SlideShare a Scribd company logo

Cyber security training using virtual labs 3 cs umuc presentation august 2018

Highervista
Highervista

Cyber security training and education using virtualized labs - a collaborative approach. by Ron McFarland, Ph.D.

Education
1 of 31
Download to read offline
Many hands make light work - Combining regional resources to make a powerful Cybersecurity program (Fri: 5:00 to 6:00 p.m., P3B-1) Dr. Ron McFarland, Ph.D., PMP, CISSP Cybersecurity Project Manager – College of the Canyons Post-doc Researcher: University of Maryland, University College Center for Cybersecurity Studies
Collaboration within a region of colleges for cybersecurity education South Central Coast Regional Consortium of the California Community Colleges
Introduction Topics
4 Topics • A summarization of the obvious need for increased cyber security training that will support industry, academia, and governmental agencies • Discussion of the opportunity to leverage shared resources for cyber security training • How the SCCRC is accomplishing this
5 Organizations and governments are just not ready… • An expanding threat scape… • A predominance of cyber security issues nationally and within our organizations today that are not being readily addressed. • GDPR-compliance requirements for companies doing business in the European Union (EU). Many companies will not be GDPR-compliant by the deadline of May 25, 2018 (Drake, 2017). • Because of the recent dramatic market swings and expanded popularity of cryptocurrencies, cybercriminals will focus more on cryptocurrencies (Goldman, Maruyama, Roesnberg, Saravalle and Solomon-Strauss, 2017). • As AI more fully develops and becomes more main-streamed, AI-Powered attacks will increase over the existing high levels of AI-related attacks of 2018. AI will influence an increase in data breaches (Turchin and Denkenberger, 2018). • Researchers noted that more Mobile Threats were due to the increasing amount of unique mobile ransomware. To deliver the malware to the biggest audience, hackers exploited Google Play store by attacking the Android mobile OS (Goel and Jain, 2017).
6 Organizations and governments are just not ready… • Cloud security will be a top priority concern. As the number of companies is growing, the cloud adoption rate has risen. Cloud security is a top concern for 70% of IT Professionals, including unauthorized access, malware, and DoS attacks (Mir, Suhaimi, Adam, Ul Islam Khan, Mattoo, Mueen, and Olanrewaju, 2017). • Ransomware and IoT - Ransomware have targeted more IoT devices in 2018. Many IOT devices are getting locked up by ransomware (Maurya, Kumar, Agrawal, and Kahn, 2018). • A Rise in State-Sponsored Attacks - When it comes to state- sponsored attacks, the intention goes beyond monetary value. These attacks are political in nature, and they don’t target any business or person (Jalali and Kaiser, 2018).
7 Organizations and governments are just not ready… • Cyber war - In 2018, we can further see the escalation of international conflicts in cyberspace. This may disrupt the normal operations of government and financial systems (Robinson, Jones, Janicke, and Maglaras, 2018). • The Decline of Password-Only Authentication – Alternative security access - Multi-Factor Authentication, and Risk Factor Authentication (Krishnamoorthy, 2018). • In general, the overall level of data breaches doubled from 2016 to 2017 and is expected to double again when measured at the end of 2018 (Wang, Jan, Hu, Bossart, and Wang, 2018).
8 1.5 million to 3.5 million security professionals are needed • Cisco’s (2014) Annual Security Report ventured a widely popular cybersecurity jobs forecast stating “It’s estimated that by 2014, the industry will still be short more than a million security professionals across the globe.” • In 2015, Symantic anticipated that the demand for cybersecurity talent would rise to 6 million globally by 2019, with a projected shortfall of 1.5 million additional personnel needed worldwide. • Also, a skills gap analysis from ISACA (2016) estimated the global shortage to be around 2 million cybersecurity professionals by 2019 (a half-million more than Symantec’s prior estimate). In a more recent discussion regarding the impact of Artificial Intelligence on cyber security hacking, the author estimated that 3.5 million cyber security positions will go unfilled by 2021 due to new technology used by attackers (Veiga, 2018). • In terms of the financial estimates, another study states that cybersecurity jobs forecasts have been unable to keep pace with the dramatic rise in cybercrime, which is predicted to cost the world $6 trillion annually by 2021, up from $3 trillion in 2015 (Askari, 2018).
9 Top salaries are paid in cybersecurity • CyberSeek (2018) noted the top six cyber-related average salaries, which includes:
 • • Application Security Engineer: $100,000 to $210,000, • Network Security Analyst: $90,000 and $150,000, • IS Security Manager (CISO, CTO, and CDO): $120,00 and $180,000, • Cybersecurity Analyst: $90,000 and $185,000, • Penetration Tester: $90,000 to $180,000, • IS Security Engineer: $90,000 to $150,000.
10 Educational Issues • There is a strong need to provide skills training that includes scenario-based skills practice (Kam, et. al, 2014). • Given the high-availability of online learning environments, which include cloud-based and virtual environment alternatives, training environments that are informal allow learners to engage in real-life scenarios and activities (Kam, et. al, 2014). • For more effective learning to occur, cybersecurity education requires learners to acquire knowledge through hands-on activities and authentic learning, whereby real-life scenarios are investigated and acted upon (Kam, et. al, 2014).
11 Educational Issues • Case studies that provide scenario-based learning opportunities are a particular viable strategy for authentic learning. Authentic learning allows learners to discover both the “how” and “why” for given cyber security attacks. • Scenario-based training, researchers found that learners expected more work and felt more fully supported with their learning objectives when additional discussion opportunities existed with their peers, which suggests the need for discussions about scenario-based training (Kam, Gogolin & Emerick, 2014). • Researchers identified two key challenges with setting up authentic learning environments. • (a) the time-consuming process for faculty in setting up a given course • (b) effectively addressing the potential student bias and emotional attachment because of prior learning experiences, which may have occurred on-the-job (Kam, Gogolin & Emerick, 2014).
12 Lecturing and Simulated/Virtual Environments • Herbert and Wigley (2015) indicated that lecturing is readily achieved in higher education, as it pertains to computer networking and related security courses, but the delivery is often poorly done (Herbert & Wigley, 2015). • However, several types of tools that can be used in conjunction or as an adjunct to lecture. Fontes, Mahfoundi, Dabbous, Turletti, and Rothenberg (2017) define these tool types as: • Emulation Tools: Emulation tools is used to replicate the function and features of physical devices. • Software Simulators: Simulators are programmed to mimic a given environment, yet due to the limitations of programming, not all real-world scenarios are represented in a real environment. • Virtualization: Virtualization is a way to make one or many resource(s) (such as an operating system) run on a given hardware platform. Each virtualized environment is identical to the corresponding physical environment.
13 Specific Virtualization Technologies • Cisco VIRL (Virtual Internet Routing Lab): For computer networking training, including network security courses, researchers have found that the Cisco Virtual Internet Routing Lab (VIRL), released by Cisco Systems in December, 2014, is designed for student work in the computer networking laboratory environment (Herbert & Wigley, 2015). • Cisco Packet Tracer: A simulated environment. Cisco Packet Tracer is a common tool used by students in computer networking and security courses. Emulation tools often have limited commands and lack the realism of a true network, but are good to use to practice networking skills.
