Inspired by a Cloud Security Alliance write-up by the presenter, this session will bring about a fun and interactive Lightning Talk on the topic of introducing music that aligns with the varied work roles and tasks in cybersecurity activities. This Lightning Talk will utilize and play some minor snippets of music (as loud as possible) that correspond to the National Initiative for Cybersecurity Education (NICE) Workforce Framework.

Students in multiple cohorts of our 3000 level Fundamentals of Information Systems Security course were given a discussion question where they had to either agree or disagree with the premise that given all the constant threats to our systems, we should dedicate more of our efforts to quickly repairing the damage of an attack rather than dedicate more of our time and energies to preventing such attacks. They were required to give their reasoning and provide sources to back up their analysis of his comment. This talk will describe and explain the concept of cyber resiliency.

This presentation will unveil the technologies and moving pieces that power the NCAE National Competition. The NCAE National Competition team has open sourced this custom platform and is willing to share all of the details, but the infrastructure spans a number of complex technologies and will be daunting even to a veteran systems administrator. The NCAE National Competition team will offer possible pathways to using our infrastructure at your institution outside of the competition season.

Secure boot is reliant on the Chain of Trust to guarantee the security of an individual device. Chain of trust refers to the transfer of trust such that the transfer of execution in a device from one component to another does not alter the quality of trust. The transfer of execution in a cyber-enabled structure is one of the most important decision points where the state of trust is altered. In this project, we identify the constructs of secure flash (programming of a device) to maintain trust within the secure boot for subsequent bootups.

In the realm of education, a revolutionary tool called ChatGPT and Generative AI is changing the way students learn. ChatGPT and generative AI are not just theoretical concepts; they are already being used by students. ChatGPT, trained on vast amounts of data, generates human-like text and assists students in various ways. It helps them generate papers, provides prompt and accurate answers to their questions, and aids in research by finding relevant sources. Teachers play a crucial role in integrating ChatGPT effectively.

Internet of Things (IoT) devices capture and process sensitive personally identifiable information such as camera feeds and health data from enterprises and households. These devices are becoming targets of prominent attacks such as Distributed- Denial-of-Service (DDoS) and Botnets, as well as sophisticated attacks (e.g., Zero Click) that are elusive by design. There is a need for cyber deception techniques that can automate attack impact mitigation at the scale that IoT networks demand.

In recent years, aviation security was designated as a national strategy, which further emphasized the increasing interest and growth for aviation cybersecurity. The growing digitization and greater connectivity of aviation infrastructure increases the vulnerabilities and risks associated with the aviation industry. In response, educational institutions must diversify their instruction to train a more robust cybersecurity workforce for increased cybersecurity protection.

This presentation will share some of the approaches currently underway to explore evidencing competencies through cyber competitions. The presenters will share preliminary findings from research underway on how students perceive competency development as well as a model for evidencing competency within competitions for consideration and discussion.
 

This mini-workshop aims to introduce a series of hands-on labs designed and packaged in software containers, allowing instructors to deploy them quickly on the cloud or cyber range environment without extensive configuration. The hacking labs exploit application vulnerabilities to launch common attacks such as data races, buffer overruns, code injection, and other web-based attacks. The primary goal of these hands-on hacking labs is to raise awareness about software vulnerabilities and their potential consequences among students who will be future software developers.

Due to the increasing threat to both government and industry information systems, it is necessary for cybersecurity programs to produce graduates that can react to the increasingly complex attempts by hostile actors to exploit computer networks. To respond to these growing threats, it is critical for graduates of cybersecurity undergraduate programs to have knowledge of the concepts, techniques, and tools to break down and analyze malicious software used by hostile actors, and understand evolving cyber-attack tactics, techniques, and procedures.