antonio College Cyber Innovation and Education Center. She is currently the PI for the National Cybersecurity Workforce Development Program subaward from Dakota State University and the PI for CyberSkills2Work, The National Cybersecurity Workforce Development Program subaward from The University of West Florida. Most recently Kim has been an advisor on the Career Kickstart IT Networking/Cybersecurity Advisory Board for the College Board and the Director of the CTE CyberNet program in San Antonio Texas.
Slides
Abstract: Upskilling and reskilling programs can provide flexible on-ramps and off-ramps to help diverse learners launch or advance cyber careers. This session will highlight three innovative cybersecurity workforce development programs funded by the NCAE-C Program. The presenters will share best practices, resources, and lessons learned. The session will offer a call to action to the NCAE-C Community to leverage available resources and launch similar programs. The National Cybersecurity Workforce Development Program, CyberSkills2Work, led by the University of West Florida, is a nationally scalable program that offers flexible upskilling and reskilling training pathways. The 10 NCAE-C coalition developed 28 training pathways to prepare learners for 16 NICE cyber work roles and 17 core industry certifications and train over 3250 transitioning military, veterans, first responders, military spouses, women, underrepresented minorities, and government personnel for cyber careers. The University of Louisville-led Pathways Coalition, composed of 10 NCAE-C schools, focuses on collaborating and leveraging resources and expertise to create cybersecurity curriculum addressing use cases in healthcare and logistics. The program helps build a foundational skill set in the field for a career in cybersecurity. Learners can complete a bundle and receive a digital credential badge after completing 24 modules in as little as 3 months. The coalition produced 23 cybersecurity learning modules with labs and applied applications designed for workforce skills. The NCAE-C Cybersecurity Workforce Certificate-based Training program (CWCT), led by Purdue University-Northwest, offers free online AI-Cybersecurity training for transitioning military, veterans, and first responders. CWCT offers a 3-course CWCT-Entry certificate program and a 6-course CWCT-Professional certificate program. Until now, CWCT has received over 13,000 applications from 50 states and all 5 Territories of the US, admitted over 2,250 for training, over 600 graduated, and maintained a retention rate over 55% (67% for those actually participated in training).
Presenters:
Eman El-Sheikh, University of West Florida: Dr. Eman El-Sheikh is Associate Vice President and Professor at the University of West Florida Center for Cybersecurity. Eman has extensive expertise and 30 years of experience in AI, Machine Learning, and Cybersecurity education, research, and workforce development. She won over $26 Million in competitive grants and contracts, several awards related to cybersecurity education and diversity, and was recognized among the 2020 Women Leaders in Cybersecurity by Security Magazine. Dr. El-Sheikh leads several national initiatives, including the National Cybersecurity Workforce Development Program, CyberSkills2Work. She launched the Cybersecurity for All® Program to enhance competencies and hands-on skills for evolving cybersecurity work roles. Dr. El-Sheikh teaches and conducts research related to the development and evaluation of Artificial Intelligence and Machine Learning for cybersecurity. She has published several books, including Computer and Network Security Essentials by Springer Publishing, over 95 peer-reviewed articles and given over 150 keynote and invited talks and presentations. Eman founded the Florida Women in Cybersecurity Affiliate and serves on its Advisory Board.
Sharon Kerrick, University of Louisville: Dr. Kerrick is Associate professor & Assistant Vice President Digital Transformation Center at the University of Louisville. She currently is the lead PI on over $10M in grant funding. She teaches as well as publishes in the areas of innovation/entrepreneurship/technology. She was a founding member of a technology firm that grew to employ over 300 full time staff in a 5-state region for over 20 years. In addition to software development and technical integration services the company’s technology group trained between 11,000-13,000 students each year. A past 40 Under 40 Business First Leadership recipient she was also named to Business First’s Hall of Fame. She’s a recipient of the National Association of Women Business Owners (NAWBO) Kentucky Hall of Fame award and in 2018 the NAWBO EPIC leadership award. Dr. Kerrick is an accredited angel investor who has been quoted in Forbes and has rung the bell at NASDAQ stock exchange twice!
Michael Tu, Purdue University Northwest: Michael Tu, PhD in Computer Science, Professor of Computer Information Technology and Director of Center for Cybersecurity at Purdue University Northwest. Dr. Tu is leading the NCAE-C AI-Cybersecurity Workforce Certification based training program CWCT. His research has been supported by NSF and NSA and has published about 50 papers in peer reviewed journals and conference proceedings. Dr. Tu has 18 years of college teaching experience in cybersecurity and has received many industry professional trainings and obtained numerous industry certifications in cybersecurity and digital forensics.
Adel Elmaghraby, University of Louisville: Professor Adel S. Elmaghraby is the University of Louisville Director of Research and Innovation for the Digital Transformation Center, he is also Director of Industrial Research and Innovation and Winnia Professor of Computer Science and Engineering at the Speed School of Engineering - University of Louisville. He received both his MS and PhD degrees from the University of Wisconsin-Madison (USA) and his BS degree from Alexandria University (Egypt). He has also held appointments at the Software Engineering Institute - Carnegie-Mellon University, The American University in Cairo and as A Fulbright Scholar at Qatar University. He advised over 60 master’s graduates and 30 doctoral graduates.
Tarek Saadawi, City University of New York, City College: Dr. Tarek Saadawi is Professor of Electrical Engineering at The City University of New York, City College where he currently directs the Center of Information Networking and Telecommunications (CINT). He is the co-director of the Cybersecurity Master’s degree program. His research interests are in cybersecurity, communications, and Block chain.
Slides
Abstract: Large Language Models (LLMs) are useful tools for question answering and text generation and have been trained on thousands of data points available from a variety of sources. However, in order to be useful to specific domains they need to be trained using materials that pertain to that area of expertise. Since 2017, the CLARK cybersecurity library (www.clark.center) has accumulated thousands of hours of relevant high-quality cybersecurity teaching and training materials that have been used across the United States to prepare the cyber workforce. The CLARK team has been working to train a LLM using materials hosted on CLARK in order to create a cybersecurity literate LLM that can assist educators while searching for, building, and updating curriculum. The project is code-named Cybersecurity Literate Artificially Intelligent Resource (CLAIR). It will not only be trained on CLARK materials but also on other publicly available cybersecurity resources from organizations such as NIST, NSA, MITRE, CISA and other N-CAEC Schools. In this lightning talk, we will highlight the progress the CLARK team has made and also speak to the methodology employed to train the LLM.
Presenters:
Paige Flores,Towson University: Paige Flores has led the development of the CLARK project since late 2019 and has been an adjunct faculty member at Towson University since 2021. She is currently knee-deep in a Ph.D. in Information Technology at Towson where she is researching the intersection of Artificial Intelligence and Cybersecurity Education. She is passionate about connecting educators and students with resources that can be utilized to create the next generation of cyber heroes.
Sidd Kaza, Towson University: Sidd Kaza is the Associate Provost for Research & Dean of Graduate Studies at Towson University. He is the Maryland E-Nnovation Endowed Professor of Cybersecurity. His research interests lie in cybersecurity, data mining, and application development.
Blair Taylor, Towson University: Blair Taylor is an award-winning educator with 20+ years' experience in academia. She is a national expert in cybersecurity education and curriculum development and worked with NSA's College of Cyber as a Subject Matter Expert on long-term strategies to increase the pipeline of qualified students and build the nation's cyber workforce. A Professor in the Department of Computer and Information Sciences at Towson University, she has received over $9 million of external funding.
Slides
Abstract: As digital threats are escalating, the cybersecurity workforce shortage has become a critical bottleneck in protecting our cyberspace. A recent study shows over 750,000 open cybersecurity positions globally, 21% of which are entry-level. This was echoed in recent NSF and NSA Principal Investigator meetings, where 80% of institutes reported vacancies in cybersecurity faculty positions. While considerable focus has been placed on recruiting students at various levels (BS, MS, PhD) for cybersecurity studies, there has been insufficient discussion on preparing, guiding, and empowering these individuals to become effective instructors. This workshop is a response to the cybersecurity education/training of the next-generation instructors. Objectives: (1) Transitioning Mid-Career Professionals to Academia: There exists a significant interest among mid-career professionals in industry and federal agencies to transition into academic roles after acquiring advanced degrees (e.g., PhD). This workshop will explore avenues for harnessing their expertise for academic purposes. (2) Empowering Current Instructors from Community Colleges: A notable percentage of community college instructors, especially women and minorities, are keen to enhance their qualifications with advanced degrees. However, challenges like geographical immobility and the necessity of advanced degrees for leadership and accreditation purposes often hinder their progress. This workshop will provide actionable solutions to these challenges. (3) Motivating fresh PhD graduates for faculty positions: Most PhD graduates may not be interested in faculty positions right after graduation due to salary gap, location, or other reasons. This workshop will discuss challenges and methods to motivate them for a faculty position. Expected Attendees: This workshop is designed for community college and 4-year university instructors, industry professionals, and employees from federal agencies who are directly impacted by or can contribute to resolving the shortage of qualified cybersecurity instructors.
Presenters:
Ram Dantu, University of North Texas: Dr. Ram Dantu is the director of the Center for Information and Cyber Security at the University of North Texas (UNT) recognized for academic excellence in research and education by NSA and DHS. Dr. Dantu has 15 years of industrial experience in the networking industry as a technical director for Cisco, Nortel, Alcatel, and Fujitsu. Currently, he is a full professor in the Department of Computer Science and Engineering at UNT. During 2010-2012, he was a visiting professor at MIT. He has received several NSF/NSA awards in collaboration (lead-PI) with Columbia University, Purdue University, and MIT. He was selected as a member of the Innovation Corps of NSF in 2011. In 2013 NSF TV invited him and FCC CTO for a webcast on NG9-1-1 services. He has authored several standardizations of protocols such as Multiprotocol Label Switching (MPLS), SS7 over IP, and software-defined networks. He was the principal author of 24 patents, and to date, many are being used in the industry. He published more than 250 articles, mostly in cybersecurity.
Yair Levy, Nova Southeastern University: Dr. Yair Levy is a Professor of IS and Cybersecurity and the Director of the Center for Information Protection, Education, and Research (CIPhER). Dr. Levy chairs the Cybersecurity Curriculum Committee at the college overseeing the Ph.D. program in Cybersecurity Management, MS in Cybersecurity Management (InfoSec Policy Development and Compliance), and MS in Information Assurance and Cybersecurity (Network Security Engineering) – DHS/NSA certified programs as part of NSU’s designation of National Security agency (NSA)'s National Center of Academic Excellence (CAE) in Cyber Defense Education (CDE). Prior to joining the school, Dr. Levy was instructor and director of online learning at the College of Business Administration at Florida International University, where he earned his Ph.D. in 2003. His current research interests include cybersecurity, social engineering, cybersecurity skills, competencies, awareness, and cyber threat mitigation. Dr. Levy is the author of more than 100 peer-reviewed publications. Additionally, he published invited book chapters and encyclopedias. His research publications have been cited by over 4200 peer-reviewed manuscripts.
Cihan Tunc, University of North Texas: Dr. Cihan Tunc has been an assistant professor at the Department of Computer Science and Engineering (CSE) of the University of North Texas (UNT) since 2020. Dr. Tunc received his PhD from the University of Arizona (Electrical and Computer Engineering) in 2015 and continued there as a research assistant professor till 2020. Dr. Tunc was also a visiting researcher at the National Institute of Standards and Technology (NIST). His research interests include cybersecurity, resiliency, cloud computing management, IoT and network security as well as social media analysis.
Slides
Abstract: In this session, the NCAE Cyber Games team will delve into their journey as they developed crucial tools, effective methods, and best practices, which have been successfully utilized within both Regional and Invitational NCAE Cyber Games competitions. This team has transformed from constructing competition environments manually over a week's time to seamlessly setting up environments in just a few hours through the help of automation. Discover the growth and achievements of the NCAE Cyber Games Red Team: from collaborating with a small group of local schools to taking on the national stage as they create engaging gamified red-vs-blue automated training experiences for participants nationwide. Key topics covered include: the creation of competition virtual machines, the design of engaging and educational interactions, and the development of their Red Team dashboard which effectively informs customized exploit strategies tailored to each student team.
Presenters:
Spencer Hall, Mohawk Valley Community College: Since early 2021, Spencer has been actively involved in the NCAE Cyber Games team, spearheading the creation and implementation of automation for deployments and vulnerability testing within the games. He has also developed unique persistence techniques specifically tailed for competition use. More recently, Spencer's focus within the NCAE Cyber Games has shifted to developing a full-stack automation process to build out Red Team infrastructure and vulnerable competition VMs. In addition to his work with the Cyber Games, Spencer has been working as an engineer for numerous Fortune 500 companies and government agencies. His specialties include deployment automation, application security, and containerization. Currently, Spencer's primary objective is designing robust pipelines and creating/maintaining a secure development environment.
James Rice, Mohawk Valley Community College: James has been with MVCC, starting as an adjunct professor in 2011, and becoming full-time cybersecurity faculty at the beginning of 2017. While teaching as an adjunct for MVCC, James worked full-time as a cybersecurity analyst for Quanterion Solutions Inc., a cybersecurity and reliability engineering-focused Department of Defense contractor. During this time, he has focused on delivering dynamic learning content and environments via various forms of media, including scenarios and games for the DoD and various cyber competitions such as the NCAE Cyber Games, including the NCAE Cyber Games Sandbox virtual challenges.
Slides
Abstract: Dominated by technological advancements, Artificial Intelligence (AI) with cybersecurity stands out as a key component for the future of our digital defense. This fire talk will discuss the impact of AI on cybersecurity, by examining the challenges, opportunities, and the role it plays in safeguarding our digital world. The session will briefly discuss the historical roots of AI, to its projected surge to $135 billion by 2030. The session will also discuss the relationship between AI and cybersecurity, first by explaining how AI benefits the defense against cyber threats as well as examine the dark side of this technological alliance in cybersecurity. The presentation concludes by providing practical insights for staying secure in the AI-driven landscape. A call to action is issued to review and update cybersecurity practices, incorporating best practices in password management, data privacy, and personal cybersecurity. In conclusion, the presentation portrays the intersection of cybersecurity and AI as a dynamic and evolving landscape, urging cybersecurity leaders to embrace AI's potential, understand its risks, and adapt to ensure a secure and resilient digital world.
Kellep Charles, Capitol Technology University: Dr. Kellep Charles serves as Department Chair of Cybersecurity programs and Professor of Computer Science at Capitol Technology University. Dr. Charles research areas encompasses Digital Forensics, Threat Detection, OSINT, Machine Learning and Malware Analysis. He completed his Doctorate in Cybersecurity at Capitol Technology University. He also holds a Master of Science in Telecommunication Management from the University of Maryland University College and a Bachelor of Science in Computer Science from North Carolina Agricultural and Technical State University. Dr. Charles also worked as a government contractor in the Washington, DC area as an information security analyst for over 25 years in the areas of incident response, computer forensics, security assessments, malware analysis, and security operations.
Slides
Abstract: The Cybersecurity Clinic represents an innovative approach to addressing the dual challenges of educating future cybersecurity professionals and fortifying cybersecurity resilience in vulnerable communities. This presentation delves into designing and implementing an NSA-sponsored cybersecurity clinic at Metro State University to offer diverse clients free cybersecurity risk assessments. The initiative is a collaborative effort between academia and state IT, with Minnesota's IT agency (MN.IT) as a critical partner. Bringing together academia and a state IT agency creates a unique synergy, fostering an environment where theoretical knowledge meets practical application. MN.IT's involvement provides a bridge to real-world challenges and ensures that the clinic's initiatives align with broader state-level cybersecurity goals. The primary objective of the clinic is to extend cybersecurity services to underprivileged sectors, including K12 institutions, underserved municipalities, non-profits, and small businesses. By targeting these often-overlooked entities, the clinic aims to bridge the digital divide and fortify the cybersecurity posture of communities that may lack the resources to adequately defend against evolving cyber threats. The presentation offers a comprehensive overview of the establishment and early experiences of an NSA-sponsored cybersecurity clinic at Metro State University. It serves as a valuable resource for educational institutions and organizations seeking to embark on similar initiatives, providing insights into the strategic planning, student involvement, risk assessment development, and community outreach required for a successful and impactful cybersecurity clinic.
Presenters:
Faisal Kaleem, Metro State University: Dr. Faisal Kaleem, an experienced cybersecurity expert, is a Computer Science and Cybersecurity Professor at Metro State University in Minnesota, holding a Ph.D. in Electrical Engineering from Florida International University (FIU). Since 1998, he has actively contributed to cybersecurity education, earning recognition through various awards. Dr. Kaleem is an accomplished educator, visionary founder, and executive director of MNCyber. This initiative, a public-private partnership, aims to position Minnesota as a national cybersecurity leader. Through educational programs, strategic partnerships, interdisciplinary research endeavors, and community engagement, MNCyber strives to fortify Minnesota's cybersecurity ecosystem. Additionally, Dr. Kaleem provides advisory services to various entities like the Cloud Security Alliance Minnesota and the National Cybersecurity Student Association, demonstrating his dedication to advancing cybersecurity education. His active involvement in the National Center of Academic Excellence in Cyber (NCAE-C) programs further underscores his commitment. Dr. Kaleem has secured numerous grants from the National Science Foundation (NSF), the National Security Agency (NSA), private sector organizations, and Minnesota State. Alongside his academic pursuits, he holds various industry certifications such as CISSP, CEH, and Security+.
Slides
Abstract: In the dynamic landscape of cybersecurity education, there exists a critical bridge between academic programs and the evolving needs of the industry. Our journey began with the development of a comprehensive cybersecurity degree program, wherein collaboration with local companies played a pivotal role. Initial discussions provided general insights, but it was subsequent meetings that unearthed a treasure trove of specific skills required by industry professionals. Representatives from these companies graciously shared a detailed list of tasks they expected our graduates to master, opening a unique opportunity for us to align our curriculum with real-world demands. As we scrutinized this task list, a remarkable realization emerged—many of these tasks found a direct correlation with the hands-on labs our students were already engaging in. This gave us a motivation to refine and expand our hands-on lab activities. By incorporating the specific skills outlined by industry partners, we not only enhanced our students' capabilities but also aligned our curriculum more closely with the needs of the workforce. The synergy between industry requirements and academic labs became even more apparent when we have been introduced to the ABCDE (Actor, Behavior, Context, Degree, and Employability) model of the CAE-CD (Centers of Academic Excellence – Cyber Defense) re-designation, a framework that perfectly mirrored the skills sought by employers. In this enlightening talk, we aim to showcase our journey of aligning a hands-on lab with a competency statement using the ABCDE model. This approach serves as a blueprint for other institutions looking to bridge the gap between theoretical education and practical industry needs. By illustrating the seamless integration of hands-on labs into competency statements, we hope to inspire collaborative efforts that push cybersecurity education into a new era of relevance and effectiveness.