14 Simulators may be inadequate • Herbert and Wigley (2015) further suggested that simulation tools, like Cisco’s Packet Tracer is a viable option, but simulation tools may lead the student to a mis-perception that all networks and security scenarios will behave as does Packet Tracer, since simulators lack real-world functionality. • The risk of using simulators exclusively for education and training can have the effect of degrading a student’s learning experience (Herbert & Wigley, 2015). • Further, other researchers noted that the use of a simulation environment alone in networking education is inadequate unless students have developed a way to understand conceptual aspects of networking technology (Frezzo, Behrens, & Mislevy, 2010).
15 General Virtualized Lab Environments • Decentralized: The deployment of a VDI (Virtual Desktop Integration) image, which is a decentralized lab approach, can be implemented where students can install and run desktop virtualization software on their personal computers using tools like VMWare Workstation or Oracle VM Virtualbox (Son, Irrechukwu, & Fitzgibbons, 2012). In a decentralized lab setup, students use their own equipment (computer) to practice computer networking and security skills. A limitation of the decentralized approach is that each student will need to lease or purchase their own equipment for use, which may be a barrier for some financially-strapped students. • Centralized: Researchers agree that server virtualization, as a centralized server approach, is more suitable to deploy cyber security-related virtual labs, which often require high-end equipment and resources, in contrast to client virtualization, which often does not scale well for cyber security courses (Son, Irrechukwu, & Fitzgibbons, 2012). Students can connect directly to a centralized physical lab (and equipment) at their educational institution to practice computer networking and security skills. Physical labs contain high costs associated with the maintenance and repair of the hardware and software. Further, researchers noted that the cost limitations for a physical lab should include electricity and physical environmental costs.
16 Cloud-based service options • The use of cloud-based services is an additional option for some cybersecurity training, with limitations (Padhy, 2012). • Padhy (2012) notes that virtualization is software that separates physical infrastructures to create various dedicated resources (ex. virtualizing a Windows 10 computer on a MacOS computer). Virtualization software makes it possible to run multiple operating systems and multiple applications on the same server at the same time. • In contrast, cloud computing is the delivery of shared computing resources, software or data as a service and on-demand through the Internet (Padhy, 2012). • As a general distinction - virtualization is software that manipulates hardware, while cloud computing refers to a service that results from that manipulation.
17 Emerging Cloud-based offerings • EDURange is a cloud-based platform that implements cybersecurity exercises to assist undergraduates develop analytical abilities and a security mindset (Weiss, Turbak, Mache, and Locasto, 2017). • However, Sohal, Sandhu, Sood and Chang (2018) discuss the use of cloud-based services as a cybersecurity training framework to identify edge device in fog computer and in the cloud-of-things (CoT) environments, which presently has a narrow training and educational reach.
18 Efficacy and situated cognition theory • Virtualitization can provide the opportunity for educational efficacy through the use of the theory of situated cognition theory that includes, “the problem’s physical and conceptual structure as well as the purpose of the activity and the social milieu in which it is embedded.” • More specifically, situated cognition theory focuses on the cognitive ability for students to transfer learned knowledge, skills and abilities (KSAs) to real-life scenarios through problem solving, which was noted in seminal research by Rogoff (1984). • Moreover, Rogoff (1984) noted that situated cognition theory defines the details for thinking and how thinking evolves, which impacts the understanding of real-life contexts, as it can be applied in a virtualized environment.
19 Efficacy of Virtualization for learning • Accessibility: The virtual lab must provide seamless access to the virtual remote learner. The authors recommend that students will not have to reserve time and will have access to a 24x7x365 virtual lab environment (Son, Irrechukwu, & Fitzgibbons, 2012). • Reliability: The remote virtual server(s) must support a significant number of concurrent users with limited dedicated resources. In addition, there should be no significant delay with a large number of concurrent users (Son, Irrechukwu, & Fitzgibbons, 2012). • Virtual Machine (VM) configuration: The appropriate operating systems(s) and related system images that support the cyber security labs must be ready and available for students. To further support student course requirements, the researchers dissuaded the additional time and effort necessary to configure or install software, unless that task was necessary for the given lab (Son, Irrechukwu, & Fitzgibbons, 2012). • Privilege rights: Both privilege rights and access rights on virtual machines must be significantly open to students so that they can accomplish network and security modifications without restrictions on the virtual machines, as related to the given lab assignment(s) (Son, Irrechukwu, & Fitzgibbons, 2012).
20 Changes are pushing forward the need for virtualized education/training • Demographic trends: enrollments will soften until at least 2020, necessitating institutions to seek creative ways to ensure courses ‘make’ at institutions by using online and virtualized environments. • Tuition cost: students cannot afford higher tuition and will become more resistant to increased tuition costs. As a result, students will become smarter shoppers for relevant education, which will have an impact on how colleges offer courses to students, including online and virtualized courses. • Continued proliferation of Internet-technologies: Accelerating and converging technology trends will provide new student training opportunities that students will progressively be required by employers, especially in the Information Technology fields. • Trend towards Competency-based education: CBE will allow students to leverage their prior experiences to attain their desired certificate and degree goals in an adaptive manner, suggesting that courses must offer real-life case scenarios. •
21 Building forward • Institutions must consistently provide training and education in ways that students demand in order to be viable in the near future. This can be accomplished by predictive analysis (Cini & Krause, 2014). • Predictive analysis: Institutions will progressively use predictive analysis to determine the most suitable design to create successful student experiences, which can be gathered from online and virtualized learning environments. • Predictive analysis will assist in determining suitable educational technologies, curriculum design, adaptive institutional policies, and can assist in understanding and adapting to emerging student behaviors (Cini & Krause, 2014).
22 Concerns • Herbert and Wigley (2015) emphasize that the development of a student’s experience (related to computer networking skills, including networking security) must address both problem-solving and soft skills (such as teamwork). • Further, the researchers noted the high-cost for physical labs, which may not be economically feasible for all colleges. • Moreover, virtualization environments can virtualized desktops and servers quite well, the virtualization of networking equipment including routers and switches is done poorly (Herbert & Wigley, 2015). • However, both researchers noted that the “Laboratory-As-A-Service” (LaaS) is evolving with NDG’s NetLab and Cisco’s vSphere, which increasingly provides students with full virtualization of Cisco routers and switches (Herbert & Wigley, 2015).
23 User discussions needed (e.g. faculty) • Understand, inform and discuss for areas considering Cybersecurity (virtual/mixed-mode) education: • Virtualization and Cloud-based services between and among partners • Virtualization and Cloud-based security concerns and mitigation strategies • Discussion about a design that leverages existing processes and controls (and potential enhancements) • Additional robust security controls offered by given virtualization and cloud services platforms
