Funded by the NSA through the NCAE-C program, the mission of the National Cybersecurity Curriculum Task Force is to catalog and create high-quality and relevant curricula on emerging cybersecurity topics, mapping to curricular and workforce guidelines, and make them freely available. The mission is being accomplished with the following goals: (1) Conduct a comprehensive search of available curricula in cybersecurity repositories, directories, and among the community. (2) Perform gap analysis to identify high-need areas to create a cyber-ready workforce. (3) Develop high-impact, high-value curricula for the community. In its second year, this project has iterated through the three goals in one cycle already, and a second cycle is in progress. This lightning talk will share the results of the project so far, point the audience to where they can find vetted cybersecurity curriculum materials, and offer opportunities to contribute to the project.

Miami Dade College has made strides in increasing the number of underrepresented minorities in the field of cybersecurity. MDC provides stackable programs, certifications, professional development, and other initiatives to help students come to our programs, graduate, and get a career. 

Community outreach is essential for building relationships between the community, potential students, and the college. Increasing visibility in the local area helps to attract more students, donors, and industry partnerships. A successful outreach program can help a college to connect with people from diverse backgrounds and promote a culture of inclusion. It can also help to create a more welcoming and supportive environment for all students and staff. A solid outreach program should provide education and training opportunities, foster mentorship and networking relationships, and raise awareness about the benefits of diversity in the industry. Cybersecurity Awareness Month, International Day of the Girl, and International Women's Day are great opportunities to host events to increase awareness and excitement for women in cybersecurity. This session will explore strategies and showcase successful events that provide opportunities and cybersecurity awareness for students in grades 6-12.

This mini workshop will start with a short presentation to provide latest statistics on the cybersecurity workforce challenge, followed by a discussion about the nationwide demand and open positions for academically qualified cybersecurity faculty, both full-time and adjunct. Then, an interactive workshop will be provided where the audience will collaboratively share their own stories regarding the recruitment of academically qualified faculty members at their institution. The information gathered in this workshop will aid us in collecting additional information, to be collected in an anonymous process, in order to provide initial empirical evidence to further understand if this is one of the critical factors causing the bottleneck affecting the national cybersecurity workforce challenge. During the mini workshop part of this session, participants will be asked to answer anonymously relevant questions in a gamified process. Final results will be presented at the end of the mini workshop with the participants.

RING (Regions Investing in the Next Generation) is a free online high school cybersecurity course that offers interesting and engaging content specifically for rural students, homeschool students, and students attending schools without an existing cybersecurity program. RING is structured for high school students, grades 9-12. The curriculum has been developed through the National Security Agency’s RING program grant to The University of Alabama in Huntsville (UAH). University of Hawaii Maui College is part of a coalition of colleges across the US, supported by funds from the NSA, to teach RING to high school teachers and students. The objective of this presentation is to: 1. Provide a Course Overview of RING 2. Outline the Key Concepts of RING 3. Demonstrate a Sample Lesson - Establishing Trust, Caesar Cipher and Steganography The audience will learn about the core modules in RING, how it applies to students who are new to cybersecurity, and how RING can be an inclusive and friendly space for newcomers to learn about cybersecurity. The presentation will provide live examples from the RING curriculum using the Canvas learning module system. The audience will also benefit from a pathway that extends the learning from RING to more advanced topics in networking and computer security. The presentation will provide a sample lesson plan for teachers, that has been created by high school teachers in Hawaii, to demonstrate how RING can be taught to high school students. 

To aid organizations in finding relevant skills, organizations must first identify what skills they are really looking for. These needs must be conveyed in a format that job seekers can easily identify. A model exists to allow organizations to better identify what and why skills are needed from potential employees. Job seekers need to better categorize their skills based upon recognized components of cybersecurity not the general blanket term "cybersecurity". The Maconachy, Schou, and Ragsdale Information Assurance (IA) Model, though one of the oldest models, provides framework guidance for both job seekers and organizations. A modern breakout and explanation of the model allows both employer and job seeker to convey their skills and job requirements to facilitate filling of existing and future cybersecurity or component level security positions.

Audience engagement is a key challenge associated with Cybersecurity education. Gamification - where elements of competition, unpredictability, and active participation are leveraged to increase interest and motivate learner engagement - is a new frontier for academic research and investment. In this presentation, we demonstrate how a gamified “virtual escape room” challenge can be used to create an interesting, exciting, and memorable cybersecurity learning experience. 

This presentation describes how the team of Strayer University student coders won 5th place out of over 400 participating schools in the 2022 NSA Codebreaker Challenge, a hyper-authentic learning experience in which teams from across the country compete to develop successful defenses to real-time cybersecurity threats. Lessons are drawn into how students from non-traditional and underserved communities can overcome key challenges to developing the coding, engineering, strategic planning, and problem-solving skillsets needed for today’s IT workplace. Topics of focus include Strayer’s practices for recruiting, coaching, and forging a strong esprit de corps for the codebreaker team, using real-world collaboration tools designed to build camaraderie and group ownership. Insights are also offered into how students mastered applying the advanced technical skills demanded by the high level of difficulty the Codebreaker Challenge entails, including complex techniques for reverse engineering, malicious code obfuscation, cryptography, and infrastructure penetration testing.

This presentation will share the conceptual framework for a new resource under development for the CAE Community: a competitions roadmap. The goal for the roadmap is to move beyond a traditional list and visually render everything CAE faculty and students need to know about the competitions available to enable selection of the most appropriate competition for them. This presentation will share a prototype and solicit ideas and input for the first production release.

Professional organizations are defined as a group that furthers a particular profession, those engaged in that profession, and the public interest. As part of furthering the profession, many professional associations have created programs to perform outreach to colleges and universities. Faculty and student clubs can benefit from connecting with their local chapters of the major professional associations, such as ISACA, ISSA, and ISC2. This presentation will share the benefits of professional associations, programs available to higher education, and how to connect your student clubs to the professional association.

The need for cybersecurity workers is clear. With a documented current shortage of cybersecurity workers in the U.S. identified as over 300,000 openings, the need to attract, and retain more future cybersecurity workers could not be more clear. Many efforts have been created to address this need and have had clear positive results. These include the use of summer camps and competitions to increase interest in the field, reaching out to underrepresented populations to help fill the need, and providing scholarships and using shared curriculum to help students through their educational pathway. Davenport University, through the implementation of an NSF CyberCorps®: Scholarship for Service (SFS) grant, has implemented a systems based approach to identify and align these previous efforts that address the cybersecurity pathway. Through the development of a Community Based Life Cycle (CBLC) framework, this approach is centered around mentoring (using both professional mentoring and peer-mentoring) and the use of Cascade Advising, with the intention to both increase students in the cybersecurity pathway, but also to help retain students’ interest in cybersecurity. This presentation will report on our findings after four years of implementation.      

