A very good article on NOVA’s site about a recent visit by NOVA students to DHS’ NCCIC. http://www.nvcc.edu/news/featured-articles/cybersecurity-tour.html
NOVA is participating with the development of the Virginia Cyber Range. The Range will expand cybersecurity competitions for Virginia cyber students, and will also host exercises and labs.
The Commonwealth of Virginia is taking an important step to develop the workforce needed to keep data and systems safe from cyber threats.
Working with eight other public institutions of higher education across Virginia, Virginia Tech is leading an effort to create a state-of-the-art platform for cybersecurity education. The Virginia Cyber Range will provide advanced cybersecurity training exercises for high-school and college students, revolutionize cybersecurity education within the commonwealth, and position Virginia to become a leading source of critical cybersecurity expertise for the nation.
As online attacks on financial, research, and consumer data become more sophisticated and unpredictable, the need for leaders and innovators in the field of cybersecurity becomes ever more urgent. “Cybersecurity is a key driver for the New Virginia Economy and we must ensure that Virginia has a pipeline of industry-ready cyber talent if we are going to be competitive,” said Virginia Gov. Terry McAuliffe, speaking at the Virginia Cyber Physical Systems Summit in Newport News, Virginia. “The Virginia Cyber Range provides a cutting-edge environment where students can hone their cyber skills.”
The Virginia Cyber Range will work to produce more well-prepared graduates to enter the cybersecurity workforce. The project’s initial focus will be on serving community colleges and four-year institutions with offerings that will include modules for use in college courses, laboratory exercises and projects, and realistic tactical cybersecurity trials that can supplement existing courses. Students will gain knowledge of digital forensics, network defense, how to secure critical infrastructure and the “internet of things,” malware detection, usability and privacy issues, and secure coding practices. The project is expected to evolve to also serve K-12 students and other groups within the commonwealth.
The Cyber Range will largely operate as a virtual center. Offerings will be crafted and hosted in the “cloud,” where they can be accessed by participating schools and agencies. This approach will allow for easy customization, scalability, and responsiveness, while minimizing costs.
The Virginia Cyber Range brings together faculty from George Mason University, James Madison University, Longwood University, Norfolk State University, Virginia Tech, and Radford University, as well as faculty from Lord Fairfax Community College, Northern Virginia Community College, and Tidewater Community College. These institutions were selected based on their federal designation as centers of academic excellence in cybersecurity or digital forensics.
Virginia Cyber Range Director David Raymond said, “We are excited to build an innovative, statewide resource that will be a game-changer for cybersecurity education across the commonwealth. I am honored to work with the partner institutions to chart the way forward for this important project.” Virginia Tech’s IT Security Office is coordinating the development and use of the range platform.
“It is exciting to see the Virginia Cyber Centers of Excellence come together to create a hands-on cyber training environment that will enable students across the commonwealth to obtain the skills they need to move directly into the workforce,” said Karen Jackson, Virginia’s secretary of technology.
A demonstration of cyber-range capabilities was provided at the Virginia Cyber Physical Systems Summit. The Virginia Cyber Range will offer a limited number of classes beginning in January 2017.
Northern Virginia Community College Academic Team CMYK finished second place in the inaugural Black T-Shirt Cyber Forensics Challenge. The 2016 challenge opened January 1, winners were announced May 8, and more than 900 teams registered to compete as academic, corporate or individual teams.
The challenge consisted of nine forensic images and one packet capture file. Contestants received a scoring list and general guidelines to determine whether or not data exfiltration occurred. Any forensic tools were allowed for use to investigate and report findings.
“It was a great moment to associate a particularly guilty IP with an exfiltration protocol,” said Amy Thomas of the Alexandria campus. “Wireshark tutorials from my classes taught me to configure effective searches.”
Immanuel Silva of the Annandale campus said the challenge was a wonderful experience. “It simulated a refreshingly realistic environment for forensic analysis,” he said.
Silva also dropped passwords with ease. “I really enjoy the offensive side of cyber, so I had a great time cracking passwords and using unorthodox methods to establish a thorough forensic report of the incident. Amy would always roll her eyes when I’d say this, but there’s nothing better than grabbing a pair of creds.”
Thomas rolls eyes. “I was resting my eyes! We spent more than 200 hours on this,” she said. Thomas admitted to recovering the first password.
Prior to this challenge, both students had enrolled in Computer Forensics and had competed in the National Cyber League as a multi-school team. “That’s where I learned there’s an art to team play,” said Thomas. “I had to learn tools quickly, share relevant finds, and cultivate skills complementary to others.”
“The word ‘competition’ can be intimidating to many,” said Silva. “One of the most important things I’ve learned in my life is to stop worrying about whether you’re better or worse than somebody else; worry about being better than you. As long you continue to put energy into something, you’re only going to improve.”
The teammates agreed that continuous improvement, through competitions and academics, was crucial for success in the cyber field. Thomas graduates from NOVA this semester and is under consideration for positions in network engineering and security analysis. She’d like to complete her Master’s in Education in conjunction with the cyber security field. Silva will graduate from NOVA in the fall and will continue his B.A.S. in cyber at George Mason University, with the ultimate goal of a M.S. in Information Security Assurance at GMU.
Check out the great article on our Cybersecurity program and two of our students!
National Cyber League Spring Season is Open!!!
Spring Season starts May 2nd and runs through June 30th. The NCL Spring Season includes select challenges in the NCL Stadium that will test players in a wide-range of knowledge and skills. In addition, the Spring Season will PREPARE faculty and students for full-scale NCL PLAY in the fall. DO IT!!!