24 Architectural Conversations • Scaffold requirements for each partner that determines what is organizationally appropriate (processes, procedures, risk appetite, maintenance and support). • Investigate and discuss the technical aspects that tie to the educational drivers including server consolidation, administration, server to administrative ratio, provisioning of instances, reconfiguration, and agility across schools.
25 Authentic Conversations about Concerns • Manageability of the environment and who is responsible, • Security of management infrastructure, change management, capacity planning and SLA (service level agreements)/planning, • Physical access (including location, access, security, etc.), • VM sprawl (and contingency plans to manage the sprawl), • Licensing compliance issues, • Degree of resource utilization (bandwidth, servers, physical space, human resources), • Cost to acquire and operate (initial & fixed costs vs. marginal cost), • Complexity of design (provisioning multiple courses, multiple instructors, multiple colleges), • Reliance on virtualization (in contrast to physical environment), • Reliance on the organization’s/school’s/consortium capabilities and risk management approach.
26 General background for any virtual lab environment design and discussion • Opportunity to leverage combined resources, reduce incremental student costs, and possibly, offer expanded opportunities to a broader base of students and learners. • Overview of the various modes of instructional delivery that included lecture, the use of simulators, virtualized environments, and cloud-based services, each which offers both benefits and drawbacks. • Communication with users to define services and service-levels
27 How the SCCRC is approaching this (discussion) • Background • 8 regional colleges in the California Community College System • Allan Hancock • Antelope Valley • Cuesta College • Santa Barbara • Ventura District (Moorpark, Oxnard, Ventura College) • College of the Canyons
28 SCCRC General Approach (discussion) • Consensus-driven approach • Review of several platforms including: • Cybrary • NetLabs (NDG) • Practice Labs
29 References Angeles, S. (2014, January 20). Virtualization vs. Cloud Computing: What's the Difference? Retrieved June 26, 2018, from https://www.businessnewsdaily.com/5791-virtualization-vs-cloud-computing.html
 Anisetti, M., Bellandi, V., Colombo, A., Cremonini, M., Damiani, E., Frati, F., & Rebeccani, D. (2007). Learning computer networking on open paravirtual laboratories. IEEE Transactions on Education, 50(4), 302-311. Askari, M. M. U. R. (2018). Significance of Ever-evolving Cybersecurity Landscape: Challenges and Possible Pathways. National Journal of Cyber Security Law, 1(1), 22-37. Chan, J. (2011). Virtualization: Security and IT Audit Perspectives. Retrieved May 31, 2018, from https://www.slideshare.net/jason_chan/virtualization- security-and-it-audit-perspectives?utm_source=slideshow02&utm_medium=ssemail&utm_campaign=share_slideshow Cini, M., & Krause, A. (2017, January 30). Technology Set to Redefine Higher Education. Retrieved June 24, 2018, from https://evolllution.com/opinions/technology-set-redefine-higher-education/ Cybersecurity Supply And Demand Heat Map. (n.d.). Retrieved June 27, 2018, from https://www.cyberseek.org/heatmap.html Evolve Academy. (2017, June 12). Is It Time to Learn Cyber Security? Retrieved June 26, 2018, from https://www.switchup.org/blog/is-it-time-to-learn-cyber-security Drake, G. (2017). Navigating the Atlantic: Understanding EU Data Privacy Compliance Amidst a Sea of Uncertainty. S. Cal. L. Rev., 91, 163. Fontes, R. D. R., Mahfoudi, M., Dabbous, W., Turletti, T., & Rothenberg, C. (2017). How far can we go? towards realistic software-defined wireless networking experiments. The Computer Journal, 60(10), 1458-1471. Frezzo, D., Behrens, J. and Mislevy, R. (2010). Design Patterns for Learning and Assessment: Facilitating the Introduction of a Complex Simulation- Based Learning Environment into a Community of Instructors. Journal of Science Education and Technology, 19, pp. 105-114. García, J., & Entrialgo, J. (2015). Using computer virtualization and software tools to implement a low cost laboratory for the teaching of storage area networks. computer applications in engineering education, 23(5), 715-723.
 Goel, D., & Jain, A. K. (2017). Mobile phishing attacks and defence mechanisms: State of art and open research challenges. Computers & Security.
30 References Goldman, Z. K., Maruyama, E., Rosenberg, E., Saravalle, E., & Solomon-Strauss, J. (2017). Terrorist Use of Virtual Currencies. Washington DC: Center for a New American Security, May, 3. Herbert, B. M., & Wigley, G. B. (2015). The Role of Cisco Virtual Internet Routing Lab in network training environments. Jalali, M., & Kaiser, J. (2018). Cyber Resiliency in Hospitals: A Systematic, Organizational Perspective. Kam, H. J., Gogolin, G., & Emerick, G. (2014, October). Authentic Learning in Cybersecurity: Learning Opportunities and Pedagogical Challenges. In 2014 IEEE Frontiers in Education Conference (FIE) (pp. 1-4). IEEE. Krishnamoorthy, S. (2018). Identification of User Behavioural Biometrics for Authentication using Keystroke Dynamics and Machine Learning. Li, P., Mohammed, T., Toderick, L., Lunsford, P., & Li, C. (2008, June). A portable virtual networking lab for IT security instruction. In Proceedings of 2008 ASEE Annual Conference. Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware: Evolution, Target and Safety Measures. Megmittal. (n.d.). 10 Cybersecurity Predictions for 2018. Retrieved June 26, 2018, from https://www.cybrary.it/0p3n/10-cybersecurity-predictions-for- 2018/ Mir, M. S., Suhaimi, B., Adam, M., Ul Islam Kahn, B. U. R. H. A. N., Matoo, U. I., Mueen, M., & Olanrewaju, R. F. (2017). Critical Security Challenges in Cloud Computing Environment: An Appraisal. Journal of Theoretical & Applied Information Technology, 95(10). Padhy, R. P. (2012). Virtualization techniques & technologies: state-of-the-art. Journal of Global research in Computer science, 2(12), 29-43. Padman, V., & Memon, N. (2002). Design of a virtual laboratory for information assurance education and research. In Workshop on Information Assurance and Security (Vol. 1, p. 1555). Xu, L., Huang, D. & Tsai, W. (2014). Cloud-based virtual laboratory for network security education. IEEE Transactions in Education, 57, 39-46.
 Robinson, M., Jones, K., Janicke, H., & Maglaras, L. (2018). An introduction to cyber peacekeeping. Journal of Network and Computer Applications, 114, 70-87.
31 References Rogoff, B. (1984). Introduction: Thinking and learning in social context. In B. Rogoff & J. Lave (Eds.). Everyday cognition: Its development in social-context. Cambridge, MA: Harvard University Press, 1-8. Sohal, A. S., Sandhu, R., Sood, S. K., & Chang, V. (2018). A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Computers & Security, 74, 340-354. Son, J., Irrechukwu, C., & Fitzgibbons, P. (2012). Virtual Lab for Online Cyber Security Education. Communications of the IIMA, 12(4), 5.
 Turchin, A., & Denkenberger, D. (2018). Classification of global catastrophic risks connected with artificial intelligence. AI & SOCIETY, 1-17. Vize, S. (2018, January 08). 6 Highest-Paid Cybersecurity Jobs | Mondo: Tech & IT Staffing. Retrieved June 26, 2018, from https://www.mondo.com/blog-highest-paid-cybersecurity-jobs/ Veiga, A. P. (2018). Applications of Artificial Intelligence to Network Security. arXiv preprint arXiv:1803.09992. Wang, C., Jan, S. T., Hu, H., Bossart, D., & Wang, G. (2018, March). The Next Domino to Fall: Empirical Analysis of User Passwords across Online Services. In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (pp. 196-203). ACM. Weiss, R. S., Turbak, F., Mache, J., & Locasto, M. E. (2017). Cybersecurity education and assessment in EDURange. IEEE Security & Privacy, 15(3), 90-95. Zaki, M., Erman, H., Azman, A., Faizal, A., & Rahayu, S. (2010, June). Virtualization technology in teaching information technology security. In Proceedings 3rd Regional Conference on Engineering Education and Research in Higher Education, Sarawak, Malaysia.