The latest advancements in generative AI have created both beneficial and harmful opportunities. Novice attackers can now quickly develop multiple variations of malware to evade anti-malware detection tools and can even use advanced technology like ChatGPT to create harmful programs from scratch. Generative AI tools can easily produce human-like content, such as speech and text, to create phishing emails and social engineering attacks. This poses a significant challenge for existing phishing email detection systems, as generative AI can produce countless variations of phishing emails with almost no distinguishable features that are often used by detection engines. Furthermore, sophisticated social engineering attacks are now possible by mimicking the voice of a real human being to deceive people using AI models. This is particularly concerning for the creation of convincing deepfake videos, as well as the generation of fake news and social media posts. Accordingly, the cybersecurity community must adapt to the use of generative AI technology with great caution, using rigorous knowledge and countermeasures to prevent potential security breaches by adversaries. Generative AI has the potential to impact cybersecurity education in various ways, particularly in the creation of realistic training datasets for cybersecurity professionals that mimics real-world cyber threats, allowing cybersecurity professionals to practice identifying and responding to these threats in a secure and controlled environment. Furthermore, generative AI can be utilized to develop more engaging and interactive cybersecurity training materials such as virtual simulations and games to provide learners with an immersive and dynamic learning experience. Overall, generative AI has the potential to significantly enhance cybersecurity education by providing more realistic training datasets and more engaging learning experiences. The primary focus of this talk is on the impact of generative AI on cybersecu-
rity, as well as its influence on cybersecurity education.

Cybersecurity competency is essential for securing jobs in federal agencies and industries. To ensure students are prepared for the workforce, universities should emphasize work skill readiness. This research proposes using large language models (LLMs) like Chat-GPT to extract skills from course materials and job postings. The extracted skills can then be cross-referenced with grades received to select the perfect candidate for a given task. Compared to other LLMs, Chat-GPT meets several important requirements such as speed, low cost, frequent updates, and robust APIs. The algorithm for skill extraction has salient features like segmenting longer assignments into chunks, inputting relevant categories of skills to increase the quantity and relevance of extracted skills, managing verbosity, and instructing the LLM to expand or summarize the skills. The more times a document is segmented, the more skills will be listed in the final aggregate list. However, both assignments and job postings are susceptible to tunnel vision with excessive segmentation. Furthermore, supplying stop words to the LLM is possible and can prevent unnecessary NLP pipelines. The findings suggest that there is a valuable middle ground when it comes to segmentation, and if assignments and job postings are segmented by questions and job requirements, it may be possible to extract a high number of quality skills without becoming a victim of tunnel vision. With the release of GPT4 next month, it will be possible to extract skills from recorded lectures, graphs, figures, and audio recordings such as phone interviews with prospective candidates. Overall, the results are promising, with thousands of extracted skills across hundreds of assignments and job postings, averaging 21 extracted skills per job posting and 25 extracted skills per assignment. The method provides both flexibility and comprehensiveness. For instance, we can specify that we want soft skills as well as hard skills, and the LLM provides such a curated list. LLMs have the potential to transform traditional natural language pipelines, and we have an exciting opportunity to take advantage of this technology.

According to Cyberseek.org, there are currently 700,000+ cybersecurity position vacancies in the US. AccessCyber reports reviewing 10,584 cybersecurity job postings and states “Cybersecurity Hiring is Broken” and employers seeking “unicorn” candidates is identified as one cause of the problem. In reviewing position vacancies, half of the vacancies are within the NICE Oversee and Govern (OS&G) category. OS&G requires cybersecurity knowledge and skills, as well as strong business acumen. Many of the OS&G positions including cyber policy and strategy, curriculum developer, program manager, and legal advisor are in Governance, Risk and Compliance (GRC) departments. GRC executives job requirements include cybersecurity foundations, critical thinking and problem solving, risk management, compliance and legal, communications, and a passion for continuous learning. Universities designated as NSA Centers of Academic Excellence in Cyber Defense (CAE-CD) can provide remedies for the broken cybersecurity hiring process. First, utilizing an advisory board in developing cybersecurity course programs and job descriptions followed by an alignment of job descriptions to job skills could reduce vacancies and positions filled by CAE-CD students or alumni. In an interview with the Wall Street Journal, Dr. Sandra Blanke from the University of Dallas noted position descriptions typically list more job skills than are actually needed. Managers know the candidate they hire will have only some of the skills requested. Employers could consider candidates with many of the job skills and the passion for continuous learning. Hiring managers and school career services should be encouraged to work together to write job descriptions for the required knowledge areas only, not looking for “unicorn” candidates. Universities can use student and alumni “spotlights” to show hiring managers their students’ qualifications and successes. Finally, the inexperienced cybersecurity candidate should apply for positions if they meet a number of the skills listed on the job description.

The landscape of cybersecurity is constantly changing. The Business and Industry Leadership Team (BILT) helps keep programs current on trends and helps schools keep programs current on what candidates will encounter in the field. This presentation highlights how Metropolitan Community College in Omaha uses the BILT.     

Corporate Collaboration in Curriculum Design and Development. Background: The Cybersecurity Highschool Innovations collaboration with Blue Origin started with a tour for 40 high school teachers and academic faculty. This collaboration resulted in the development of an award-winning industry designed curriculum. In this 20-minute workshop, every participant completes a customized form to develop an outreach strategy with business(es) in their area to support employer outreach/workforce development activities. The interactive workshop, using the steps below, provides participants a workable plan to implement outreach or customize an existing industry developed curriculum, Phishing: Blue Origin in CLARK. This fast-paced workshop provides: Step 1: Develop a strategy to approach businesses. Step 2: Engage in education and business collaboration activities to enhance workforce development. Step 3: Access the Blue Origin “Phishing Curriculum” in CLARK, a 10-module curriculum which is the results of Step 1 and Step 2 activities associated with the NSA funded Cybersecurity Highschool Innovations (CHI) grant. Learn how one program customized this industry developed curriculum. Step 4: Create a timeline with actionable steps. Step 5: Send form to participant’s email with a reminder date to ensure items are executed on schedule. Workshop presenters recommend participants come to the workshop with names of two or three business contacts, a laptop, a Gmail account, and nimble fingers to access CLARK, and a collaborative mindset.