Presenters:
Ayad Barsoum, St. Mary's University: Ayad Barsoum, Ph.D., is an Associate Professor of Computer Science, Graduate Program Director of Cybersecurity, and Director of NSA/DHS Designated Center for Cyber Excellence at St Mary’s University, San Antonio, Texas. Barsoum led the efforts to propose and develop the Master of Science in Cybersecurity program and the Graduate Certificate in Cybersecurity program. He also contributed to bringing the cybersecurity lab to St. Mary’s, developed through grants from the Hearst Foundation and the Valero Energy Foundation. Barsoum spearheaded the NSA/DHS project to have a National Center of Academic Excellence in Cybersecurity – Cyber Defense (CAE-CD) and to have an NSA/DHS designation for the MS in Cybersecurity Program. Barsoum received his Ph.D. from the Department of Electrical and Computer Engineering at the University of Waterloo (UW) in Canada in 2013. He is a member of the Centre for Applied Cryptographic Research at UW. He received his B.Sc. and M.Sc. degrees in Computer Science from Ain Shams University in Egypt in 2000 and 2004, respectively.
Slides
Abstract: In an era of constant and evolving cyber threats, the demand for trained cybersecurity professionals is essential. To help meet this demand and cultivate a generation equipped to tackle modern cyber challenges, the development of a cybersecurity simulator emerges as a pivotal educational tool. This simulator aims to transcend traditional pedagogical methods by offering immersive and realistic learning experiences across various cybersecurity scenarios. Catering to diverse educational levels, the cybersecurity simulator extends its reach across higher education, K-12, and organizational spheres. In higher education, it seamlessly integrates into existing courses, offering enriching class assignments and dedicated elective classes focused on hands-on learning. For K-12 institutions, the simulator serves as a gateway, introducing students to the fundamentals of cybersecurity through specialized programs such as Cyber Day or week-long camps. Crucially, the cybersecurity simulator functions as more than just a training tool; it serves as a catalyst for long-term memory retention and encourages iterative learning from mistakes. By embracing innovation and leveraging immersive technologies, this simulator heralds a new era of cybersecurity education, one where learners are empowered to thrive amidst an ever-evolving digital landscape.
Presenters:
Sebastian Hayes, Brigham Young University: Sebastian Hayes is currently an undergraduate Cybersecurity student at Brigham Young University. He is a teaching assistant for several cybersecurity courses. He also works as a research assistant in the Cybersecurity Research Lab and serves as the President of the Network Engineering Student Association.
Albert Tay, Brigham Young University: Albert Tay is an Associate Professor in IT & Cybersecurity, College of Engineering, BYU. Director of Cybersecurity Research Lab.
Slides
Abstract: DevOps practices have recently gained widespread adoption in the software development industry, aiming to accelerate software delivery and enhance business agility. In tandem with this, the security extension of DevOps, known as DevSecOps, has witnessed a notable surge in popularity. Recognizing the significance of integrating security practices into the DevOps workflow, many organizations are prioritizing the proactive management of security concerns right from the initial stages. This approach ensures a continuous focus on security throughout the entire software development lifecycle. Given this industry trend, it is imperative for higher education institutions to incorporate DevSecOps into their curriculum. By doing so, they align their educational offerings with current industry demands and empower students with skills that are highly sought after. In this presentation, we will explore various approaches to integrating DevSecOps into academic programs. This includes options like dedicated courses specifically focused on DevSecOps, the incorporation of dedicated modules within relevant existing courses, and the dispersion of DevSecOps concepts across a broad spectrum of courses. Subsequently, we will share our experiences and delve into the intricacies of a DevSecOps curriculum, employing a project-based learning methodology to provide students with hands-on experience involving tools and real-world scenarios. Additionally, we will discuss potential challenges that may arise in the process.
Presenters:
Yuting Zhang, Boston University: Dr. Yuting Zhang is an Assistant Professor and director of the cybersecurity program at Boston University Metropolitan College (BUMET). Her research spreads several areas in computer and network systems with publications in a number of conference proceedings and journals. Her current focus is on mobile computing and security, software security and cybersecurity education. She has taught and developed a variety of software and security courses.
Slides
Abstract: Funded by the NSA through the NCAE-C program, the mission of the National Cybersecurity Curriculum Task Force is to catalog and create high-quality and relevant curricula on emerging cybersecurity topics, mapping to curricular and workforce guidelines, and make them freely available. The mission is being accomplished with the following goals: (1) Conduct a comprehensive search of available curricula in cybersecurity repositories, directories, and among the community. (2) Perform gap analysis to identify high-need areas to create a cyber-ready workforce. (3) Develop high-impact, high-value curricula for the community. In its third year, this project has iterated through the three goals, and continues to cycle through these interconnected goals. This presentation will share the results of the project so far, point the audience to where they can find vetted cybersecurity curriculum materials, and offer opportunities to contribute to the project. We will give an overview of the curriculum, housed on CLARK, that has been developed through the project so far, which covers topics including zero trust security, ransomware, quantum resistant cryptography, and software supply chain security. We will also present the call for proposals for funded curriculum development in emerging cybersecurity areas for the third round of this project.
Presenters:
Cara Tang, Portland Community College: Cara Tang is the faculty lead and CAE POC for the Cybersecurity program at Portland Community College in Portland, Oregon. She co-chairs the National Cybersecurity Curriculum Task Force. In addition to this project, Dr. Tang has been involved in a number of curricular efforts in the cybersecurity education community, including chairing the task force that developed Cyber2yr2020, ACM's curriculum guidelines for associate degree programs in Cybersecurity.
Blair Taylor, Towson University: Blair Taylor is an award-winning educator with 20+ years' experience in academia. She is a national expert in cybersecurity education and curriculum development and worked with NSA's College of Cyber as a Subject Matter Expert on long-term strategies to increase the pipeline of qualified students and build the nation's cyber workforce. A Professor in the Department of Computer and Information Sciences at Towson University, she has received over $9 million of external funding.
Sidd Kaza, Towson University: Sidd Kaza is the Associate Provost for Research & Dean of Graduate Studies at Towson University. He is the Maryland E-Nnovation Endowed Professor of Cybersecurity. His research interests lie in cybersecurity, data mining, and application development.
Tobi West, Coastline College: Dr. Tobi West is a tenured full-time faculty member of Cybersecurity and Computer Information Systems at Coastline College in Southern California. She is the director for Coastline’s National Center of Academic Excellence in Cyber Defense education and serves on multiple national committees supporting cybersecurity curriculum development inclusive of K-12, college, university, and post-graduate. As Department Chair of the Technology Division at Coastline, she provides leadership for pathways and curriculum development.
Slides
Abstract: Pervasive and ubiquitous computing, especially with the advancement of the Internet of Things and the Smart City concept, extend the novel means of criminality and its investigation. We argue that current forms of investigation and discovery are not sufficient to limit injuries onto persons and communities. Nonetheless, cybersecurity approaches within criminal justice, criminology, and workforce development – together – offer models that significantly benefit efforts to address public cybersecurity harms. Yet, they have been largely overlooked. We suggest an interdisciplinary lens to address cybersecurity, including criminal justice and workforce development integration and employing empowerment theory. We demonstrate the effects from integrating cybersecurity and forensic practices into traditional law enforcement and other disciplines. The effects are positive as public safety will be needed to provide public safety and security in our hybrid technical world. We must, in essence, “democratize” cybersecurity through its distributed availability. We present means to achieve this and results from efforts to promote this integration through several coordinated, yet differently targeted programs. Implementation by universities and colleges across the United States will better assure the cybersecurity of our citizens.
Presenters:
Michael Martin Losavio, University of Louisville: Michael Losavio teaches in the Department of Criminal Justice and the Department of Computer Science and Engineering at the University of Louisville, Louisville, Kentucky, U.S.A. on issues of law, society and information assurance in the computer engineering and criminal justice disciplines. His focus is on law and social sciences as they relate to computer engineering, evidence, digital forensics and AI/machine learning. Courses include Digital and Computer Crime, Transnational Cybercrime and Legal Issues with Artificial Intelligence.
Jen Whiting, University of Illinois: Jen Whiting's research focuses on improvements in law enforcement training infrastructure.
Adel Elmaghraby, University of Louisville: Adel is the Speed Engineering School Director of Industrial Research and Innovation, the Winnia Professor of Computer Science and Engineering and an IEEE Life Senior Member.
Andrew Wright, University of Louisville: Andrew is the Chair of the Department of Information Systems, Analytics, and Operations, the Director of Learning Initiatives, Digital Transformation Center, Information Systems, Analytics & Operations
Dr. Cheryl Purdy, University of Louisville: Dr. Cheryl Purdy is a digital forensics examiner/analyst with the Daviess County Sheriff’s Office in Owensboro Kentucky. She holds several industry certifications in the field and has been with the department in this capacity for the past 13 years. Cheryl holds a PhD in Information Technology with a specialty in Digital Forensics. She has completed training from the National White Collar Crime Center, Secret Service’s National Computer Forensics Institute, Boston University Center for Cybercrime, Investigation, and Cybersecurity, and the American Academy of Applied Forensics. Dr. Purdy teaches graduate level digital forensic courses for the University of the Cumberlands, Network Administration and Information Security for Western Kentucky University, and a workforce Cybersecurity course for the University of Louisville. She has recently returned from Iceland as a Fulbright Specialist working with the University of Akureyri in the development of cybersecurity curriculum for law enforcement.
Slides
Abstract: A CAE CoP committee was tasked to develop a Student Code of Ethics and Professional Conduct. Last June, a draft was shared with, and feedback received from the CAE Community resulting in publishing the NCAE-C Code of Ethics and Professional Conduct. The panel will share effective strategies employed to engage students with the code, including interactive workshops, case studies, and over 30 hours of curriculum modules. The discussion will conclude with lessons learned and best practices for institutions seeking to implement similar initiatives to meet the new CAE redesignation requirements.
Presenters:
Anna Carlin, Fullerton College: Anna Carlin, CISA, is a CIS Department Coordinator and Instructor at Fullerton College. Ms. Carlin teaches Cyber Security, Network Security, Ethical Hacking, and Introduction to Information Systems in the Business and CIS Division. Ms. Carlin is also the Executive Director of the Hornet Security Education Center to educate students and the surrounding community on safe computing practices. Anna has over 15 years of experience in IT audit, software development, and operations management.
Kelli Burgin, Montreat College: Kelli Burgin began teaching Cybersecurity at Montreat College in January, 2016. Professor Burgin brings both industry experience in healthcare and teaching experience in public and adult education to her current position. She has been an active member of the CAE Community since 2017 when Montreat College was designated as a Center of Academic Excellence in Cyber Defense. Since 2020, Professor Burgin and a team of colleagues from Montreat College and other CAE-Designated institutions have been working on materials related to NCAE-C Student Professional Development and Ethics.
Stan Mierzwa, Kean University: Stan leads the Center for Cybersecurity at Kean University and is the point of contact for the universities National Security Agency Center of Academic Excellence Cyber Defense (NSA CAE-CD) designation. He also teaches undergraduate and graduate courses in cybersecurity, risk management, information security, and Management Information Systems. Stan is currently a Ph.D. candidate in the middle of a dissertation focused on the competency of cybersecurity college graduates.
Gary Sparks, Metropolitan Community College: Gary Sparks is the Program Director for the Metropolitan Community College Cybersecurity Center, a full-time instructor, and a retired Chief Master Sergeant (CMSgt) from the US Air Force and Air National Guard. He has 40 plus years of experience in security and computer technology operations and management. As the Chief of Security for an Intelligence squadron, he managed all security programs and advised the commander on processes, policy, and procedures for physical, information, operations, transmission, technical and communications security. He additionally was a master instructor for the US Air Force.
Gary holds two AS (Associate of Science) degrees from the Community College of the Air Force (CCAF) in Instructor of Military Science and Technology and Security and Law Enforcement Administration. He also holds a BS (Bachelor of Science) and MS (Master of Science) in Management of Information Systems (MIS) with a focus on INFOSEC (Information Security) from Bellevue University.
Slides
Abstract: Professionalism & ethics are critical characteristics that the future cyber workforce must have. To assist the CAE community through the Careers Preparation National Center (CPNC), Montreat College has been working on a toolkit to share with other CAE schools to help and support their development. Contained within the toolkit are case studies, competencies, cyber competitions & challenges, cyber ethics book instructor resources, finishing school, links, a professionalism & ethics course, supplemental material, and workshops. As well as Montreat’s Cybersecurity Oath, the NCAE Student Code of Ethics & Professional Conduct. For the toolkit to be effective, one must learn how to use the tools. Our objective will be to not only introduce the toolkit to the CAE community, but to begin sharing the toolkit with everyone. The toolkit is not intended to replace but to support and provide more resources for the classroom and for redesignation. This session provides a general overview of the toolkit, as well as a mini-workshop on using the toolkit and examples of how it is already being implemented. There will be a Q & A session at the end of the workshop as well as a form to request the toolkit.
Presenters:
Thomas Hill, Montreat College: Thomas Hill is an assistant professor of Cybersecurity at Montreat College. He started as an adjunct in 2019 and joined the faculty at Montreat College full-time in 2023.
Kelli Burgin, Montreat College: Kelli Burgin is an assistant professor of Cybersecurity at Montreat College. She has been an active member of the CAE Community since 2017 when Montreat College received its designation as a Center of Academic Excellence in Cyber Defense.
Slides
Abstract: The School of Criminology and Security Studies at Indiana State University provides the opportunity for students in the Cyber program to gain real-world experience while attending college. The Intelligence, Cybercrime, and Criminology Center (IC3) at Indiana State University mission is to advance the nation critical infrastructure through education, partnerships, real-world experience and hands-on learning. In doing so the IC3 creates and runs one of 4 investigative internships. All internships are overseen by faculty advisors who are associated with the cyber program and provide either academic credit or paid internship. The Jail Intelligence Unit (JIU) students work with Detectives in local law enforcement to listen to jail calls and video calls to gain intel on cases they are working. The students then report back to the Detectives on significant findings. The Cold Case Unit (CCU) are working on an actual cold case from a local law enforcement agency to investigate and assist in solving an unsolved crime. These students are sworn-in investigators through the Prosecutor's Office. The Human Trafficking and Intel Unit (HTIU) are investigating and searching for intel for potential human trafficking suspects and victims in coordination with local law enforcement and Operation Underground Railroad (O.U.R.), who specialize in human trafficking. The last unit is the High-Tech Crime Unit (HTCU). These are students are sworn-in investigators through the Prosecutor's Office and are paid investigators through a grant from the State of Indiana where Indiana State University and the Prosecutor's Office partnered to provide digital forensics for 25 law enforcement agencies and 8 counties. They work with detectives on active cases to analyze digital devices related to the case. In all, over 30 students are involved in the 4 investigative internships to gain real-world experience they can put on a resume when they graduate and search for employment.
Presenters:
Jason E James, Indiana State University: Dr. James is a Tenured-Track Assistant Professor of Cybersecurity at Indiana State University, School of Criminology and Security Studies. In addition, Dr James is also the Director and Chief Digital Forensics Investigator of the Vigo County/Indiana State University High Tech Crimes Unit (HTCU) as a Sworn-in Special Investigator with the Prosecutor’s Office. Prior to joining ISU, Dr. James spent 15 years working for the DOD where he obtained his cybersecurity experience specializing in IT audits, digital forensics, and information security. Dr James also spent three years as Program Director of Cybersecurity at Sullivan University in Louisville, KY. In addition to working full-time at ISU, Dr. James is an Adjunct Professor of Cybersecurity at University of Cumberlands, American Public University System, and Indiana Wesleyan University.
Slides
Abstract: Despite the increased accuracy of intrusion detection systems (IDS) in identifying cyberattacks in computer networks and devices connected to the internet, distributed or coordinated attacks can still go undetected or not detected on time. There is a need for attack characteristics’ exchange among different IDSs. Also, a zero-day attack (an attack without a known signature) experienced in an organization’s IDS located in different regions are not the same. Collaborative efforts of the participating IDSs can stop more attack threats if these different IDSs exchange these attack characteristics. In this type of detection system, IDS nodes exchange attack features among each other with the view of promptly detecting an attack that has previously been identified by other IDS nodes. we propose a blockchain-based solution that ensures the integrity and consistency of attack characteristics shared in a cooperative intrusion detection system. Furthermore, we describe the real-time experiments conducted on the testbed and present the results. , Finally, we look into the ongoing works of extending the testbed to the COSM-IC global testbed.
Presenters:
Tarek Saadawi, City College of New York: Dr Saadawi is currently a Professor of Electrical Engineering at City College of New York (CCNY) since 1980. He’s the co-Founder of the Cybersecurity Master’ Degree Program, and Director of the Center of Information Networking and Telecommunications (CINT). Prof. Saadawi is also part of a team led by Columbia University, and including Rutgers University and University of Arizona in a three-year $3 million NSF project (IRNC: Testbed: COSMOS Interconnecting Continents-COSMIC) to establish a global next generation internet testbed. The project enables the use of unique programmable wireless, optical, and edge-cloud network testbed infrastructure for international collaborative experiments. He has published extensively in network security, and intrusion detection systems, and holds patents in AI-based intrusion detection systems.
Slides
Abstract: This presentation includes a comprehensive overview of the department's pioneering efforts and accomplishments in Cybersecurity and Data Science education since 2009. Highlighting its role as a Center of Academic Excellence since 2009 and the recipient of various prestigious grants, the presentation details the department's contributions to the academic and professional landscape through courses in Ethical Hacking, Reverse Engineering, Network Security, and Computer Forensics. Additionally, it outlines significant milestones such as ABET accreditation in Computer Science, the initiation of fully online Bachelor's programs in Computer Science, Computer Engineering, and Electrical Engineering, and the introduction of undergraduate certifications in Cybersecurity and Data Science, underscoring the department's commitment to advancing education and research in these critical fields.
Presenters:
Luis M Vicente, Polytechnic University of Puerto Rico: Dr. Luis M Vicente, Director and Associate Professor at the Polytechnic University of Puerto Rico's ECECS Department, has a rich background in Electrical and Computer Engineering, earning his Ph.D. from the University of Missouri-Columbia in 2009. With a professional journey starting in 1990, he worked with notable firms like SENER Group, Voyetra Inc., AG Software, and SIEMENS Corp. before transitioning to academia in 2003 at PUPR. Promoted to Associate Professor in 2009, he also mentors the Master's program in Electrical Engineering and was named Sponsor Research Office Coordinator in 2011. By 2020, he ascended to Director, focusing his research on signal processing, cybersecurity, and high-performance computing. A prolific advisor, Vicente has guided seventeen students through their graduate theses and holds graduate certificates in Digital Forensics, Database Security, and Digital Evidence and Auditing.
Slides
Abstract: When teaching topics in cybersecurity or computer science, a significant problem exists when working to provide a computing environment suitable for delivering a realistic student experience with the necessary tools installed, while simultaneously maintaining adequate security for both networks and private user data. The traditional approach of constructing a physical lab of networked machines has inherent limitations, such as high costs, a lack of scalability, and problems regarding administrative access, making it difficult to provide an environment for students to learn and practice realistic problems. Virtual environments are a good solution but can be expensive if provided by a third party. In addition, setting up a private environment requires a high degree of technical ability and can be unwieldy to maintain and manage. To overcome these obstacles, we have developed the Nevada Cyber Range (NCR) enabled by Proxmox. NCR provides students with live virtual machines (VMs) of various operating systems to which they have complete administrative authority, allowing them to make changes to configurations and networking as needed to perform a variety of tasks such as firewall configuration, routing, scanning, logging, etc. Each student is assigned machines as needed which can be arranged with a variety of network configurations. For Linux-based systems, a VM can contain an internal network of containerized machine instances, providing the student with a live network to test and analyze, allowing them to develop skills on a real network rather than a simulation. Instructors can access the student environment to help with problems or to troubleshoot configuration errors, and if an instance is rendered unusable, a snapshot of the environment (which is backed up on a periodic basis) can be restored allowing the student to experiment without fear of damaging their system.
