Archive

Archive for the ‘Security’ Category

ITM’s Jeremy Hajek quoted in Security Sales & Integration magazine

February 25th, 2015 Comments off

Jeremy Hajek’s, Industry Associate Professor of Information Technology and Management, comments appear in the article “Home Security Systems, Peripherals Said to Be Vulnerable to Hacking” in Security Sales & Integration magazine.

Learn more

Categories: Research, Security Tags: , ,

ITM Professor Louis McHugh Interviewed for Channel 2 News

January 15th, 2015 Comments off

CBS Chicago Channel 2 News (WBBM) interviewed ITM Professor Louis McHugh for a story “ATM App Is Convenient, But Is It Secure?” about the security of ATM applications for mobile devices.

See the video

WGN Television Interviews ITM’s Ray Trygstad

December 19th, 2014 Comments off

Ray Trygstad, ITM Associate Chair, Director of IT and Industry Professor, appeared on WGN News on Thursday, December 18. Professor Trygstad was interviewed for a story on the Sony Pictures cyber attack and the precedent they set by pulling the movie “The Interview.”

See the video (Professor Trygstad appears at the 1:41 mark)

ITM Students win Best Paper at ACM RIIT

October 21st, 2014 Comments off
ITM students Bill Wesselman and Maya Embar display their award for ACM RIIT 2014 Best Paper.

ITM students Bill Wesselman and Maya Embar display their award for ACM RIIT 2014 Best Paper.

The Best Paper Award at the 3rd annual Association for Computing Machinery’s Research in Information Technology conference was won this year by the IIT ITM student team of Maya Embar, Louis McHugh, and William Wesselman for their paper “Printer Water-Mark Obfuscation”. Also presenting at the conference was ITM student Ben Khodja ( “Probabilistically Detecting Steganography withinMP3 Files” ) and ITM alumnus David Stacey (“Passive Warden Using Statistical Steganalysis”). The IIT papers were presented at a session chaired by Industry Professor Ray Trygstad, Associate Chair of IIT’s Department of Information Technology and Management. The RIIT conference was held in conjunction with the annual conference of the ACM Special Interest Group for Information Technology Education, October 15-18, 2014 in Atlanta, Georgia. Congratulations to Maya, Louis, and Bill for this recognition of their accomplishment.

This is the second year that an IIT paper has won the Best Paper award at RIIT. At last year’s RIIT conference in Orlando, Dr. C. Robert Carlson, Dean of the IIT School of Applied Technology, along with Dr. Sargon Hasso, a former PhD student of Dr. Carlson’s, won the award for their paper “Design Patterns as First-Class Connectors”.

IIT ITM Student wins 2nd place in Cyber Aces State Championship

March 6th, 2014 Comments off

IIT undergraduate Information Technology and Management (ITM) student Eric Tendian competed in the Cyber Aces State Championship offered by the Illinois Department of Employment Security (IDES). The competition featured the top 125 participants from a year-long competition led by Gov. Pat Quinn to identify individuals with skills conducive to seeking a cybersecurity career in the military or private sector.

Eric Tendian - ITM Student 03-14

The competition included NetWars, a simulation utilized by the U.S. Air Force, and a discussion of ethics. NetWars covers topics including system hardening, packet analysis, digital forensics, and vulnerability assessment. The ethics panel consisted of two cybersecurity professionals and one FBI agent in the cyber division, and was facilitated by a former White House-level IT manager.

Eric won two awards in the NetWars tournament – he scored 2nd Overall and was the first to advance to Level 2. Eric was among only 3 participants in the Illinois competition to make it to Level 3 and was the only non-professional to finish in the top 3. Even more impressive is that Eric is a first-year IIT student.

Bill Slater, Adjunct Industry Professor of Information Technology and Management, encouraged Eric to participate in the competition because of his strong cyber security skills. Professor Slater stated “it is impressive that one of our IIT ITM undergraduate students placed 2nd in the state. Especially since Eric competed against cyber security professionals and students with more years of cyber security experience.”

Eric was featured as a 2013 Fifty For The Future award winner from the Illinois Technology Foundation that recognizes 50 of the brightest technology students in Illinois.
Several other IIT students participated in the competition. See the complete results of the Cyber Aces Online course, the precursor to NetWars, at https://online.cyberaces.org/event/results/2013Fall/0?state=IL&regtype=College.

Registration for the next round of Cyber Aces Online opens August 1st.

More info on the championship can be found at http://www.cyberaces.org/championships/ and http://www.chicagotribune.com/news/local/suburbs/palos/chi-illinois-hacking-competition-draws-cybersecurity-sleuths-of-tomorrow-20140302,0,4349193.story.

Cloud Computing – 7 Million Job Opportunities

April 11th, 2013 Comments off

By Glenn Ferrell – IIT Alum and owner of gfWEBsoft LLC (http://www.gfwebsoft.com/)

Timing is everything, and students focusing on Information Technology and Management seem to be in exactly the right place at exactly the right time to take advantage of significant growth in cloud computing jobs.