This session will discuss a large-scale, multi-million-dollar project that is funded by the DoD-NDEP, one of only five national cooperative agreements funded in September 2022. This project focuses on the establishment of a vibrant, collaborative consortium of six community colleges (CCs), led by a four-year institution, all working together to enhance STEM education across Pennsylvania with special emphasis on cybersecurity. The main objectives of the consortium are: increase certificate completion rates, increase transfer rates to 4-year institutions, and increase student interest in employment in the DoD and DIB workforce. The major factor that contributes to our ability to successfully establish a truly collaborative consortium is the experience gained by the Lead Organization (LO) over many years working with various community colleges, technical institutes, and K-12 schools across PA to enhance cybersecurity education. The project started with the identification of specific challenges that participating CCs face, particularly those that obstruct their abilities to achieve the projects’ three main objectives. Identified challenges include effective marketing/recruitment, retention, cost of obtaining certifications, community awareness of existing opportunities and career paths, among others. To address these challenges, our group proposed a set of innovative initiatives and is currently implementing them. Some of the proposed initiatives are managed centrally at the LO to maximize efficiency, minimize needed resources, and promote collaboration, while others are being implemented locally at each of the participating CCs to address local challenges and target specific audiences at each institution. Examples of central services include soft-skill tutoring, assessment, and faculty professional development programs. Examples of local services include mentorship, certificate training, tutoring, K-12 outreach, summer activities, and course alignments to support seamless transition from 2YIs to 4YIs. The session will acquaint the audience with the project and share lessons learnt and will be delivered using multi-modal learning approaches to promote audience engagement.
 

Playable Case Studies (PCSs) are interactive simulations that allow students to play through an authentic case study (i.e., scenario) as a member of a professional team. They include (a) an immersive, simulated online environment, and (b) accompanying in-class activities and discussions facilitated by a teacher to provide educational scaffolding and metacognition. PCSs are designed to be authentic and feel real by incorporating the "This is Not a Game" (TINAG) ethos from Alternate Reality Games. This workshop will introduce two cybersecurity focused PCSs: 1) Cybermatics, where students join a fictional company (Cybermatics) to perform a penetration test of Riptech.xyz, helping identify vulnerabilities and uncover a hacker who has burrowed into their site, while complying with ethical practices, and 2) Bronze Falls, where students work in teams of four to protect the city (Bronze Falls) by performing a cybersecurity risk analysis, responding to a live cyberattack, and completing an after-action attribution report. We will also briefly mention the "Playable Case Study Authoring and Simulation Platform" that allows collaborators to create their own PCSs without any coding.  

The purpose of this session is to share best practices for educators to utilize cyber competitions with their students to build technical skills and demonstrate job-readiness to employers. While demand for cybersecurity talent is only increasing, students may still encounter difficulty in obtaining entry-level jobs. Many cybersecurity roles require multiple years of experience, which has led to employers being inundated with candidates for true entry-level jobs. This daunting challenge of evaluating candidates results in recruiters and hiring managers spending limited time considering each candidate, making it vital for students to provide evidence of their capabilities that are easily understood by talent acquisition teams. During this presentation, we will be discussing how the design of cyber competitions can be tailored to allow students to apply concepts they have gained from academic learning to real-world problems to reinforce their learning and demonstrate capabilities to employers. The impact of these experiences are captured in performance reports that are mapped to the NICE Framework and the NICE work roles to help students identify possible career paths and provide evidence of job-readiness to hiring managers. We will provide a demo of the cyber competition platform and will walk through the reporting that is provided to students and share examples of how students have been utilizing these reports to help them during the job application process. 

The NSF-ATE funded Cyberpreneurship project at Riverside City College is a cross-discipline effort to train cybersecurity entrepreneurs. The goal is to address the small to mid-sized businesses that make up over 40% of the breaches that occur but have no IT/Cybersecurity team or professional support. Students will gain knowledge, skills and abilities in cybersecurity and entrepreneurship. This will equip them to provide managed services, audits and other cyber/IT and automation services to those organizations. There is a lot of promotion and talk about the over 750,000 open jobs in the cybersecurity workforce. However, this does not account for the large number of small to mid-sized businesses that do not have anyone defending their systems that need to contract outside assistance to make them secure. 

Surveys indicate a vast majority of employers require prior experience in their cybersecurity hiring efforts. This presents a majority of our current learner community with a quandary as they attempt to enter the workforce. Solid knowledge development (via degrees and certifications) is not enough. Simulation-based skill development (via ranges and CTF events) is not a replacement for the real-world experience needed by our employer partners. It is on the CAE community to lead the way in the creation of a "Ready for Work" workforce by making adjustments to how literal real-world experiential learning can be incorporated into our academic efforts. This talk will present multiple possibilities that have been incorporated into Boise State University’s Institute for Pervasive Cybersecurity for enabling competency development into our programs so that learners can show employers they are “Ready for Work.” We also hope, through this presentation, to begin further collaboration within the CAE community on expanding these efforts nationwide. 

The proposed tool will provide users with a platform to access a side-by-side comparison of classroom assessment and job posting requirements. Using techniques and methodologies from NLP, machine learning, data analysis, and data mining, the employed algorithm analyzes job postings and classroom assessments, extracts and classifies skill units within, then compares sets of skills from different input volumes. This effectively provides a predicted alignment between academic and career sources, both federal and industrial. The compilation of tool results indicates an overall accuracy score of 82%, and an alignment score of only 75.5% between the input assessments and overall job postings. These results describe that the 50 UNT assessments and 5,000 industry and federal job postings examined, demonstrate a compatibility (alignment) of 75.5%; and, that this measure was calculated using a tool operating at an 82% precision rate.

This Lightning Talk will discuss how the Information Technology department at Johnson County Community College (JCCC) developed and maintains a K-12 pathway with a large local district, Blue Valley Schools. Now in its second year, the pathway provides students the opportunity to complete the JCCC Cybersecurity Certificate program tuition-free alongside their high school education. Successful students will receive both their diploma and the Cybersecurity Certificate upon graduation from high school. This session will discuss: • Building the pathway • Recruiting students into the program • Managing opportunities and challenges      

The Cybersecurity Maturity Model Certification (CMMC) is becoming an integral part of the cybersecurity ecosystem, with its emphasis on supply chain security. Undergraduate students may benefit from being introduced to the CMMC model early in their cybersecurity training. This presentation will explore what CMMC is, the United States government foundation for this certification, and how best to present this to undergraduate students. The presentation will also explore what preparation an undergraduate student needs in cybersecurity to properly understand and implement the principles offered by CMMC. Presenting this information to graduate students may also prove beneficial; however, the emphasis and focus for this presentation will be undergraduate students.    

Cybersecurity student development programs are initiatives designed to help students in higher learning institutions develop the skills and competencies necessary to succeed academically, professionally, and personally. These programs aim to provide students with opportunities to engage in activities and experiences that foster growth and development inside and outside the classroom. The goal is to help students become well-rounded individuals with the knowledge and skills necessary to navigate the challenges of college and the world beyond. These programs typically involve various components, such as academic support, career development, leadership training, social engagement, and community service. The programs help students improve their study skills, time management, and academic performance. Career development programs assist students in identifying their interests, strengths, and career goals and provide guidance and resources to succeed in cybersecurity. Leadership training programs help students develop the skills and knowledge necessary to become influential leaders on campus and in the workforce. Social engagement programs allow students to connect with others and build relationships, while community service programs encourage students to give back to their communities. College student development programs have numerous benefits. Students who participate in these programs are more likely to graduate on time, find employment after graduation, and become active and engaged members of their communities. They are also more likely to have a positive college experience, with higher satisfaction, engagement, and retention levels. Finally, college student development programs are essential to career success, providing students with the knowledge, skills, and experiences necessary to succeed in college and beyond. Student development programs should be a priority for colleges and universities, with continued investment and expansion that ensures all students have access to these crucial resources. 