Recommended

Ijsrp p5211
Ijsrp p5211Ijsrp p5211
Ijsrp p5211Vishvi Vidanapathirana
 
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-Lillian Ekwosi-Egbulem
 
Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021AIRCC Publishing Corporation
 
Information Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive SecurityInformation Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive SecurityCSCJournals
 
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONS
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONSCAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONS
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONSijfcstjournal
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing surveyIAESIJEECS
 
Sarvi
SarviSarvi
SarviSarvesh Sarvi
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 

Recommended

Ijsrp p5211
Ijsrp p5211Ijsrp p5211
Ijsrp p5211Vishvi Vidanapathirana
 
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-Lillian Ekwosi-Egbulem
 
Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021AIRCC Publishing Corporation
 
Information Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive SecurityInformation Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive SecurityCSCJournals
 
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONS
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONSCAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONS
CAPTURE THE TALENT: SECONDARY SCHOOL EDUCATION WITH CYBER SECURITY COMPETITIONSijfcstjournal
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing surveyIAESIJEECS
 
Sarvi
SarviSarvi
SarviSarvesh Sarvi
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
June 2020: Top Read Articles in Advanced Computing
June 2020: Top Read Articles in Advanced ComputingJune 2020: Top Read Articles in Advanced Computing
June 2020: Top Read Articles in Advanced Computingacijjournal
 
Information Sharing of Cyber Threat Intelligence with their Issue and Challenges
Information Sharing of Cyber Threat Intelligence with their Issue and ChallengesInformation Sharing of Cyber Threat Intelligence with their Issue and Challenges
Information Sharing of Cyber Threat Intelligence with their Issue and Challengesijtsrd
 
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016Riina Vuorikari
 
July 2020: TOP Must Read Article in Computer Science & Information Technology...
July 2020: TOP Must Read Article in Computer Science & Information Technology...July 2020: TOP Must Read Article in Computer Science & Information Technology...
July 2020: TOP Must Read Article in Computer Science & Information Technology...AIRCC Publishing Corporation
 
Teacher networks, teacher digital competence and professional development
Teacher networks, teacher digital competence and professional developmentTeacher networks, teacher digital competence and professional development
Teacher networks, teacher digital competence and professional developmentRiina Vuorikari
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber securityzapp0
 
Cloud 101 higher_education_wp
Cloud 101 higher_education_wpCloud 101 higher_education_wp
Cloud 101 higher_education_wpDuy Hoang Nguyen
 
Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Riina Vuorikari
 
Testimony of Terry V. Benzel, University of Southern California Information S...
Testimony of Terry V. Benzel, University of Southern California Information S...Testimony of Terry V. Benzel, University of Southern California Information S...
Testimony of Terry V. Benzel, University of Southern California Information S...DETER-Project
 
Crowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber SpeedCrowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber Speedjcichelli
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelBDPA Education and Technology Foundation
 
Course Tech 2013, Mark Ciampa, Helping Students Stay Secure
Course Tech 2013, Mark Ciampa, Helping Students Stay SecureCourse Tech 2013, Mark Ciampa, Helping Students Stay Secure
Course Tech 2013, Mark Ciampa, Helping Students Stay SecureCengage Learning
 
Powerpoint for DoN Presentation
Powerpoint for DoN PresentationPowerpoint for DoN Presentation
Powerpoint for DoN Presentationguest5fc6f3
 
Application of Cloud Computing Models in Education
Application of Cloud Computing Models in EducationApplication of Cloud Computing Models in Education
Application of Cloud Computing Models in Educationijtsrd
 
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...Jason Hong
 
Reseach paper-mla-sample
Reseach paper-mla-sampleReseach paper-mla-sample
Reseach paper-mla-sampleCheap Custom Writing
 
Internetdagar: DigComp 2.2 update
Internetdagar: DigComp 2.2 updateInternetdagar: DigComp 2.2 update
Internetdagar: DigComp 2.2 updateRiina Vuorikari
 
