Archive

Archive for the ‘Security’ Category

DoD Cyber Scholarships for 2020-2021

December 5th, 2019 Comments off

The U.S. Department of Defense is offering Cyber Scholarships to U.S. citizens who will be Juniors, Seniors, or graduate students in the fall of 2019. Because we are a National Center of Academic Excellence in Cyber Defense Education, you may be eligible to apply.  This is a one-year scholarship covering full books, tuition, and a $25,000 stipend for undergraduates or a $30,000 stipend for graduate students. The scholarships are renewable but require a new application each year. After graduation, scholarship recipients will work one year of federal service in a cyber security or digital forensics role for each year of scholarship support, or four years of military service. Applicants must be eligible for a security clearance. Applicants are not limited to students in the Department of Information Technology and Management but may also be students in Computer Science, Computer Engineering, Electrical Engineering, and Business, but because of the nature of the application, knowledge of and a clear understanding of cyber security is a necessity. Please read the scholarship details document carefully and completely before filling out the application. An official transcript must accompany your application and should be attached, unopened, to the application. A complete printed and signed physical application must be delivered to the ITM Department office, Perlstein Hall suite 223 no later than 8:30am Monday February 17th so we can evaluate and include your scholarship in our funding request, which is due February 28th. When you submit your physical application, you will be given instructions for uploading a digital copy of your application in PDF format. Multiple files may be submitted as a .zip file but all files must be PDF files.

The application and full details of the scholarship are included below.

If you have read all of the materials and you still have questions, please contact Professor Ray Trygstad at trygstad@iit.edu. Please include “DOD Cyber Scholarship” as the first thing in the subject line of your email.

DoD Cyber Scholarships for 2019-2020

January 25th, 2019 Comments off

The U.S. Department of Defense is offering Cyber Scholarships to U.S. citizens who will be Juniors, Seniors, or graduate students in the fall of 2019 This is a one-year scholarship covering full books, tuition, and a $25,000 stipend for undergraduates or a $30,000 stipend for graduate students. The scholarships are renewable but require a new application each year. After graduation, scholarship recipients will work one year of federal service in a cyber security or digital forensics role for each year of scholarship support, or four years of military service. Applicants must be eligible for a security clearance. Applicants are not limited to students in the Department of Information Technology and Management but may also be students in Computer Science, Computer Engineering, Electrical Engineering, and Business, but because of the nature of the application, knowledge of and a clear understanding of cyber security is a necessity. Please read the scholarship details document carefully and completely before filling out the application. A printed and signed physical application must be delivered to the ITM Department office, Perlstein Hall suite 223 no later than 8:30am Monday February 18th so we can evaluate and include your scholarship in our funding request, which is due February 28th. The application and full details of the scholarship are included below. 

Contact Professor Ray Trygstad for questions: trygstad@iit.edu. Please include “DOD Cyber Scholarship” as the first thing in the subject line of your email.

Hotel business centers can steal your life

December 2nd, 2018 Comments off

Many of us travel regularly for business or pleasure, and even though most of us probably haul along our own computer or tablet, occasionally we have to print something. Gee, right there off the hotel lobby is the business center, which today is often equipped with a nice color laser printer. How convenient! And how dangerous.

How do we get the document from our device to the printer? Most if us would probably think, oh, that’s easy. I’ll just pop it into Google Drive, or One Drive, or Apple Cloud. Then I’ll log in with the browser on the office center machine, print my stuff, and I’m done! I just did this at the hotel I’m staying at in Florida. Logged into the system, running Windows 10, and brought up Google Chrome. I looked at the photo icon on the upper right corner of the browser, and I see a picture of one of my colleagues…he never logged off from using it the day before! It turns out that closing Chrome does not log you out, even though logic says it should. I logged him off, logged in to Google, did my printing from content on Google Drive, and logged off.

Because neither Google nor Microsoft requires two-factor authentication, leaving an account logged in will allow the next system user to change your password. Once that’s done, everything in that account is theirs and not yours. Wow. Scary. Rebooting might fix it, but in normal operation, these systems hardly ever get rebooted.