THIS PROJECT ADDRESSES the problem of securing autonomous underwater vehicle (AUV) swarm missions. GOALS: G1. Establish secure and resilient underwater communications channels for AUV by using underwater mobile ad hoc networks (uMANET). G2. Determine what formations or behaviors the swarm should adopt for a given mission, and design communication protocols that effectively maintain the swarm in the desired formation. G3. Explore alternative methods by which a swarm can know its location with respect to a global grid (localization) and operate in an environment populated with fixed or moving obstacles. Different types of AUV missions are considered, including mine countermeasures (MCM), intelligence, surveillance and reconnaissance (ISR), and localization (independent or in collaboration with GPS surface vehicles). This work builds on the PI?s background in information security and ad hoc networks (e.g.,, A secure and efficient conference key distribution system, 1994; Securing multipath communication in MANET, 2004; On the security of route discovery in MANET, 2009; Strengthening privacy protection in VANET, 2008; Challenges of securing and defending unmanned aerial vehicles, 2020). CNSSP-28 is a policy document for Unmanned Autonomous Systems that operate in all physical environments and support diverse and complex missions. For our protocols, security is reduced to CNSSP-28 compliance. UNDERWATER SWARM ROBOTICS is a complex field that combines a number of research areas, such as underwater propulsion/sensors/localization/communication, swarm control (centralized/decentralized) and swarm intelligence (based on the collective behavior of self-organized systems), to solve mission planning optimization algorithms. Swarm algorithms are often based on the behavior of animals (e.g., Particle Swarm Optimization (PSO) can be visualized as the behavior of a flock of birds) and minimize the required communication between interacting parties to achieve a specific objective. Whether, or to what extent, any of these algorithms may apply to the needs of Navy missions involving AUV swarms has yet to be determined. What is certain is that new algorithms need to be devised for AUV motion control and decision-making. In particular, AUV should implement self-organizing controllers that adapt to the environment (e.g., by using Neural Networks for learning and Self Organizing Maps for control). This is particularly challenging because of the security/resiliency requirements of Navy missions.
 

This session will highlight the NCAE-C Cybersecurity Credit Transfer Agreement (CTA) Task, funded as part of the NCAE-C Careers Preparation National Center, to address the challenges in meeting the future cybersecurity workforce development. An overarching goal is to establish a database of credit transfer agreements among NCAE-C designated CAE cybersecurity programs and K12 schools. To achieve this goal, the CTA taskforce will compile the set of the K12 cybersecurity credit transfer agreements between secondary education schools and the NCAE-C designated higher education institutions, and facilitate the development of the cybersecurity credit transfer agreements between NCAE-C designated higher education institutions and secondary education schools. The CTA taskforce, jointly led by Purdue University Northwest and Forsyth Tech Community College, and partnered with Dakota State University, has launched the CTA status data collection and CTA development promotion. The taskforce has investigated the challenges and opportunities of K12 cybersecurity credit transfer mechanisms, examined the advantages and limitations of various CTAs, developed approaches and mechanisms to collect CTA status data and promote CTA development. Experiences and lessons learned will be shared through CTA development cases at Purdue University Northwest and Dakota State University. A call for action will be promoted to the CAE community for CTA survey distribution and response, and CTA development.

The Jumpstart Program brings together a large local employer and the College of Southern Nevada (CSN) to enhance employment opportunities for both CSN and local high school students. It also assists the employer to meet the hiring needs in hard-to-find technical areas. Students that are part of the program that finish the required six (6) courses are guaranteed a job interview with the employer. This type of program has been successful with one program/employer and is now being expanded to additional programs and employers. The presentation will include the development and implementation techniques used to implement and expand this successful program.

PACE (Pathway to Advancement in Cybersecurity Education) is a guided Cybersecurity pathway that introduces dual enrollment college courses as early as 9th grade with multiple educational and employment exit points. PACE was funded for the last three years by a grant from the NSF-ATE. In this presentation we will summarize PACE outcomes and identify best practices for establishing a strong pathway program.  

In this talk, we will present an overview of three projects stemming from our NSF-funded effort on engaged pedagogy for advanced cybersecurity education (NSF-DGE #1947295), namely: (i) DISSAV: Dynamic Interactive Stack Smashing Attack Visualization, a program visualization tool for teaching stack smashing attacks. DISSAV is a web-based application built with ReactJS; DISSAV provides a simulated attack scenario that guides the user through a three-part stack smashing attack. Our tool allows the user to create a program, construct a payload for it, and execute the program to simulate an attack scenario. (ii) a suite of four guided-learning activities that help students with foundational concepts for learning stack smashing attacks and defenses, for e.g., command-line parameters in C, buffer overflows in C, process memory layout, stack canaries and address space layout randomization. The activities are written in the Process Oriented Guided Inquiry Learning (POGIL) style - students explore learning models that depict relevant information, then proceed to invent key concepts emerging from those models, and finally apply the concepts they invent to solve a given problem; and (iii) Criminal Investigations, a gamified, scalable web-based framework for teaching and assessing Internet-of-Things (IoT) security skills. Criminal Investigations is packaged as a series of stackable IoT security activities; the current version is a web application that uses React for the front-end development and Python for the back-end, and is deployed on a university server. Criminal Investigations promotes student engagement and learning by incorporating gamification concepts such as storytelling, experience points, just-in-time learning content delivery and checkpoints into activity design. All three projects have been deployed at undergraduate courses at UNC Charlotte, and we will briefly discuss our deployment and data analysis efforts.
 

Artificial intelligence (AI) is rapidly changing the world, and education and cybersecurity are no exception. AI is used to develop new tools and techniques for securing networks, improving risk management, and addressing new threats, and it can be used to enhance classroom instruction and assessments. While AI can be intimidating, it has a valuable place where our students are headed when they transition to the workplace. This presentation will explore the impact of AI on education and begins with a question posed to two AI platforms, "is AI disrupting education?" Then, hear a summary of the findings of a study that examined student usage of AI tools such as ChatGPT and their ability to mimic student submissions. The attendees can also play along, guessing if the submission is AI or a student. The presenter will summarize the potential for AI integration into education and how cybersecurity instruction must incorporate AI tools and resources to prepare students for their careers better. Finally, the presenter will summarize strategies and ideas where educators must go by providing a mind-blowing suggestion that would make Darwin happy! The focus is on providing the students with a different and hopefully better educational experience.
 