The Cost is only $10 per student.
NOVA’s Hackathon at the Woodbridge Campus this past weekend made the news at http://www.nbcwashington.com/news/local/College-High-School-Students-12-Hour-Hackathon-in-Virginia-375083831.html !!!
Congratulations to NOVA’s two teams competing in the National Cyber League this year: Team Motley Crew placed 5th with 5610 points in the Pewter League and Team H3x4tt@c|< placed 12th in the Silver League with 7600 points. Both teams finished before schools with strong cyber programs such as UMBC and Bowie State, demonstrating the impressive competencies of NOVA cyber students. Students had to solve challenges relating to the following:
- Open Source Intelligence
- Network Traffic Analysis
- Log Analysis
- Scanning & Reconnaissance
- Wireless Access Exploitation
- Password Cracking
- Web Application Exploitation
- Enumeration & Exploitation
Way to go teams!!!
Two-hundred-ninety attendees packed the new Regional Center for Workforce Education and Training (RCWET) Wednesday at Northern Virginia Community College’s Woodbridge Campus. The day-long “Commonwealth Conference on Cyber and Education,” drew legislators, educators and corporate technology experts from throughout Virginia.
Among the noted guests were Karen Jackson, Virginia’s Secretary of Technology and co-chair of the Commonwealth Cyber Commission; Richard Clarke, CEO of Good Harbor Security Risk Management, co-chair of the Commonwealth Cyber Commission; Virginia Sen. Mark Warner and Virginia Governor Terry McAuliffe.
Sen. Warner told attendees that it is necessary to capitalize on an era where there are two Virginia senators and a Virginia governor who get along and work together. We must collaborate to work well with state and federal resources, he said. Warner noted the material cybersecurity threat is as great a threat as any other we face in the world. He said there are two kinds of businesses—those that know they have been hacked and those who don’t know it but were.
“We must do three things,” Warner said, “We must focus on the pipeline of talent into public and private sector partnerships. Once in the field, we need to create ways to move back and forth between public and private sector at various points in a person’s career. Finally, we need to concentrate on innovation and create centers for private innovation.”
Following two panels on filling the cyber talent pipeline from the private sector and federal perspectives and a panel outlining the need for educational institutions to become “Cyber Center for Excellence” certified, Governor Terry McAuliffe took to the podium.
McAuliffe said he wants to make Virginia the global leader in cybersecurity. Virginia is currently second to California, and he does not like to be second.
“My slogan is ‘Building a New Virginia economy,’” he said. “I am dead set on making Virginia the leader in cybersecurity.”
McAuliffe said that he will release his two-year budget on Dec. 17. In that budget he is proposing funding for cyber professors and academic chairs as well as for student scholarships. If his budget is approved, Virginia will pay for two years of community college for those focusing on cybersecurity, as long as they promise to give back two years to the state after graduation.
McAuliffe noted that NOVA was the first two-year community college to become a Cyber Center of Excellence in 2011, and that Lord Fairfax, who received their designation last month, was the second. McAuliffe wants all 23 VCCS schools to hold this important distinction.
NOVA takes very seriously its responsibility to train highly-qualified graduates to enter the high-tech workforce in this region.
NOVA developed the first AAS Cybersecurity degree in the Commonwealth, one that is hard-skills based with 49 IT/Cyber credits, but it transfers in full to six partner institutions. Within one year of offering this degree program, NOVA had more than 500 students enrolled.
Also, McAuliffe’s budget calls to stand up a cyber range. There will be one virtual platform for all our institutions to use, and educational institutions will be learning from business and government.
NOVA is developing these “Cyber Range” capabilities that will allow us to provide real-time, simulations of network attacks to train students to recognize and defend assets, as well as assess and certify hard skills competencies. Students in NOVA’s cyberlab will use specialized software installed on a closed network, allowing them to practice “safe hacking” to learn how criminals think and work.
McAuliffe ended his remarks by exhorting educators, “Change your curriculum to meet what we need today. Not what we needed ten or twenty years ago,” he said. “Government cyber assets need to come to Virginia. Will there be workers once they send their assets here?”
Just as Gov. McAuliffe is unwilling to settle for second, NOVA’s goal is to be recognized as the number one cyber community college in the nation.
According to NOVA’s new president, Dr. Scott Ralls, “We will do this through our state-of-the-art facilities, like the Regional Center for Workforce Education and Training; through our exceptionally strong university, state, federal and corporate partners; and through our faculty, staff and students who make NOVA the innovation center of this region.”
Important cybersecurity/IA journals and readings have been compiled by faculty for students in our program. Many of these encourage student membership and submissions. Some recommended resources include:
Dark Reading – http://www.darkreading.com/ – One of the most widely-used resources among cybersecurity professionals.
National Cybersecurity Institute Journal – http://www.nationalcybersecurityinstitute.org/publications/journal/ – maintains a focus on cyber education and workforce development
IAPP Daily Dashboard – https://privacyassociation.org/news/daily-dashboard/ If you are interested in privacy, this is your site. Subscribe and have daily newsletters of what is happing nationally, as well as internationally.
International Journal of Cyber-Security and Digital Forensics – http://sdiwc.net/security-journal/ is a knowledge resource for practitioners, scientists, and researchers among others working in various fields of Cyber Security, Privacy, Trust, Digital Forensics, Hacking, and Cyber Warfare
Additionally, students are encouraged to obtain student memberships (at considerably discounted prices) from (ISC)2, ISSA-NOVA, ACM, and IEEE – all of which provide access to members to their libraries.