Proposed high level solutions to counter online examination fraud using digit...
Proposed high level solutions to counter online examination fraud using digit...Proposed high level solutions to counter online examination fraud using digit...
Proposed high level solutions to counter online examination fraud using digit...Ivans Kigwana
 
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...Christian Glahn
 
Security research trends in 2020
Security research trends in 2020Security research trends in 2020
Security research trends in 2020AIRCC Publishing Corporation
 
A Review On Data Security In Cloud Computing
A Review On Data Security In Cloud ComputingA Review On Data Security In Cloud Computing
A Review On Data Security In Cloud ComputingYolanda Ivey
 
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJECCAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJECTawnaDelatorrejs
 

More Related Content

What's hot

June 2020: Top Read Articles in Advanced Computing
June 2020: Top Read Articles in Advanced ComputingJune 2020: Top Read Articles in Advanced Computing
June 2020: Top Read Articles in Advanced Computingacijjournal
 
Information Sharing of Cyber Threat Intelligence with their Issue and Challenges
Information Sharing of Cyber Threat Intelligence with their Issue and ChallengesInformation Sharing of Cyber Threat Intelligence with their Issue and Challenges
Information Sharing of Cyber Threat Intelligence with their Issue and Challengesijtsrd
 
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016Riina Vuorikari
 
July 2020: TOP Must Read Article in Computer Science & Information Technology...
July 2020: TOP Must Read Article in Computer Science & Information Technology...July 2020: TOP Must Read Article in Computer Science & Information Technology...
July 2020: TOP Must Read Article in Computer Science & Information Technology...AIRCC Publishing Corporation
 
Teacher networks, teacher digital competence and professional development
Teacher networks, teacher digital competence and professional developmentTeacher networks, teacher digital competence and professional development
Teacher networks, teacher digital competence and professional developmentRiina Vuorikari
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber securityzapp0
 
Cloud 101 higher_education_wp
Cloud 101 higher_education_wpCloud 101 higher_education_wp
Cloud 101 higher_education_wpDuy Hoang Nguyen
 
Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Riina Vuorikari
 
Testimony of Terry V. Benzel, University of Southern California Information S...
Testimony of Terry V. Benzel, University of Southern California Information S...Testimony of Terry V. Benzel, University of Southern California Information S...
Testimony of Terry V. Benzel, University of Southern California Information S...DETER-Project
 
Crowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber SpeedCrowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber Speedjcichelli
 
Course Tech 2013, Mark Ciampa, Helping Students Stay Secure
Course Tech 2013, Mark Ciampa, Helping Students Stay SecureCourse Tech 2013, Mark Ciampa, Helping Students Stay Secure
Course Tech 2013, Mark Ciampa, Helping Students Stay SecureCengage Learning
 
Powerpoint for DoN Presentation
Powerpoint for DoN PresentationPowerpoint for DoN Presentation
Powerpoint for DoN Presentationguest5fc6f3
 
Application of Cloud Computing Models in Education
Application of Cloud Computing Models in EducationApplication of Cloud Computing Models in Education
Application of Cloud Computing Models in Educationijtsrd
 
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...Jason Hong
 
Internetdagar: DigComp 2.2 update
Internetdagar: DigComp 2.2 updateInternetdagar: DigComp 2.2 update
Internetdagar: DigComp 2.2 updateRiina Vuorikari
 
Proposed high level solutions to counter online examination fraud using digit...
Proposed high level solutions to counter online examination fraud using digit...Proposed high level solutions to counter online examination fraud using digit...
Proposed high level solutions to counter online examination fraud using digit...Ivans Kigwana
 
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...Christian Glahn
 

What's hot (20)

June 2020: Top Read Articles in Advanced Computing
June 2020: Top Read Articles in Advanced ComputingJune 2020: Top Read Articles in Advanced Computing
June 2020: Top Read Articles in Advanced Computing
 
Information Sharing of Cyber Threat Intelligence with their Issue and Challenges
Information Sharing of Cyber Threat Intelligence with their Issue and ChallengesInformation Sharing of Cyber Threat Intelligence with their Issue and Challenges
Information Sharing of Cyber Threat Intelligence with their Issue and Challenges
 
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016
The DIGCOMP conceptual reference model (DIGCOMP 2.0) - April 2016
 
July 2020: TOP Must Read Article in Computer Science & Information Technology...
July 2020: TOP Must Read Article in Computer Science & Information Technology...July 2020: TOP Must Read Article in Computer Science & Information Technology...
July 2020: TOP Must Read Article in Computer Science & Information Technology...
 
Teacher networks, teacher digital competence and professional development
Teacher networks, teacher digital competence and professional developmentTeacher networks, teacher digital competence and professional development
Teacher networks, teacher digital competence and professional development
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber security
 
Cloud 101 higher_education_wp
Cloud 101 higher_education_wpCloud 101 higher_education_wp
Cloud 101 higher_education_wp
 
Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )
 
Testimony of Terry V. Benzel, University of Southern California Information S...
Testimony of Terry V. Benzel, University of Southern California Information S...Testimony of Terry V. Benzel, University of Southern California Information S...
Testimony of Terry V. Benzel, University of Southern California Information S...
 
Crowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber SpeedCrowdsourcing Expert Performance to Improve Training at Cyber Speed
Crowdsourcing Expert Performance to Improve Training at Cyber Speed
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive Panel
 
Course Tech 2013, Mark Ciampa, Helping Students Stay Secure
Course Tech 2013, Mark Ciampa, Helping Students Stay SecureCourse Tech 2013, Mark Ciampa, Helping Students Stay Secure
Course Tech 2013, Mark Ciampa, Helping Students Stay Secure
 
Powerpoint for DoN Presentation
Powerpoint for DoN PresentationPowerpoint for DoN Presentation
Powerpoint for DoN Presentation
 
Application of Cloud Computing Models in Education
Application of Cloud Computing Models in EducationApplication of Cloud Computing Models in Education
Application of Cloud Computing Models in Education
 
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...
Knowledgeable Users are the Best Cyber Security Defense, for ISSA webinar Sep...
 
Reseach paper-mla-sample
Reseach paper-mla-sampleReseach paper-mla-sample
Reseach paper-mla-sample
 
Internetdagar: DigComp 2.2 update
Internetdagar: DigComp 2.2 updateInternetdagar: DigComp 2.2 update
Internetdagar: DigComp 2.2 update
 
Proposed high level solutions to counter online examination fraud using digit...
Proposed high level solutions to counter online examination fraud using digit...Proposed high level solutions to counter online examination fraud using digit...
Proposed high level solutions to counter online examination fraud using digit...
 