Traditional programming courses have relied on students learning coding syntax from examples and other textbook sources. As students learn to write code, they become proficient in the syntax, logic, debugging and documenting their code. ChatGPT is a revolutionary method that allows students to generate new code, fix bugs and errors and assist in the writing and learning of programming languages and computational concepts.  This session provides an outline of the application of ChatGPT is a server-side programming class at the University of Hawaii Maui College in the Spring semester of 2023. This session will cover the following topics 

1. Overview of ChatGPT  
2. Introduction to Conversational Model in a Programming Course
3. Techniques to learn programming using ChatGPT  

The session will provide the participants with an overview of how ChatGPT can be used as an assistive tool in the 
classroom, with examples of how it has been used in a programming course to help students learn to code. The session will provide examples of how the risks of plagiarism and cheating can be minimized using ChatGPT. Finally, the session will provide the participant with code samples and examples about how this new tool can be included in their own classroom. While this session focuses on the application of ChatGPT on a programming course, the lessons from this session can be applied to other courses in various disciplines unrelated to programming or technology.

Call for proposals: Curriculum Development

Recon Survey Favorite Free Curriculum

Funded by the NSA through the NCAE-C program, the mission of the National Cybersecurity Curriculum Task Force is to catalog and create high-quality and relevant curricula on emerging cybersecurity topics, mapping to curricular and workforce guidelines, and make them freely available. The mission is being accomplished with the following goals: (1) Conduct a comprehensive search of available curricula in cybersecurity repositories, directories, and among the community. (2) Perform gap analysis to identify high-need areas to create a cyber-ready workforce. (3) Develop high-impact, high-value curricula for the community. Stop by this session to get more information on the project, and how you can help by filling out a survey or building curriculum in emerging areas. At this session you can complete a survey to share your favorite piece of free curriculum that you've developed. You can also discuss the call for proposals for funded curriculum development, or discuss your ideas for curriculum in emerging cybersecurity areas.     
 

The popularity of the CAE-CD Community of Practice “Meet your Competitions” events has led to a new collaborative space for faculty to contribute to CAE efforts related to competitions. All faculty and POCs are welcome to join us as we explore the future of evidencing competencies within competitions, mapping linkages between competitions, helping faculty prepare students for competitions, competition badging and credentialing, building competitions experiences into courses and programs, and other topics of interest. The CAE-CD CoP Competitions Subgroup will meet regularly beginning this Fall, and this session will serve as an organizing and kick-off meeting for this new CAE collaborative space.
 

This research presentation explores the value of cybersecurity competitions in cyber defense education and its impact on the cybersecurity industry and workforce development. Competitions are considered active and challenge based learning that can be used as effective pedagogies to improve student interest, motivation, and problem solving in education. For cyber defense education quality assurance, student participation in cyber competitions is one of the criteria required for the National Centers of Academic Excellence in Cyber Defense designation by the National Security Agency. This presentation is based on the Challenge Based Learning (CBL) framework and explores the pedagogical benefits of cybersecurity competitions through the case study of the National Cyber League (NCL) competition. The case study focuses on mapping the features and knowledge and skill domains of the NCL competition to relevant NCAE-CD program criteria and knowledge units and presents sample data on students’ participation and performance from a NCAE-CD designated institution. This presentation also shares the results of quantitative data and qualitative observations as well as reflections on longitudinal student participation in the NCL competition and student performance in cyber defense educational programs.
 

As more and more information technology workloads move to the cloud, it is imperative that students entering the workforce have the skills needed to implement cybersecurity practices. The concepts of identity and access management, least privilege access, compliance enforcement, and incident response are theoretical concepts that may take years to put into practice once students reach the workforce. By adopting a game based learning pedagogy, higher education institutions can take the lead and provide an engaging mix of theoretical concepts with game based learning labs that will encourage students to continue to pursue their online degrees.
 

Advanced Persistent Threat (APT) is a class of network attacks when attackers utilize malware or stealthy tools to hide their actions in a network and systems over a prolonged period so that they can eventually achieve strategic goals such as causing substantial damage to the victim organization by data exfiltration. Although APT has long been a research subject, it continues to be a serious threat for many organizations. For cybersecurity education, APT is a good example for students to relate to the risk of organizational networks, the vulnerabilities of the systems and the skills needed to analyze and secure the networks. Recent research and development in APT detection are good educational resources. MITRE has released the ATT&CK knowledge base of adversary tactics and techniques based on real-world observations. Lockheed Martin’s Cyber Kill Chain identifies what adversaries must complete to achieve their goals. Both are good reference models to understand the techniques being used and how APT progresses. However, few education materials have been developed to teach cybersecurity students in understanding such serious threats and how to best protect their network to reduce the risk. The goal of this presentation is to bridge the gap by exploring educational materials that are suitable for a college level cybersecurity course by integrating state-of-the-art research results as well as industry practice. During this presentation, we will first explain the nature of APT, their characteristics, a comparison between APT and traditional attacks, and the different stages of APT planning. We will then discuss the knowledge and skills needed to conduct analyses on both a system and a network and map these skills to topics in network security courses. In addition, we will identify educational platforms and resources for this topic. Finally, we will discuss how such a knowledge domain fits into a cybersecurity curriculum. 

Incident response training is designed to test an organization's ability to respond to a cybersecurity attack. It involves developing a tabletop attack scenario and then running through the incident response plan to determine whether the plan is effective in detecting, containing, and remedying the attack. During the exercise, participants are required to make decisions and take actions as they would in a real cybersecurity attack. The exercise brings together various teams within the organization, including IT, security, legal, and public relations. The goal is to raise an organization’s cyber defense posture by identifying weaknesses or gaps in the incident response plan and to provide an opportunity for the organization to refine and improve its response capabilities. Critical infrastructure cybersecurity attacks have a greater potential to impact multiple organizations that would not typically engage in collaborative activities and incident response training requires participation from external partners such as law enforcement, regulators, and third-party vendors. Community outreach and leadership in education are key tenets of the National Centers of Academic Excellence in Cybersecurity (NCAE-C) mission. NCAE-C Colleges and Universities are uniquely positioned to serve in enhancing communication and collaboration by bringing together entities that would not normally engage with one another. In this presentation, NCAE-C institution representatives from the States of Montana and Colorado will discuss their experience in planning and hosting incident response training for critical infrastructure. We will examine the complexities of bringing together these disparate stakeholders. We will also present the benefits these events bring by enhancing the education of students and the research efforts of faculty.
 

This presentation outlines how we use our Cyber Capstone Classes to access both the Program Learning Outcomes (PLO) and competencies of our graduating seniors. At USD, we found that local businesses were reluctant to allow students the opportunity to evaluate, and implement security on an operational system. We developed the USD Cyber Cloud (a private cloud using OpenStack) to have an isolated sandbox that can be quickly configured to give the student (Student Teams) a fully functional business network system. In this safe environment and in small teams (5 or less) they are immersed into a case study assuming the role of being a consultant, an analyst, and customer point of contact. The Teams perform all the required tasks to conduct a security engineering review of the client’s system, conduct Vulnerability Assessments, Penetration Testing, and based on findings, create and execute a hardening plan to make the system secure. The hardening plan is the “What”; execution of the hardening plan is the “How”. The development of an Information System Security Plan plus the other testing report builds a portfolio of achievements for the students.