Presenters:
Shamik Sengupta, University of Nevada, Reno: Dr. Shamik Sengupta is the Executive Director of the Cybersecurity Center at University of Nevada, Reno (UNR) and a Professor in the Department of Computer Science and Engineering. His research emphasizes on various cybersecurity issues such as vulnerability assessment and malware analysis, security and privacy in cybersecurity information exchange, anomaly detection in cyber-physical systems, machine Learning, network security, honeypot as well as cognitive radio, DSA networks and game theory. He has authored over 175 international conferences and journal publications including IEEE GLOBECOM 2008 best paper award, International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS) 2017 best paper award and IEEE CCWC 2020 best paper award. He is the recipient of NSF CAREER award in 2012; UNR CSE Best Researcher award in 2015-2016 and 2017-2018; UNR College of Engineering Excellence Award 2018; University of Central Florida CECS Distinguished Alumni Honor award (Department of Electrical and Computer Engineering) 2018; and the UNR Ralph E. & Rose A. Hoeper Professorship Award 2019. He has mentored over 50 undergraduate students and 25 grad students.
Slides
Abstract: Employers in the United States recognize the importance and need for qualified cybersecurity professionals, but finding employees with common cyber competencies may require a long-term solution (Said, 2018). Despite high rates of unemployed workers, employers have indicated that they have difficulty finding employees with the competencies needed for the available cybersecurity jobs (Restuccia, 2015). There is a supposed lack of commonly identified cybersecurity competencies across government, industry, and academia. The purpose of the hereto-referenced study was to get a snapshot of the landscape by measuring the cybersecurity competencies across government, academia, and industry perceptions in the North Alabama region. The study explored whether cybersecurity competencies among government, academia, and industry in the North Alabama region were properly aligned. The data and information within the study could be of specific interest to local colleges, industry leaders, and government officials so they can make improvements where needed or continue building on successes. The common core competencies used to survey participants in the workforce were Access Control, Cryptography, Digital and Computer Forensics, Network Security, Security Risk Management, and Systems Design. Based on the survey results, there was no significant difference in opinions across the industry, government, and academia. This is a good indicator that the workforce values the common cyber competencies academia presents to perform a cybersecurity role successfully.
Presenters:
Dr. Darren Waldrep, Athens State University: I am an Associate Professor of Management of Cybersecurity Operations (MCO) at Athens State University, where I started in January 2016. The MCO program is relatively new at Athens State University, with an updated curriculum and hands-on labs to foster a more realistic approach to online learning. I have 24 years of industry experience as a System Administrator and Information Assurance Manager (IAM). I was a DoD Civilian, operating as a Systems Administrator on Linux and Windows systems, meeting the DoD DIACAP and RMF regulations. I was employed by the Department of the Army as an Army Civilian at the Army Missile Command (AMCOM - Redstone Arsenal, AL) as an IAM. The primary role was to certify tactical systems entering the battlefield overseas. I was responsible for seeing the product from start to finish with the Information Assurance to meet DoD Standards and regulations.
Slides
Abstract: The need to create effective cybersecurity risk awareness educational campaigns is especially important for one of our most vulnerable and exposed populations, our students. Traditional means of educating this population are largely ineffective because of this groups’ rebellious developmental stage as well as our general impulse to tune out authoritative proclamations. However, students are especially open to learning from their peers, creating an opportunity to teach cybersecurity risk awareness via Digital Storytelling. Digital Storytelling is a powerful means of educating communities about common cybersecurity pitfalls that victimize online users. Over 30 years of research demonstrates the effectiveness of the storytelling method both in engaging the target audience and having this audience retell the lessons. The focus is the collection of typical cybersecurity incidents by having affected persons create digital stories in a manner relevant to other members of their community. Montgomery College’s Cybersecurity program is building this framework in collaboration with the Digital Storytelling Program via contests offering prizes for students willing to tell their story, capturing these stories in video, editing the stories for effectiveness and then distributing the final product to K-12 school systems to create an atmosphere where cybersecurity victimization can be discussed in a controlled environment. The effectiveness of this framework comes from the implicit bond that peers create – i.e. the ability of our target audience to identify with the storyteller -- as well as from being based on real, plausible stories that the audience may have heard of, at least in passing. We hope to build a loop where such discussions lead participants to repeat these stories, especially key principles and signs of typical scams, to build a ‘herd immunity’. Further, we wish to reduce the stigma associated with cybersecurity scams and update the stories annually to continue this effort.
Presenters:
Alla Webb, Montgomery College: Alla Webb holds both an M.S. in Computer Science from Johns Hopkins University, and a Ph.D. in Systems Engineering from George Washington University. She has over 20 years of experience in higher education and has taught a wide variety of computer science and security related courses. Her professional experience in the private sectors involved all phases of the system development cycle, including project management, requirement analysis, system design, programming, testing, system administration, database design and administration, and system installation. Dr. Webb is the Principal Investigator (PI) of NIST-PREP, a five-year cooperative agreement award from the National Institute of Standards and Technology through its Professional Research Experience Program. She was the Principal Investigator (PI) of the American Association of Colleges and Universities Teaching to Increase Diversity and Equity in STEM (TIDES) grant. Dr. Webb’s research interests include code security, mobile development, software engineering, and database management systems.
Slides
Abstract: Teaching cybersecurity concepts to undergraduates is a difficult endeavor. Your courses must include theory, application, and problem-solving. Furthermore, instructors balance a constant flow of technology change, certifications, and industry expectations against the slow pace of updated scholarly materials. To this end, many instructors stick with theory-based instruction. The material stays relatively constant, changes occur over years instead of months, and the instructor doesn’t have to change slides, write new exams, review new textbooks, and, most importantly, update hands-on labs. This doesn’t answer the industry’s call for skilled graduates, but this is often dismissed as the student’s responsibility to find internships, try things on their own, or get entry-level jobs while in college to gain hands-on skills. Hands-on experience is desired by both students and industry. However, developing hands-on labs is a very time-consuming process. Sure, instructors can save time by utilizing online platforms and most of these are very good but expensive. Unfortunately, cybersecurity students don’t know if their dream job is going to involve hardware, software, regulatory compliance, business, etc. which makes the time and expense spent questionable. It takes an instructor an average of 6-10 hours to build a single hands-on lab. This results in a need for about 100 spare man-hours to develop labs for one class, or more than 400 man-hours per semester. Furthermore, the constant evolution of cyber means the labs only last about 3 semesters before they must be rewritten. This presentation explains how undergraduate students were involved in solving the hands-on lab development, instruction, and upkeep problems. How undergrads wrote a free textbook of hands-on labs using only freeware for building an enterprise network architecture as well as techniques for attacking and defending the network. Furthermore, we will show how the student writers, testers, and editors directly benefited from their efforts. Finally, we will discuss what is in store for the second edition and how you and your students can participate.
Presenters:
Mathew J. Heath Van Horn, Embry-Riddle Aeronautical University - Prescott: Dr. Mathew J. Heath Van Horn served 23 years in the Air Force in various cyber-related roles including electronics repair, software development for nuclear command and control, and dominating hostile airspaces. Matt served as both a noncommissioned and commissioned officer. Upon retirement, he started a shed company for $428 and used his cyber knowledge to grow the business to generate $1M in sales across 8 states in less than 4 years. Matt missed the energy of young adults and sold the business to become a professor of IT at SUNY Delhi in upstate New York. After 5 years, he was ready for new challenges and is now an assistant professor of cybersecurity at Embry-Riddle Aeronautical University, Prescott. His current research interests include operational technology, hacker decision-making, and instructional pedagogy as applied to cybersecurity.
Slides
Abstract: At WGU, we embrace technology to make learning more accessible to our diverse student population. Our competency-based learning model allows for flexibility in student pacing. With students starting and completing courses at different times, how can we best support them? A recent innovation is using machine learning to prioritize and refine student support. The model helps program mentors identify students who are likely to benefit most from additional support. The momentum indicator tool addresses the question, "How likely is it that this student will complete their enrolled Competency Units if nothing about their situation changes?” In this session, we will share how we solve for a more responsive higher education environment and meet the needs of our 20,000 Cybersecurity students.
Presenters:
Jason Hammon, Western Governors University: Jason Hammon is a program manager and faculty member at Western Governor’s University where they support over 20,000 cybersecurity students. He is a proven educational leader with a results-driven approach and a successful track record in both program management and technical course development. Specializing in cybersecurity and computer science programs, he’s managed initiatives that have scaled to tens of thousands of students. These include the creation of diverse IT programs, microcredentials, courses, and competencies. He has an MBA in Information Technology Management from WGU and an EdM from the Harvard Graduate School of Education.
Slides
Abstract: In recent work, we developed an educational module for undergraduate computing students, to bring inclusivity and engagement into the advanced cybersecurity education topic of stack smashing attacks and defenses. Our module comprises four guided learning activities, and Dynamic, Interactive Stack-Smashing Attack Visualization (DISSAV), a program visualization tool for stack smashing. The module was deployed in UNC Charlotte’s ITIS 3200 Introduction to Computer Security and Privacy course in multiple semesters, garnering favorable student perceptions. In this talk, we will describe our study to evaluate the effectiveness of the module for an underrepresented, underserved community in computing—neurodivergent students, specifically, students with Autism Spectrum Disorder (ASD) or Attention Deficit Hyperactivity Disorder (ADHD). Our study aims to deploy our module to two cohorts: one section of introductory cybersecurity in Spring 2024, and the AccessComputing group, a cohort of about 600 computing students and recent graduates across the US who have disabilities such as ADHD and ASD. We will use a multi-pronged data collection approach and mixed-methods analysis to 1) evaluate the effectiveness of our guided learning activities and DISSAV for neurodivergent students to learn about stack smashing in an effective, engaging, and accessible manner ; and 2) establish guidelines for the development and use of pedagogical strategies such as guide learning and program visualization to be inclusive of neurodivergent students, drawing from insights from our study.
Presenters:
Harini Ramaprasad, University of North Carolina at Charlotte: Dr. Harini Ramaprasad is a Teaching Professor and Associate Dean in the College of Computing and Informatics at UNC Charlotte. She received her B.S. in Computer Science from Bangalore University and her M.S. and Ph.D. in Computer Science from North Carolina State University. Her research interests are in the areas of computer science education, real-time systems, computer architecture and cyber-physical systems, with recent work focusing on improving student learning and engagement in advanced cybersecurity education. Dr. Meera Sridhar is an Associate Professor in the Department of Software and Information Systems at UNC Charlotte. She received her Ph.D. in Computer Science from the University of Texas at Dallas and her B.S. and M.S. in Computer Science from Carnegie Mellon University. She has over 20 years of experience in software security and formal methods. Her recent work focuses on mobile, IoT, and CPS security, and cybersecurity education. Her work is funded by NSF and the state of North Carolina and has been published in top security and formal methods venues.
Slides
Abstract: This lightning talk, "HyFlex Cybersecurity Teaching: Navigating Flexibility," aims to equip educators with innovative strategies for teaching in a flexible and adaptive manner. The session explores the HyFlex (Hybrid-Flexible) teaching model, emphasizing its relevance in addressing the diverse needs of community college students while providing tangible methods for implementation.
Presenters:
Jason Mitchell, Lansing Community College: Jason Mitchell, a seasoned IT professional with over 30 years of experience, currently serves as a full-time Professor at Lansing Community College, after 16 years as an IT manager for Community Mental Health. With an MBA in Information Technology Management and a BS in Criminal Justice from Michigan State University, Jason holds over 20 industry certifications, including CompTIA Security+, CASP+, Pentest+, CySA+, ISC(2) SSCP, and others. Beyond his credentials, Jason is dedicated to shaping the next generation of Cybersecurity professionals. Leveraging his practical knowledge, he imparts a forward-thinking approach to technology, reflecting his passion for educating and mentoring future industry leaders.
Slides
Abstract: Recent literature shows that privacy education related curriculum development work has not advanced as much as security education related curricular initiatives. When it comes to teaching data privacy within the realm of K-12 cybersecurity education, educators typically use techniques and curriculum that involve primarily textual data and not always visual data, like images, videos, etc. This lightning talk will introduce the audience to a non-traditional way of educating K-12 learners about the topic of data privacy by using the theme of privacy through visual anonymity (PVA), which is based upon the Visual Privacy Enhancing Technology (VPET) subject matter, and which focuses on privacy enhancements within visual data cues. This presentation will provide a short overview of the PVA themed VPET lesson plan, which has been developed by the presenter. This visual privacy lesson makes use of an improvised approach of illustrating and demonstrating data privacy concepts through information hiding via obscuration of visual data contents in images, videos, and other visual media for privacy purposes. This talk will briefly describe this unique visual privacy lesson plan, and shall include a short discussion on how this innovative lesson plan has been used to engage K-12 students through hands-on activities, based upon the use of publicly accessible VPET applications, namely - the Obscura Cam and the Anonymous Camera mobile apps, as well as the YouTube Face Blur functionalities. This presentation will also share how this visual privacy lesson, including the hands-on activities, has been successfully used in several cybersecurity camps and workshop sessions, including the GenCyber program, for introducing data privacy concepts at the middle-school and high-school levels. During this talk, the audience will be provided access to visual privacy hands-on lesson materials, which are ready to be used and adopted for cybersecurity education plus outreach at the K-12 level.
Presenters:
Dr. Ankur Chattopadhyay, Northern Kentucky University: Dr. Ankur Chatterjee is the Director of the Center for Information Security within the College of Informatics at Northern Kentucky University (NKU). He serves as the Point of Contact for NKU's National Center of Academic Excellence in Cyber Defense Education designation with NSA. Ankur is a tenured Associate Professor of Cybersecurity within the School of Computing & Analytics at NKU. He is the NKU PI/Lead on a NSA cybersecurity workforce development grant-based coalition project, which is being led by the University of Louisville. He is the founder of the GenCyber program at NKU, and was the first Program Director of the GenCyber grant project at NKU. He has served as the first faculty advisor of the NKU Women in Cybersecurity chapter. Ankur serves as one of the of the advisory board members on the governing body of the Kentucky Cybersecurity & Forensics conference. He has served as the Program Director of the NKU Bachelors in Cybersecurity major. At NKU, Ankur teaches cybersecurity classes, including Data Privacy and Risk Management, at the undergraduate and graduate levels.
Slides
Abstract: As outlined in the 2021 Coast Guard Cyber Strategic Outlook, the service “requires a mission ready cyber workforce to keep pace with the rapid evolution of threats from adversaries within cyberspace.” Developing career pathways to recruit and retain cyberspace operators is not the only means of bolstering cyber resiliency. Every Coast Guard member must be ready to protect themselves and the service from threats in cyberspace. As one of the nation’s five federal service academies, the United States Coast Guard Academy (CGA) is responsible for educating, and training commissioned officers to serve in the U.S. Coast Guard. High school graduates are transformed into credentialed professional mariners, college graduates, and commissioned as Coast Guard Ensign’s through a rigorous 200-week program. Every federal employee is required to complete an online “Federal Cyber Awareness Challenge.” However, this training alone will not adequately prepare our graduates for the constantly changing threats they are sure to face as Coast Guard officers. In order to meet this need, every Cadet participates in a day long Cyber Defense Awareness Training as a part of their summer training semester. During this presentation, we will offer an overview of the Cyber Defense Awareness training that every Cadet goes through during their summer training period. We will share our lessons learned over the last 7 years of conducting this training. Our goal is to provide an overview of our current curriculum, pedagogical approach, and goals for future development.
Presenters:
Jason Veara, United States Coast Guard Academy: Lieutenant Commander Jason B. Veara is an Instructor of Electrical Engineering and Computing at the U.S. Coast Guard Academy. He has a M.S. in Telecommunications from George Mason University, and a B.S. in Electrical Engineering from the U.S. Coast Guard Academy. He has been an instructor at USCGA since 2020, and a member of the Permanent Commissioned Teaching Staff since 2023. LCDR Veara reported to USCGA after a tour at the Command Control and Communications Engineering Center (C3CEN) in Portsmouth, VA. As the Electronic Navigation Division Lead, he was responsible for the development, delivery, maintenance, and support of the electronic charting display system on all Coast Guard Cutters and Boats. His previous duty assignments include duty as a Deck Watch Officer on the USCGC VENTUROUS (WMEC 625) in St. Petersburg, FL and the Deputy Logistics Chief at CG Sector Miami in Miami Beach, FL.
Slides
Abstract: The Kean University Center for Cybersecurity participated in a four-week summer STEAM education program for high school students interested in the fields of global supply chain, mathematics, and cybersecurity. The high school students came from neighboring townships and urban areas in New Jersey that can be considered underserved communities. This presentation includes a case study report on the use of the CAE-CD RING program materials, as well as providing feedback from the students on the modules adapted and general cybersecurity field and program. The entire program was funded by the Port Authority of New York and New Jersey.
Presenters:
Stan Mierzwa, Kean University: Stan leads the Center for Cybersecurity at Kean University and is the point of contact for the universities National Security Agency Center of Academic Excellence Cyber Defense (NSA CAE-CD) designation. He also teaches undergraduate and graduate courses in cybersecurity, risk management, information security, and Management Information Systems. Stan is currently a Ph.D. candidate in the middle of a dissertation focused on the competency of cybersecurity college graduates.
Slides
Abstract: A firestorm of debate has erupted about the role of artificial intelligence (AI) in education since its emergence. Can AI revolutionize the classroom by offering personalized learning pathways and adaptive feedback? Are algorithms a threat to education, replacing teachers and normalizing it into an algorithm-driven experience? The purpose of this proposal is to probe into this potent question and explore its multifaceted impact on the future of learning and teaching. Artificial Intelligence can transform the educational landscape in dramatic ways. Imagine intelligent tutoring systems that offer real-time support, create individualized learning paths, and provide nuanced feedback beyond multiple-choice tests. Through AI-powered simulations, students can immerse themselves in virtual worlds and develop critical thinking skills. By automating grading and administrative tasks, teachers can devote their precious time to individualized instruction and mentorship. Participants are invited to explore AI's impact on education through this proposal. We will discuss the hazards of this transformational technology in this presentation. On the path to a brighter future of learning, let's navigate the uncharted territory of AI in education, keeping technology as a friend, not a foe.
Presenters:
Nelbert "Doc" StClair, College of Coastal Georgia: Dr. Nelbert St. Clair prefers to be known at “Doc”, Associate Professor of Cyber Defense at the College of Coastal Georgia (CCGA) in Brunswick, GA. He started in June 2019 and was tasked to build a Cyber Defense program from the ground up. He is also the Director of the Coastal Cyber Center, a non-profit center aimed at providing IT services to non-profit and small business. Dr. St. Clair’s main focus is cybersecurity, but he enjoys recruiting new students and also partners with local business, to provide cyber education and services to the community through the center, with the help of his students.