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...
Patterns of Mobile Learning: From Mobile Content and Blended Learning to Mixe...
 
Security research trends in 2020
Security research trends in 2020Security research trends in 2020
Security research trends in 2020
 

Similar to Cyber security training using virtual labs 3 cs umuc presentation august 2018

A Review On Data Security In Cloud Computing
A Review On Data Security In Cloud ComputingA Review On Data Security In Cloud Computing
A Review On Data Security In Cloud ComputingYolanda Ivey
 
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJECCAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJECTawnaDelatorrejs
 
7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docx7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docxsleeperharwell
 
Framework for the Development of Virtual Labs for Industrial Internet of Thin...
Framework for the Development of Virtual Labs for Industrial Internet of Thin...Framework for the Development of Virtual Labs for Industrial Internet of Thin...
Framework for the Development of Virtual Labs for Industrial Internet of Thin...Maurice Dawson
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementMel Drews
 
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiResearch paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiShreedeep Rayamajhi
 
A review: Artificial intelligence and expert systems for cyber security
A review: Artificial intelligence and expert systems for cyber securityA review: Artificial intelligence and expert systems for cyber security
A review: Artificial intelligence and expert systems for cyber securitybijejournal
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyOrganization
 
07 20251 latest trends, challenges ed
07 20251 latest trends, challenges ed07 20251 latest trends, challenges ed
07 20251 latest trends, challenges edIAESIJEECS
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
 
PMI Presentation on Virtual Teams
PMI Presentation on Virtual TeamsPMI Presentation on Virtual Teams
PMI Presentation on Virtual TeamsPaula Mugnier
 
A Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the CloudA Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the CloudEditor IJCATR
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 
A Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud EnvironmentA Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud EnvironmentIJCSIS Research Publications
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxaudeleypearl
 
ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...
ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...
ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...IJITE
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
 
New Threat Trends in CII(Critical Information Infrastructure)
New Threat Trends in CII(Critical Information Infrastructure)New Threat Trends in CII(Critical Information Infrastructure)
New Threat Trends in CII(Critical Information Infrastructure)Seungjoo Kim
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachCloudLock
 

Similar to Cyber security training using virtual labs 3 cs umuc presentation august 2018 (20)

A Review On Data Security In Cloud Computing
A Review On Data Security In Cloud ComputingA Review On Data Security In Cloud Computing
A Review On Data Security In Cloud Computing
 
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJECCAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC
CAPSTONE PROJECT LITERATURE REVIEW ASSIGNMENT 1CAPSTONE PROJEC
 
7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docx7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docx
 
Framework for the Development of Virtual Labs for Industrial Internet of Thin...
Framework for the Development of Virtual Labs for Industrial Internet of Thin...Framework for the Development of Virtual Labs for Industrial Internet of Thin...
Framework for the Development of Virtual Labs for Industrial Internet of Thin...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk Management
 
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiResearch paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
 
A review: Artificial intelligence and expert systems for cyber security
A review: Artificial intelligence and expert systems for cyber securityA review: Artificial intelligence and expert systems for cyber security
A review: Artificial intelligence and expert systems for cyber security
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
 
07 20251 latest trends, challenges ed
07 20251 latest trends, challenges ed07 20251 latest trends, challenges ed
07 20251 latest trends, challenges ed
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURE
 
PMI Presentation on Virtual Teams
PMI Presentation on Virtual TeamsPMI Presentation on Virtual Teams
PMI Presentation on Virtual Teams
 
A Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the CloudA Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the Cloud
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 years
 
A Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud EnvironmentA Novel Framework to Improve Secure Digital Library at Cloud Environment
A Novel Framework to Improve Secure Digital Library at Cloud Environment
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
 
ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...
ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...
ANALYSIS OF DEVELOPMENT COOPERATION WITH SHARED AUTHORING ENVIRONMENT IN ACAD...
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
 
New Threat Trends in CII(Critical Information Infrastructure)
New Threat Trends in CII(Critical Information Infrastructure)New Threat Trends in CII(Critical Information Infrastructure)
New Threat Trends in CII(Critical Information Infrastructure)
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
 

More from Highervista

Cyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarlandCyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarlandHighervista
 
Intro infosec version 2
Intro infosec version 2Intro infosec version 2
Intro infosec version 2Highervista
 
How to create a maker space v2 ebook
How to create a maker space v2 ebookHow to create a maker space v2 ebook
How to create a maker space v2 ebookHighervista
 
Love and silence v3 scribd slide share
Love and silence v3 scribd slide shareLove and silence v3 scribd slide share
Love and silence v3 scribd slide shareHighervista
 

More from Highervista (13)

Sq lite module1
Sq lite module1Sq lite module1
Sq lite module1
 
Sq lite module2
Sq lite module2Sq lite module2
Sq lite module2
 
Sq lite module3
Sq lite module3Sq lite module3
Sq lite module3
 
Sq lite module4
Sq lite module4Sq lite module4
Sq lite module4
 
Sq lite module5
Sq lite module5Sq lite module5
Sq lite module5
 
Sq lite module6
Sq lite module6Sq lite module6
Sq lite module6
 
Sq lite module7
Sq lite module7Sq lite module7
Sq lite module7
 
Sq lite module8
Sq lite module8Sq lite module8
Sq lite module8
 
Sq lite module9
Sq lite module9Sq lite module9
Sq lite module9
 
Cyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarlandCyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarland
 
Intro infosec version 2
Intro infosec version 2Intro infosec version 2
Intro infosec version 2
 
How to create a maker space v2 ebook
How to create a maker space v2 ebookHow to create a maker space v2 ebook
How to create a maker space v2 ebook
 
Love and silence v3 scribd slide share
Love and silence v3 scribd slide shareLove and silence v3 scribd slide share
Love and silence v3 scribd slide share
 

Recently uploaded

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........LeaCamillePacle
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Planning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptxPlanning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptxLigayaBacuel1
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 

Recently uploaded (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Planning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptxPlanning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 