Missoula College University of Montana has completed the inaugural year of a CAE-CD rapid training program. Our CAE-CD Program of Study (PoS) encompasses four classes covering networking, operating systems, basic cybersecurity, and ethics/legal issues in computer science. Recognizing the need for short term training programs (i.e., completed within six months), Missoula College has developed a 10-15 week course of study specifically designed for individuals to get a jump-start on transitioning to a career in cybersecurity. In addition to completing the CAE-CD PoS, students are prepared for the Network+ and Security+ Industry Recognized Credentials (IRCs). Two unique hallmarks of our program are 1) wrap-around student support services which include weekly meetings with rapid training coordinators and 2) integrated and supplemental materials aligned with the National Association of Colleges and Employers (NACE) Career Readiness competencies. Program participants are encouraged to work with Missoula College University of Montana career coaches to refine résumés and interviewing skills, and all of the NACE competencies are interwoven into PoS coursework. Students are further encouraged to participate in career fairs held each semester at Missoula College. Through partnerships with the Montana Department of Labor and Industry (MT DLI) and other entities, student tuition, fees, and books are often eligible for a full subsidy resulting in no cost to students.

Our program has a constant struggle to get our students placed in meaningful internship opportunities. We have all heard the response all too often: Are they in their junior or senior year in college? We only offer internships to 4 year institutions. Then there is the management of paperwork and tracking of which student is at what location and how many hours are they logging there. We had enough and we are building our own paid internship opportunities for Tier 1 SOC Analysts. We are calling it the GSOC. Gaucho Security Operation Center. We are collaborating with Boise State University in the development and implementation phase of this project with a targeted soft launch in Spring 23.

BYU has recently signed an MOU with a vendor. The vendor partners with institutions and offers to faculty, staff, and students of higher education institutions access to vital cybersecurity skills training and learning resources. It provides students with real-world experience in multiple fields of cyber security such as Cloud, Network, and endPoint. The program is free of charge as the vendor aims to provide vital cybersecurity skills and learning resources in order to close the field’s workforce gap. Secure Academy provides free content (course curriculum), software licenses, technical support, and deeply discounted certifications to their academic partners and their students     

A brief outline of the student development research projects being conducted by University of Memphis students associated with CAE federally funded research grants.

Contrary to the intuition of some administrators and teachers, holding students to high standards improves retention. Establishing expectations early improves the classroom atmosphere because students are much more willing to help other students who put in a serious effort, and because instructor time is not wasted on students who don’t. Students graduating from a rigorous program are much more likely to have a true understanding of the material. This gives them confidence and leaves them prepared for competitions. They are more likely to get and succeed at cybersecurity jobs, giving the program a solid reputation. Students may have been taught that they can pass anything with no effort. Teachers must hold themselves to a high standard and be willing to help these students learn how to learn. Those who are willing to put in the work will succeed, while those who are not will leave sooner, rather than waste lab and teaching resources from one course to another. It may seem that lowering standards will build self-esteem, but the result is the opposite. If you don’t need to learn anything to pass, your education has no value. How important would you feel in that case? Holding students to high standards helps build comradery among students who have struggled together to understand complex topics and who have competed together in competitions. This improves retention and lifetime networks and job success. Recommendations and answers to specific questions on how to improve enrollment are provided. How can you create an atmosphere of trust and respect between students and faculty? How do you make the whole class feel like one team? How can you challenge your students with assessments to establish expectations early in the semester? How can you convince students that learning is a good idea? Your questions are welcome as well.
 

Malicious programs are not new. Many approaches have been proposed from signature-based methods in most anti-virus products to machine learning approaches that try to classify samples based on extracted features. There are inherent challenges to carry out systematic in-depth malware analysis. Only recently have very large datasets become available. There are three families of techniques for malware analysis: static analysis, dynamic analysis, and symbolic execution. However, none of them are sufficient; static analysis potentially has good coverage but has limited precision and is difficult to scale. Dynamic analysis has perfect precision, and its coverage is practically limited especially when anti-analysis techniques are employed. Symbolic execution techniques have the advantages of both static and dynamic analysis techniques but do not scale. Clearly hybrid approaches of combining these techniques can overcome the limitations to some extent and they are not sufficient to perform in-depth malware analysis at scale. Machine learning techniques have been proposed to classify malware based on extracted features and their success on real malware samples is limited despite reported high accuracies. A shortcoming to all these methods is that the existing techniques do not utilize the knowledge from previous analyses. We adopt and are implementing the following framework: 1) Given a binary sample, we use counterfactual execution to execute all the branches. By using the call graph, we organize the system calls into overlapping short sequences hierarchically; 2) We use the knowledge base to check the family and other related samples in the base. Note that the sequences allow us to match functions without the need to check implementation details; 3) With the metadata from the knowledge base, we will perform family specific analyses. The advantage of the proposed approach is that it is scalable, achieves good coverage, and generalizes well to new malware samples. 
 

Due to the increasing threat to both government and industry information systems, it is necessary for cybersecurity programs to produce graduates that can react to the increasingly complex attempts by hostile actors to exploit computer networks. To respond to these growing threats, it is critical for graduates of cybersecurity undergraduate programs to have knowledge of the concepts, techniques, and tools to break down and analyze malicious software used by hostile actors, and understand evolving cyber-attack tactics, techniques, and procedures. Malware analysis is typically an advanced cybersecurity topic covered in cybersecurity graduate degree programs or specialized training; however, with the rapidly evolving threat, malware analysis must be incorporated into undergraduate cybersecurity degree programs in a significant level of detail. A curriculum is necessary that includes a survey of the socio-cultural aspects impacting the cyber threat landscape, fundamentals of traditional and cloud network architecture and services, and a detailed study into the fundamentals of both static and dynamic malware analysis.

This mini-workshop aims to introduce a series of hands-on labs designed and packaged in software containers, allowing instructors to deploy them quickly on the cloud or cyber range environment without extensive configuration. The hacking labs exploit application vulnerabilities to launch common attacks such as data races, buffer overruns, code injection, and other web-based attacks. The primary goal of these hands-on hacking labs is to raise awareness about software vulnerabilities and their potential consequences among students who will be future software developers. By exposing them to these vulnerabilities, students will learn how to apply secure programming techniques during the development process to mitigate the risk of potential attacks. We will demonstrate in this talk how instructors can "load-n-play" one of the labs to Azure cloud service. We will also provide suggestions to faculty on adapting and implementing these labs in their security courses.  

This presentation will share some of the approaches currently underway to explore evidencing competencies through cyber competitions. The presenters will share preliminary findings from research underway on how students perceive competency development as well as a model for evidencing competency within competitions for consideration and discussion.
 

