UMSL Becomes a Member of the National CyberWatch Center


, , ,

cyberwatch-300x129 (1)
UMSL is an official member of the National CyberWatch Center. The National CyberWatch Center is a consortium of higher education institutions, public and private schools, businesses, and government agencies focused on collaborative efforts to advance cybersecurity education and strengthen the national cybersecurity workforce.

View more info at and review membership listing at

*iHub Research, m:lab, and UX Lab Visit


, , , ,


During the week of 28 March 2016 a visit was made to the iHub in Nairobi, Kenya. The iHub serves as a catalyst for the growth of the Kenyan tech community by connecting people, supporting startups, and surfacing information. View more information at

View the iHub on The Ideal Space at




C4DLab Visit at University of Nairobi

During the week of 28 March 2016 a visit was made to the C4DLab at the University of Nairobi.  Dr. Dawson will be a speaker at Nairobi Innovation Week in 2017.  The forthcoming partnership with University of Nairobi will allow for UMSL students to gain insight into the Information Technology (IT) market in East Africa’s second largest city.  UMSL’s cyber security department will assist in laying down the foundation for a national cyber security education standard.  This will done in cooperation with UMSL’s cyber security partnerships.




National CyberWatch has partnered with Threat.Connect to bring you an overview of Threat Intelligence. The webinar will cover what Threat Intelligence is, FREE faculty resources available, and how faculty can easily integrate these resources into their courses.


Security Software Supply Chain: Is What You See What You Get?


, , , ,

Security Software Supply Chain: Is What You See What You Get?

2-Hour live event Tuesday, March 22, 2016
Start Time: 9:00 a.m. US-Pacific/ 12:00 p.m. US-Eastern/ 5:00 p.m. London

Click here to Register! 


Software is the foundation of our computer eco-system and, just like in the real world, it doesn’t take a lot to upset them.  In the non-cyber world, it has been often said ‘We are what we eat’. In the Cyber world this is still true–especially when we consider an organizations inclusion (or consumption) of software. When we buy products and include them in our infrastructure, we perform acceptance testing, in order to make sure they work and have no known vulnerabilities. Unfortunately we don’t know what components are in the products. We also don’t know if the product was built entirely by the software provider or did they use components from somewhere else.

This session will cover issues with software supply chain and development operations. It will cover the basics, including the current state of software supply chain analysis, and attempt to provide pointers on how to figure out what is in a supply chain and what the information can be used for.


Mark Kadrich
Chief Information Security & Privacy Officer, San Diego Health Connect

For the past 25 years, Mark Kadrich has worked in the security community, building knowledge, and contributing solutions. Most recently, Mr. Kadrich has been working with his colleagues at Emagined Security filling positions as a CISO and a PCI compliance architect. He is responsible for crafting new policy and procedures regarding installation, use, testing, and compliance for both a health information exchange and a large and diverse retail service enterprise. Recently, Mark architected large crypto services environments and secure network environments. He holds degrees in Management Information Systems, Computer Engineering and Electrical Engineering.


Michael F. Angelo
Michael is well known in the security community with his work designing, developing, implementing and deploying security products and architectures for multi-national corporate environments. His work includes participating, driving, and creating security standards, working on corporate policies, national and international legislation, multi-national regulatory issues, and participation in numerous international and national advisory councils. He has been a featured speaker at numerous national and international security conferences including RSA, ISSA, and InfoSec. He has also participated on the RSA national program committee. Currently, he chairs the ISSA International Webinar Committee and is a technology contributor to the U.S. Department of Commerce Information Systems Technical Advisory Council. Michael currently holds 53 U.S. patents, is a former Sigma-Xi distinguished lecturer and is the recipient of the Trusted Computing Platform Alliance (TCPA) lifetime achievement award. In 2011 he was recognized by ISSA as the Security Professional of the Year and in 2013 he was named to the ISSA Hall of Fame.

Jonathan Knudsen
Cybersecurity Engineer, Synopsys
At Synopsys, Jonathan enjoys breaking software and teaching how to make software better. Jonathan is the author of books about 2D graphics, cryptography, mobile application development, Lego robots, and pregnancy. He lives in Raleigh, North Carolina.