Once logged off, I clicked the login icon on the upper right corner of the default Google Search screen. This took me to a list of the users that had previously logged into Google using this browser listing their name, their email address, and even their photo if their account had one linked to it. And there I was, as well as my colleague. At the bottom of the screen was a “remove login” selection. Clicking it placed an X next to each user on the list, and clicking the X removed that user from the list. Does it remove it from the system as well, or just from this list? I don’t know, and haven’t yet had time to research it.

I then moved to the machine next to this which I had used the day before. I looked at the list of Google users in Chrome, and there I was! I removed my entry and the other 10 on the screen—one at a time, of course—then I closed Chrome and logged out of the system.

I know it seems like a bit much expecting hotels to control this serious vulnerability on their office center system, but frankly most users will never even be aware of the danger, and if the hotels don’t take positive steps to control this it will never happen. I did some quick research to try to find a Chrome plugin to automatically log users out when the browser is closed, and to prevent the user list from being retained, but if there is such a beast, I didn’t find it. Clearly this is a need, and to be perfectly honest, one that the hotels and anyone else providing public access to Google logins on Chrome should expect to pay for. Free business plan: write it. Then write about it. Frankly, people are crazy not to protect their users like this.

—Ray Trygstad

ITM Department and C2SAFE to host Women in Cyber Security 2018

October 4th, 2017 Comments off

The Department of Information Technology and Management and the Center for Cyber Security and Forensics Education are pleased to announce that we will host the Fifth Annual Women in Cyber Security (WiCyS) Conference. This National Science Foundation funded event will be held March 23 through March 24, 2018 at the Hilton Chicago. It is the mission of WiCyS to bring together women in cybersecurity from academia, research and industry from across the United States. The event is exclusively designed as the forum for speakers and guests to exchange knowledge, experience, networking, and mentoring to raise interest in the field of cybersecurity. We will be seeking volunteers to assist with the conference and to meet arriving delegates at the airports later this fall.

ITM Associate Chair Ray Trygstad will serve as conference co-chair, while Amber Chatellier and Angela Jarka of the ITM Department comprise the conference logistics staff.

New New York regulations will drive cybersecurity advances

September 27th, 2017 Comments off

New regulations on cybersecurity have been published by the New York State Department of Financial Services. 23 NYCRR Part 500 will have a major impact on American business as it has serious requirements and mandates for all financial services companies doing business in New York state–which of course are almost all of them. A good article on the topic is is at https://digitalguardian.com/blog/what-nydfs-cybersecurity-regulation-new-cybersecurity-compliance-requirement-financial. Significant requirements include:

  • Policy & Program: Covered entities must instate and maintain a documented cybersecurity policy, and adopt a robust cybersecurity program, by August 28, 2017.
  • CISO: Designate a qualified Chief Information Security Officer (CISO) to oversee and implement the cybersecurity program and enforce policy.
    • The CISO must submit a written report annually to the Board of Directors and an annual compliance certification to the Department of Financial Services.
  • Data encryption: Organizations must enact controls, including encryption of sensitive data, depending on the outcome of a risk assessment.
  • Continuous monitoring: Covered entities must continuously monitor cybersecurity functionality OR conduct annual penetration testing and bi-annual assessments.
  • Enhanced multi-factor authentication: Covered institutions must employ multi-factor authentication for all inbound connections to the entity’s network.
  • Incident reporting: Covered entities must document and report all cybersecurity events.

How much do you know about cybersecurity?

