Posts Tagged ‘cyber security’

Meet Network Security Specialist Jerry Gamblin

Thursday, February 9th, 2012

Photo of Jerry Gamblin

Do you like working with computers? Interested in both networking AND programming? Well, then a career as a Network Security Specialist might just be for you! This week, ATETV staff caught up with one in person. Jerry Gamblin works as the Network Security Specialist for the Missouri House of Representatives; a position he has been in since 2005.

Here’s what he had to say about his work:

What made you decide to pursue this as a career?
I love problem solving and there is no bigger problem in the networking field then security. Plus I really don’t like fixing printers : )

Tell us about your current position. What does a typical day look like?
I work at the Missouri House of Representatives with 163 state representatives, their legislative assistants and House staff.

It is really hard to describe a typical day but it is always going to include checking access logs, catching up on industry news and responding to emails. Then I will spend some time catching up with other people in our office about the projects they are working on and how they impact our security posture. After I get that done I am on call to help fix or answer any questions that might come up.

Also… you will get a call after hours a couple of times a week. This is NOT a 9-5 job.

Why would students today be interested in this career path?
It is a good hybrid field for students who like networking and programming. You get to use your analytical skills that programming helps to develop while being able to work on a lot of varied projects that seem to draw people to networking.

What qualities would make them successful?
You have to want to always learn. If you are not willing to completely turn over your skill set every 3-5 years this isn’t going to be the field for you. You have to spend a lot of time reading, learning and talking to your peers.

What do you see as the biggest types of security risks that they might face in their careers?
The ones they are not thinking about. Most of the time security risks come from servers that you don’t know exist or haven’t audited. That is why having a good relationship with all the members of your team is so important so you don’t get left out of the loop on projects.

What advice do you have for people considering this as a career
Learn how to communicate. Security is a lot about being able to take an abstract security idea and turn it into something that you can make your customers care about. You can have all the technical knowledge in the world but you won’t be successful until you can share it.

According to the Bureau of Labor Statistics, to prepare for a career as a Network Security Specialists, individuals commonly earn a bachelor’s degree in computer science, information science and management information systems (MIS), but a degree in any field, supplemented with computer courses and experience, may be adequate. You can also prepare for jobs in this field by pursuing an associate degree or professional certification, along with related work experience.

And for the rest of us? Well, it is good to remember that everyone has a role to play in keeping their computer systems safe. “Security…” Jerry said in a in a recent interview with the National Conference of State Legislatures, “.. is everyone’s business.You’re just as responsible for security as your IT person. You have a link in the security chain and you can blow it up pretty quickly.” So take the time to regularly scan your computer with your anti-virus software, to continually update your passwords and to pay attention when programs ask for personal information. For these tips and more,visit the National Cyber Security Alliance.

What Does Your Web Identity Reveal?

Thursday, January 19th, 2012

web identity lock
When was the last time you completed a Web engine search on your name? It is not something one thinks of doing regularly, yet it could make all the difference in one’s future. This week’s ATETV video reveals the importance of monitoring your online identity when it comes to your professional goals and objectives. There is a large amount of data available out there. Does the information available about you say what you want it to say to a potential employer or current boss? If not, don’t despair. From platforms to strategies, there are ways you can manage the situation.

#1. Take charge of your own identity.
Matt Ivester, an author on helping students manage their online reputations, recommends that everyone get in the habit of thinking carefully from the very beginning about the information he or she is comfortable sharing online. He also recommends conducting inventories or searches on your name and cleaning up the content you can control. Other tips include claiming your name as a .com url and on all the popular sites like Twitter. Matt suggests continually updating your privacy settings and taking advantage of tools like “Google alerts” to notify yourself anytime your name or other specified content appears on the Web.

#2. Use an Online Identity Management Service.
In the article, 25+ Ways to Manage Your Online Identity, the folks at Mashable identify 8 sites created to help in this capacity. ClaimID.com for example consolidates all the information you find on the web and makes it easy to “claim” only the good stuff in order to create a profile you will then want to share with others.

#3. Add Web content to improve your existing reputation.
According to a recent article in Forbes, search engines like Google rank information according to “relevance–how closely it resembles the search term–and popularity–how many other sites are linking to it.” In the event you can’t get the information removed, the authors of this article recommend that you “overwhelm the bad content with the good, so that the embarrassing links are less likely to rank high.” Some ways to do this include: using free software such as Wordpress to create a blog revealing your expertise, writing as a guest author on professional blogs, adding comments to existing web content and creating profiles on sites such as LinkedIn.