Mike Jochen, East Stroudsburg University: Dr. Jochen teaches computer science and computer security at East Stroudsburg University in Pennsylvania where he is the director of the Computer Security Program. He also serves as a Colonel and Brigade Commander for a Signal Brigade in the Army National Guard. He enjoys tinkering with microcontrollers and electronics, making wine, and the occasional batch of homebrew beer. He resides in Northeast Pennsylvania with his family
Slides
Abstract: This presentation will focus on the NCAE-C Cybersecurity Credit Transfer Agreement (CTA) Development with K-12 schools, which aims to formally establish the early college cybersecurity credits. As part of the NCAE-C Careers Preparation National Center efforts, the task aims to address the challenge of meeting the growing demand for cybersecurity professionals by developing new cybersecurity credit transfer agreements with K-12 schools. The taskforce will develop mechanisms to facilitate the development of new cybersecurity credit transfer agreements between CAE institutions and K-12 schools, including CTA development mentoring, resource sharing, and technical support to K-12 schools. The presentation will feature essential details, such as the background information and status of the current K-12 CTA development, and will specifically analyze the challenges for each form of the early college credits (AP, Dual Credit Enrollment, Concurrent Enrollment, and Career and Technical Education as Dual Credits), potential solutions will be discussed with the audiences. The CTA taskforce, jointly led by Purdue University Northwest, Forsyth Tech Community College, and partnered with Dakota State University.
Presenters:
Michael Tu, Purdue University Northwest: Michael Tu, PhD in Computer Science, Professor of Computer Information Technology and Director of Center for Cybersecurity at Purdue University Northwest. Dr. Tu is leading the NCAE-C AI-Cybersecurity Workforce Certification based training program CWCT, and he is also leading the NACE-C Cybersecurity Credit Transfer Agreement Task which is part of the effort from the CPNC-Careers Preparation National Center. His research has been supported by NSF and NSA and has published about 50 papers in peer reviewed journals and conference proceedings. Dr. Tu has 18 years of college teaching experience in cybersecurity and has received many industry professional trainings and obtained numerous industry certifications in cybersecurity and digital forensics
Slides
Abstract: At the heart of any educational institution lies a commitment to the pursuit of knowledge and the development of critical thinking skills. However, this noble objective is jeopardized when academic integrity is compromised. Academic integrity stands as the bedrock of higher education, embodying the core values of honesty, fairness, and responsibility within the academic community. In tertiary institutions, where knowledge is not only imparted but also cultivated, the importance of upholding academic integrity cannot be overstated. This presentation explores the critical significance of improving academic integrity in tertiary institutions, recognizing it as not only a moral imperative but as a fundamental prerequisite for fostering a culture of learning, research, and intellectual growth. The globalized nature of education and the increasing reliance on digital technologies have introduced new challenges to academic integrity. In an era where information is easily accessible, the temptation to engage in dishonest practices has grown. Plagiarism, cheating, and other forms of academic misconduct not only undermine the credibility of educational institutions but also erode the very essence of the learning process. As tertiary institutions strive to nurture the next generation of leaders, innovators, and critical thinkers, the preservation of academic integrity becomes paramount for ensuring the legitimacy and efficacy of the educational experience. Addressing these challenges requires a proactive and comprehensive approach that not only deters academic misconduct but also educates students about the importance of ethical conduct in their academic pursuits.
Presenters:
Israel Emmanuel, Century College: Innovative, highly dynamic information security professional with over 20 years of career success directing cross-functional teams of technical experts. Highly effective communicator with an extensive track record of building and maintaining key relationships with C-level executives, senior management, clients, technical teams, and other stakeholders. Results-oriented professional recognized for leadership and individual contributions on major initiatives and resolving mission-critical issues that ensure bottom-line success. With a broad knowledge of cyber threats detection and attack disruption, providing a powerful combination of analysis, implementation, and support. Experienced in system and network administration and engineering, project management, system and network security, incident analysis, and recovery. With in-depth knowledge of threats and exploitation techniques, providing unique insights into risk-based decisions. An Innovative team player with a passion for technology. Extremely agile and possess a positive attitude towards accomplishing business goals.
Slides
Abstract: The United States Office of the National Cyber Director, Executive Office of the President released its National Cybersecurity Strategy and National Workforce and Education Strategy recognizing the importance of international engagement and collaboration with allied nations for the advancement of cyber defense. NCyTE’s Leadership Team assembled a diverse academic international visiting delegation comprised of eight educators involved in cybersecurity education and workforce development, and in late November 2023 embarked on a 5-day visit to the UK. The aim of the visit was to engage with academic peers in the UK to learn and exchange best practices, and to explore how continued work together exercising global leadership in finding effective ways forward. While there, participation in roundtables and diverse events allowed the group to come in direct contact with educators, government officials, and nonprofits which began an effort of information sharing. Spoiler alert: both sides face similar challenges in the cybersecurity domain. Exciting areas where collaboration can decrease time to implementation and effectiveness in outcomes are being explored now through the creation of three Special Interest Groups (SIGs): Relating to industry, Diversity in the workforce and Use of innovative technology in the classroom. The panel in Fireside Chat format will discuss the visit impact, key take aways, and engage the audience in how this exchange can take on broader dimensions through planned and proposed enabling activities, including a call for participation in ongoing discussions with UK colleagues. Join us to learn how YOU as a key contributor to our CAE Community and the more expansive cybersecurity ecosystem may participate in enabling activities moving forward.
Presenters:
Michele Robinson, Whatcom Community College: Michele Robinson, Senior Director and Principal Investigator, National Cybersecurity Centers Michele Robinson currently serves as the Senior Director and Principal Investigator (PI) of National Cyber Training and Education (NCyTE) Center and CAE Candidates National Center (CCNC) at Whatcom Community College. Among her past appointments and experience include: NCyTE National Visiting Committee member for 10 years; Director of the California Office of Information Security (OIS) and State Chief Information Security Officer (CISO), appointed by Gov. Jerry Brown (between May 2013 to March 2016); OIS Deputy CISO and Statewide Incident Management Program Manager; CISO and Privacy Officer for the California Unemployment Insurance Appeals Board; and California Department of Consumer Affairs (DCA) . Michele also has 10 years of experience in the financial services sector. She earned her Bachelor of Science in information systems from the University of San Francisco, and maintains CISSP, CISM, CISA and CDPSE certifications.
Dr. Tony Coulson, California State University San Bernardino: Dr. Tony Coulson is currently a professor and the Executive Director of the Cybersecurity Center at California State University, San Bernardino. Having a well-earned reputation in industry and academia, he has won numerous awards, grants, and accolades for his innovative approaches in education and leadership in the cybersecurity and technology fields. As the Executive Director of the California State University, San Bernardino Cybersecurity Center, Dr. Coulson has worked with industry and government to map out opportunities for students and cybersecurity strategies for the nation. As the lead of the National Centers of Academic Excellence in Cybersecurity Community, he coordinates over 450 NSA CAE designated colleges and universities. He is also a Co-PI for the National Cybersecurity Training and Education Advanced Technology Education Center. Tony has an M.B.A. with a concentration in Information Management from California State University, San Bernardino. He also holds a Ph.D. in Management Information Systems from Claremont Graduate University.
Deanne Cranford-Wesley, North Carolina Central University: Dr. Cranford-Wesley manages the Cybersecurity concentration in the School of Business, Computer Information System Program at NCCU. She directs operations in the innovative cybersecurity lab and is the advisor for the Women in Cybersecurity (WiCyS) student chapter at NCCU. While at Forsyth Technical Community College, she managed 10 technical programs in the Davis iTEC Cybersecurity Center and also taught in the cybersecurity program. She developed curriculum for post-secondary education as well as K-12. She also led efforts on behalf of the Center of Academic Excellence and Regional Resource Center, where one of her initiatives focuses on the K-12 cybersecurity pipeline. She has designed curriculum for K-12 programs as a consultant in the 4-year space. She is a previous member of the CyberWatch Cybersecurity Task Force. She previously worked as Department Coordinator and Associate Professor in the 4-year space for 12 years, and is currently an executive board member for the NC TECH Association, an Executive Board member for the NC Chamber, and a member of the Executive Board for the Colloquium of Information System Security board. A cybersecurity professional who has appeared as a subject matter expert on Fox8 and Time Warner News discussing innovations in cybersecurity and cyber-attacks and appearing on WXI12 discussing the value of a GenCyber Girls Camp hosted by Forsyth Technical Community College. She has a vast amount of experience in curriculum design, grant writing, and program evaluation, and a Ph.D. in Education Leadership with a focus in Instructional Technology, and a published author of various technology-related articles. She obtained the following certifications throughout her career: IC3, Security+, Cisco Certified Network Professional (CCNP), Cisco Certified Network Associate (CCNA), and Cisco Certified Instructor (CCAI).
Stephen D. Miller, Eastern New Mexico University - Ruidoso: Mr. Miller has been in the Information Systems Profession since 1966 working in business, government, and education sectors. He has a MS/MIS Managing Computer Technology from Houston Baptist University, BS/Business Services and BIS (Phi Kappa Phi honors) from the University of Houston – Downtown, and AAS/Business Data Processing & Technical Certificate from San Jacinto College. In addition, Mr. Miller is ITIL Certified in Information Technology – Service Management, Business Process Reengineering, and Organizational Management for Improving Organizational Effectiveness from The Office of Executive Development, Rice University. Mr. Miller is currently the Department Chair of Information Technology and Cyber Security Center of Excellence for Eastern New Mexico University (ENMU)-Ruidoso, where he is responsible for campus Information Technology (IT), IT personnel, Information Systems Curriculum, and teaching. He has recently developed an online Computer and Network Security Certification Program offered in the Spring 2011 and is currently creating a Center of Excellence for Cyber and SCADA Forensics Security. Mr. Miller is retired from ExxonMobil Global Information Systems where he served in management, supervisory and technical roles over his 27 year career. He has been employed at Ford TechRep Division (programmer), U.S. Army 1st Calvary Div. in Vietnam (computer specialist), and Univac Corp. – NASA Mission Control on the APOLLO including APOLLO 13, and Skylab Missions (Communications and Telemetry Systems Analyst), TRW Controls (Project Manager), United Way of the Coastal Bend (Community Services Director), and self-employed Consulting Company. He has served as a member/leader of the following organizations: University of Houston Computer Information Systems Program Advisory Board, St. Thomas University MIS Masters Program, American Petroleum Institute, Exxon TQM Forum, Chairperson Exxon Safety Committee, United Way Exxon Executive Club Member, Data Processing Management Association, Energy Telecom & Electrical Association, Chairperson Exxon Leadership 2000 Mentor Program & Science and Math Ambassador, Phi Kappa Phi active member, and Gartner Group Quality Study Group. Mr. Miller has been teaching as an adjunct professor since 1990 at the University of Houston Downtown, St. Thomas University MIS Graduate School, Del Mar College, and Incarnate Word University. He currently teaches Information Systems at ENMU-Ruidoso in addition to his coordination and supervisory duties for the Information Technology department.
Dr. Costis Toregas, The George Washington University: Dr. Costis Toregas is a consultant to the National Cybersecurity Training and Education Center where he is responsible for East Coast representation to academia, industry and government, and international program expansion. He is the Director of the Cyber Security and Privacy Research Institute at The George Washington University, where he manages and conducts education, research and service projects in cybersecurity and privacy. His current research interests include cybersecurity risk assessment and organizational strategies, the role of insurance in cyber risk management, the use of block chain in Disaster Risk Reduction, apprenticeships and exploring a fuller utilization of Community Colleges in cybersecurity work force strategies. He is a Director for the National Cyber League and Women in Cyber Security. He is a respected consultant to national governments and intergovernmental organizations, and a much sought-after speaker on the impact of technology in government and society. His experience in developing innovative strategies for governments is reflected in the 30+ years he led the non-profit Public Technology Inc. which networked government innovators in technology and its applications in partnership with industry. He currently grounds his work in the reality of government as the IT adviser to the Montgomery County Council, Maryland, where he helps shape policy approaches for the $220m of IT expenditures in the County's $6B budget. In addition, Dr. Toregas has supported technology-based efforts in GIS, environmental data and decision support systems in the Arab Gulf Region since 2003, and provides sustainability services through EAGLES2030, a Nairobi-based NGO. He is a member of the Expert Group for the Global Risk Assessment Framework of the UN DRR program and a co-chair of its Communications Working Group; this platform provides him with the opportunity to increase the awareness of global leaders of the importance of collaborative strategies in disaster risk reduction, as well as the impact of cyber security on the economy and continuity of operations for all vital sectors of the economy at global scale. Dr. Toregas has a B.S. in Electrical Engineering and a M.S. and a Ph.D. in Environmental Systems Engineering from Cornell University. He is married to Catherine Chadley Toregas and has two children, Alexandra and Christopher.
Slides
Abstract: Informed by the work of the Competencies Workgroup within the Career Preparedness National Center, the NCAE Cyber Games team piloted two scenarios within the games that enable students to demonstrate particular workforce-ready competencies. In addition, this team has developed a unique set of challenges that are designed to foster an optimal environment for evidencing these competencies. Students are confronted with time-sensitive, challenging tasks that take place in contested environments, pushing them to develop and showcase their skill set. By participating in these dynamic scenarios, students gain valuable hands-on experience and critical thinking skills for all types of future endeavors.
Presenters:
Jake Mihevc, Mohawk Valley Community College: Jake serves as Dean of Science, Technology, Engineering and Math at Mohawk Valley Community College. He launched the college’s Cybersecurity AS program in 2013 and helped it achieve the Center of Academic Excellence in Cyber Defense designation in 2016. Jake serves as PI of the NCAE Cyber Games Project and is a co-founder of the Central New York Hackathon. He led the CAE Northeast Regional Resource Center from 2016-2019 and served as co-PI of the CAE Northeast Regional Hub from 2019-2022. He currently serves as co-chair of the NICE Community of Interest on Competitions, is a member of the CAE CD Community of Practice Steering Committee, and he co-hosts the CAE CD CoP Meet Your Competition Series.
James Rice, Mohawk Valley Community College: James has been with MVCC, starting as an adjunct professor in 2011, and becoming full-time cybersecurity faculty at the beginning of 2017. While teaching as an adjunct for MVCC, James worked full-time as a cybersecurity analyst for Quanterion Solutions Inc., a cybersecurity and reliability engineering-focused Department of Defense contractor. During this time, he has focused on delivering dynamic learning content and environments via various forms of media, including scenarios and games for the DoD and various cyber competitions such as the NCAE Cyber Games, including the NCAE Cyber Games Sandbox virtual challenges.
Slides
Abstract: We are working on a new initiative to explore how to attract Working Students (non-traditional) and Minority Students into the field, including Women, Military Students, Veteran Students, Working Students, etc. I want to share my experience as a military and veteran student, working as a single parent and a minority student. Now, I am working at a college that serves large minority populations. This initiative can help institutions get ideas on how to target under-represented populations in the field and how to help best shorten the gap and help create a more diverse workforce. The idea is to engage the audience and ask for participation in making this workgroup to support the entire community.
Presenters:
Diego Tibaquira, Miami Dade College: Dr. Diego Tibaquirá is a Professor of Computer Science with a CyberSecurity and Cloud Computing concentration at Miami Dade College. He served in the United States Marines for 8 years and then attended the University of North Carolina at Greensboro and North Carolina A&T University, where he received bachelor's and master's Degrees in Computer Science, including a Graduate Certificate in Information Privacy and Security Sponsored by the National Security Agency (NSA). He obtained his Doctorate from NOVA University. Dr. Tibaquirá has helped build the curriculum in CyberSecurity and Cloud Computing. Serving as Principal Investigator in multiple grants of over $1.7 Million Dollars to help the next generation of CyberSecurity and Cloud Computing Workforce. His experience in the field includes working for the Federal Government in Washington, DC, as an Information Security Specialist, having a Secret Clearance, and PEPSICO as a Data Analyst. He works with the Honors College and is the Lead Advisor of the Honors Society. Dr. Tibaquirá works with Military and Veterans Students as well.
Slides
Abstract: This presentation takes a careful look at the Dilemma that many of our students face as they try to pursue Entry-Level Careers in Cybersecurity. Besides lack of experience and education, there are other factors that are making it difficult for our students to be considered and to obtain that opportunity for an interview for that entry-level position. We will take a closer look at these other factors, explore strategies that can be used to help overcome these hurdles and encourage you to be the agent of change to your students.
Presenters:
Paul Campbell, Guilford Technical Community College: Paul Campbell is a Cybersecurity Faculty Member of the Computer Technologies Department of Guilford Technical Community College that is Located in Jamestown, North Carolina.
Ralph Argiento, Guilford Technical Community College: Ralph Argiento is the Department Chair of Computer Technologies Program of Guilford Technical Community College that is Located in Jamestown, North Carolina.
Slides
Abstract: In this tutorial, participants will explore "Bloom’s for Computing," a project initiated by the ACM CCECC (Committee for Computing Education in Community Colleges). This innovative approach enhances Bloom's Revised Taxonomy with a comprehensive set of 57 additional verbs spread across all six cognitive levels – Remembering, Understanding, Applying, Analyzing, Evaluating, and Creating. Developed to address the needs of educators in computing disciplines, the Bloom’s for Computing report serves as a valuable resource for crafting more precise learning outcomes and competencies. By incorporating these enhanced verbs, educators can better express the knowledge, skills, and dispositions essential in the field of computing. The versatility of the Bloom’s for Computing verb list makes it applicable across various educational levels, from K-12 to graduate programs, and is designed for use by faculty, instructional designers, or program coordinators seeking to define learning objectives for programs, courses, or individual modules in computing disciplines. Whether in two-year or four-year institutions, this tutorial offers valuable insights and tools for educators to create effective and targeted learning outcomes aligned with the ABCDE competency elements.
Presenters:
Pam Schmelz, Ivy Tech Community College: Pam Schmelz is a dedicated educator and technology professional, currently serving as Professor and Department Chair for the School of Information Technology at Ivy Tech Community College – Columbus campus. With nearly a decade of experience at a major engine manufacturer, Pam brings a wealth of industry knowledge to her role. Pam's passion for Information Technology is evident through her numerous certifications, including CISSP, CCENT, CompTIA Linux+, LPIC-1, CASP, Amazon Cloud Practitioner, Azure Fundamentals, and Azure AI Fundamentals. Her impactful initiatives include founding the CyberAcademy at the Muscatatuck Urban Training Center in Butlerville, IN, where she condensed the AAS Cybersecurity program into an intensive 11-month curriculum, providing accelerated pathways to high-wage jobs for graduates. Pam is also a valuable contributor to the ACM Committee for Computing Education in Community Colleges (CCECC), contributing to the development and update of curricular guidelines. Pam actively participates in community engagement as a member of the Bartholomew County Computer and Data Processing Board. Pam also enjoys playing the trumpet for the Columbus City Band and the Sounds of Dreams big band.