August 31st, 2017 Comments off

PEW quiz header
Take the Cybersecurity Knowledge Quiz from Pew Research! Then see how you did in comparison with a nationally representative group of 1,055 randomly selected adult internet users surveyed online between June 17 and June 27, 2016.
http://www.pewinternet.org/quiz/cybersecurity-knowledge/

Categories: Security Tags: ,

DoD Cyber Information Assurance Scholarships

April 14th, 2017 Comments off

The U.S. Department of Defense is offering Cyber Information Assurance Scholarships to U.S. citizens who will be Juniors, Seniors, or graduate students in the fall of 2017. This is a one-year scholarship covering full books, tuition, and a $22,500 stipend for undergraduates or a $30,000 stipend for graduate students. The scholarships are renewable but will require a new application each year. Payback is one year of federal service in a cyber security or digital forensics role for each year of scholarship, or four years of military service. Applicants must be eligible for a security clearance. Applicants are not limited to students in the Department of Information Technology and Management but may also be students in Computer Science, Computer Engineering, Electrical Engineering, and Business, but because of the nature of the application, knowledge of and a clear understanding of cyber security is a necessity. A printed and signed physical application must be delivered to the ITM Department office, Perlstein Hall suite 223 later than 8:30am Monday May 22nd so we can evaluate and include your scholarship in our funding request, which is due May 31st. The application and details of the scholarship are included below. (Note: if you downloaded the announcement or application prior to 11:00am on Wednesday, April 19th, please download them again as the DOD provided us with updated copies.)
ATTACHMENT C IA Scholarship and Vacancy Announcement 2017
ATTACHMENT D NEW Student Application 2017-2018 (site 1)
ATTACHMENT D NEW Student Application 2017-2018 (site 2)

Contact Professor Ray Trygstad for questions: trygstad@iit.edu. Please include “DOD Cyber Scholarship” as the first thing in the subject line of your email.

 

Cybersecurity Scholarships from (ISC)²’s Center for Cyber Safety and Education

January 3rd, 2017 Comments off

Graduate, undergraduate, and women’s scholarships are offered by the Center for Cyber Safety and Education of the International Information System Security Certification Consortium (ISC)². They will begin accepting applications on February 28, 2017 for graduate and undergraduate scholarships of up to $5,000, and are currently accepting applications for women’s scholarships of $8,000 or more. One undergraduate student may also be selected for the Harold F. Tipton Memorial Scholarship; the most recent award recipient for this scholarship is Kyle Dean Murbach from Wheaton, IL. Please see the (ISC)² scholarship page at https://www.isc2cares.org/Scholarships/ for full details.

ACM RIIT 2016 Best Paper Award earned for ITM research by Anthony Ramirez and Alfredo Fernandez

September 29th, 2016 Comments off

Anthony and RayITM is happy to be in Boston! In the photo at right, Master of Cyber Forensics and Security alumnus Anthony Ramirez receives the Best Paper Award for the 2016 ACM Research in Information Technology (RIIT) conference in Boston. Anthony and Alfedo Fernandez earned this award for their paper MP3 Stegonography: Analyzing and Detecting TCSteg. This is the third time in five years that Illinois Tech Information Technology and Management researchers have received this award. The School of Applied Technology and the ITM Department are Silver Sponsors for the RIIT conference and the concurrent ACM Special Interest Group in Information Technology Education (SIGITE) conference. ITM Associate Chair Ray Trygstad serves on the SIGITE Executive Committee.

Women in CyberSecurity (WiCyS) 2017 conference

September 21st, 2016 Comments off

wicyslogoThe Women in CyberSecurity (WiCyS) 2017 conference will be held in Tucson, AZ on March 31st-April 1st. Scholarships are available for both faculty and students to attend the conference (details at https://www.csc.tntech.edu/wicys/register/); in the past these scholarships, funded by NSF, have covered airfare and lodging. Student and faculty scholarship applications are now open through November 21st. Notifications will go out December 5th. Conference registration costs are nominal–$30 for students, $150 for faculty.

The Call for Participation for Presentations, Workshops, Birds-of-a-Feather (BOF) Sessions, Lightning Talks, Panels, and Posters is open, and submissions will be accepted until November 6  (details at https://www.csc.tntech.edu/wicys/participate/)

All ITM women enrolled in Cyber Forensics and Security, and all third- and fourth-year undergraduate women, are strongly encouraged to participate—lightning talks and posters are easy and can be drawn from work already done—and to apply for these scholarships.