7 Million New Cloud Computing Jobs by 2015

According to a Forbes review of an IDC report, sponsored by Microsoft, demand for “cloud-ready” IT workers will “grow by 26% annually through 2015. IDC expects that as many as 7 million new cloud-related jobs will be available worldwide by that time”. The author of the IDC report (Cushing Anderson) says that “Unlike IT skill shortages in the past, solving this skills gap is extremely challenging, given that cloud brings a new set of skills, which haven’t been needed in the past.”

Cloud-Related Positions Going Unfilled

According to the Forbes article, “lack of training, certification or experience” are the top three reasons cloud positions go un-filled. Anderson says several skill sets are key to building and maintaining cloud capabilities within organizations. These are listed in the table below, along with projected openings for 2015:

Job Type Openings by 2015
Management 794,945
IT systems and operations 630,414
Project and program managers 555,591
Help desk and end-user support 549,241
Application development and maintenance 525,829
Business analysts 502,692
Network, telecom, security, and web development 481,411

From IDC Report as Reported in Forbes 12/21/2012

In an earlier article Forbes’ writer Joe McKendrick suggested what IT professionals (future and present) should be learning in order to succeed in cloud-related jobs. His list seems to be right in line with the IDC report:

  • Business and financial skills: Know how to make a business case and calculate an ROI for cloud.
  • Technical skills: Java, .NET framework skills and knowledge of virtualization are important, and familiarity with open-source tools and languages is also valuable.
  • Enterprise architecture and business needs analysis: Be able to build a “roadmap” for which services should be provided by IT and which by an outside provider. Learn to speak the language of business as well as the language of IT professionals
  • Project management skills: Managing scope “creep”, contracts, service agreements and risk exposure are just some of the project management skills critical to implementing cloud. Cloud computing can cause end users to “run wild” with feature and service requests, so scope has to be contained. Also, remembering that cloud is supposed to cost less than equivalent on-premises services, skills in negotiating cloud vendors’ contracts, service level agreements and availability are critical to success.
  • Security and compliance: Understanding security protocols is important in all types of cloud deployment. Additionally, regulations such as Sarbanes-Oxley and HIPAA have made navigating data-handling laws more complex. IT professionals with an understanding of both can be very valuable.
  • Data integration and analysis skills: Inside we have ERP systems, data warehouses, etc. Outside we have cloud-based services. Those who can analyze both sides and implement sound data integration between the two will be in high demand.
  • Mobile app development and management: The rise of mobile devices of all kinds has been key driver for the expansion of cloud solutions. A sound understanding of the basics is a valuable skill in cloud-implementation.

So how does the future look for those with a solid grounding in Cloud, Information Technology, and Management? All in all, it looks anything but cloudy.

 

References:

http://www.forbes.com/sites/joemckendrick/2012/12/21/almost-1-7-million-cloud-related-jobs-went-unfilled-in-2012-estimate/

http://www.forbes.com/sites/joemckendrick/2012/08/27/the-8-most-important-skills-needed-for-cloud-computing-today/

White House “Cyber Attack” was One Email Message

October 1st, 2012 Comments off

The news media was giving great play today to a “cyber attack” on the White House, which “penetrated a secure area.” The nature of this nefarious, newsworthy attack? ONE spearphishing email with a malware attachment. An attachment which, by the way, was never opened. Can we say “overreaction”, boys and girls?
• Original alarmist article: http://freebeacon.com/white-house-hack-attack/
• Article debunking the media reaction: http://www.geekosystem.com/white-house-cyberattack-email/

Master’s Degree in Cyber Forensics and Security at IIT

May 14th, 2012 Comments off

Illinois Institute of Technology Announces Master’s Degree in Cyber Forensics and Security
New Program Combines Technical, Legal, Policy and Compliance
In 2011, the average organizational cost of a data security breach in the U.S. was $5.5 million according to a report from Symantec and the Ponemon Institute. Cyber forensics continues to be used to recover evidence from security breaches. Cyber security and forensics issues have become increasingly complicated with technical, legal, policy, and compliance issues, and with such astronomical costs, there is a critical need in both the government and private sectors for professionals equipped to prevent, counteract and investigate cyber terrorism, cybercrimes and information security breaches.

To address these issues, Illinois Institute of Technology’s School of Applied Technology is offering a Master of Cyber Forensics and Security degree and graduate certificate programs in cyber security management and cyber security technologies, starting in fall of 2012. The program integrates legal courses from IIT Chicago-Kent College of Law curriculum and technical and managerial courses from IIT School of Applied Technology’s information technology and management curriculum. The program provides cyber security and forensics practitioners a thorough grounding in technology, legal issues, policy and compliance, providing an outstanding curriculum for those interested in cyber forensics and security and is a substantive follow-up degree for undergraduates majoring in information technology and management, computer science, computer information systems, or computer engineering.