Derek E. Weeks
VP and Rugged DevOps Advocate, Sonatype

In 2015, Derek led the largest and most comprehensive analysis of software supply chain practices to date across 106,000 development organizations.  His research detailed the consumption of billions of open source and third-party software components while also shedding new light on the scale of known vulnerable software being ingested by development organizations worldwide.  Derek is a huge advocate of applying proven supply chain management principles into development and application security practices to improve efficiencies, reduce security risks, and sustain long-lasting competitive advantages. He currently serves as vice president and Rugged DevOps advocate at Sonatype. Derek is a distinguished international speaker, having delivered his research at AppSec USA, InfoSec Europe, LASCON, HP Protect, Air Force Cyber Security Forum, and numerous OWASP meet-ups.

Henrik Plate
Senior Security Researcher, SAP SE

Henrik Plate works as a Senior Researcher in the Product Security Research group within SAP since 2007. During this time, he was coordinator and scientific lead of the European FP7 research project PoSecCo, built up an SAP-wide security training for application developers and performed security assessments of SAP applications. Currently, he researches new approaches and tooling for ensuring a secure consumption of third party components in the software supply chain. Before joining the SAP research group, Plate held different positions as a software engineer, and studied computer science and business administration at the University of Mannheim. He holds a diploma from the University of Mannheim and is a CISSP.

These Are the Data Centers Where Cybercriminals Hide


, ,

An excellent article was written by Lorenzo Franceschi-Bicchierai on how hackers, criminals, and hacktivists store their information and whom they go to for web hosting.

See full article at or read on LinkedIn at

Cryptography Domain – Steghide Application


, , ,

Students in the Advanced Cyber Security Concepts course had to perform a number of activities that displayed their ability to master the cryptography domain.  This included performing basic stenography encryption.  The graduate student selected Steghide application to perform this task.  In the figure below you can see the student’s encrypted photo and the command line commands used to decrypt it.  See Steghide documentation and steps at

Screenshot from 2016-03-20 19:27:49

Figure 1: Google Hangout Steghide Demonstration

The Case For Ubuntu: Linux Operating System Performance and Usability for Use in Higher Education in a Virtualized Environment


, , ,

The Case for UBUNTU Linux Operating System Performance and Usability for Use in Higher Education in a Virtualized Environment

Maurice Dawson, University of Missouri-St. Louis
Brittany DeWalt, Alabama A&M University
Simon Cleveland, Nova Southeastern University

The use of Linux based Operating Systems (OS) in the classroom is increasing, but there is little research to address usability differences between Windows and Linux based OSs. Moreover, studies related to the ability for students to navigate effectively between Ubuntu 14.04 Long Term Support (LTS) and Windows 8 OSs are scant. This research aims to bridge the gap between modern Linux and Windows Oss, as the former represents a viable alternative to eliminate licensing costs for educational institutions. Preliminary findings, based on the analysis of the System Usability Scale results from a sample of 14 students, demonstrated that Ubuntu users did not require technical support to use the system, while the majority found little inconsistency in the system and regarded it as well integrated.

Recommended Citation
Dawson, Maurice; DeWalt, Brittany; and Cleveland, Simon, “The Case for UBUNTU Linux Operating System Performance and Usability for Use in Higher Education in a Virtualized Environment” (2016). SAIS 2016 Proceedings. Paper 23.

View presentation at

Proceeding will be published

Download or view paper here by clicking the following The_Case_for_UBUNTU_Linux_Operating_Syst.

Book Chapter from CAE-CDE 4Y


, ,

Communication, Technology, and Cyber Crime in Sub-Saharan Africa

“Webinar: President Obama’s National Cybersecurity Action Plan of 2016”


, , ,

Webinar: President Obama’s National Cybersecurity Action Plan of 2016

“President Obama’s National Cybersecurity Action Plan of 2016” webinar on March 24, 2016 at 2:00 pm eastern.

Sign up for free at