2nd Annual Symposium

Director and Principal Investigator of the National CyberWatch Center, Prince George’s Community College, Largo, MD

Mr. Casey W. O’Brien is Director and Principal Investigator of the National CyberWatch Center, a National Science Foundation-funded cybersecurity consortium headquartered at Prince George’s Community College. Mr. O’Brien has coordinated the Mid-Atlantic Collegiate Cyber Defense Competition (CCDC) since 2005 and is a co-founder of the National Cyber League (NCL), a first-ofits- kind ongoing educational experiment in learning and gaming, where the students (AKA players) are co-creators and collaborators in building engaging, entertaining, measurable, and scalable methods of learning to enlist a new generation of cybersecurity professionals.

Mr. O’Brien has more than 10 years of experience in information security and large-scale IT project management in challenging and cutting-edge computing environments that include both the public and private sectors. As an educator, Mr. O’Brien has both developed and taught numerous courses in networking and information security-related topics. Mr. O’Brien’s research interests include teaching information security at the two-year level, adaptive networks, and high-availability computing.

Mr. O’Brien teaches internationally and is a frequent invited speaker at various conferences. He earned a B.A. in Cognitive/Behavioral Psychology from the University of St. Thomas and an M.A. in Existential/ Phenomenological Psychology from Duquesne University and holds various industry-recognized certifications.

Presentation Title: Cybersecurity Education Solutions for the Nation

Abstract: This presentation will highlight collaborative solutions to some of the country’s cybersecurity education and workforce development challenges. These models of excellence include: K12 programs designed to develop the next generation of teachers and after-school/summer projects for underserved populations; moving cybersecurity competitions beyond toys and games; the newly created National Cybersecurity Student Association; novel uses of both virtual and physical learning environments; and Practice-Centered Research & Education.

The presentation will also discuss some of the challenges facing academia in responding to the nation’s critical cybersecurity workforce shortage, including: the community college brand; lack of clearly defined middle-skill jobs; federal policies; and more.

Teacher of Technology, Teacher of the Year 2011-2012, Red Bank Regional High School, Little Silver, NJ

Mrs. Galante holds CompTIA A+, Network+ and Security+ certifications and is pursuing a master’s degree in cyber security. She has been named Red Bank Regional High School’s 2011-2012 Teacher of the year.

Mrs. Galante has created innovative curriculum to instruct high school students in computer hardware, operating systems, networking, cybersecurity, and expanded curriculum in digital forensics. She recruits a diverse student group from entry level and then challenges those with interest to advance into the Honors Network and Cybersecurity courses which are eligible for college credits. The students are additionally motivated by the chance to be selected for one of several cyber teams that Mrs. Galante coaches to national competitions each year, i.e., NYU-Poly CSAW Forensics challenge, AFA CyberPatriot Challenge, Cyber Aces Challenge and FBLA Technology competitions. Through her efforts, RBR students have gone on to win regional, state and national prizes.

Co-Presenter, Security Professional and Parent of a Red Bank Regional High School Student Trenton, NJ

Scott has been working with GIS (Geographic Information Systems) for over 20 years. His background is in the field of Geophysics, with a Bachelor’s from the Johns Hopkins University, some graduate work at Boston College and a Master’s from Brown University (Ph.D. ABD). Ultimately he switched to GIS as it is not only fun and engaging making maps and doing spatial analyses, but it pays modestly well. He started GIS as an intern at MassGIS, the state GIS office for Massachusetts, and ended up working there after grad school. His family then moved to NJ where he worked for several years as a GIS Project Manager at an engineering firm, working on projects in both the private and public sector. Scott has been working for the past 4 years as the GIS Coordinator for the NJ Office of Homeland Security & Preparedness and is the proud parent of an incoming FDU freshman in the field of Cybersecurity.

Presentation Title: Cybersecurity Learning in Secondary Education

Abstract: At first look, teaching cybersecurity to teenagers doesn’t seem like a great idea – isn’t that the same as teaching them to hack? In fact, by giving young adults structured access to cybersecurity tools, we have the chance to grab them as white hats rather than letting them wander into black hat territory. The unique courses at Red Bank Regional High School have combined three concepts – how to secure computers, how to find vulnerabilities and what are the ethics of cyber security actions. The result is a win/win – the students start on a path towards engaging job opportunities and the work force is enriched by sorely needed cybersecurity professionals. We’ll examine cybersecurity learning from three angles – what is taught to these students and how it is taught; what the students take away from the classes; and what are the parental concerns and understanding of cybersecurity learning.

Professor and Chair, Engineering and Technology; Principal Investigator, E-MATE NSF Grant; Principal Investigator, CyberCenter NSF Grant; Brookdale Community College, Lincroft, NJ

Michael Qaissaunee has been the driving force behind three National Science Foundation (NSF) grants awarded to Brookdale: Building a Pipeline of Cyber Warriors Through Education and Competition Offered Through Community Colleges, awarded in March 2013; E-MATE, E-books and Mobile Apps for Technician Education, awarded in October 2012; and a 2003 grant to found the Mid-Atlantic Institute for Telecommunications Technologies (MAITT).

