Jim Garrett, the chief information security officer for the state of Missouri, delivers the keynote address at the eighth annual STL CyberCon. The cybersecurity conference returned to an in-person format for the first time since 2019 and was held in the J.C. Penney Auditorium. (Photos by Steve Walentik)
The world has been undergoing a digital transformation across many industries and even government agencies, integrating digital technology into different areas of business and client relations and leading to fundamental changes in the way those businesses and agencies operate and deliver value to their customers and constituents.
The changes have been taking place alongside the emergence of disruptive technologies – including smartphones, Internet of Things devices such as voice assistants and augmented reality – that are altering the way customers and constituents engage and share information.
“All of these technologies are transmitting and transacting or they’re data suppressing – it’s being stored there, maybe temporarily or in some permanent form in that environment,” Jim Garrett said last Friday as he delivered his keynote address at the eighth annual STL CyberCon in the J.C. Penney Auditorium at the University of Missouri–St. Louis. “That’s what IoT technology does. That’s what databases, applications do.”
Garrett serves as the chief information security officer for the state of Missouri, so his interest is in ensuring safeguards are in place to protect personal information.
“All of it needs to be secure,” he told an audience of about 150 people, most of them UMSL students majoring in either computer science or information systems and technology. “What is security? Well, if you look at the CISSP or any of the tenants surrounding security, it is CIA. C stands for confidential. It’s my data, it’s my password, it’s my social security number. Integrity is I. Social Security has to be accurate. So I don’t want my social security number [mixed up with anybody else’s] social security number. And A is availability. When I want that data, I want to get it.”
Michelle McCluer (at right), the director of Mastercard’s Fusion Center, joined colleague Amar Badrinarayan in talking about careers in cybersecurity.
Garrett shared some thoughts on how to secure a digital transformation, stressing not to be intimidated by disruptive technologies but rather to get to know and understand them. He described the need to build security standards that fit within a framework for governance and to do a gap analysis to identify holes and come up with solutions to address them.
That work is ongoing because the technology and threats are constantly changing.
Garrett is just one of the industry figures students heard from during the one-day conference, held jointly by the Department of Computer Science and the Department of Information Systems and Technology, which returned to an in-person format for the first time since 2019.
“It was actually nice again to be back and meet people in person and network,” said Abderrahmen Mtibaa, an assistant professor of computer science and director of cybersecurity and one of the organizers of the conference. “For cybersecurity students, they got more detail about cutting-edge cybersecurity, and they learned more about cybersecurity and got to connect with the experts and see some internships.
“There were some students that were not from cybersecurity, who were curious to know about the field. Some of these talks were high level and helped introduce them to cybersecurity, the challenges and the threats, and that’s actually something that is good for the students.”
Amar Badrinarayan, the vice president of technology risk management at Mastercard, and Michelle McCluer, the director of the company’s Fusion Center, talked about different careers in the cybersecurity field and their own unique paths into the industry.
McCluer, for one, grew up a fan of the television show “CSI: Crime Scene Investigation” and joined the Army National Guard, serving as a military police officer, after high school. She began her career in higher education studying forensics, and then moved into a loss prevention role at a retail company based in the Midwest. She got hired at Mastercard to work in fraud management, developing strategies to try to stop fraud involving credit cards, prepaid credit cards and debit cards. From there, it wasn’t a leap to move into the realm of cybersecurity.
Associate Professor Vijay Anand and Assistant Professor Abderrahmen Mtibaa explain the significance of UMSL’s designation as a National Center of Academic Excellence in Cyber Defense Education from the National Security Agency and the U.S. Department of Homeland Security.
“You’ll notice there’s a theme here that as I’m progressing through my career journey, I’m always continuing my education, even still to this day,” McCluer said.
Other industry professionals, from JoLynn Huelster, a senior incident response security engineer at Verisign, and Jonathan Johnson, who works in detection security engineering at SpecterOps, to Steven Calicutt, a cybersecurity executive at Hussman Corporation, and Brandon Wunderle, a manager at CrowdStrike, also took turns presenting on a variety of industry topics, including defending against phishing attacks and new technologies impacting the industry.
When they weren’t on stage, they were often milling about in the lobby where students had an opportunity to engage with them in conversation.
“We had forgotten the concept of networking, due to the pandemic,” said Vijay Anand, an associate professor in the Department of Information Systems and Technology and another one of the conference’s organizers. “This at least puts that concept back that there is a human face, human-level communication.”
The conference also featured a career expo in the Summit Lounge for students to talk with would-be employers about internship and job opportunities.
Mtibaa and Anand gave a presentation about the value of the National Security Agency and the U.S. Department of Homeland Security designating UMSL a National Center of Academic Excellence in Cyber Defense Education – considered the gold standard for the quality of a cybersecurity program. It qualifies UMSL students for cybersecurity positions at intelligence agencies and the military and provides access to federal cybersecurity scholarships for students and grants for infrastructure development. UMSL was the first four-year institution in the St. Louis region to receive that designation.
The university offers bachelor’s and master’s degrees and undergraduate and graduate certificates in cybersecurity with courses that incorporate innovative lab exercises in ethical hacking and cyber defense. Students can pursue cybersecurity degrees with a focus on computer science or information systems and technology.