In recent years, aviation security was designated as a national strategy, which further emphasized the increasing interest and growth for aviation cybersecurity. The growing digitization and greater connectivity of aviation infrastructure increases the vulnerabilities and risks associated with the aviation industry. In response, educational institutions must diversify their instruction to train a more robust cybersecurity workforce for increased cybersecurity protection. As leader in aviation and aerospace education, Embry-Riddle Aeronautical University (ERAU) has undertaken fundamental efforts to address the need for a high-skilled cybersecurity workforce through its established aviation and aerospace research agenda and is actively building on its research expertise in the aviation and aerospace cybersecurity domain to meet current and future workforce needs. ERAU has extensive capabilities in all computation and communication services related to flight operations. Among them: airborne hardware and software, avionics equipment, and network and communication data links among aircraft, ground stations, radar systems, and satellite systems. ERAU faculty have made substantial contributions to the body of knowledge of aviation cybersecurity through direct work with aviation industry stakeholders, publications in prestigious venues, and presentations at expert forums. To this end, ERAU faculty are consistently updating their courses with their innovative work, thus closing the loop between research and education, and helping with the preparation of well-rounded and high-skilled graduates. All these capabilities and expertise place ERAU students in a unique position to contribute to the cybersecurity of engineered systems specific for the aviation and aerospace industry.

Internet of Things (IoT) devices capture and process sensitive personally identifiable information such as camera feeds and health data from enterprises and households. These devices are becoming targets of prominent attacks such as Distributed- Denial-of-Service (DDoS) and Botnets, as well as sophisticated attacks (e.g., Zero Click) that are elusive by design. There is a need for cyber deception techniques that can automate attack impact mitigation at the scale that IoT networks demand. In this talk, we present a novel cloud-based active defense approach viz., “CICADA”, to detect and counter attacks that target vulnerable IoT networks. Specifically, we propose a multi- model detection engine featuring a pipeline of machine/deep learning classifiers to label inbound packet flows. In addition, we devised an edge-based defense engine that utilizes three simulated deception environments (Honeynet, Pseudocomb, and Honeyclone) with increasing pretense capabilities to deceive the attacker and lower the attack risk. Our deception environments are based on a CFO triad (cost, fidelity, observability) for designing system architectures to handle attacks with diverse detection characteristics. We evaluate the effectiveness of these architectures on an enterprise IoT network setting with a scale of thousands of devices. Our detection results show ≈73% accuracy for the low observability attack (Zero Click) corresponding to the BleedingTooth exploit that allows for unauthenticated remote attacks on vulnerable devices. Furthermore, we evaluate the different deception environments based on their risk mitigation potential and associated costs. Our simulation results show that the Honeyclone is able to reduce risk by ≈88% when compared to a network without any defenses. 

In the realm of education, a revolutionary tool called ChatGPT and Generative AI is changing the way students learn. ChatGPT and generative AI are not just theoretical concepts; they are already being used by students. ChatGPT, trained on vast amounts of data, generates human-like text and assists students in various ways. It helps them generate papers, provides prompt and accurate answers to their questions, and aids in research by finding relevant sources. Teachers play a crucial role in integrating ChatGPT effectively. They should expand requirements beyond its capabilities to foster deeper conceptual learning. By building upon ChatGPT's support, students can focus on understanding concepts rather than memorizing facts. This approach nurtures critical thinking, problem-solving, and the practical application of knowledge. Expanding requirements offers several benefits. Students engage in deeper learning, explore creative solutions, and collaborate with peers. They become active participants in their education, develop critical thinking skills, and apply knowledge to real-world scenarios. In conclusion, ChatGPT is already enhancing students' educational journeys. With effective teacher integration and expanded requirements, students can concentrate on understanding concepts, fostering creativity, collaboration, and critical thinking. This empowers them for future success in an ever-changing world.

Secure boot is reliant on the Chain of Trust to guarantee the security of an individual device. Chain of trust refers to the transfer of trust such that the transfer of execution in a device from one component to another does not alter the quality of trust. The transfer of execution in a cyber-enabled structure is one of the most important decision points where the state of trust is altered. In this project, we identify the constructs of secure flash (programming of a device) to maintain trust within the secure boot for subsequent bootups. To enable such an architecture, we utilize the specialized hardware called Trusted Platform Module to guarantee the trustworthiness of critical security operations. In this project, we identify how different boot components are ranked and how transfer of trust occurs between them. The diagram below identifies the components of secure boot, secure flash, and different pathways to accomplish the trustworthiness of execution.

This presentation will unveil the technologies and moving pieces that power the NCAE National Competition. The NCAE National Competition team has open sourced this custom platform and is willing to share all of the details, but the infrastructure spans a number of complex technologies and will be daunting even to a veteran systems administrator. The NCAE National Competition team will offer possible pathways to using our infrastructure at your institution outside of the competition season. The competition team anticipates that offering the community a chance to see the infrastructure in action for a custom deployment will allow interested institutions the opportunity to digest the complexity of the platform and incorporate these technologies incrementally to serve local educational efforts.
 

Students in multiple cohorts of our 3000 level Fundamentals of Information Systems Security course were given a discussion question where they had to either agree or disagree with the premise that given all the constant threats to our systems, we should dedicate more of our efforts to quickly repairing the damage of an attack rather than dedicate more of our time and energies to preventing such attacks. They were required to give their reasoning and provide sources to back up their analysis of his comment. This talk will describe and explain the concept of cyber resiliency. It will then evaluate the responses of the students and their sources to determine if they felt that emphasizing bringing systems back quickly over prevention is a cybersecurity practice that more organizations should consider, as well as give some recommendations about both cyber prevention and cyber resiliency methods.  

Inspired by a Cloud Security Alliance write-up by the presenter, this session will bring about a fun and interactive Lightning Talk on the topic of introducing music that aligns with the varied work roles and tasks in cybersecurity activities. This Lightning Talk will utilize and play some minor snippets of music (as loud as possible) that correspond to the National Initiative for Cybersecurity Education (NICE) Workforce Framework. The session will be helpful in possibly inspiring participants to consider ways to better and further relate to those students who may be “on the fence” in considering the cybersecurity workforce. Music has the potential to inspire and generate energy that may not have been present previously. As we continue to work towards the challenge of recruiting and educating the next generation of cybersecurity professionals, perhaps it is time to think differently, and use such resources as music! Content for this presentation will be pulled from the article below, authored by the proposed speaker.
 

The Public Infrastructure Security Cyber Education System (PISCES) is a platform which brings together industry, government, and education to deliver a job ready workforce, engage students with real-world experiences, and provide services to small local government entities which they would not otherwise be able to afford. PISCES places collectors on small governmental networks to collect netflow data. The data is stored on an ELK stack, and is monitored by students who perform anomaly analysis and threat hunting on the real data. Issues discovered are reviewed and reported. PISCES, which currently operates in four states, is working with CISA and PNNL to expand into other states and increase its presence. PISCES makes curriculum available to schools participating in the project, and in addition to the basic cybersecurity analyst course has developed a follow-on Security Operations Center (SOC) course.
 