#4. Hire a company to manage your reputation.
Mashable lists 5 such groups for your reference. For a monthly fee (starting at $10), Reputation.com, for example scours the Web for content about a client and presents a report. For an extra fee, the client can request that some of the information be removed.

#5. Simplify the information you volunteer.
Web-sites such as Profileomat.com allow you to centralize your different profile content by listing all your personal Websites, Social Networks, Blogs, Contact Info, Photo Albums and other Profiles in one unique profile.

A recent survey conducted by Microsoft of 1200 human relations managers revealed that as many as 70% have rejected job applicants because of information they find online. Recruiters said they search for information about candidates through search engines, on social networking sites, personal Web sites and blogs, gaming sites, online classified sites and through professional background checkers. What are the top things that influence them? Data on Lifestyle, inappropriate written texts and inappropriate photos top the list. These are simple sources to modify. By paying closer attention and using the tools available, you can ensure that your online presence only has a positive impact on your career!

Cyber Security Is Put to the Test

Friday, January 21st, 2011

cyber security

You have just been hired as the network and security administrator at a small company and will be taking administrative control of all information systems. You know very little about the network, what security level has been maintained, or what software has been installed. You have a limited time frame to familiarize yourself with the network and systems – and a hacker has begun to actively attack your company. In the midst of this crisis, you still have to keep up with the needs of the business and user demands while maintaining service level agreements for all critical Internet services.

Does this sound like the ultimate nightmare for an Information Security professional? Well, it could be. But, in this case, it’s actually an opportunity. That’s because this scenario is part of the National Collegiate Cyber Defense Competition (CCDC), a sophisticated three-day long security challenge and training event that tests students’ abilities to manage and protect a “commercial” network infrastructure – like the thousands upon thousands of real networks across the U.S.

The competition was introduced in 2005 to provide students with a valuable chance to test – and improve – their cyber security skills. It has the added benefits of bolstering participants’ resumes and introducing them to networking contacts in the job market.

CCDC keeps pace with real-world cyber threats facing companies and organizations around the country. Last year, for example, the Cyberwatch Mid-Atlantic Regional CCDC qualifying competition tested students with a serious cyber threat that often goes unchecked: the inside attack or “the Invisible Intruder.”

As an article in informIt described, students in the competition came face-to-face with “the Intruder,” a “fellow student” who appeared during the competition under the guise that he was interviewing participants for a research paper he was writing. All of the competitors who were approached by the Intruder happily agreed to talk with him, and even agreed to be photographed. After all, he looked like them. He sounded like them. He shared their interests and was enthused about what they were doing. No one noticed that he wasn’t wearing the ID badge required of all competitors. And no one hesitated to answer his increasingly probing questions. The end result: 13 students from five defending teams revealed highly sensitive security information – enough to devastate a business in a real-world situation.

The point of this exercise is clear: While layers of security and policy can help to squelch external attackers attempting to gain access to a company’s internal systems, another threat may be looming in plain sight in the form of a company insider with full access to the organization’s systems and understanding of the environment.

What would you have done in this situation? If you’d like to test your Cyber Security skills or learn more about the growing demand for cyber security technicians, visit CyberWatch, the ATE Center based at Prince George’s Community College.

ATETV Episode 45: Safeguarding the Future

Tuesday, August 10th, 2010

This week, we look at the many ways that emerging technologies are protecting our futures — from supplying safe, clean drinking water and new energy sources to guarding our computer information.

In our first segment, Linda Correira of Aquaria Water, LLC, describes how Water Treatment Technology systems successfully treat salt water and turn it into clean, thirst-quenching drinking water.

“Everyone needs water and we have limited supplies [on earth]” explains Linda. “But if you have the ability to take salt water — which we have much more of — and convert it into drinking water, then there’s [an important resource.]” As Linda further explains, the desalination process puts salt water through a treatment process to remove any bacteria and then salty, high-conductivity water goes through a “reverse osmosis” system to remove dissolved salts. From there, water is disinfected and — voila! — the glass is half full of drinkable water.

In our second segment, we talk with a student at Springfield Technical Community College whose work in the school’s Information Security Program will have an impact on lots and lots of people.

“[Almost all of your personal information] is stored on a computer system somewhere,” explains Sean Coughlin. “People might think, ‘Oh, I don’t use online banking, I don’t put my credit card information into websites, so [computer security issues] don’t affect me.’” But, in fact, says Sean, everyone is affected because businesses put their information on computer systems — and your information is their information.

The growing need for Cyber Security professionals, and a lifelong love of computers, has brought Sean from an 18-year career as a commercial flooring contractor to a new “position” as an Information Security student at Springfield. And he couldn’t be more satisfied. “Every single job you look at, [employers] want to see that you have experience in addition to classroom work. [Through the program at Springfield Technical College] I’ve actually worked on devices and reconfigured them…that’s the solid foundation that employers want to see.”