Michael has been active at his own campus and around the country in promoting the adoption of new technologies in and approaches to teaching and learning, including: blogs, audio and video podcasts, wikis, mobile computing, and educational gaming and simulation. He has conducted workshops and presented keynote addresses at more than 50 conferences and seminars nationwide on topics including cybersecurity, interactive e-books, wireless, wireless security, iPhone programming, and Web 2.0.

In December 2013, Qaissaunee was recognized by the SANS Institute as a 2013 recipient of the People Who Made a Difference in Security award. Qaissaunee was honored for his work implementing the New Jersey Cyber Aces Academy at Brookdale (NJCAAB), a hands-on cybersecurity training program at Brookdale, and for facilitating its replication in other states. Michael is also the recipient of two Educator of the Year awards, including the 2007 Global Wireless Education Consortium (GWEC) Wireless Educator of the Year Award and the 2009 High Impact Technology Exchange Conference (HI-TEC) Educator of the Year Award. The awards recognize his outstanding contributions to advanced technological education at both the local and national levels and significant contributions to the education and training of today’s technology workforce.

On his home campus, Michael was recognized in 2011 with an Outstanding Faculty Award and in 2013 with the prestigious Barringer Award.

Co-Presenter; and Founder, Counter Hack; Director, SANS NetWars and CyberCity Projects; SANS Fellow & Instructor; Bethesda, MD

Ed Skoudis is the founder of Counter Hack, an innovative organization that designs, builds, and operates popular infosec challenges and simulations including CyberCity, NetWars, Cyber Quests, and Cyber Foundations. As director of the CyberCity project, Ed oversees the development of missions which help train cyber warriors in how to defend the kinetic assets of a physical, miniaturized city. Ed’s expertise includes hacker attacks and defenses, incident response, and malware analysis, with over fifteen years of experience in information security. Ed authored and regularly teaches the SANS courses on network penetration testing (Security 560) and incident response (Security 504), helping over three thousand information security professionals each year improve their skills and abilities to defend their networks. He has performed numerous security assessments; conducted exhaustive antivirus, anti-spyware, Virtual Machine, and IPS research; and responded to computer attacks for clients in government, military, financial, high technology, healthcare, and other industries. Previously, Ed served as a security consultant with InGuardians, International Network Services (INS), Global Integrity, Predictive Systems, SAIC, and Bell Communications Research (Bellcore). Ed also blogs about command line tips and penetration testing.

Presentation Title: New Jersey Cyber Aces Academy at Brookdale: A Collaborative Public/Private Model to Secure the Nation

Abstract: Responding to the growing number of cybersecurity threats, and a shortage of skilled cybersecurity workers with significant hands-on skills, Brookdale Community College and Counter Hack Challenges have established the New Jersey Cyber Aces Academy at Brookdale. The Academy, funded through a two-year National Science Foundation grant and subsidized by the SANS Institute, uses a multi-level, competition-based model to identify talented individuals and provide them with high-level cybersecurity training and skills-building exercises. Serving as a pilot, the Academy at Brookdale is being replicated by six other states. Presenters will provide a project overview and highlight progress, best practices and lessons learned.

Associate Professor Computer Science, New Jersey Institute of Technology, Newark, NJ

Presentation Title: iSECURE: Integrating Learning Resources for Information Security Research and Education

Abstract: This research-in-progress investigates methods and procedures for linking and integrating multi-media teaching materials (slides, videos and textbooks) for use in Information Security courses based on security ontology. The semantic linking of multimedia materials allows students to search and compose multimedia and interactive course materials based on the digital contents, methods and learning styles, thus enabling flexible personalized learning. To achieve these goals, the project seeks to analyze, develop, and assess the following related research tasks: (1) Segmenting and annotating learning media based on their learning content, (2) Building a security ontology to be used for annotating and querying the learning objects, (3) Adapting lecture contents to student learning styles, and (4) Evaluating the usability and effectiveness of the linked multimedia learning system.

This NSF-funded research project involves collaboration among multiple institutions, namely, NJIT (Vincent Oria, Jim Geller, and Reza Curtmola), CUNY College of Staten Island (Soon Ae Chun), and Montclair State University (Edina Renfro-Michel).

Industry Professor, Computer Science & Engineering, New York University Polytechnic School of Engineering, Brooklyn, NY

At NYU-Poly since 2007 and at Bell Labs since 1983, Mr. Reddington has been a researcher in networking and networking security focusing on the deficiencies in system and protocols that lead to them being exploited. At Bell Labs, he created and led as director two departments in security: The Internet Research Department and the Security Research Department. As director of Security Research, his role was to define the research direction for his department as well as to define the research direction for Alcatel- Lucent and Bell Labs. He managed and contributed to research on firewalls, intrusion detection systems, application layer firewalls and cryptography. His department was comprised of people with backgrounds in cryptography and computer science whose research mission was to create technologies that can be applied to the security of products and networks. As director of the Internet Research Department, he led and contributed to research on latent vulnerabilities (with risks and impacts) and pathological deficiencies in network infrastructure, network services, and network user equipment for the Defense and Intelligence communities.

