Engaging discussions between students in asynchronous online courses are an important part of learning yet many find it difficult to develop creative and effective discussion prompts in cybersecurity and other technical courses. Often these discussion prompts end up looking like short answer questions with each student posting very similar responses. It is hard to generate a meaningful conversation from this type of prompt and students often get stuck trying to think of something relevant to say. It doesn’t have to be this way!

The Public Infrastructure Security Cyber Education System (PISCES) is a platform which brings together industry, government, and education to deliver a job ready workforce, engage students with real-world experiences, and provide services to small local government entities which they would not otherwise be able to afford. PISCES places collectors on small governmental networks to collect netflow data. The data is stored on an ELK stack, and is monitored by students who perform anomaly analysis and threat hunting on the real data. Issues discovered are reviewed and reported.

Inspired by a Cloud Security Alliance write-up by the presenter, this session will bring about a fun and interactive Lightning Talk on the topic of introducing music that aligns with the varied work roles and tasks in cybersecurity activities. This Lightning Talk will utilize and play some minor snippets of music (as loud as possible) that correspond to the National Initiative for Cybersecurity Education (NICE) Workforce Framework.

Students in multiple cohorts of our 3000 level Fundamentals of Information Systems Security course were given a discussion question where they had to either agree or disagree with the premise that given all the constant threats to our systems, we should dedicate more of our efforts to quickly repairing the damage of an attack rather than dedicate more of our time and energies to preventing such attacks. They were required to give their reasoning and provide sources to back up their analysis of his comment. This talk will describe and explain the concept of cyber resiliency.

This presentation will unveil the technologies and moving pieces that power the NCAE National Competition. The NCAE National Competition team has open sourced this custom platform and is willing to share all of the details, but the infrastructure spans a number of complex technologies and will be daunting even to a veteran systems administrator. The NCAE National Competition team will offer possible pathways to using our infrastructure at your institution outside of the competition season.

Secure boot is reliant on the Chain of Trust to guarantee the security of an individual device. Chain of trust refers to the transfer of trust such that the transfer of execution in a device from one component to another does not alter the quality of trust. The transfer of execution in a cyber-enabled structure is one of the most important decision points where the state of trust is altered. In this project, we identify the constructs of secure flash (programming of a device) to maintain trust within the secure boot for subsequent bootups.

In the realm of education, a revolutionary tool called ChatGPT and Generative AI is changing the way students learn. ChatGPT and generative AI are not just theoretical concepts; they are already being used by students. ChatGPT, trained on vast amounts of data, generates human-like text and assists students in various ways. It helps them generate papers, provides prompt and accurate answers to their questions, and aids in research by finding relevant sources. Teachers play a crucial role in integrating ChatGPT effectively.

Internet of Things (IoT) devices capture and process sensitive personally identifiable information such as camera feeds and health data from enterprises and households. These devices are becoming targets of prominent attacks such as Distributed- Denial-of-Service (DDoS) and Botnets, as well as sophisticated attacks (e.g., Zero Click) that are elusive by design. There is a need for cyber deception techniques that can automate attack impact mitigation at the scale that IoT networks demand.

In recent years, aviation security was designated as a national strategy, which further emphasized the increasing interest and growth for aviation cybersecurity. The growing digitization and greater connectivity of aviation infrastructure increases the vulnerabilities and risks associated with the aviation industry. In response, educational institutions must diversify their instruction to train a more robust cybersecurity workforce for increased cybersecurity protection.

This presentation will share some of the approaches currently underway to explore evidencing competencies through cyber competitions. The presenters will share preliminary findings from research underway on how students perceive competency development as well as a model for evidencing competency within competitions for consideration and discussion.