Cyber security training using virtual labs 3 cs umuc presentation august 2018

  • 1. Many hands make light work - Combining regional resources to make a powerful Cybersecurity program (Fri: 5:00 to 6:00 p.m., P3B-1) Dr. Ron McFarland, Ph.D., PMP, CISSP Cybersecurity Project Manager – College of the Canyons Post-doc Researcher: University of Maryland, University College Center for Cybersecurity Studies
  • 2. Collaboration within a region of colleges for cybersecurity education South Central Coast Regional Consortium of the California Community Colleges
  • 4. 4 Topics • A summarization of the obvious need for increased cyber security training that will support industry, academia, and governmental agencies • Discussion of the opportunity to leverage shared resources for cyber security training • How the SCCRC is accomplishing this
  • 5. 5 Organizations and governments are just not ready… • An expanding threat scape… • A predominance of cyber security issues nationally and within our organizations today that are not being readily addressed. • GDPR-compliance requirements for companies doing business in the European Union (EU). Many companies will not be GDPR-compliant by the deadline of May 25, 2018 (Drake, 2017). • Because of the recent dramatic market swings and expanded popularity of cryptocurrencies, cybercriminals will focus more on cryptocurrencies (Goldman, Maruyama, Roesnberg, Saravalle and Solomon-Strauss, 2017). • As AI more fully develops and becomes more main-streamed, AI-Powered attacks will increase over the existing high levels of AI-related attacks of 2018. AI will influence an increase in data breaches (Turchin and Denkenberger, 2018). • Researchers noted that more Mobile Threats were due to the increasing amount of unique mobile ransomware. To deliver the malware to the biggest audience, hackers exploited Google Play store by attacking the Android mobile OS (Goel and Jain, 2017).
  • 6. 6 Organizations and governments are just not ready… • Cloud security will be a top priority concern. As the number of companies is growing, the cloud adoption rate has risen. Cloud security is a top concern for 70% of IT Professionals, including unauthorized access, malware, and DoS attacks (Mir, Suhaimi, Adam, Ul Islam Khan, Mattoo, Mueen, and Olanrewaju, 2017). • Ransomware and IoT - Ransomware have targeted more IoT devices in 2018. Many IOT devices are getting locked up by ransomware (Maurya, Kumar, Agrawal, and Kahn, 2018). • A Rise in State-Sponsored Attacks - When it comes to state- sponsored attacks, the intention goes beyond monetary value. These attacks are political in nature, and they don’t target any business or person (Jalali and Kaiser, 2018).
  • 7. 7 Organizations and governments are just not ready… • Cyber war - In 2018, we can further see the escalation of international conflicts in cyberspace. This may disrupt the normal operations of government and financial systems (Robinson, Jones, Janicke, and Maglaras, 2018). • The Decline of Password-Only Authentication – Alternative security access - Multi-Factor Authentication, and Risk Factor Authentication (Krishnamoorthy, 2018). • In general, the overall level of data breaches doubled from 2016 to 2017 and is expected to double again when measured at the end of 2018 (Wang, Jan, Hu, Bossart, and Wang, 2018).
  • 8. 8 1.5 million to 3.5 million security professionals are needed • Cisco’s (2014) Annual Security Report ventured a widely popular cybersecurity jobs forecast stating “It’s estimated that by 2014, the industry will still be short more than a million security professionals across the globe.” • In 2015, Symantic anticipated that the demand for cybersecurity talent would rise to 6 million globally by 2019, with a projected shortfall of 1.5 million additional personnel needed worldwide. • Also, a skills gap analysis from ISACA (2016) estimated the global shortage to be around 2 million cybersecurity professionals by 2019 (a half-million more than Symantec’s prior estimate). In a more recent discussion regarding the impact of Artificial Intelligence on cyber security hacking, the author estimated that 3.5 million cyber security positions will go unfilled by 2021 due to new technology used by attackers (Veiga, 2018). • In terms of the financial estimates, another study states that cybersecurity jobs forecasts have been unable to keep pace with the dramatic rise in cybercrime, which is predicted to cost the world $6 trillion annually by 2021, up from $3 trillion in 2015 (Askari, 2018).
  • 9. 9 Top salaries are paid in cybersecurity • CyberSeek (2018) noted the top six cyber-related average salaries, which includes:
 • • Application Security Engineer: $100,000 to $210,000, • Network Security Analyst: $90,000 and $150,000, • IS Security Manager (CISO, CTO, and CDO): $120,00 and $180,000, • Cybersecurity Analyst: $90,000 and $185,000, • Penetration Tester: $90,000 to $180,000, • IS Security Engineer: $90,000 to $150,000.
  • 10. 10 Educational Issues • There is a strong need to provide skills training that includes scenario-based skills practice (Kam, et. al, 2014). • Given the high-availability of online learning environments, which include cloud-based and virtual environment alternatives, training environments that are informal allow learners to engage in real-life scenarios and activities (Kam, et. al, 2014). • For more effective learning to occur, cybersecurity education requires learners to acquire knowledge through hands-on activities and authentic learning, whereby real-life scenarios are investigated and acted upon (Kam, et. al, 2014).
  • 11. 11 Educational Issues • Case studies that provide scenario-based learning opportunities are a particular viable strategy for authentic learning. Authentic learning allows learners to discover both the “how” and “why” for given cyber security attacks. • Scenario-based training, researchers found that learners expected more work and felt more fully supported with their learning objectives when additional discussion opportunities existed with their peers, which suggests the need for discussions about scenario-based training (Kam, Gogolin & Emerick, 2014). • Researchers identified two key challenges with setting up authentic learning environments. • (a) the time-consuming process for faculty in setting up a given course • (b) effectively addressing the potential student bias and emotional attachment because of prior learning experiences, which may have occurred on-the-job (Kam, Gogolin & Emerick, 2014).
  • 12. 12 Lecturing and Simulated/Virtual Environments • Herbert and Wigley (2015) indicated that lecturing is readily achieved in higher education, as it pertains to computer networking and related security courses, but the delivery is often poorly done (Herbert & Wigley, 2015). • However, several types of tools that can be used in conjunction or as an adjunct to lecture. Fontes, Mahfoundi, Dabbous, Turletti, and Rothenberg (2017) define these tool types as: • Emulation Tools: Emulation tools is used to replicate the function and features of physical devices. • Software Simulators: Simulators are programmed to mimic a given environment, yet due to the limitations of programming, not all real-world scenarios are represented in a real environment. • Virtualization: Virtualization is a way to make one or many resource(s) (such as an operating system) run on a given hardware platform. Each virtualized environment is identical to the corresponding physical environment.
  • 13. 13 Specific Virtualization Technologies • Cisco VIRL (Virtual Internet Routing Lab): For computer networking training, including network security courses, researchers have found that the Cisco Virtual Internet Routing Lab (VIRL), released by Cisco Systems in December, 2014, is designed for student work in the computer networking laboratory environment (Herbert & Wigley, 2015). • Cisco Packet Tracer: A simulated environment. Cisco Packet Tracer is a common tool used by students in computer networking and security courses. Emulation tools often have limited commands and lack the realism of a true network, but are good to use to practice networking skills.