Cara Tang, Portland Community College: Cara Tang is the CAE POC for the Cybersecurity program at Portland Community College in Portland, Oregon. She is chair of ACM2Y, a group in ACM for those interested in computing education in 2-year (Associate degree) programs. Dr. Tang has been involved in a number of curricular efforts in the cybersecurity education community, and also led the development of Bloom's for Computing.
Christian Servin, El Paso Community College: Dr. Christian Servin is an Associate Professor of Computer Science at El Paso Community College and has served in the college for 15 years. He teaches computing courses, develops best practices in computing education, and establishes academic and research partnerships with ISDs four-year colleges. He is a computer scientist by training and received a Ph.D. in Computational Sciences from the University of Texas at El Paso. His research areas include Cybersecurity, Artificial Intelligence, and Computer Science Education. He serves as vice-chair for the ACM Committee for Computing Education in Community Colleges, chair for the Fuzzy Education Committee for the North American Fuzzy Information Processing Society (NAFIPS), and chair for the IEEE Region V El Paso Section. He has developed several Open Educational Resources for Computer Science Education, including the prestigious THECB OERTX Fund (https://www.thecsoer.com/). Additionally, he is the Principal Investigator for Hack the Border; A Binational Adversarial Series for the Border Good project. He is a recipient of the 2021 Great Minds in STEM Education and the 2015 NAFIPS Young Researcher National (national awards).
Markus Geissler, Cosumnes River College: Markus Geissler, PhD has served the students of Cosumnes River College in Sacramento, California as a Professor of Computer Information Science since 1998, and he enjoys teaching courses in Information Technology, Cybersecurity, and Network Administration. Dr. Geissler has served as the chair of the statewide C-ID Information Systems/Information Technology Faculty Discipline Review Group since 2013, and in that capacity he co-authored the C-ID Information Technology Model Curriculum (IT MC) for California Community Colleges. He also serves as chair of the Association for Computing Machinery’s Committee for Computing Education in Community Colleges (ACM CCECC) which develops curricular guidance and builds community in the computing disciplines, and he serves as a member of Cosumnes River College’s Professional Standards Committee. Dr. Geissler earned his Ph.D. in Organization and Management (e-Business specialization) from Capella University, M.B.A. and B.S. degrees in Business Administration (Management Information Systems concentration) from California State University, Sacramento, and an A.A. degree in French and Spanish from De Anza College. Dr. Geissler’s research interests include aligning information technology with cultural dimensions, computing education, and human-computer interaction.
Slides
Abstract:
The cybersecurity workforce suffers from an ongoing talent shortage and there is a lack of information correlating cybersecurity education programs to alumni employment outcomes. This study evaluated the post-graduation employment outcomes of alumni that attended two-year colleges designated by the National Security Agency as National Centers of Academic Excellence in Cyber Defense. Stakeholders of this project are identified as faculty, employers, students, government agencies, the National Security Agency, and organizations that rely on cybersecurity talent to keep their systems secure from cyberattacks.
CAE-CD Points of Contact were asked to contact program alumni to respond to an online survey which gathered information about alumni work roles, program experiences, and continued education. Reported alumni outcomes were compared to the work roles of their cybersecurity programs of study using the NICE Framework work roles. The resulting knowledge can be used to better understand the employment outcomes of two-year college alumni from CAE-CD cybersecurity programs.
Presenters:
Tobi West, Coastline College: Dr. Tobi West is a tenured full-time faculty member of Cybersecurity and Computer Information Systems at Coastline College in Southern California. She is the director for Coastline’s National Center of Academic Excellence in Cyber Defense education and serves on multiple national committees supporting cybersecurity curriculum development inclusive of K-12, college, university, and post-graduate. As Department Chair of the Technology Division at Coastline, she provides leadership for pathways and curriculum development.
Slides
Abstract: This presentation will share experiences in introducing and integrating hardware security topics, such as Meltdown and Spectre attacks, into the graduate-level computer architecture course. Traditionally, this course has focused on performance issues of computer architectural design, for example advanced pipelining, superscalar and instruction-level parallelism, memory hierarchy, and architecture design for thread-level and data-level parallelism. While these topics remain important, incorporating hardware security introduces new perspectives to computer architectural design. My experience demonstrates that integrating hardware security increased students' interest in studying computer architecture. A significant number of students have opted to undertake architectural security-related projects for this course.
Presenters:
Wei Zhang, University of Louisville: Dr. Wei Zhang is the Professor and Chair of the Department of Computer Science and Engineering at the University of Louisville. He earned his Ph.D. in Computer Science and Engineering from the Pennsylvania State University in 2003. Dr. Zhang served as an assistant/associate professor in Electrical and Computer Engineering at Southern Illinois University Carbondale (SIUC) from 2003 to 2010 and as an associate and full professor at Virginia Commonwealth University (VCU) from 2010 to 2019. His research interests include computer architecture, compilers, real-time computing, and hardware security. Dr. Zhang has published over 170 papers in refereed journals and conference proceedings. His research work has received support from various government and industry grants, including 11 grants from the NSF for which he serves as the principal investigator. He was honored with the 2016 Engineer of the Year Award from the Richmond Joint Engineer Council, the 2009 SIUC Excellence through Commitment Outstanding Scholar Award for the College of Engineering, and the 2007 IBM Real-time Innovation Award.
Slides
Abstract: The Golden Eagle Cybersecurity Certificate (GECC) program introduces high school students to cybersecurity through a dual enrollment system, allowing them to earn college credits by covering topics from fundamentals and programming to social science applications. It aims to provide a robust foundation for those interested in furthering their education or pursuing careers in cybersecurity, emphasizing ethical practices and the societal impacts of the field to nurture responsible digital citizens. Complementary to the GECC, the Tennessee GenCyber on Wheels initiative expands access to cybersecurity education, especially in underserved and rural areas, through a mobile lab equipped with advanced technology and educational resources. It delivers interactive workshops and hands-on experiences, supports teachers with cybersecurity lesson plans, and provides school counselors with information on cybersecurity careers. This initiative aligns with GenCyber's goals to spark interest and encourage diversity in cybersecurity careers, overcoming accessibility challenges and engaging a wide range of students. Together, these initiatives by TNTech represent a proactive and inclusive strategy towards K12 cybersecurity education, aiming to develop a skilled, ethical, and diverse workforce for the future. By integrating these programs into the K12 system, TNTech is making cybersecurity education accessible and appealing to a broad student base, embodying the ethos of 'Taking Cyber on the K12 Road' to ensure the importance of cybersecurity is recognized and embraced by the next generation.
Presenters:
Eric L. Brown, Tennessee Tech University: Eric Brown, a Senior Lecturer in Computer Science at Tennessee Tech University (TNTech), specializes in cybersecurity, networking, and Agile-focused software engineering. His role extends to serving as the Associate Director for Workforce Development and Outreach at TNTech's Cybersecurity Education, Research and Outreach Center (CEROC). Eric leads the multidisciplinary Golden Eagle Cybersecurity Certificate dual enrollment program, which impacts high schools across Tennessee. He also actively contributes as co-PI and program manager for the CyberCorps SFS and DoD CySP scholarship programs at the university. Prior to his current work at TNTech, Eric served in the Tennessee Department of Education as a district solutions advocate in the CIO’s office. Here, he collaborated with technology directors from 147 school districts, overseeing the state’s K12 E-rate program and helping districts improve vital wireless infrastructures. His eight-year experience as a K12 school board member, with leadership roles in half of that tenure, provided experience in education program execution and governance.
Slides
Abstract: Pop-Up events have been trending around the country for different types of social activities, including shopping, treasure hunts, and bars. A "Pop-Up CTF" event represents a fusion of mobility and hands-on engagement, revolutionizing community outreach and cybersecurity literacy. The genesis of this initiative arose from a pressing need to reach local schools in the wake of pandemic-related challenges and staffing constraints. Leveraging a $1 million grant, we seized the opportunity to bridge the gap between cybersecurity education and accessibility. At the heart of this innovation is a specially designed cyber 'van,' housing an immersive cybersecurity challenge. This mobile setup transcends traditional CTF scenarios, providing a nomadic learning experience that converges with local high schools and community events. Participants engage with simulated enterprise networks, bridging the gap between theory and practice. Additionally, fair booths covering various cybersecurity topics complement the challenges, offering hands-on experiences and specialized knowledge. The objectives of Pop-Up CTF events are manifold. They provide an accessible platform for hands-on learning, allowing participants to tackle real-world cybersecurity challenges. Our cybersecurity students play a pivotal role, developing presentations, backend systems, and CTF challenges. This involvement not only enriches their skills but also fosters mentorship opportunities for middle and high school students. From cryptography to incident response, each booth offers a comprehensive exposure to cybersecurity facets. Pop-Up CTF events drive community engagement and awareness, sparking interest in cybersecurity careers. The nomadic nature of the initiative provokes curiosity, addressing critical skill gaps in the field. Despite their success, organizing these events presents challenges. However, past implementations have yielded valuable insights, informing future strategies for growth, expansion, and sustained community impact.
Presenters:
Nicole Dyess, Eastern Florida State College: My passion lies in inspiring my students to dedicate themselves to professional and personal growth. As an IT professional for over twenty years, my main mission was to implement and protect back-end systems, while utilizing workflow automation and knowledge management. This mission transferred into academia, where I found a love for using my experience and transforming it into writing new hands on activities and gamifying learning.
Slides
Abstract: This presentation introduces our ongoing efforts to design and implement in-browser cybersecurity labs that demand no setup effort. Utilizing Google Colab, we've crafted an environment that facilitates effortless engagement and collaboration among students and faculty. The labs span an array of crucial cybersecurity topics including network security, software security, and trustworthy machine learning. Join us as we present our meticulously developed labs and delve into our insights on expanding and deploying these educational resources.
Presenters:
Junjie Zhang, Wright State University: Dr. Junjie Zhang is an Associate Professor and Director of Cybersecurity Programs in the Dept. of Computer Science and Engineering at Wright State University. His research focuses on software security and network security. He has published his work in prestigious cybersecurity conference and journals. His research has been supported by federal, state, and industrial grants. He also has extensive experience in leading and implementing education-centered cybersecurity projects.
Slides
Abstract: This research presentation focuses on the use of Artificial Intelligence (AI) in penetration testing (pentesting). AI technologies have been experiencing rapid developments and applications in various fields including Cybersecurity to improve efficiency, productivity, and accuracy. Penetration testing (pentesting) is a critical step in cyber defense to utilize authorized offensive tools and simulated attacks to uncover security vulnerabilities to be used for cybersecurity risk assessment and mitigation. Pentesting steps often include reconnaissance, scanning, knowledge discovery, data analysis, and queries of large amounts of information to detect meaningful threats and vulnerabilities, which could use the help of interactive AI tools, such as ChatGPT. However, AI tools like ChatGPT are still evolving with limitations and challenges for applications. This study conducts simulation tests based on a limited AI-Assisted pentesting model for security knowledge discovery using interactive ChatGPT-4 powered by Large Language Models (LLMs). The purpose of this research is to discover and demonstrate the role and value of AI in planning and conducting pentesting. This study utilizes a VMWare-based network of virtual machines for simulated network attacks and ChatGPT-4 for training and answering prompts on pentesting questions of interest. This research presentation will also discuss limitations of using AI technologies in pentesting and suggestions for the future.
Presenters:
Ping Wang, Robert Morris University: Dr. Ping Wang is University Professor of CIS/Cybersecurity at Robert Morris University (RMU). He is RMU’s NCAE Point of Contact and Program Coordinator and a Certified Information System Security Professional (CISSP). He has taught at undergraduate, master’s, and doctoral levels and published extensively on network security, IoT security, pentesting, human factors in security, and cybersecurity education and workforce development. He has been serving as PI on DoD and NSF cybersecurity grant projects and has received many awards for excellence in research, innovation, teaching, and mentoring. He has been an active member of the NICE Community Coordinating Council since 2016 and Associate Editor of International Journal of Hyperconnectivity and the Internet of Things since 2017. Dr. Wang is an active peer reviewer and mentor for NCAE-CD applications and an active accreditation evaluator for both Middle States Commission on Higher Education and ABET Computing Accreditation Commission. He has successfully chaired the annual international symposium on Cybersecurity for ITNG (Information Technology New Generations) for six years with extensive participation and contributions from cybersecurity experts, scholars, and students.
Slides
Abstract: Would you like your students to take skills learned in their cybersecurity and networking classes and apply them to the real world? Consider a security analysis report! This session will share an assignment that was first assigned in 2013 but has been updated and refined every semester since then. The goal is to engage students by applying their networking and cybersecurity skills to a real world assignment. The security analysis report asks students to review multiple facets of security for an actual client that could be a family member, friend, or small business. The report includes sections on network and wireless security, PC or end device security, personal security, data loss and disaster recovery, physical security, and also network scanning and analysis. Professor Nabozny will share the security analysis report template provided to students and the introductory assignments used to gear the students up to the final report. In addition, attendees will be provided with the grading rubric used to assess the completed report and an example of a completed analysis. If time permits, there will be discussions about the challenges students (and instructors) usually encounter during the assignment. You will leave the session with the foundation for an engaging and instructive assignment!
Presenters:
Keith Nabozny, Macomb Community College: Professor Keith Nabozny has been the lead faculty for the cybersecurity program at Macomb Community College since 2011. Prior to teaching at Macomb, he had a career in information technology in private industry for 15 years, supporting various types of network infrastructure including servers, routers, switches, and firewalls for customers operating around the world. Professor Nabozny is CompTIA Security+ certified and is a Certified Information Systems Security Professional (CISSP). Macomb Community College was awarded the CAE designation in 2019.
Slides
Abstract: This session, named “Winning Big: History of Ransomware on the Gaming Industry,” is set to traverse through the recent history of ransomware attacks within the gaming industry. We delve into how threat actors have navigated through the industry’s defenses, leaving behind a trail of financial and operational disruptions enriched with discussions on the sector’s unique ICT and IOT challenges and responses.
Presenters:
Dr. Aleise McGowan, University of Southern Mississippi: Dr. Aleise H. McGowan has over 22 years of IT experience in the K-12 space. Dr. McGowan is currently working for the School of Computing Sciences and Computer Engineering at The University of Southern Mississippi as an Assistant Professor. She has a passion for information security and loves fostering and inspiring the same love through her role as a Professor. Dr. McGowan has a Ph.D. in Computing from the University of South Alabama. Her research areas include information security, data mining, machine learning, consumer engagement, and persuasive technology. Dr. McGowan is a longtime advocate for diversity and inclusivity and is dedicated to breaking barriers that challenge current and future IT professionals. This is evident in the work she’s done as a Board Member for Black Girls Hack, President of WiCyS Mississippi Affiliate, and the President of WiCyS Global’s Neurodiversity Affiliate.
Slides
Abstract: The workshop is an interactive presentation of the uses of Artificial Intelligence (AI) in education. The components, types, and subfields of AI and how it is used in the learning process will be discussed. An interactive discussion on how AI is used in the learning process, how data is handled by AI, and present some questions for thought. The workshop will end with recommendations from the US Department of Education.
Presenters:
Dr. Grace Bonanno, The College of Westchester
Slides
Abstract: The CHI Project is designed to provide high school educators with the skills required to teach in-depth cybersecurity courses. Focusing on educators and staff from 8th to 12th grade who have an interest in instructing cybersecurity or including cybersecurity contests in clubs or educational programs, this initiative seeks to encourage student interest in the expanding cybersecurity sector. It blends these career paths into essential principles, methodologies, and structures. Moreover, participants can earn continuing education or professional development units upon finishing the course. 2024 marks the third year of the Cybersecurity High School Innovations Project. In-person summits are scheduled in Tacoma (WA), Fargo (ND), and Idaho Falls (ID). This initiative represents a collaboration among eight states and 11 CAE institutions. It merges cybersecurity curriculum, workforce development, and continuous instructor mentorship. The program combines the scope and sequence of three diverse curriculums to support participant growth and enhance confidence in integrating cybersecurity content into classrooms. Designed for teachers at all levels, the curriculum facilitates the integration of cybersecurity, Security+, and cybersecurity competitions into regular courses and extracurricular activities. The upcoming session will provide an overview of the project, outline current recruitment strategies, detail the curriculum tiers, and share participant success stories.
Presenters:
Morgan Zantua, City University of Seattle: Morgan Zantua, zantuamorgan@cityu.edu, City University of Seattle Morgan Zantua is the Director of the Center for Cybersecurity Innovation at City University of Seattle and Associate Professor at the School of Technology & Computing. She holds a master’s degree in Whole Systems Design and thirty years’ experience in workforce development. Morgan is PI on multiple grants to expand cybersecurity career pathways opportunities through teacher development. She convenes teams to create innovative and integrated solutions to attract transitioning military and underrepresented populations into cybersecurity.
Robert Honomich, University of Arizona: Robert Honomichl rjhonomichl@arizona.edu University of Arizona Dr. Robert Honomichl is an Assistant Professor of Cyber Operations at the University of Arizona. Dr. Honomichl is an advocate for computer science and cybersecurity education. He has hosted a variety of teacher professional development opportunities including serving as director of six GenCyber teacher camps, CTE CyberNet and Middle Grade Accelerator program site lead, and the Cybersecurity High School Innovation project. Dr. Honomichl’s research interests include cybersecurity education, human factors of cybersecurity, and social engineering.
Jenny Ju, City University of Seattle: Jenny Ju, jujenny@cityu.edu City University of Seattle Jenny Ju is the associate director of the Center for Cybersecurity Innovation at City University of Seattle and an Assistant Professor at the School of Technology & Computing. She earned her Ph.D. degree from the University of Illinois at Urbana-Champaign. She has worked for more than ten years in business, Fortune 500 companies, and academic sectors. Her research interests include technology in teaching and learning, Artificial Intelligence and Machine Learning, and data analysis.
Slides
Abstract: Particularly in a community college atmosphere, this presenter has found that it can be difficult to inspire the student to engage with the subject matter. The use of newsworthy and noteworthy stories can be a godsend in this arena as these narratives provide just enough mystery and awe to draw the listener in. Setting the stage with a police blotter alert or a global emergency response is an effective mechanism to both segue to a topic such as digital forensics, tracking IP addresses, or finding evidence in system logs and it can be used to provide context for technology's importance in real world problem solving. In this lightning talk, two high-profile cases, "The University of Idaho Homicides" and "The Murdaugh Murders" are presented, along with the technology tie-ins. In the University of Idaho case, the suspect Bryan Christopher Kohberger is tracked down (as aided by FBI analysts) using sophisticated cell phone location techniques in addition to traditional methods. In the Murdaugh case, cell phone location data is key in timeline development. In addition, timestamps from Snapchat messages, iMessages, and FaceTime calls help the prosecution build the narrative. A video recorded by Paul Murdaugh (the deceased son) at the kennels (where murdered bodies are found) which Paul made for his friend Rogan Gibson becomes key for the placement of Alex Murdaugh (convicted) at the scene of the crime. These cases and others bring the importance of investigative skills and technology expertise to life. The technique of jump-starting lecture topics with "true crime" and other current event narratives has helped with increasing student engagement.