The mission of the cyber forensics and security programs is to prepare students to assume technical and managerial leadership in information technology and cyber security. With a hands-on, reality-based approach to education, the cyber forensics and security program allows students to apply what they learn in class to solve real-life problems. Additional courses may be taken from the IIT Chicago-Kent College of Law curriculum to give cyber security and forensics practitioners a thorough grounding in legal issues and compliance.

“The program provides an innovative experience where cyber forensics and security students work on cutting-edge, industry-sponsored projects that deal with technical, legal, policy and compliance,” said IIT School of Applied Technology Dean Robert Carlson. “This teaching philosophy prepares students to become innovators, entrepreneurs and leaders of the future.”

Recognized by industry professionals as a premier curriculum, IIT’s Cyber Forensics and Security (ForSec) programs are project-based and students are immersed in solving real problems, using current technologies and industry practices, while being guided by experienced faculty.

“In the IIT ForSec Lab, students use real computer viruses to learn and experience how they work, and also devise methods for protection of computers and mobile devices,” explains Professor Bill Lidinsky, director of security and forensics. “In cyber forensics, students learn how to accurately and legally access and analyze computers and cell phones, searching for evidence such as hidden and deleted files, email sent and received and web pages visited.” Students also do cutting edge research and present findings to their peers and leading professionals in their fields. This approach provides students with relevant experience — publishing and presenting at conferences, in some cases for government organizations such as the FBI.

For additional information regarding the Cyber Forensics and Security programs please visit www.itm.iit.edu/cybersecurity.

To help launch the program, Illinois Institute of Technology is hosted ForenSecure: the IIT Cyber Forensics and Security Conference on April 19 and 20. The conference had speakers from the Federal Bureau of Investigation (FBI) and the Chief Cyber Security Advisor from the Illinois Terrorism Task Force. For additional information about the conference please visit www.cpd.iit.edu/forensecure.

About IIT
Founded in 1890, IIT is a Ph.D.-granting university with more than 7,700 students in engineering, sciences, architecture, psychology, design, humanities, business and law. IIT’s interprofessional, technology-focused curriculum is designed to advance knowledge through research and scholarship, to cultivate invention improving the human condition, and to prepare students from throughout the world for a life of professional achievement, service to society, and individual fulfillment. Visit www.iit.edu.

IIT Trustees Approve New Graduate Degree

February 17th, 2012 Comments off

The Board of Trustees of Illinois Institute of Technology, during their Spring term meeting, approved the School of Applied Technology’s proposal to offer the Master of Cyber Forensics and Security degree. The program includes courses drawn from the ITM program and additional courses from the IIT Chicago-Kent College of Law curriculum to give cyber security and forensics practitioners a thorough grounding in legal issues and compliance. Core courses for this 30-credit-hour degree will include:
ITMS 538 Cyber Forensics
ITMS 543 Vulnerability Analysis and Control
ITMS 548 Cyber Security Technologies
ITMS 578 Cyber Security Management
LAW 273 Evidence

Electives will include twelve hours selected from:
ITMS 518 Coding Security
ITMS 528 Database Security
ITMS 539 Steganography
ITMS 549 Cyber Security Technologies: Projects and Advanced Methods
ITMS 555 Mobile Device Forensics
ITMS 558 Operating System Security
ITMS 579 Topics in Cyber Security (May be taken more than once)
ITMS 588 Incident Response, Disaster Recovery and Business Continuity
ITMM 585 Legal and Ethical Issues in Information Technology
ITMM 586 Information Technology Auditing
ITMO 456 Introduction to Open Source Operating Systems
ITMT 594 Special Projects in Information Technology
AND at least three hours chosen from:
LAW 240 National Security Law
LAW 478 Computer and Network Privacy and Security: Ethical, Legal, and Technical Considerations
LAW 495 Electronic Discovery

Prerequisites for this degree include ITM 301 or ITM 302, ITMD 411, ITMD 421, and ITMO 440 or ITMO 540. Watch here for more details!

Categories: Academic, Security Tags: , ,

Wednesday Web Blackouts: Why?

January 17th, 2012 Comments off

On Wednesday January 18th many of your favorite websites–Wikipedia, the Internet Archive, Reddit, Boing Boing and more–will be blacked out for a day to protest two pending pieces of legislation now before the Congress of the United States: the Stop Online Piracy Act (SOPA) in the U.S. House of Representatives, and PROTECTIP (PIPA) in the U.S. Senate. If passed, this legislation will harm the free and open Internet, stifle online innovation and creativity, and bring about new tools for censorship of international websites inside the United States. They appear to violate provisions of the U.S. Constitution by operating with a presumption of guilt and denial of due process, and could seriously harm the integrity of the Internet Domain Name System, particularly ongoing efforts to implement DNSSEC. For more information about this legislation please see the Electronic Frontier Foundation‘s site and please contact your Senators and Representative to make your opinion heard.