Category Archives: cybersecurity

Learn about the Washington Center National Security Seminar in Washington, D.C.

Leave a reply

On Monday, September 14th the students who attended The Washington Center’s National Security Program this past summer will give an informative presentation in the Sewall Center International Suite at 3:30 pm.

If you have even the slightest interest in the Washington National Security program, we urge you to make the time to attend. It is an opportunity for you to hear about the program from the student’s perspective!

You will receive one hour of SET credits for attending. Light refreshments will be served.

Cybersecurity Job Opportunities at the Department of Homeland Security #DHScyber

Leave a reply

The Department of Homeland Security (DHS) is responsible for safeguarding our Nation’s critical infrastructure from physical and cyber threats that can affect national security, public safety, and economic prosperity. DHS is actively recruiting (http://www.dhs.gov/homeland-security-careers/dhs-cybersecurity) dynamic cybersecurity professionals in its National Cybersecurity and Communications Integration Center (NCCIC) to help protect the Nation’s cyberspace.

ABOUT NCCIC

NCCIC is a 24×7 cyber situational awareness, incident response, and management center that is a national nexus of cyber and communications integration for the federal, state, local, territorial, and tribal governments, the intelligence community, law enforcement, the private sector, and international entities. Qualified candidates must have knowledge, skills, and experience in, but not limited to:

  • Information systems and architecture design
  • Incident response
  • Malware and forensic incident analysis
  • Information security program and project management
  • Information assurance
  • Gathering and analyzing incident data
  • Developing and implementing information systems security programs, polices, and procedures
  • Leading teams in cyber incidents and responses
  • Identifying and analyzing cyber security threats and providing mitigation strategies
  • Identifying and exploiting vulnerabilities, vulnerability scanning and penetration testing
  • Evaluating security incident response policies
  • Reviewing proposed new systems, networks, and software designs for potential security risks

HOW TO APPLY

Employment opportunities are posted on USAJobs at dhs.usajobs.gov. Search using keyword “NCCIC”.  For more information, see:  http://1.usa.gov/1fbNhFS

MUST READ Article on Cybersecurity

Leave a reply

Student Editorial

I hope everyone’s summer has gone well so far, and I hope that everyone is almost ready for another great school year as August nears. The article below is by far one of the best articles I’ve seen/read on cybersecurity. With the pool of both the good and bad guys involved with cybersecurity only continuing to grow, the battle to protect and damage critical infrastructure will continue to rage on. Shawn Henry, current president of CrowdStrike Services and former FBI Assistant Director, discusses how cyber adversaries are adapting and finding new ways to attack. In addition, he discusses the growing issue with China continuing to illegally access the U.S.’s private data, and how our nation must provide a better response to these incidents.  In addition, a few other topics in cybersecurity are discussed.  All in all, this blog post cannot give you all of the detail provided by this marvelous article. Please take the time to read it.

http://www.afcea.org/content/?q=Article-destructive-cyber-attacks-increase-frequency-sophistication#

Openings for Information Technology Specialists at Department of Homeland Security

Leave a reply

The Department of Homeland Security (DHS) is recruiting candidates for the Acquisition Professional Career Program (APCP) for Information Technology Specialists, an Entry-Level Acquisition Career Development Program in the Washington, DC metropolitan area.

We are looking for exceptional, intelligent, self-starters to train, develop skills and gain the necessary experience to become a sought after acquisition professional.  These important positions will involve support of information technology related contracting and procurement activities for mission-critical goods and services in support of the DHS mission of securing our homeland.  As a member of the DHS team, you will have the chance to put your academic achievements and professional experience to work on behalf of our nation’s security by providing information technology procurement and acquisition services throughout  Department of Homeland Security.  In public service, you’ll be in a position of public trust and will be able to contribute immensely and truly make a difference.

Department of Homeland Security has several openings for APCP Information Technology Specialist, GS-2210-7, positions.  Those candidates that gain entry into the Program will experience rotational assignments in the Department’s acquisition program offices, such as:  the Immigration and Customs Enforcement, Transportation Security Administration, U.S. Coast Guard and Federal Emergency Management Agency.  In addition, program participants will receive technical and leadership training.  Upon successful completion of the three year program, program participants will be placed into a  position in one of the components with promotion potential to a GS-2210-12.  Federal careers offer a host of benefits such as: health insurance, paid vacation and sick leave and much more.

Please see the following links: https://www.usajobs.gov/GetJob/ViewDetails/405267500; or http://www.dhs.gov/acquisition-professional-career-program

Applications are due by June 22, 2015 – The vacancy announcement will close on MONDAY, June 22, 2014.

The New #1 Cyber Security Threat

Student Editorial

Starting off on a quick personal note, I will be graduating this May with my degree in Cyber Forensics and Information Security.  Robert Morris University has provided more knowledge for me than I ever thought possible.  With regard to cyber security, I have learned that the number one threat / weakness is user error.  Uneducated people can cause more damage in the blink of an eye than almost any other weakness.  That being said, I have discovered that this is almost common knowledge now, even among non IT people.  Organizations have gone to great lengths to educate employees to prevent attacks.  Perhaps, the number one threat has changed because of this.

When a user sits down at a machine, what is the first thing that they do?  They open up a web browser of their choice and check their email, and often times social media as well.  These web applications are used billions of times a day by billions of people.  If a hacker wants to gain information from a company, planting a bug on these web applications is quite possibly the best way to go.  In this case, educating people can only do so much.  If you tell employees to not check their Facebook, how long before they break that rule?   So the next logical question becomes, why are these web applications so vulnerable?

