UMSL Becomes a Member of the National CyberWatch Center

Tags

, , ,

cyberwatch-300x129 (1)
UMSL is an official member of the National CyberWatch Center. The National CyberWatch Center is a consortium of higher education institutions, public and private schools, businesses, and government agencies focused on collaborative efforts to advance cybersecurity education and strengthen the national cybersecurity workforce.

View more info at http://www.nationalcyberwatch.org/ and review membership listing at http://www.nationalcyberwatch.org/membership/members/

*iHub Research, m:lab, and UX Lab Visit

Tags

, , , ,

11109688_870704139664591_9046828548247661718_n

During the week of 28 March 2016 a visit was made to the iHub in Nairobi, Kenya. The iHub serves as a catalyst for the growth of the Kenyan tech community by connecting people, supporting startups, and surfacing information. View more information at http://www.ihub.co.ke/

View the iHub on The Ideal Space at https://www.youtube.com/watch?v=XuEr2Px4h-E

12592276_10153926301270049_6067004456007442469_n

12938268_10153926300455049_1492517260856529862_n

944869_10153926300910049_3896816202620933131_n

C4DLab Visit at University of Nairobi

During the week of 28 March 2016 a visit was made to the C4DLab at the University of Nairobi.  Dr. Dawson will be a speaker at Nairobi Innovation Week in 2017.  The forthcoming partnership with University of Nairobi will allow for UMSL students to gain insight into the Information Technology (IT) market in East Africa’s second largest city.  UMSL’s cyber security department will assist in laying down the foundation for a national cyber security education standard.  This will done in cooperation with UMSL’s cyber security partnerships.

THREAT INTELLIGENCE WEBINAR

Tags

,

National CyberWatch has partnered with Threat.Connect to bring you an overview of Threat Intelligence. The webinar will cover what Threat Intelligence is, FREE faculty resources available, and how faculty can easily integrate these resources into their courses.

REGISTER NOW

Security Software Supply Chain: Is What You See What You Get?

Tags

, , , ,

Security Software Supply Chain: Is What You See What You Get?

2-Hour live event Tuesday, March 22, 2016
Start Time: 9:00 a.m. US-Pacific/ 12:00 p.m. US-Eastern/ 5:00 p.m. London

Click here to Register! 

Overview:

Software is the foundation of our computer eco-system and, just like in the real world, it doesn’t take a lot to upset them.  In the non-cyber world, it has been often said ‘We are what we eat’. In the Cyber world this is still true–especially when we consider an organizations inclusion (or consumption) of software. When we buy products and include them in our infrastructure, we perform acceptance testing, in order to make sure they work and have no known vulnerabilities. Unfortunately we don’t know what components are in the products. We also don’t know if the product was built entirely by the software provider or did they use components from somewhere else.

This session will cover issues with software supply chain and development operations. It will cover the basics, including the current state of software supply chain analysis, and attempt to provide pointers on how to figure out what is in a supply chain and what the information can be used for.

Moderator

Mark Kadrich
Chief Information Security & Privacy Officer, San Diego Health Connect

For the past 25 years, Mark Kadrich has worked in the security community, building knowledge, and contributing solutions. Most recently, Mr. Kadrich has been working with his colleagues at Emagined Security filling positions as a CISO and a PCI compliance architect. He is responsible for crafting new policy and procedures regarding installation, use, testing, and compliance for both a health information exchange and a large and diverse retail service enterprise. Recently, Mark architected large crypto services environments and secure network environments. He holds degrees in Management Information Systems, Computer Engineering and Electrical Engineering.

Speakers

Michael F. Angelo
CRISC, CISSP
Michael is well known in the security community with his work designing, developing, implementing and deploying security products and architectures for multi-national corporate environments. His work includes participating, driving, and creating security standards, working on corporate policies, national and international legislation, multi-national regulatory issues, and participation in numerous international and national advisory councils. He has been a featured speaker at numerous national and international security conferences including RSA, ISSA, and InfoSec. He has also participated on the RSA national program committee. Currently, he chairs the ISSA International Webinar Committee and is a technology contributor to the U.S. Department of Commerce Information Systems Technical Advisory Council. Michael currently holds 53 U.S. patents, is a former Sigma-Xi distinguished lecturer and is the recipient of the Trusted Computing Platform Alliance (TCPA) lifetime achievement award. In 2011 he was recognized by ISSA as the Security Professional of the Year and in 2013 he was named to the ISSA Hall of Fame.


Jonathan Knudsen
Cybersecurity Engineer, Synopsys
At Synopsys, Jonathan enjoys breaking software and teaching how to make software better. Jonathan is the author of books about 2D graphics, cryptography, mobile application development, Lego robots, and pregnancy. He lives in Raleigh, North Carolina.