Engaging discussions between students in asynchronous online courses are an important part of learning yet many find it difficult to develop creative and effective discussion prompts in cybersecurity and other technical courses. Often these discussion prompts end up looking like short answer questions with each student posting very similar responses. It is hard to generate a meaningful conversation from this type of prompt and students often get stuck trying to think of something relevant to say. It doesn’t have to be this way! There are ways to not only engage students in stimulating and interesting conversations related to cybersecurity concepts but to also use these discussions to develop critical thinking skills, build awareness of how diversity, equity and inclusion are impacted by the topic at hand, learn from relevant current events and encourage creative thinking. It is equally important to provide guidance for when students are replying to each other’s posts. We want their discussions to build on what has been said and continue to be productive and informative throughout the thread. This presentation will review best practices for designing asynchronous discussions by sharing examples of good, bad and engaging discussion prompts in cybersecurity courses. Participants will take away ideas for creating asynchronous discussions that will appeal to students in cybersecurity courses and generate lively conversations.

Maintaining an engaged alumni community can be a challenging task. Many colleges and universities struggle to maintain relationships with alumni because they fail to foster a strong bond with the students before graduation. When students graduate, the student-institution relationship should not end; instead, it should continue progressing as needs and expectations change. Institutions should establish a robust student-institution relationship that grows throughout the student lifecycle and continues beyond graduation. A cordial relationship between alumni and institutions should begin well before graduation. To develop this bond, institutions should have early recruitment frameworks that enhance cohesive and engaging experiences for students and nurture them until after students transition into alumni. Building meaningful relationships with alumni is essential for the strategic advancement of higher education programs. Keeping in touch with alumni helps an institution build a global professional network. While institutions can partner with alumni to meet financial goals for campus developments, current students at institutions can benefit from the mentorship opportunities that engaged alumni bring. Graduates are influential campus ambassadors for their institution's brand. They are the backbone of a college or university. Whether alumni are seasoned professionals or new graduates, institution-alumni networking is essential to career development. As institutions explore new digital solutions to support students better, leaders can use the latest technology to build engaging experiences and maintain a relationship that transcends graduation. With smart technology, institutions can create engaging experiences that bring the campus to alumni by sharing personalized updates on campus events and developments.

The CAE-CD Regional Outreach Competition Committee was established by the CAE- Community of Practice (CoP) – Cyber Defense (CD): 1) to encourage and promote cybersecurity awareness and online safety practices by taking advantage of the cybersecurity outreach CAEs do throughout the year; 2) to maximize the impacts of the CAEs on the community; and 3) to strengthen the collaborative relationships between CAE Regional Hubs and their member institutions. The initiative was originally motivated by the October cybersecurity awareness month and was extended to cover the efforts of the entire calendar for each cycle. The Committee has established a set of criteria and rules. Impact measures include number of groups and organizations that are being impacted, total number of attendees, durations and frequencies of the events, and effectiveness of outreach materials. Diversity measures include  the inclusion of minority and underrepresented groups and the spectrum of age groups in the cybersecurity profession. Effort measures include evidence of CAEs who promote and engage in outreach events and the total number of outreach events provided by the CAEs. The Competition started in 2021 with the first cycle results presented in the 2022 CAE Symposium and the second cycle presented this year.
 

The HBCU Artificial Intelligence and Cybersecurity (AI-CyS) Research Partnership consists of the following universities: Hampton, Florida A&M, Winston Salem State, University of District of Columbia, Mississippi Valley State, Norfolk State, and Howard universities working together to increase each of our individual institute’s research capacity and enhance our research collaboration. This Collaborative Research Project leverages the collaboration between HBCUs and national research laboratories (Lawrence Livermore and Brookhaven) to increase research capacity from corresponding Minority Serving Institutions by “capitalizing on the synergies from current HBCU collaborations” to investigate the use of Artificial Intelligence, specifically Machine Learning, to address cybersecurity challenges. Collaborations with national research laboratories support professional development through knowledge acquisition for enhancing the research capacity of the HBCU faculty. The project’s activities include (A) increasing institutional research capacity at HBCUs in AI and cybersecurity and fostering the collaboration among HBCU faculty as well as with the national research laboratory; (B) increasing the number of students, especially undergraduate students from underrepresented groups in conducting research; and (C) providing students with mentoring from their own HBCU, partnered HBCU, and mentors from the national research laboratory. We are engaging in the following research projects: (1) Reinforcement Learning Autonomous Cyber Security Agents, (2) Exploration of Ways to Disambiguate Traceroute Data for Improved Understanding of Computer Networks, (3) the Universal Adversarial Patch Attack, and (4) (Surveillance) Videos Authenticate in Near Real-time. With the low engagement of researchers from under-represented groups, this project aims to use this partnership of universities that predominantly serve African Americans, not only to increase research in AI and cybersecurity, but also to attract other computing students, and even other STEM disciplines. It is expected that each HBCU will be able to build on its initial research and obtain additional research funding support to continue and add-on to its research capacity.
 

The cybersecurity workforce suffers from an ongoing talent shortage and there is a lack of information correlating cybersecurity education programs to alumni employment outcomes. This exploratory, cross-sectional study will evaluate the post-graduation employment outcomes of alumni that attended two-year colleges designated by the National Security Agency as Centers of Academic Excellence in Cyber Defense. Stakeholders of this project are identified as faculty, employers, students, government agencies, the National Security Agency, and organizations that rely on cybersecurity talent to keep their systems secure from cyberattacks. This study will use the mixed methods approach to compare alumni employment outcomes to their cybersecurity Programs of Study using the work roles of the NICE Framework. Initially, a call for participation will be sent to the Points of Contact at two-year colleges designated as Centers of Academic Excellence in Cyber Defense. The first phase of the study will include a request for Points of Contact to provide academic program information via online survey and to contact cybersecurity program alumni with a link to an online survey about employment outcomes. The second phase of the study will include two rounds. In round one, an online survey will be sent to collect alumni employment data about work experience, degree name and year of graduation, industry-recognized certification achieved, and any additional higher education achievements since graduation from the two-year college. In round two, alumni that did not respond in round one will be contacted for a structured interview to complete the online survey. The resulting knowledge can be used to better understand the employment outcomes of two-year college alumni from CAE-CD cybersecurity programs.
 

Career and Technical Education (CTE) CyberNet seeks to increase the number of CTE teachers who can effectively prepare students for cybersecurity education and careers. CTE CyberNet is driven by a local academy approach to help teachers deliver more rigorous CTE cybersecurity programs of study aligned to industry standards and industry-valued certifications. The academies give educators strategies and tools to impart the knowledge, skills, and abilities outlined in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. CTE CyberNet academies are designed to also align with the knowledge units of National Centers of Academic Excellence in Cybersecurity (NCAEs). CTE CyberNet was developed as a blueprint that could be adapted to the unique needs of local education ecosystems.