Finally, in our third segment, we take a look at the cutting-edge field of Fuel Cell Technology and learn how students at Stark State College are not only responding to industry needs — they’re staying ahead of them!

“A student who studies fuel cells is going to have a wide range of opportunities available when he graduates,” says Justin Ruflin of Contained Energy, LLC. “Fuel cell technicians are needed within the lab itself to help build the technology, while scientists are busy figuring out how to solve the challenges within the fuel cell industry and managers are running the companies.” So whether a person is interested in building fuel cells, understanding the properties of fuel cells or creating new materials to increase fuel cell performance, there’s likely to be a job opportunity available — and it’s likely to be a good-paying job offering employees a lot of responsibility.

Help Wanted: Cyber Security Specialists

Friday, July 2nd, 2010

Cybersecurity

Wanted: Approximately 10,000 – 20,000 young Americans with the Information Technology skills necessary to safeguard America’s massive digital computer infrastructure. Openings available for Cybersecurity Practitioners, Researchers and General “Cyber Warriors.” Positions require elite “hacking” skills, strong ability to “think outside the box,”and a keen understanding of the nation’s security systems and their vulnerabilities. Excellent starting salaries.

Okay, it’s true, we just made up that description, but it’s a fact that the need for IT specialists to defend the Internet and our nation’s communications infrastructure has never been greater, with President Obama identifying Cybersecurity as one of the most serious economic and national security challenges faced by our nation. It’s also true that the job market for Cybersecurity experts is wide open – by one estimate, the U.S. needs at least 20,000 such cyber-specialists, and currently has but 1,000 positions filled.

So, what exactly is a Cybersecurity Specialist? A recent article in USA Today describes the job as “a new class of tech professional specifically trained to battle data thieves, online scammers and cyberspies.”

The demand for these “cyber crime fighters” is so great that not only are schools and businesses intently focused on “cyber” training programs, but the federal government, in collaboration with education officials, military contractors and businesses have even begun sponsoring “American Idol”-like competitions, such as the U.S. Cyber Challenge, which aims to find and recruit 10,000 talented young “security warriors” through intricate “hacking” contests and other tests of security mettle.

ATE programs are at the forefront of this “cyber movement,” with specialty programs including:

CyberWatch, a consortium of Mid-Atlantic colleges focused on cybersecurity training which has grown by nearly 66 percent in each of the last two years, according to the program’s co-director, Casey O’Brien, noting, “People are starting to get that the success of these programs is absolutely critical to the future of our country.”

The Cyber Security Education Consortium (CSEC), which comprises five educational institutions throughout Oklahoma and major population centers in neighboring states to develop strategies to help secure cyberspace.

The Center for Systems Security and Information Assurance Cyber Defense Training Center (CSSIA), founded in 2003 partners with industry and academia to help students develop cyber-security skills.

Think about this for a minute: The vast majority of our day-to-day lives are steeped in computer data, and much of our country’s infrastructure – from banking and financial systems to energy grids to medical records to telecommunications – is reliant on computer systems. In fact, in this week’s ATETV Episode, Todd Matthews of EMC Corporation – one of the world’s largest data storage companies – commented that “More digital data will be created in the next two years than was produced in the last ten.”

Wouldn’t you want to know that all this information was safe in the hands of tomorrow’s cyber-security experts?

ATETV Episode 17: Standard Operating Procedures

Wednesday, January 13th, 2010

This week we head back to Times Square for another man-on-the-street segment, get our hands dirty on the farm, and then head online to explore the world of Cyber Security.

First, we take to the streets to ask people if they know what “SOP” stands for. As in the past, we get some pretty creative answers, but no one gets it right. SOP stands for Standard Operating Procedures, and in the ATE world it refers to the meticulous systems by which labs operate. If you’re a person who likes checklists and order, a career in biotechnology where you may utilize this system might be right for you.

Next we head out to Kirkwood Community College to learn more about hands-on internships in Agriculural Technology. “One of the best ways to have students learn is to have them actually do the exercise, do the math, do the work,” says Kirkwood’s Terry Brase. “They can hear about it, they can read about it, but it’s not going to stick with them until they actually experience it.”

Finally, we talk Cyber Security with Scott Edwards of Juniper Networks. Juniper makes routers, switches and other computer equipment that powers the Internet and keeps data secure. As devices become ever more interconnected, the need for workers trained to make and service these devices is growing. An ATE program in Computer and Information Technology (C.I.T) will give you the skills you need for these career opportunities.