Presenters:
Debra McCusker, Alamance Community College: Debra McCusker is currently the Department Head of Accounting, Business Administration, and Information Technology at Alamance Community College in North Carolina. Debra was born and raised in western PA and completed a B.S. in Applied Mathematics at the University of Pittsburgh. Upon graduation from Pitt, Debra began her career as a Member of Technical Staff at Bell Laboratories where she worked on early versions of "cloud technologies". While at Bell Labs, she completed an M.S.E.E. (Computing concentration) at Rutgers University. After several decades in the information technology field addressing problems for business and industry, Debra answered a call to the field of education. The planets aligned when Alamance Community College needed an IT instructor and Debra was interested and available. The field of education has been a very good fit. Debra enjoys the opportunity to keep abreast of new technologies and loves to share the many techniques, concepts, and skills with her students.
Slides
Abstract: CyberEd in a Box is a pioneering program created under the National Centers of Academic Excellence (NCAE) to address the divide between academic and industrial realms in cybersecurity education. This program is designed to expedite the training of employees ready to tackle security breaches by integrating industry certifications and internships into academic curricula, in accordance with governmental standards and the NIST/NICE workgroup roles. It encompasses a holistic package featuring assessments, placement, content certification, apprenticeship opportunities, and various services like a speakers bureau and community involvement through CyberAlumni. CyberEd in a Box adopts a scalable and adaptable strategy that aims to centralize student learning, offering tailored pathways to suit individual competencies and career aspirations. This talk outlines the framework, execution, and prospective influence of CyberEd in a Box on mitigating the cybersecurity employment gap and augmenting workforce preparedness.
Presenters:
Ran Hinrichs, Norwich University: Ran Hinrichs, Professor of Practice in Cybersecurity at Norwich University, spearheads the CyberEd in a Box project for NCAE-Co-Ops in various regions. With a rich background in academia and industry, he has lectured in Immersive Learning Environments at the University of Washington i-School and served as a Senior Research Program Manager at Microsoft, focusing on AI, VR, and Robotics learning. Holding four patents in information technology, Ran is currently pursuing a PhD in Human and Health Services at the University of Idaho’s Center for Ethics*. Renowned for his contributions to cybersecurity education and virtual environments, he actively participates in boards and committees, including ABET and the American Society of Engineering Educators.
Slides
Abstract: This talk will summarize research and development activities pursued in collaboration with DOD partners (DISA and NRL) as part of a NSA-funded project from the DOD UC2 Program (Department of Defense University Consortium for Cybersecurity). Tactical edge network environments are critical to deploy applications in e.g., military, disaster response, and industrial manufacturing environments. Given the dynamic, as well as the Denied, Disrupted, Intermittent, and Limited Impact (DDIL) nature of these environments, a resource-aware security approach is essential to address edge resource constraints and enable real-time decision-making. The Zero Trust (ZT) security paradigm can be used to enable strict access controls, continuous entity verification, and mitigation of unauthorized access, tampering, and data integrity issues. However, there is a need to transform ZT security principles that are typically developed for unconstrained data center environments with reliable networking and abundant computing power and are not suitable in a tactical edge network setting. In this talk, a risk-based ZT scale approach will be presented that tailors security measures to scenario-associated risk levels, while having low resource overheads. The talk will conclude with findings that demonstrate the effectiveness and adaptability of our risk-based ZT scale approach in ensuring secure and efficient operations within tactical edge network environments.
Presenters:
Prasad Calyam, University of Missouri-Columbia: Prasad Calyam is the Greg L. Gilliom Professor of Cybersecurity in the Department of Electrical Engineering and Computer Science at University of Missouri-Columbia, and Director of the Center for Cyber Education, Research and Infrastructure (Mizzou CERI). His research and development areas of interest include: Cloud Computing, Machine Learning, Artificial Intelligence, Cyber Security, and Advanced Cyberinfrastructure. Previously, he was a research director at the Ohio Supercomputer Center/Ohio Academic Resources Network at The Ohio State University. He has published over 200 peer-reviewed papers in various conference and journal venues. As the Principal Investigator, he has successfully led teams of graduate, undergraduate and postdoctoral fellows in Federal, State, University and Industry sponsored R&D projects totaling over $30 Million. His research sponsors include: National Science Foundation (NSF), Department of Energy (DOE), National Security Agency (NSA), Department of State (DOS), Army Research Lab (ARL), VMware, Cisco, Raytheon-BBN, Dell, Verizon, IBM and others. His basic research and software on multi-domain network measurement and monitoring has been commercialized as ‘Narada Metrics’. He is a Senior Member of IEEE.
Slides
Abstract: Fair, secure, and trusted elections are essential to democracy. This lightning presentation describes the Virginia Cyber Navigator Internship Program (VA-CNIP), a three-year program funded by the NCAE program office. VA-CNIP is a coalition of six Virginia Universities, the Virginia Department of Elections, and industry that designed and implemented an internship program to provide undergraduate students interested in a cybersecurity career with an experiential learning experience working with local election registrars. In addition to providing students with a unique cybersecurity work experience, VA-CNIP provided students an opportunity to contribute to the public good by helping local election registrars assess and improve the cybersecurity posture of the local election office. This talk describes the structure of the Virginia Cyber Navigator Internship Program (VA-CNIP) and the training course that the program created. It also discusses important lessons learned in organizing and running such a program. This talk would interest groups seeking to build a coalition of academic partners, local government, and industry to address cybersecurity workforce issues.
Presenters:
Jack Davidson, University of Virginia: Jack Davidson graduated from Southern Methodist University with a BAS and MS in Computer Science. He received his Ph.D. from the University of Arizona in 1981. He joined University of Virginia's Department of Computer Science in 1982. His current research efforts address the pressing issue of securing our nation’s critical infrastructure. A significant contribution to the field of cybersecurity was the development of automated software transformations to prevent cybersecurity attacks using artificial diversity. Davidson is an ACM Fellow, a IEEE Life Fellow, and a Commonwealth Cyber Initiative Fellow. In the last five years, Professor Davidson has led $15M in funded cybersecurity research. He also serves as Chair of ACM’s Digital Library Board. He co-authored introductory programming textbooks, C++ Program Design: An Introduction to Object-Oriented Programming, 3rd edition, and Java 5.0 Program Design: An Introduction to Object-Oriented Programming, 2nd edition. In 2008, Davidson received the IEEE Taylor L. Booth Education Award, “For sustained effort to transform introductory computer science education through lab-based multimedia pedagogy coupled with examples that attract a diverse student body.”
Slides
Abstract: This session will discuss multi-year initiatives that have secured over $11M in federal funding, creating an eco-system in western Pennsylvania (PA) that positively contributes to the development of a skillful cybersecurity workforce. Initiatives focused on increasing awareness of cybersecurity in K-12 students, creating pathways for Community College (CC) students to pursue cybersecurity careers, and supporting students in obtaining skills and education needed to enter the cybersecurity workforce. Through innovative summer camps, IUP GenCyber, established in 2016, offers middle and high school students and teachers hands-on, interactive modules which foster serious interest in cybersecurity. So far, 10 programs were offered to 550+ participants. Scores of GenCyber participants have majored in cybersecurity, and several have joined the cyber workforce. The DoD funded Cybersecurity Professional Development Series consisted of 12 workshops for CCs in PA offered between 2019 and 2021. These workshops trained 120 faculty and students in cybersecurity topics including threat modeling and secure software development. This initiative, along with others, built the foundation needed to establish more impactful projects. PC4A, a multi-million-dollar project and one of only five agreements funded by DoD STEM, founded a consortium of six PA CCs led by IUP working together to support 3,000+ students and enhance cybersecurity education. The DoD funded IUP Cybersecurity Scholarship Program (CySP) recruits IUP’s high-achieving undergraduate students and provides them with opportunities to specialize in cybersecurity through generous financial support, among other benefits. 50 scholarships have been awarded and many recipients joined DoD agencies upon graduation. To support graduate students, we secured one of only five awards in the NCAE-C PhD Scholarship program, the recipient of which is now faculty at a known CAE. In conclusion, this session will summarize our implementation of these projects, and discuss lessons learnt and the documented impact to provide an informative and engaging experience for participants.
Presenters:
Waleed Farag, Indiana University of Pennsylvania: Dr. Waleed Farag is the Director of Indiana University of Pennsylvania’s (IUP) Institute for Cybersecurity and a full professor of Computer Science. He oversees the IUP Cybersecurity program, a designated Center of Academic Excellence in Cyber Defense since the early 2000s. Dr. Farag is a member of Sigma Xi, ACM, and IEEE Computer Society. His research interests include security of autonomous and IoT systems, AI and ML applications, cybersecurity education, e-learning, network security, and multimedia data security. He has made several contributions in these areas and has published/presented over 70 papers in recognized journals, conferences, and workshops. His work was recognized with the Best Paper Award at ACM SIGITE’2012. Dr. Farag has outstanding records of securing funds and is currently the PI of several multi-million dollar federally funded projects. His work has led to the establishment of unique programs that have contributed to the enhancement of cybersecurity education and research across Pennsylvania and beyond. Furthermore, Dr. Farag has served on many technical program committees and as a reviewer for several journals, conferences, and federal agencies.
Slides
Abstract: Charting a sustainable quantum proficient workforce training program requires a precise balance of many, often conflicting factors due to the uncertainty of the size of quantum and related industries. By adding quantum proficiency to cyber security majors, the main goal is to help address the lack of quantum workforce, which is recognized as a national vulnerability. Focusing on cyber security majors overcome the uncertainty of the size of the quantum industries as the implementation of secure applications and systems using post-quantum cryptography will require years of efforts. To appeal to cyber security majors, the program will be designed based on an end-to-end problem-solving framework that will place quantum- and quantum-inspired algorithms into proper contexts, link quantum computing directly to computational thinking, and foster developing genuine understandings of quantum computing and grasping computational skills intuitively. The required courses and the supporting materials and activities will be designed and iteratively improved in the Social Cognitive Career Theory (SCCT) framework so that the effectiveness of the program components can be measured quantitatively using survey data and other observable outcomes (such as students' GPA, internship placement, and job placement). In particular, by taking advantages of the computational thinking and programming skills of cyber security majors and building on the team's deep understanding of cyber security and quantum education, the tailored questions and tutorials would provide an effective and time-efficient way for the students to learn quantum computing. The end-to-end problem solving framework will lead to an accurate, holistic understanding of quantum-computing, be able to place quantum algorithms in the proper contexts. The SCCT framework will enable quantitative evaluations of program components to the goal of the program; using a continuous improvement plan within the framework will maximize the success of the program by identifying and improving weak components.
Presenters:
Xiuwen Liu, Florida State University: Xiuwen Liu is a professor in the Department of Computer Science at Florida State University (FSU) and a co-PI of the Scholarship for Service program and the DoD CySP program at FSU. He has worked on CAE-C and CAE-R programs at FSU for more than ten years. He also serves on the CAE CoP-CD Steering Committee and is currently a cochair of the CAE-CD Regional and CAEs Outreach Competition Subcommittee. His current areas of research include understanding machine learning and AI models and their vulnerabilities, program analysis, quantum computing, and cyber security education.
Mike Burmester, Florida State University: Mike Burmester is a Professor of Computer Science at the Florida State University, where he has been a faculty member since January 2000. His research is in all aspects of cyber security and information assurance, with particular focus on cyber physical systems, the IoT, network security and cryptography. He is editor of four Journals in Information Security, has organized several Workshops and Conferences, has two Books, five Book Chapters and over 200 journal and refereed conference publications covering a wide range of cyber security and information assurance topics, with particular focus on cyber physical systems, the IoT, network security and cryptography. His research has been supported by several NSF and NSA/DoD grants.
Slides
Abstract: In the ever-expanding digital realm, the pervasive threat of cyberattacks poses an unprecedented challenge to the security and integrity of information systems. The rapidly evolving landscape of cybersecurity demands innovative and collaborative approaches to safeguarding digital ecosystems. To confront this dynamic and multifaceted menace, collaboration between key stakeholders has emerged as a cornerstone in fortifying our cyber defenses. By fostering collaboration, organizations can synergize their strengths, share intelligence, and collectively respond to emerging threats. The profound alliances and partnerships between academia, industry, and government in cybersecurity are not merely advantageous but have become imperative in the face of an evolving cyber threat landscape. The symbiotic relationship between industry, government and the research and educational prowess of academia form the foundation for a robust cybersecurity ecosystem. As threats become more sophisticated in exploiting vulnerabilities across sectors, the collective intelligence, resources, and capabilities of these entities are essential for developing proactive and adaptive defenses, which underscores the impact of collaborative initiatives in shaping cybersecurity policies, advancing technological innovations, and cultivating a skilled workforce capable of staying one step ahead of cyber adversaries. As we navigate the complex interplay of technological innovation and security challenges, it is increasingly evident that successful cybersecurity strategies must be built upon the pillars of collaboration, ushering in a new era of collective defense against the relentless tide of cyber threats.
Presenters:
Israel Emmanuel, Century College: Innovative, highly dynamic information security professional with over 20 years of career success directing cross-functional teams of technical experts. Highly effective communicator with an extensive track record of building and maintaining key relationships with C-level executives, senior management, clients, technical teams, and other stakeholders. Results-oriented professional recognized for leadership and individual contributions on major initiatives and resolving mission-critical issues that ensure bottom-line success. With a broad knowledge of cyber threats detection and attack disruption, providing a powerful combination of analysis, implementation, and support. Experienced in system and network administration and engineering, project management, system and network security, incident analysis, and recovery. With in-depth knowledge of threats and exploitation techniques, providing unique insights into risk-based decisions. An Innovative team player with a passion for technology. Extremely agile and possess a positive attitude towards accomplishing business goals.
Slides
Abstract: At Strayer, we’ve identified three qualities as being meaningful for employability. The Trifecta: Education, Experience, and Certification. Our Students are already onboard for their education, and many of our courses have baked-in certification or have a certification focus. In this session, we will outline strategies for supporting students by providing professional and student experience and credentials they can document to help make their resumes shine. Education - Baking in AI and cybersecurity is critical for all curricula. Students should have security in mind regardless of their area of specialization. Experience - Students need to document all relevant experience with AI and cybersecurity. Certification - Certification is a shorthand that students can use on their resume to demonstrate their knowledge verified by an impartial third party. AI certification is still in its idea phase so far, but students can highlight traditional certification and relate to AI and cybersecurity. In the emergent fields of artificial intelligence and cybersecurity, participants will learn strategies for documenting experience in these areas on their resumes. This session will prepare participants for devising strategies they can apply in their classes and for their business needs. Additionally, employers who are looking for ways to communicate their needs to educational institutions will be able to speak the language of education in their field.
Presenters:
Dr. Carlo Sapijaszko PE, Strayer University: Carlo Sapijaszko is an engineer and an educator. He currently holds a Senior Dean position at Strayer University managing Information Technology programs. For over 25 years Dr. Sapijaszko combined a blend of electrical and computer engineering and higher education skills to design innovative and pedagogically rich academic programs.
Michael Bleacher, Strayer University: Michael Bleacher: Over 27 years in higher ed and having come from a military instructor background, Strayer Professor Bleacher has focused his attention on cybersecurity and unlocking the power of technology. Certified in Networking and as an AWS Academy instructor, Prof. Bleacher served as Dean of IT Faculty and Dean of Curriculum during his tenure at Strayer University, while researching disaster preparedness through social media. He also served as a Faculty Ambassador to Strayer’s IT Career Facebook Community.
Slides
Abstract: As we step into an era dominated by Artificial Intelligence (AI), its transformative impact on society, particularly in cybersecurity, is becoming increasingly apparent. This engaging presentation will be divided into two comprehensive parts: Part 1: "The Future of Cybersecurity Workforce and AI" (7-10 min) In this section, we will dive deep into an extensive research study conducted on the role of AI in reshaping the cybersecurity workforce. The analysis will focus on various cybersecurity roles, evaluating their susceptibility to AI automation or assistance. Real-world examples and sample prompts will be showcased to demonstrate how AI can either complete or assist with tasks. Our findings reveal an average of over 80% of tasks that could be potentially replaced or assisted by AI, signaling a significant shift in the cybersecurity landscape, with implications for education and training. Part 2: "Integrating AI into Cybersecurity Education: Tools, Techniques, and Resources" (10-13 min) The second part of our presentation will explore practical resources that can be seamlessly integrated into the classroom to prepare future cybersecurity professionals for an AI-powered world. We will delve into locally run LLMs (Language Learning Models) as a viable alternative to popular AI platforms like ChatGPT or Claude, highlighting their benefits in terms of testing, research and privacy. Our discussion will also include hands-on demonstrations and actionable strategies for educators and students alike to effectively harness the power of AI in the classroom.
Presenters:
Vincent Nestler, California State University San Bernardino: Vincent Nestler, Ph.D. Vincent holds a doctoral degree in instructional design, a masters in both network security from Capitol College, and M.A.T. from Columbia University. He is the author of the Principles of Computer Security, Lab Manual, published by McGraw Hill. He is a network engineering consultant and technical trainer with over 20 years of experience in network administration and security. Dr. Nestler served as a Data Communications Maintenance Officer in the U.S. Marine Corps Reserve. Dr. Nestler has been integral to training CyberCorps students at Idaho State University and at California State University, San Bernardino. He is the Primary Investigator for the NICE Challenge Project (nice-challenge.com) which develops real world hands-on scenarios that provide students with cybersecurity workforce experience before joining the workforce. Currently he is an associate professor at California State University, San Bernardino. Dr. Nestler has held numerous professional certifications to include Security+, Network+, and A+, ACE, MPE, MCSE, MCT, RHCE and others.
Slides
Abstract: Space enthusiasts, nation states, and the public at large are preparing for the new space age characterized by missions outside of Low Earth Orbit. The planned missions to send crews to Mars and the uncrewed missions to explore ocean moons orbiting the large planets of our solar system are challenging due to the extreme outer space environment. Sophisticated computerized rocket launches conducted through government-private sector coordination are nowadays common, and with them the need for cyber protection increases. While academic institutions are offering state-of-the-art instruction in rocket and satellite technologies, advanced life support systems, and autonomous systems for outer space exploration, formal instruction in cybersecurity for space missions generally falls behind. Faculty and students at Embry-Riddle Aeronautical University (ERAU) have embarked on an exciting journey to address this need and promote a forceful research agenda in space cybersecurity technology and analysis. These efforts are expected to culminate with the design of a formal curriculum offering in Space Systems Cybersecurity to contribute to the development of a robust cybersecurity workforce ready to support space missions’ assurance. This presentation briefly outlines the types of cybersecurity events that could be directed toward space system assets and stages of space missions. Space assets include ground systems, communication technologies, and space vehicles, and thus exhibit a potentially large attack surface. Threat actors, vulnerabilities and weaknesses of cyber assets, attack targets, and the difference between IT security and space system security are presented. ERAU has extensive expertise in all computation and communication services related to flight and space operations that places the institution in a unique position to contribute to the cybersecurity of engineered systems specific for the space industry.