Presentation Title: Virtualization of the Laboratory

Abstract: In a typical computer science classroom there would be a room in which lectures are presented and another room full of computers in which computer lab exercises were performed. In on-line classrooms the room has been replaced by systems such as Blackboard Learn, Blackboard Collaborate, Classes, etc. but the laboratory does not have an obvious analog especially in a distributed learning environment. One solution is to provide exercises that run on student laptops but the lack of uniformity in students’ computer architecture (64 vs. 32), virtualization capability, memory, CPU speed, complexity of the exercise, and operational maintenance must be addressed.

Another solution is to provide a web-based virtualized environment in which the students run computer lab exercises. This provides a common environment for the class that is independent of their individual laptops and location independent. The environment may offer multiple virtual machines with their own internal network for a lab exercise. The virtual environment should be scalable to handle many students, all running exercises at the same time. And finally, the virtual environment should support the classroom paradigm.

This presentation will discuss such a system called Virtual Lab (VLAB); a private cloud developed at NYU Poly and used successfully for the past seven years. The current system is configured for 160 students and can support 1000 simultaneous virtual machines running on three xen servers. Much of our design work has been to create an architecture that will maximize the number of students we can run on our hardware as well as having an extensible architecture that can grow s needs dictate.

Colonel, US Army Retired and Consultant, Passaic, NJ

 Carl A. Singer has degrees from Case Institute of Technology (BS), the University of Michigan (MSIE) and Purdue University’s Krannert School of Management (PhD.), and is currently enrolled in Fairleigh Dickinson University’s Master of Science in Homeland Security (MSHS) program.

His varied and exciting civilian career began as the International Management Scientist and Foreign Exchange Forecaster/ Manager for Chase Econometrics and consultant to the Chase Manhattan Bank’s Executive Vice President, Financial Planning and Budgeting. He subsequently worked on classified government projects for General Electric and then for Bell Communications Research. Carl then worked at IBM as a senior consulting faculty member at IBM’s Advanced Business Institute. He later served as a Vice President at the Bank of New York Mellon where he provided oversight and guidance to senior project managers. Dr. Singer also served as a consultant for the Institute for Defense Analyses, a Washington think tank.

Carl currently volunteers as a Member of the Executive Committee and Vice President of Operations for the IEEE Software and Systems Engineering Committee, and serves on several civic organizations.

Carl served in the U.S. Army from 1970 to 2001 in both active and reserve status and attained the rank of Colonel. He was part of an elite “mini-staff” within the Army Chief of Staff’s Office where his officemates included (then Lieutenant Colonel) Colin Powell. He also served with the Secretary of the Army for Research, Development and Acquisition reporting to the Chief Scientist of the Army. His last assignment was at the U.S. Army War College’s Center for Strategic Leadership where he led a team of colonels supporting the annual Strategic Crisis Exercise. He is a graduate of the U.S. Army War College, and the U.S. Army Command and General Staff College. His awards include the Legion of Merit.

Presentation Title: Strategic Crisis Management

Abstract: The best way to deal with a crisis is avoidance. Given that this is not always possible an approach to successfully responding to crises is developed. This approach serves a dual purpose:

• Training students how to anticipate, to avoid and as necessary to plan responses to potential crises, and
• providing organizations with deepened insight into their vulnerabilities and crises response processes.

The presentation reflects a decade of experience at the U.S. Army War College’s Center for Strategic Leadership and their annual Strategic Crisis Exercise as well an eponymous course that the presenter developed for IBM’s Advanced Business Institute. The root causes of crises are explored and several potential crises scenarios are examined. Attendees will achieve a better understanding of how to plan for crises and how to tailor their crisis response plans.

Director—Education Solutions, HID Global Corporation, Austin, TX

Brett St. Pierre is Director—Education Solutions at HID Global Corporation. In this role, St. Pierre is responsible for coordinating the company’s product roadmap and business strategy for the education vertical.

He also serves as Co-chair of the SIA Education Interest Group, member of NACCU and has supported many educational institutions with technology transitions. As a veteran in the Security industry, St. Pierre has over 15 years of experience at the organization.

Presentation Title: Industry Security, Innovations and Controls

Abstract: This presentation will cover the basics of a Physical Access Control System (PACS) in addition to radio frequency identification (RFID) card technologies. We will explain how a card can be used for various applications other than access control solutions that allow for convenience and added security. With technology advancing over the last 20 years we will take you through and discuss where technology is today and where it’s going in the future.