Developing a “Hands On” Security Compliance Course
The North Carolina Community College System’s Security Compliance course (SEC-258) introduces information security compliance and standards along with how they apply to corporate IT environments. Topics included in the catalog description of the course include ISO standards, government NIST frameworks, federal and state compliance requirements, security policies, incident response and business continuity planning. We have also added a CMMC module to the course. Unfortunately, many times the course content is dry and requires pure memorization.
ERAU & A-ISAC CTF: Raising Awareness about Aviation Cybersecurity
Aviation cybersecurity is an increasingly important problem for not only our nation but also the whole world. From vulnerabilities in avionics embedded system critical for flight operations in an aircraft to a wider network of international airports, cyber threats are more pervasive in aviation today. Airport and airlines face millions of cyberattack attempts annually and this trend will persist. A recent report from Europe in 2021, for example, shows cyberattacks on aviation increased by 530% in a year.
Hierarchical Multi-Blockchain Architectures for Autonomous Management of Medical Data/Devices
The healthcare ecosystem involves several interconnected stakeholders with different and sometimes conflicting security and privacy requirements. Sharing medical data, particularly remotely generated data, is a challenging task. Although there are several solutions in the literature that address the interoperability & scalability functional requirements of such services, as well as the security & privacy requirements, achieving a good balance between these is not a trivial task as off-the-shelf solutions do not exist.
The Lack of Incident Response Curriculum in the CAE Community: Call to Action
In September 2020, the Critical Infrastructure Resilience Institute (CIRI) - a DHS Science & Technology (S&T) Center of Excellence at the University of Illinois Urbana-Champaign - led a Cybersecurity and Infrastructure Security Agency (CISA)-funded project and team of academic partners (Auburn University, Purdue University, University of Tulsa) in the creation of a comprehensive plan to develop a nationwide cybersecurity education and training hub & spoke network to address the nation’s chronic and urgent cybersecurity workforce shortage.
Making Knowledge Units Work for Your Program
Knowledge Units are “owned” by the schools, yet schools do not take advantage of updating and modernizing them. This presentation will present how schools can update KU’s to have better alignment with their curriculum and improve the ecosystem for all. This presentation will include audience participation as a means of evangelism and outreach. The objective is to get more people involved in making the KU’s work for their program.
Benefits from a Novel Outreach Project that Supports Cybersecurity Professional Development
This proposal discusses considerable benefits of a recent outreach project to strengthen relationships between Indiana University of Pennsylvania (IUP), an established CAE for over two decades, and several Community Colleges (CCs) and technical institutes across Pennsylvania. IUP has been working with several CCs for years to promote cybersecurity education and research in the western PA region.
RMF vs CSF: Which is Better for Higher Ed?
This is a presentation of research completed to compare higher education information security policies to the NIST risk management framework. A surprising event occurred when it was found that the higher ed institutions were using the NIST cybersecurity framework instead, which incorporates parts of the RMF. This workshop presents the results of this research along with a discussion.
Education on Cybersecurity Issues with Smart Power Grid
Modern power grids, such as smart grid and micro-grid systems, have various intelligent and sophisticated controllers at all stages of generation, transmission, sub transmission, distribution, and customer ends. Moreover, renewable energy sources (wind generator, photovoltaic systems, etc.) are being connected to the grids through various power electronics components and energy storage systems (ESS). According to a recent report, solar and wind together represent roughly 10 percent of the world’s installed capacity.
Building a Smart Secure Manufacturing Testbed Using Zero Trust Model, Machine Learning and 5G
Manufacturing is not only the backbone of U.S. military-technical advantage, but also a major contributor to the U.S. economy. A healthy, innovative, and vibrant manufacturing sector is essential to the economic strength and national security of the United States. The Industrial IoT, coupled with 5G, security in IIoT, machine learning, and artificial intelligence, is impacting the future and growth of manufacturing.