Presenters:
Radu Babiceanu, Embry-Riddle Aeronautical University - Daytona Beach Campus: Dr. Radu Babiceanu is a Professor of Systems Engineering with the Department of Electrical Engineering and Computer Science at Embry-Riddle Aeronautical University (ERAU) in Daytona Beach, Florida, and the institution CAE-CD POC. Dr. Babiceanu received his Ph.D. degree in Industrial and Systems Engineering from Virginia Tech in 2005. At ERAU, Dr. Babiceanu teaches systems engineering courses, such as System Architecture Design, System Quality Assurance, and System Safety and Certification. He also developed and delivered short training courses for industry in aircraft system safety engineering and certification. His research interests are in the aviation/aerospace operational ecosystem, with emphasis in cybersecurity and safety-critical systems assurance, formal modeling and verification, and AI/ML approaches to enhanced operations.
Slides
Abstract: Generative AI (GenAI), as championed by conversation chatbots like ChatGPT, has greatly impacted higher education for the past year or so. This presentation delves into the basics of Large Language Models (LLMs), prompt engineering and the impact of these technologies in the classroom. This presentation will provide a case study about how GenAI was used in an Intermediate Programming course at the the University of Hawaii Maui College in Spring 2024. This presentation will provide the latest updates in the core features and usage of popular AI tools such as RepIit, ChatGPT v4 from OpenAI, and Claude v3 from Anthropic. Participants with laptops can engage in hands-on activities, but this is optional.
Presenters:
Debasis Bhattacharya, University of Hawaii Maui College: Dr. Debasis Bhattacharya is currently a tenured faculty member at the University of Hawai’i Maui College, and program coordinator for the Applied Business and Information Technology (ABIT) baccalaureate (BAS) program. The ABIT BAS program has been designated as CAE-CD by the NSA since 2019. Dr. Bhattacharya has been working in the software and higher education industry for 36 years. Dr. Bhattacharya is a Senior Member of the IEEE and the ACM.
Slides
Abstract: Many programs and students have embraced Online classes due to their flexibility, convenience, and accessibility compared to traditional classrooms. Despite these advantages, many first-time students new to these learning modalities still report feelings of isolation, lack of motivation, time management, and technical difficulties, which have hindered their success. In this Lightning talk, we will discuss examples of how Century College cybersecurity, forensics, and information assurance faculty have increased students' success and managed opportunities and challenges associated with fully online asynchronous classes.
Presenters:
Marufu Lamidi, Century College: Marufu Lamidi is a Faculty member for Century College's Cybersecurity, Forensics, and Information Assurance (CFI) program. He is notable for his in-depth, hands-on, practical cybersecurity training, preparing students for cybersecurity jobs. Marufu has over 28 years of consulting experience for several Fortune 500 organizations in the USA and internationally. He has designed IT/security policies and procedures, monitored, Prevented, mitigated, and implemented compensated controls, onboarded complex security needs assessments, managed change, and bridged gaps between business and IT/Security. My academic degrees span Engineering and Business administration graduate degrees, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker, Cisco Certified Network Professional (CCNP), Microsoft Certified Systems Engineer (MCSE), and Google Certified Professional Cloud Security Engineer, among others.
Slides
Abstract: This presentation explores the power, value, effects and implications of student cyber competitions that are rooted in campus based clubs that are also connected to global and virtual learning communities. Participation in high level academic competitions lead to higher level student engagement, interactions, shared learning experiences, higher academic performance, student retention and completion. At PBSC students who are active participants in our Ethical Hackers Club (EHC) participate in various local and national cybersecurity competitions. These same students also perform extremely well in the classroom and have more advanced cybersecurity skills. They are receiving a much broader and valuable educational experience that leads to greater workforce preparedness and successful careers.
Presenters:
Dwight T. Elliott, Palm Beach State College: Prof. Dwight T. Elliott, MS., JD. Dwight Elliott is a Professor of Information Technology, Cybersecurity, and Law at Palm Beach State College. He is currently Department Chair of the Security and Networking Committee within the Computer Science program. He is also the Principal Investigator (PI) of the Cybersecurity Pathway Grant and Faculty Advisor to the student Ethical Hackers Club (EHC). Prof. Elliott has served students throughout the academic sector for over 20 years and has an extensive business development background in the areas of IT, MIS, Business Law, Intellectual Property Law (IP), Telecommunications and Cybersecurity.
Theo Owusu, Palm Beach State College: Dr. Theo Owusu has a wealth of experience, spanning about decade and a half, in diverse spheres of Information and Communication Technology. He earned his Master of Science and Doctor of Science degrees from Robert Morris University in Internet Information Systems and, Information Systems and Communications respectively. In addition, he is highly qualified in Management Information Systems, Business Information Systems, Information Security Systems, Information and Technology Applications in Management Decisions, Health Care Information Systems, Organization and Technology of Information Systems, Entrepreneurial Innovation and Technology, Strategic Information System Planning, Decision Support Systems, System Analysis Design, Database Management Systems, Intro to Computers and Computer Network Security, just to mention a few. He is known to be someone who goes the extra mile to perfect every task he has been assigned to.
Slides
Abstract: In response to the growing need for aligning graduate skills with employer requirements in the field of cybersecurity, this study introduces a novel framework leveraging Natural Language Processing (NLP) for the assessment of academic skills alignment with employment criteria. The proposed tool addresses the employment gap by systematically extracting skills from assessments completed by applicants and comparing them with the skill requirements outlined in relevant job postings. This alignment is achieved through keyword extraction and skill classification, finishing in the computation of a matching score. This score serves as a valuable metric, empowering applicants to compare their talents and skills directly with those sought by employers, offering a one-to-one comparison. The practical implementation involves a substantial database containing 5,000 job postings, facilitating thorough testing of the tool's capabilities. Each job posting contributes to the creation of a set learning outcome, which is then meticulously compared with a pre-loaded set of outcomes sourced directly from CAE-Institutions. This comprehensive comparison aids in validating the tool's efficacy in aligning academic skills with industry needs, ensuring a robust and accurate assessment. Furthermore, the keyword extraction and the skill classification steps are developed using Machine Learning and NLP modules, such as sklearn, yake, numpy, and pandas. Crucially, the tool's functionality scales with the number of assessments completed by the applicant, resulting in a higher matching score with a more extensive skills profile. After rigorous testing, the matching score could range from 60% to 100%. The keyword average ranges from 80% to 99.9%. The objective is to provide applicants with a summarized view of job postings, enabling a quick and efficient comparison of their skillsets against the specific requirements of desired positions. The tool's readiness is underscored by its capability to understand and analyze entry-level job postings in real time, offering a dynamic and responsive user experience. This project not only introduces a cutting-edge tool for enhancing the employability of cybersecurity graduates but also demonstrates its real-time functionality by showcasing the analysis of entry-level job postings. The integration of NLP, coupled with the utilization of a substantial database and predefined learning outcomes, positions this tool as a valuable asset for both applicants and employers in the dynamic landscape of cybersecurity employment. We look forward to ongoing improvements, including refining models, acquiring larger datasets, and enhancing the user interface. In conclusion, this project is a framework employing NLP to assess the alignment of CAE institution’s student skills in cybersecurity with employer requirements. The tool extracts skills from applicants' assessments and compares them with skill requirements in job postings, generating a matching score through keyword extraction and skill classification. Tested on a database of 5,000 job postings, the tool demonstrates scalability with the number of assessments, yielding matching scores ranging from 60% to 100%. Real-time analysis of entry-level job postings showcases its dynamic functionality, positioning it as a valuable asset in the cybersecurity employment landscape.
Presenters:
Dr. Ram Dantu, University of North Texas: Dr. Ram Dantu, director of the Center for Information and Cyber Security at UNT, is a recognized leader in research and education. With 15 years of industrial experience, he has worked for Cisco, Nortel, Alcatel, and Fujitsu, overseeing advanced technology products. Currently a full professor at UNT, he was also a visiting professor at MIT. In addition to several hundred research papers and numerous awards, he has authored several standardizations of widely used protocols.
Slides
Abstract: This presentation will discuss the framework and challenges for developing a system-wide articulation agreement in the associate's and bachelor's degree cybersecurity curriculum. The presenters from Augusta Technical College (ATC) and Augusta University (AU) will discuss the articulation agreement development, associated course crosswalk, and coordinated efforts that led to the system-wide Technical College System of Georgia (22 TCSG institutions) and Augusta University (AU) mutual agreement to facilitate the education and preparation of students in this increasingly critical employment area. The presenters from ATC and AU will share their experiences with students transferring from Georgia's technical colleges after earning an associate's degree to Augusta University's School of Computer and Cyber Sciences, especially those who have earned prestigious Scholarship for Service awards and become cyber professionals. They will also share the past learning experiences that led to the curriculum changes, strategies for ensuring equivalent and elective credit toward Augusta University coursework in BS-Cybersecurity, and eliminating unnecessary instruction duplication. We hope to share our experiences and pathways for other 2-year and 4-year institutions so more students can earn a Bachelor's degree in Cybersecurity and ensure that college graduates fully reflect the racial and ethnic diversity of the state's Cybersecurity workforce.
Presenters:
Michael Nowatkowski, Augusta University: Dr. Michael Nowatkowski is a Professor, Head of the Cyber Programs of Study, and Director of the Cyber Institute at the Augusta University School of Computer and Cyber Sciences. He leads the Augusta University efforts on Center of Academic Excellence programs, the Department of Defense Cyber Scholarship Program, the CyberCorps® Scholarship for Service program, the Virtual Internship and Varied Innovative Demonstrations (VIVID) Coalition, the VICEROY award, and the National Cybersecurity Workforce Development Program. He holds a PhD and Master of Electrical and Computer Engineering from Georgia Institute of Technology and a Bachelor of Science in Electrical Engineering from Rose-Hulman Institute of Technology. Michael joined Augusta University in 2016 after serving over 26 years as a Signal Corps and Cyber Branch officer in the U.S. Army, including eight years teaching at the United States Military Academy at West Point. His research interests include industrial control system security, medical device security, electronics, and cyber operations education.
Jim Poarch, Augusta Technical College: Mr. Poarch is the director of the Augusta Technical College Cyber Institute. He has been an information technology professional for most of his 50+ year career. Before his career at Augusta Technical College, he worked as a Senior Manufacturing Engineer where he integrated computer technologies into manufacturing processes. He has taught many computer technology and cyber courses in his 30+ years in academia. In 1996 he developed and implemented the College’s networking program which was adopted by most of the 22 TCSG (Technical College System of Georgia) colleges. In 2015 Mr. Poarch developed and implemented the Cybersecurity degree program. Mr. Poarch serves as the Cybersecurity Chairperson for the TCSG CIST IFCC (Instructional Faculty Consortium Committee). Mr. Poarch has served on multiple K-12 and other committees in the Augusta area that help facilitate the enhancement of cyber security education in the CSRA (Central Savannah River Area). Mr. Poarch’s education includes a BS in Computer Science, a Master’s degree in Computer Resources Management, numerous training seminars and classes, and several IT industry certifications.
Slides
Abstract: This research aims to explore students' perspectives on various types and formats of assessments, investigating the factors that influence their choices when presented with different examination options. In a cybersecurity course, students were provided with five assessment options, encompassing various types such as multiple-choice questions or a practice exam, and formats like taking the exam remotely or on-campus in a classroom environment. These assessments were selected for their midterm and final exams to demonstrate mastery of course content. The decision-making process of the students was influenced by factors such as comfort with a specific assessment type, a preference for less stressful evaluations, a desire to maximize their chances of achieving a high score, a tendency to opt for hands-on assessments over knowledge-based assessments requiring memorization, and a preference for exam formats that allow ample time for completion. The research underscores the importance of offering a variety of options for high-stakes assessments to enhance students' motivation in grasping course content. Providing diverse assessment choices enables students to articulate rationales for their preferences and motivates them to excel in their preferred assessment format. Anticipating that gaining insight into students' perspectives on assessments can contribute to designing more effective evaluation methods, the goal is to improve the overall learning experience for students.
Presenters:
Tahir M. Khan, Western Illinois University: Dr. Tahir M. Khan is an Associate Professor of Cybersecurity in the Department of Computer Science and also serves as the interim Director of the Cybersecurity Center at Western Illinois University. Currently, Dr. Khan is actively involved in teaching both undergraduate and graduate students, overseeing the operations of the Cybersecurity Center with a focus on cybersecurity education, outreach, and research. His extensive experience includes collaborating with students on research projects, redesigning curricula, and mentoring individuals with disabilities pursuing degrees in the STM field, as well as successfully managing grants and organizing summer camps for high-school students. Dr. Khan's research interests encompass computer privacy and security, digital forensics, threat detection, the Internet of Things, and cloud computing.
Slides
Abstract: Large Language Models (LLMs) like OpenAI's GPT-4 have generated immense excitement due to their potential in various applications. However, because of hallucinations and inconsistencies, building automated systems that utilize LLMs has proven to be difficult. In this talk, I will discuss progress made with using GPT to automatically grade homework and give hints. Using ChatGPT directly for grading assignments yields suboptimal results due to hallucinations and inconsistencies. However, by employing a structured approach involving sequences of specific prompts and detailed 'guidance rubrics,' we significantly enhanced the grading quality. Here, guidance rubrics are rules not only for grading but rules for providing hints. The system also compiles detailed analytics, helping instructors pinpoint common student errors and track improvements over time. These analytics help instructors improve guidance rubrics and steer the development of learning material that focuses on exactly on topic areas that students misunderstand. While the development of high-quality guidance rubrics is time-intensive, this is offset by a significant reduction in grading time and the improvement in student homework quality. In this talk, I will explore both the successes and challenges faced, offering insights into the future role of LLMs in enhancing educational experiences.
Presenters:
Stephan Bohacek, University of Delaware: Stephan is currently an Associate Professor and Director of Cybersecurity and Online Graduate Programs at the Department of Electrical and Computer Engineering at the University of Delaware. He has over 75 research publications. His research interests include analytics, computing, networking, cybersecurity, energy, and teaching. His work has been funded by NSF, DARPA, Army Research Labs, and JP Morgan Chase. Stephan holds a Ph.D. in Electrical Engineering from the University of Southern California. Also, Stephan was the cofounder of Cloudamize, a cloud migration and computing infrastructure analytics company. Cloudamize was acquired by Blackstone/Cloudreach in 2017.
Slides
Abstract: One of the challenges in an academic environment is finding a method of conducting an assessment of the practical skills of the students within the confines of a graded for-credit class. For example, a requirement for a 2-hour final exam limits how an instructor can assess the skills of the students. The author has developed a summative assessment in which students complete an online lab before the exam as one of the regular exercises; during the exam, they review what they found on the lab and then answer additional questions to test their understanding of what they found in the lab exercise and apply cybersecurity principles and additional follow-on exercises. This exam is used in an entry-level Firewalls and Network Security course, typically taken during the first semester of the Cybersecurity program. This approach has the following advantages: 1) The student demonstrates both technical competency and understanding of the importance of the findings. 2) The exam tests skills rather than itemized knowledge, 3) Students do not need to “cram for the exam” or otherwise memorize minute, detailed information. 4) Well-prepared students can be assured of a passing grade for the exam. 5) Prof. Google and ChatGPT cannot provide meaningful assistance. We provide an overview of the exam methodology and a statistical analysis of the exam’s validity as a meaningful assessment.
Presenters:
Joel Offenberg, Howard Community College: Joel Offenberg is an Associate Professor of Cloud/Cybersecurity at Howard Community College, a position he has held since July 2019. From 1991 through 2019, Mr. Offenberg was a contractor at NASA, where he was a research assistant, software developer, system administrator and web developer; starting in the mid-1990’s, he specialized in cybersecurity, FedRAMP and project management with some proposal-writing mixed in. During his time as a NASA contractor, he worked for ten (yes, 10) contractor companies. His passion for education started in high school, when he became an “Explainer” at the Franklin Institute Science Museum in Philadelphia, where he demonstrated papermaking, the properties of liquid nitrogen and tried to keep children from jumping all over the giant lever. IIn 2011, the teaching bug bit Mr. Offenberg again, when he started teaching for the SANS Institute. In 2017, he started teaching cyber classes at HCC as an adjunct and joined the full-time faculty 2 years later. Joel Offenberg holds a B.A. in Physics from Swarthmore College and an M.S. in Computer Science from the University of Maryland, College Park, as well as CISSP, PMP and several GIAC and AWS certifications.
Slides
Abstract: Join us for an enlightening workshop on digital forensics, hosted by the New and Early-Career Faculty Initiative. Dive into the complexities of teaching digital forensics and get connected to resources for teaching this topic in a variety of different courses and modalities. We will introduce you to tools such as Autopsy, FTK, Cellebrite reader as well as connect you with curricular resources, labs, and online training to help you get started with this topic in your classroom. Whether you are delving into this subject for the first time or seeking to enhance your existing expertise, our workshop aims to equip you with the necessary insights and strategies to elevate your teaching methods. This 90 minute workshop will allow experienced members of the CAE Community to not only connect with each other on this exciting topic but also connect with new and early-career colleagues from other institutions. This collaborative space provides an invaluable opportunity for networking, sharing experiences, and connecting with new members of the CAE Community.
Presenters:
Michael Tu, Purdue University Northwest: Michael Tu, PhD in Computer Science, Professor of Computer Information Technology and Director of Center for Cybersecurity at Purdue University Northwest. Dr. Tu is leading the NCAE-C AI-Cybersecurity Workforce Certification based training program CWCT, and he is also leading the NACE-C Cybersecurity Credit Transfer Agreement Task which is part of the effort from the CPNC-Careers Preparation National Center. His research has been supported by NSF and NSA and has published about 50 papers in peer reviewed journals and conference proceedings. Dr. Tu has 18 years of college teaching experience in cybersecurity and has received many industry professional trainings and obtained numerous industry certifications in cybersecurity and digital forensics.
Gretchen Bliss, University of Colorado, Colorado Springs: Gretchen Bliss has served as the Director of Cybersecurity Programs at UCCS since the Spring of 2020. In that time, she has leveraged more than 25 years in various intelligence roles at the Department of Defense and almost 10 years in education to build a cybersecurity program that impacts thousands of lives each year, including university students, prospective students, K-12 educators and students, community and military members, industry representatives and veterans. She is the co-chair of the new and early career initiative and the co chair of the "Getting to Know your CAEs" working group.
Paige Flores, Towson University: Paige Flores is a ROCK STAR new faculty at Towson University and the Director of Operations @ SecurEd Inc. AND a PhD student. She has a passion for designing and developing usable and accessible user interfaces. The process of identifying a problem, prototyping a solution and then turning it into something that everyone can use is exhilarating. She is a software developer and work mainly on front-end design and development with a focus on accessibility. She is teaching in the classroom and understands how important it is to share resources and learn from others. She is the chair of the New and Early Career Initiative.