The biggest reason is that they were not created with security in mind.  The world wide web was created with the idea that it would be a place to openly share ideas and information across the globe in an instant.  Security would defeat this original purpose.  The founders never could have imagined what their creation would become.  It is because of this that web applications have become the number one threat to companies today.  Hopefully those of us who are graduating in a few weeks will someday be able to make a difference in the cyber future.

For more information, check out the link below:

http://www.forbes.com/sites/sungardas/2015/03/12/cyber-security-threats-to-information-systems-today/

Careers with Cyber Forensics: Military, Law Enforcement, Corporate, and Executive – April 22

Leave a reply

Careers with Cyber Forensics: Military, Law Enforcement, Corporate and Executive

Wednesday, April 22, 2015
Wheatley Center Critique Space

Schedule:
3:45 pm – Registration
4:00 pm – Pizza will arrive
4:15 pm – 5:30 pm –  Security Presentation
5:30 pm – 5:45 pm –  Question and Answer period

Top Secret Colonials are sponsoring this event!  If you register at the registration table, you will be able to receive SET credit for attending.

Several distinguished speakers will present, including:

  • Christopher J. Mellen 
    Director of the Information Risk Management branch within the Office of the Chief Information Officer for the Executive Office of the President (EOP) of the United States
    His directorate consists of the Records Management Branch, Cyber Integrity (eDiscovery) branch, Information Assurance and Security Operations
  • David Coughanour
    VP, Director PNC-CERT
    Teams responsible for Network Security Monitoring, Cyber Threat Intelligence, Technical Insider Threat Mitigation, and Digital Forensics
  • Edward R. Villarreal
    Incident Response, Mobile Security, and Insider Threat Team Lead for ManTech International onsite at a Large Federal Law Enforcement Agency
    His team provides computer forensic and incident response support to State-sponsored attacks against the Agency’s networks, eDiscovery collections to the Insider Threat Section, and Mobile Security technical expertise to the IT Branch deploying over 30,000 mobile devices.

Online Gaming Hack

Student Editorial

Activist groups, regardless of which ones you are examining, have a message that they want to get across to the public.  Sometimes it is with regard to religion, or a political figure.  No matter the message, the ultimate goal is to convey this message in a way that gets the public’s attention.  However, there are so many activist groups out there these days that you have to get creative in order to stand out.  A few months ago, an activist group did just that.

It has been a few months since the activist group “Lizard Squad” took down both the PlayStation Network as well as the X Box Live Network.  Why target gamers for a message?  Stereotypically speaking, they do not worry to much about these kinds of things.  However when the number of gamers affected by taking down their networks is 56 million, I think it is safe to say that you have gained the attention of a huge population of people.  It is creative, effective, and depending on your perspective, devastating.  What was the message that was so important then?

In reality, this group of hackers are what is known as ‘White Hat’ hackers.  They infiltrate various networks for good intentions.  The Lizard Squad wanted to bring down the gaming networks to show how weak their security really was.  By doing this, it can become public knowledge that Microsoft and Sony, powerhouses in the technology world, still have a lot to learn in the area of security.  Eventually, there is going to be a cyber attack that is much more devastating than that of The Lizard Squad.  One with real consequences.  Hopefully major organizations become aware that there is a problem that needs to be addressed.

For more information on the attack that took place this past Christmas, you can check out the links below:

http://www.nytimes.com/2014/12/29/technology/playstation-network-returning-after-hacking-that-also-targeted-xbox-live.html?_r=0

http://www.independent.co.uk/news/world/americas/what-is-the-lizard-squad-and-what-does-it-want-9945949.html

CSC Webinars on Cyber Security and Big Data

CSC (Computer Sciences Corporation) is hosting two FREE webinars on the topics of cyber security and Big Data. For those unfamiliar with CSC, the corporation is one of the biggest IT companies in the world. They employ over 72,000 people in over 70 countries across the world and currently have main offices located in Sweden, Denmark, and Norway.

The first online seminar is on Tuesday, March 10th, from 6-7 PM. The presenter of the seminar is Robert J. Carey. Mr. Carey worked for the Department of Defense for over 31 years and recently retired in March, 2014. Mr. Carey championed the ideas of enterprise computing, improved military mobile solutions, and  advanced cyber security while working for the United States Navy. He currently holds the position of Vice President of Cyber Security at Computer Sciences Corporation.

The second online seminar offered is on Thursday, March 26th, from 6-7 PM. The presenter of this seminar is Hank Tseu. Mr. Tseu is the director and general manager of 42six. 42six develops big data and mobility software for CSC’s North American public sector. Mr. Tseu has over 15 years in the field applying cutting edge technology in mission critical environments in the areospace and defense industry.

To register for either (or both) webinars, simply click on the following link and fill in the following information:

  • Name
  • Email address
  • University currently attending/attended
  • Graduation year

Click Here to Register!

Resume Tips for Students Seeking IT Security Jobs or Internships

Leave a reply

On February 6, 2015, the Top Secret Colonials sponsored an IT Resume Writing Lecture.  This lecture was given by Al Wong of The MITRE Corporation.  The talk featured specific tips related to resume writing and interviewing for IT Security positions.  If you are planning to be in the job market for a security-related position, take a few minutes to review the slides from this lecture:

Resumes That Get You in the Door (PDF)

Sponsored by The Top Secret Colonials