Derek E. Weeks
VP and Rugged DevOps Advocate, Sonatype

In 2015, Derek led the largest and most comprehensive analysis of software supply chain practices to date across 106,000 development organizations.  His research detailed the consumption of billions of open source and third-party software components while also shedding new light on the scale of known vulnerable software being ingested by development organizations worldwide.  Derek is a huge advocate of applying proven supply chain management principles into development and application security practices to improve efficiencies, reduce security risks, and sustain long-lasting competitive advantages. He currently serves as vice president and Rugged DevOps advocate at Sonatype. Derek is a distinguished international speaker, having delivered his research at AppSec USA, InfoSec Europe, LASCON, HP Protect, Air Force Cyber Security Forum, and numerous OWASP meet-ups.

Henrik Plate
Senior Security Researcher, SAP SE

Henrik Plate works as a Senior Researcher in the Product Security Research group within SAP since 2007. During this time, he was coordinator and scientific lead of the European FP7 research project PoSecCo, built up an SAP-wide security training for application developers and performed security assessments of SAP applications. Currently, he researches new approaches and tooling for ensuring a secure consumption of third party components in the software supply chain. Before joining the SAP research group, Plate held different positions as a software engineer, and studied computer science and business administration at the University of Mannheim. He holds a diploma from the University of Mannheim and is a CISSP.

These Are the Data Centers Where Cybercriminals Hide

Tags

, ,

An excellent article was written by Lorenzo Franceschi-Bicchierai on how hackers, criminals, and hacktivists store their information and whom they go to for web hosting.

See full article at http://motherboard.vice.com/read/the-data-centers-where-cybercriminals-hide-symantec-data-havens-documentary?trk_source=recommended or read on LinkedIn at https://www.linkedin.com/pulse/most-dangerous-town-internet-where-cybercrime-goes-hide-dawson?published=t

Cryptography Domain – Steghide Application

Tags

, , ,

Students in the Advanced Cyber Security Concepts course had to perform a number of activities that displayed their ability to master the cryptography domain.  This included performing basic stenography encryption.  The graduate student selected Steghide application to perform this task.  In the figure below you can see the student’s encrypted photo and the command line commands used to decrypt it.  See Steghide documentation and steps at http://steghide.sourceforge.net/documentation.php

Screenshot from 2016-03-20 19:27:49

Figure 1: Google Hangout Steghide Demonstration

The Case For Ubuntu: Linux Operating System Performance and Usability for Use in Higher Education in a Virtualized Environment

Tags

, , ,

The Case for UBUNTU Linux Operating System Performance and Usability for Use in Higher Education in a Virtualized Environment

Maurice Dawson, University of Missouri-St. Louis
Brittany DeWalt, Alabama A&M University
Simon Cleveland, Nova Southeastern University

Abstract
The use of Linux based Operating Systems (OS) in the classroom is increasing, but there is little research to address usability differences between Windows and Linux based OSs. Moreover, studies related to the ability for students to navigate effectively between Ubuntu 14.04 Long Term Support (LTS) and Windows 8 OSs are scant. This research aims to bridge the gap between modern Linux and Windows Oss, as the former represents a viable alternative to eliminate licensing costs for educational institutions. Preliminary findings, based on the analysis of the System Usability Scale results from a sample of 14 students, demonstrated that Ubuntu users did not require technical support to use the system, while the majority found little inconsistency in the system and regarded it as well integrated.

Recommended Citation
Dawson, Maurice; DeWalt, Brittany; and Cleveland, Simon, “The Case for UBUNTU Linux Operating System Performance and Usability for Use in Higher Education in a Virtualized Environment” (2016). SAIS 2016 Proceedings. Paper 23.
http://aisel.aisnet.org/sais2016/23

View presentation at

Proceeding will be published https://aisnet.org/.

Download or view paper here by clicking the following The_Case_for_UBUNTU_Linux_Operating_Syst.

Book Chapter from CAE-CDE 4Y

Tags

, ,

Communication, Technology, and Cyber Crime in Sub-Saharan Africa

“Webinar: President Obama’s National Cybersecurity Action Plan of 2016”

Tags

, , ,

Webinar: President Obama’s National Cybersecurity Action Plan of 2016

“President Obama’s National Cybersecurity Action Plan of 2016” webinar on March 24, 2016 at 2:00 pm eastern.

Sign up for free at http://www.eventbrite.com/e/webinar-president-obamas-national-cybersecurity-action-plan-of-2016-tickets-22499466510