Slides
Abstract: Do you remember when you started teaching cybersecurity? Do you recall the challenges of getting the classes together, finding the right resources, focusing on the right content? Did you have access to the immense expertise of the CAE Community? This initiative is an effort to connect those new and early career faculty to the braintrust and best practices of seasoned CAE faculty. We have assembled seasoned faculty to mentor new and early career faculty to present to other new and early career faculty across the 400+ CAE school network. We know that oftentimes the new and early career folks are not the ones to come to the CAE meetings and we wanted to connect them into the conversation to understand more about the resources and opportunities available within the community. We also want to harvest their new ideas and approaches to teaching and researching cybersecurity, introducing their voices into the community meetings and projects. We have put together a monthly workshop series for new and early faculty at ANY CAE school that will be held at various times (to make sure it does not always conflict with teaching schedules) on 5 key topics for spring and plan to do 4 more in the fall. Come hear more about this initiative and join in on the conversation!
Presenters:
Gretchen Bliss, University of Colorado, Colorado Springs: Gretchen Bliss has served as the Director of Cybersecurity Programs at UCCS since the Spring of 2020. In that time, she has leveraged more than 25 years in various intelligence roles at the Department of Defense and almost 10 years in education to build a cybersecurity program that impacts thousands of lives each year, including university students, prospective students, K-12 educators and students, community and military members, industry representatives and veterans. She is the co-chair of the new and early career initiative and the co chair of the "Getting to Know your CAEs" working group.
Paige Flores, Towson University: Paige Flores is a ROCK STAR new faculty at Towson University and the Director of Operations @ SecurEd Inc. AND a PhD student. She has a passion for designing and developing usable and accessible user interfaces. The process of identifying a problem, prototyping a solution and then turning it into something that everyone can use is exhilarating. She is teaching in the classroom and understands how important it is to share resources and learn from others. She is the co-chair of the New and Early Career Initiative.
Slides
Abstract: This lightning presentation details a new pilot program at New York Institute of Technology that utilizes functional IT equipment that is scheduled to be retired from service and is reformatted, refurbished, and assembled into cybersecurity training ranges that are designed, built, and configured by cybersecurity students under faculty advisem*nt. The completed cyber ranges are delivered to local High Schools along with faculty/student designed cybersecurity curriculum and are then used in both on-site and remote training sessions where we work with the students to get them interested in cybersecurity as a field and as a career. The program has many benefits so far including creating a cybersecurity focused relationship and pipeline between regional high schools and CAE colleges and universities, eliminating waste at the institution level by re-purposing retired equipment, providing high schools with a hands-on, high impact, experiential cybersecurity learning networks and curriculum not readily available at high schools, providing cybersecurity students at CAE schools with hands-on configuration and training experience creating and testing the networks and curriculum for the pilot program ranges, and providing mentorship to high school students from both college faculty and CAE scholars as they navigate the program and their new cyber range.
Presenters:
Michael Nizich, PhD, CISSP, New York Institute of Technology: Michael Nizich is the director of the Entrepreneurship and Technology Innovation Center (ETIC) and an adjunct associate professor of computer science and cybersecurity at New York Institute of Technology. He has more than 25 years of professional experience in information technology and information security in a variety of industries, including aviation, education, law enforcement, biotechnology, and cybersecurity. He has held IT leadership positions in both private and publicly held companies and has more than 15 years of college-level teaching and research experience. He holds a Ph.D. in information studies from Long Island University, a master’s degree in technology systems management from Stony Brook University, a bachelor’s degree in computer information systems from Dowling College, and a Certified Information Systems Security Professional (CISSP) certificate from (ISC)2. He is the PoC for New York Tech’s Center of Academic Excellence for Cyber Defense Education, serves as the education chair for (ISC)2 Long Island and is the author of The Cybersecurity Workforce of Tomorrow from Emerald Publishing as well as many technology focused articles and textbook chapters.
Slides
Abstract: AWS Academy provides us with a valuable platform for teaching and learning about cloud computing. The program offers a comprehensive set of cloud computing courses, designed to equip students with practical skills and knowledge sought after in the industry. This will be a short session highlighting our experiences using AWS Academy at the University of Arizona. Our instructors leverage AWS Academy to deliver hands-on training, covering a wide range of topics such as cloud architecture, security, and deployment strategies. The platform's real-world scenarios and practical exercises enable students to gain a deep understanding of AWS services and solutions, preparing them for careers in cloud technology. With its structured curriculum and alignment with industry-recognized certifications, AWS Academy serves as an effective tool for educators to bridge the gap between theoretical concepts and real-world application, fostering a dynamic and engaging learning experience for students pursuing careers in cloud computing. The short talk will address: How to use real-world scenarios and practical exercises to enable students to gain a deep understanding of services and solutions, preparing them for careers in cloud technology. How do the courses align with industry-recognized certifications, allowing students to validate their skills and knowledge through certifications? How does it provide educational institutions with the tools and resources needed to integrate cloud technologies into their curricula?
Presenters:
Paul Kealey, University of Arizona: Prof. Kealey teaches Business Data Communications and Networking and Information Risk Management at the University of Arizona. He is also the Associate Director of the Information Assurance and Security Education Center. He has 18 years of experience in information technology and project management, including application planning and development, system design, security solutions, project guidance and leadership.
Slides
Abstract: Immersive and interactive tabletop exercises increase student engagement and workforce readiness. These engaging sessions provide students with a firsthand understanding of the complexities involved in responding to cyber breaches, and these same students also acquire workforce readiness skills and knowledge by personally encountering the realities of responding to cyber breaches. This presentation will discuss how these types of exercises can help your students too.
Presenters:
Sara Hoyt, College of Western Idaho: Sara Hoyt, MS, MBA is the Director of College of Western Idaho’s Cyber Defense Center. She owns and operates her own cyber security business, Cyber Shield Elite, and is a global WiCyS (Women in Cyber Security) mentor and the Vice President of the local WiCyS Idaho chapter. Sara is College of Western of Idaho’s Cyber League Coach, Dual Credit Student Club Advisor, and their Cybersecurity NCAE-CD (National Centers of Academic Excellence in Cyber Defense) accreditation alternate point of contact. Sara is also an EC-Council mentor, and one of few in the nation’s CPNC (Careers Preparation National Center) Competency Trainers for the NCAE-CD community.
Slides
Abstract: This Lightning Talk will discuss how Johnson County Community College's (JCCC) Information Technology Department developed and maintains a K-12 pathway with multiple local school districts. The pathway allows students to complete the JCCC Cybersecurity Certificate program tuition-free alongside their high school education. Successful students receive both their diploma and the Cybersecurity Certificate upon graduation from high school. This session will discuss strategies used to build the pathway, align the program with K-12 schools, and identify key individuals to partner with. It will describe the importance of planning and communication with K-12 partners, including hosting information sessions and visiting schools to increase awareness. In addition, it will define key challenges, including expanding the program and retention of students.
Presenters:
Andrew Lutz, Johnson County Community College: Andrew Lutz is the Chair of the Information Technology department and the Head of the Cyber Center at Johnson County Community College in Overland Park, Kansas. He has been working in the IT industry for over 15 years and has held various roles, including IT Director. He specializes in IT leadership, network and systems administration, security, and project management. His certifications include CCNA, Cisco Cyber Ops Associate, GCFE, GPEN, Security +, A+ and PMP. He is driven to help students achieve their goals. Outside of technology, he enjoys cooking, weight training, stock trading, and hiking.
Slides
Abstract: Since 2015, Indiana has grappled with persistent disparities between the tech workforce’s needs and the available talent, despite various short-term solutions. The Indiana Comprehensive Cyber Plan, authored by the Anderson University Center for Security Studies and Cyber Defense (AU CSSCD), presents a groundbreaking strategy to address this issue comprehensively. The plan focuses on fostering cybersecurity education in K-12, a pivotal element in closing the workforce gap. Collaborating with local CAE-CD Cyber Security Centers, the plan assists school districts in curriculum development, staffing, and student recruitment. Specifically tailored for grades 10-12, the plan envisions the first cohort graduating in AY 2026-27, with the potential for statewide implementation by AY 2029-30 through the Indiana Cyber Network. The AU CSSCD is actively engaged in curriculum development, integrating Project Lead the Way (PLTW), RING (NCAE), and Anderson University CAE-CD curriculums. This comprehensive, multi-year lesson plan aligns with State of Indiana requirements outlined by the CTE Next Level Programs of Study and ensures transferable credits to CAE-designated colleges and universities. To address staffing challenges, the AU CSSCD provides licensed adjunct teachers and/or college faculty for on-site instruction, collaborating with local career centers for off-site alternatives. Furthermore, the center offers internship experiences to high school students pursuing cybersecurity pathways, fostering work-based learning. In the realm of student recruitment, the AU CSSCD maintains a consistent presence in local schools, conducting cybersecurity training for staff and students, making class appearances for cybersecurity activities, organizing e-sports events, and hosting summer cybersecurity camps. This multifaceted approach aims to not only bridge the existing workforce gap but also create a sustainable and dynamic cybersecurity education pipeline for Indiana’s future.
Presenters:
David Dungan, Anderson University: David Dungan comes to AU with more than 25 years of experience in law enforcement and most recently served as a public and private sector liaison at the Indiana Intelligence Fusion Center. Dungan also spent seven years as a captain in the Indiana Department of Natural Resources Law Enforcement Division where his responsibilities included budgeting, quartermaster depot management, material acquisition, grant writing and administration, technology improvement, and continuity of operations planning. Prior to his role as captain, Dungan spent 15 years as a field officer and five months as a corporal. He was a three-time District Officer of the Year and in 2008, he earned the James D. Pitzer Statewide Indiana and the Midwest Council Conservation Officer of the Year awards.
Slides
Abstract: During this presentation, we will take a quick exploration at the world of Open-source intelligence (OSINT) which can be used for noble and not so noble purposes. We will demonstrate with just a little bit of information such as a name and location of an individual, can lead to uncover several layers of sensitive information about them. Thus, showing the importance of being aware that there is "Metadata" about individuals that can be pieced together for the world to see.
Presenters:
Paul Campbell, Guilford Technical Community College: Paul Campbell: Cybersecurity Faculty for Guilford Technical Community College (GTCC), located in Jamestown, North Carolina.
Slides
Abstract: This short presentation will discuss two main items of activities that benefit the small business community with cybersecurity assessments. The initial content will include the overarching details of a collaborated publication between our Kean Center for Cybersecurity and ISC2 NJ Chapter that details very practical content for small businesses to engage with in the effort to prepare for cyber risks and threat assessments. In discussing the creation of this collaborative resource, focused attention is given to the small business community, which can often find it daunting to determine how best to get started in dealing with cybersecurity risks. The second part of this presentation will revolve around the successful grant proposal (sub-award) with the U.S. Small Business Administration (New Jersey Cybersecurity Regional Cluster) that focuses attention to performing cyber risk assessments of community small businesses. In this effort, the proposal calls for including students as apprentices and partnering with faculty to perform non-invasive cybersecurity risk assessments. Content will be provided that will provide the methods and strategies used to determine appropriate small businesses and the technical and non-technical tools used by students to perform cyber risk assessments.
Presenters:
Stan Mierzwa, Kean University: Stan leads the Center for Cybersecurity at Kean University and teaches undergraduate and graduate courses in cybersecurity, information security, and Management Information Systems. Stan is a first-generation college graduate and is currently a Ph.D. candidate in the middle of a dissertation focused on the non-technical or soft-skill competencies of cybersecurity college graduates.
Slides
Abstract: Share our experience in establishing a continuous improvement process to support the collaboration of academic and industry partners to produce greater numbers of more diverse and qualified Cybersecurity/ICT technicians for the growing unmet labor market demand. Partnership with local companies and industry expertise for the development of program curriculum to maximize access and align knowledge, skills & abilities with regional industry standards and workforce demand that meet industry needs. Leverage the successes to scale and enhance the work through a regional consortium focused on cybersecurity technician education. Working closely with industry partners to help our students such as providing internship and mentoring.
Presenters:
Ron Sha, Ohlone College: Ron Sha is currently a professor of Computer Science, Networks, and Emerging Technology at Ohlone College, CA. In this role, he helped Ohlone College establish its Information Technology curriculums and programs. Mr. Sha served as CTO consultant for George Lucas Museum, lead Office of CIO consortium, President of CIO Scholarship Fund and on various advisory/BOD roles. Mr. Sha holds multiple U.S. patents and has over 25 years of broad technology and business experience working as VP/CIO in various in high technology and startups companies in software, manufacturing, healthcare, and entertainment industry.
Slides
Abstract: With the rapid rate at which networking technologies are changing, there is a need to regularly update network activity datasets to accurately reflect the current state of network infrastructure/traffic. The uniqueness of the work is in creating labelled Zeek datasets using the MITRE ATT&CK framework. These are the first datasets of cyberattack tactics and intrusion data labelled as per the MITRE ATT&CK framework. These datasets, UWF-ZeekData22 and UWF-ZeekDataFall22, are publicly available at datasets.uwf.edu. This presentation will outline how both the University of West Florida’s (UWF) Cyber Range and Big Data Platform were used in creating these Zeek and MITRE ATT&CK labeled cyberattack tactics and intrusion datasets. The UWF Cyber Range uses a VMWare vCenter for skills-based education for students of UWF's National Security Agency (NSA) and the Department of Homeland Security (DHS) jointly sponsored National Center of Academic Excellence in Cyber Defense (CAE-CD) Cybersecurity program. The Big Data Platform uses Apache Spark and Hadoop for Big Data education for students of UWF's Accreditation Board for Engineering and Technology (ABET) Computing Accredited Computer Science program. The datasets were finally validated using several machine learning algorithms which achieved a high classification accuracy in identifying the various tactics labelled as per the MITRE ATT&CK framework. Hence, both the students and technologies were combined to produce Zeek and MITRE ATT&CK labeled cyberattack and intrusion datasets in fulfillment of our research funded by the National Center of Academic Excellence in Cybersecurity, 2021 NCAE-C-002: Cyber Research Innovation Grant Program, Grant Number: H98230-21-1-0170.
Presenters:
Dr. Dustin Mink, University of West Florida: Dr. Dustin Mink received the B.S. and M.S. in Computer Science from the University of West Florida, and Ph.D. in Computing from the University of South Alabama. He is Faculty in the Department of Cybersecurity and Information Technology at the University of West Florida. Concurrently, he is a Communications Officer at the Marine Corps Reserve assigned as an Adjunct Professor in the Cyber Intelligence and Data Science in Intelligence Department at National Intelligence University. Concurrently, he is a Solution Architect at Leidos contracted to the Department of Defense. His research interests include cyber and signals artificial intelligence and machine learning.
Dr. Sikha Bagui, University of West Florida: Dr. Sikha Bagui is Distinguished University Professor and Askew Fellow in the Department of Computer Science, at The University West Florida, Pensacola, Florida. Dr. Bagui is active in publishing peer reviewed journal articles in the areas of database design, data mining, Big Data analytics, machine learning and AI. Dr. Bagui has worked on funded as well unfunded research projects and has 100+ peer reviewed publications in highly selected journals and conferences. She has also co-authored several books on database and SQL. Bagui also serves as Associate Editor and is on the editorial board of several journals.
Dr. Subhash Bagui, University of West Florida: Dr. Subhash C. Bagui received his B.Sc. in Statistics from University of Calcutta, M. Stat. from Indian Statistical Institute and Ph.D. from University of Alberta, Canada. He is currently a University Distinguished Professor at the University of West Florida. He has authored a book titled, “Handbook of Percentiles of Non -central t-distribution”, and published many high quality peer reviewed journal articles. He is currently serving as associate editors/ editorial board members of several statistics journals. His research interests include nonparametric classification and clustering, statistical pattern recognition, machine learning, central limit theorem, and experimental designs. He is also a fellow of American Statistical Association (ASA) and Royal Statistical Society (RSS).
Slides
Abstract: Zui is a user-friendly, open-source tool designed for analyzing large packet captures and leveraging Zeek and Suricata logs. It enables in-depth network traffic and behavioral analysis. In this workshop, we’ll explore how to effectively use Zui for querying data and identifying threats within PCAP files. Notably, Zui stands out for its straightforward installation process, making it an excellent choice for classroom environments.
Presenters:
Deep Ramanayake, Xavier University: Deep is a Teaching Professor in Computer Science and Cybersecurity, serving as the Director of the Cybersecurity Program at Xavier University in Cincinnati. He is currently teaching offensive and defensive cybersecurity, reverse engineering, and networking. His research focuses on advancing education in Cyber Security, emphasizing practical learning through immersive hands-on experiences. He is passionate about engaging students with real-world challenges, fostering teamwork, and providing them with exposure to the intricacies of the field. Ultimately, he is dedicated to equipping the next generation of cybersecurity experts with the skills and expertise necessary to excel in this dynamic and vital domain.
Slides
Abstract: Covert channels are clandestine methods for communication that have been explored in many contexts such as concurrency control, buffer management, and network communications. Covert communication over a quantum channel has so far been exploited in Quantum Key Distribution (QKD) processes on its own or in a hybrid setting with classical formulations. As in the case of QKD, covert communication over quantum channels has focused mainly on covert key distribution rather than the exchange of secret messages. Multi-photon three-stage quantum communication protocol has been implemented for secure communication as an alternative to BB84 protocol and is based on the use of unitary commutative transformations known only to both endpoints. From the point of view of practical implementations, the multi-photon 3-stage protocol has the advantage that information exchange is not restricted to the existence of only a single photon in a time slot and is not subject to beam-splitting attacks as well as siphoning attacks. The three-stage protocol has the advantage of transmitting information rather than being restricted to only QKD communication. However, our analysis found that the protocol can be subject to covert channel attacks where an attacker can interfere with communication causing a restart of the protocol that can be used for signaling confidential information. In the context of Quantum Key Distribution (QKD) protocol, previous research focused on establishing the covertness (undetectability) and secrecy of key distribution. Using an experimental setup of multi-photon three-stage quantum cryptography protocol, the transmission of covert bits in this communication medium can be analyzed, error detection measures can be explored, and countermeasures can then be designed and implemented. Our project is a multi-university, multi-departmental collaborative initiative for encouraging undergraduate research in the area of secure quantum communication.
Presenters:
Binto George, Western Illinois University: Dr. Binto George is a tenured Professor in the School of Computer Sciences at Western Illinois University (WIU). He completed his Ph.D. at the Indian Institute of Science and has authored books, book chapters, and research publications in the area of database security and artificial intelligence. His work involves developing secure concurrency control and buffer management protocols for real-time database systems. He has been extensively involved in the CAE cybersecurity program and curriculum development. Dr. George also serves as the faculty coordinator for the cybersecurity lab at WIU. He is an EC-Certified Ethical Hacker and Cipher Trace-certified Cryptocurrency Examiner. He has served as IEEE Iowa-Illinois section chair, IEEE Computer Society chair, and in various other professional capacities.
Sayonnha Mandal, University of Nebraska Omaha: Dr. Sayonnha Mandal is a Cybersecurity Lecturer at the University of Nebraska at Omaha (UNO). Prior to this, Dr. Mandal was an Assistant Professor of Computer and Information Science at St. Ambrose University. She has completed her Masters in Telecommunication and Cybersecurity from the University of Oklahoma and UNO and her PhD in cybersecurity. She teaches courses in Network Security, Digital Forensics and Information Security Policy and Awareness. Dr. Mandal is involved in community cybersecurity activities such as GenCyber, CodeCrush, Brownie Scouts of Nebraska and Iowa, and several Women in STEM initiatives.