  • 14. 14 Simulators may be inadequate • Herbert and Wigley (2015) further suggested that simulation tools, like Cisco’s Packet Tracer is a viable option, but simulation tools may lead the student to a mis-perception that all networks and security scenarios will behave as does Packet Tracer, since simulators lack real-world functionality. • The risk of using simulators exclusively for education and training can have the effect of degrading a student’s learning experience (Herbert & Wigley, 2015). • Further, other researchers noted that the use of a simulation environment alone in networking education is inadequate unless students have developed a way to understand conceptual aspects of networking technology (Frezzo, Behrens, & Mislevy, 2010).
  • 15. 15 General Virtualized Lab Environments • Decentralized: The deployment of a VDI (Virtual Desktop Integration) image, which is a decentralized lab approach, can be implemented where students can install and run desktop virtualization software on their personal computers using tools like VMWare Workstation or Oracle VM Virtualbox (Son, Irrechukwu, & Fitzgibbons, 2012). In a decentralized lab setup, students use their own equipment (computer) to practice computer networking and security skills. A limitation of the decentralized approach is that each student will need to lease or purchase their own equipment for use, which may be a barrier for some financially-strapped students. • Centralized: Researchers agree that server virtualization, as a centralized server approach, is more suitable to deploy cyber security-related virtual labs, which often require high-end equipment and resources, in contrast to client virtualization, which often does not scale well for cyber security courses (Son, Irrechukwu, & Fitzgibbons, 2012). Students can connect directly to a centralized physical lab (and equipment) at their educational institution to practice computer networking and security skills. Physical labs contain high costs associated with the maintenance and repair of the hardware and software. Further, researchers noted that the cost limitations for a physical lab should include electricity and physical environmental costs.
  • 16. 16 Cloud-based service options • The use of cloud-based services is an additional option for some cybersecurity training, with limitations (Padhy, 2012). • Padhy (2012) notes that virtualization is software that separates physical infrastructures to create various dedicated resources (ex. virtualizing a Windows 10 computer on a MacOS computer). Virtualization software makes it possible to run multiple operating systems and multiple applications on the same server at the same time. • In contrast, cloud computing is the delivery of shared computing resources, software or data as a service and on-demand through the Internet (Padhy, 2012). • As a general distinction - virtualization is software that manipulates hardware, while cloud computing refers to a service that results from that manipulation.
  • 17. 17 Emerging Cloud-based offerings • EDURange is a cloud-based platform that implements cybersecurity exercises to assist undergraduates develop analytical abilities and a security mindset (Weiss, Turbak, Mache, and Locasto, 2017). • However, Sohal, Sandhu, Sood and Chang (2018) discuss the use of cloud-based services as a cybersecurity training framework to identify edge device in fog computer and in the cloud-of-things (CoT) environments, which presently has a narrow training and educational reach.
  • 18. 18 Efficacy and situated cognition theory • Virtualitization can provide the opportunity for educational efficacy through the use of the theory of situated cognition theory that includes, “the problem’s physical and conceptual structure as well as the purpose of the activity and the social milieu in which it is embedded.” • More specifically, situated cognition theory focuses on the cognitive ability for students to transfer learned knowledge, skills and abilities (KSAs) to real-life scenarios through problem solving, which was noted in seminal research by Rogoff (1984). • Moreover, Rogoff (1984) noted that situated cognition theory defines the details for thinking and how thinking evolves, which impacts the understanding of real-life contexts, as it can be applied in a virtualized environment.
  • 19. 19 Efficacy of Virtualization for learning • Accessibility: The virtual lab must provide seamless access to the virtual remote learner. The authors recommend that students will not have to reserve time and will have access to a 24x7x365 virtual lab environment (Son, Irrechukwu, & Fitzgibbons, 2012). • Reliability: The remote virtual server(s) must support a significant number of concurrent users with limited dedicated resources. In addition, there should be no significant delay with a large number of concurrent users (Son, Irrechukwu, & Fitzgibbons, 2012). • Virtual Machine (VM) configuration: The appropriate operating systems(s) and related system images that support the cyber security labs must be ready and available for students. To further support student course requirements, the researchers dissuaded the additional time and effort necessary to configure or install software, unless that task was necessary for the given lab (Son, Irrechukwu, & Fitzgibbons, 2012). • Privilege rights: Both privilege rights and access rights on virtual machines must be significantly open to students so that they can accomplish network and security modifications without restrictions on the virtual machines, as related to the given lab assignment(s) (Son, Irrechukwu, & Fitzgibbons, 2012).
  • 20. 20 Changes are pushing forward the need for virtualized education/training • Demographic trends: enrollments will soften until at least 2020, necessitating institutions to seek creative ways to ensure courses ‘make’ at institutions by using online and virtualized environments. • Tuition cost: students cannot afford higher tuition and will become more resistant to increased tuition costs. As a result, students will become smarter shoppers for relevant education, which will have an impact on how colleges offer courses to students, including online and virtualized courses. • Continued proliferation of Internet-technologies: Accelerating and converging technology trends will provide new student training opportunities that students will progressively be required by employers, especially in the Information Technology fields. • Trend towards Competency-based education: CBE will allow students to leverage their prior experiences to attain their desired certificate and degree goals in an adaptive manner, suggesting that courses must offer real-life case scenarios. •
  • 21. 21 Building forward • Institutions must consistently provide training and education in ways that students demand in order to be viable in the near future. This can be accomplished by predictive analysis (Cini & Krause, 2014). • Predictive analysis: Institutions will progressively use predictive analysis to determine the most suitable design to create successful student experiences, which can be gathered from online and virtualized learning environments. • Predictive analysis will assist in determining suitable educational technologies, curriculum design, adaptive institutional policies, and can assist in understanding and adapting to emerging student behaviors (Cini & Krause, 2014).
  • 22. 22 Concerns • Herbert and Wigley (2015) emphasize that the development of a student’s experience (related to computer networking skills, including networking security) must address both problem-solving and soft skills (such as teamwork). • Further, the researchers noted the high-cost for physical labs, which may not be economically feasible for all colleges. • Moreover, virtualization environments can virtualized desktops and servers quite well, the virtualization of networking equipment including routers and switches is done poorly (Herbert & Wigley, 2015). • However, both researchers noted that the “Laboratory-As-A-Service” (LaaS) is evolving with NDG’s NetLab and Cisco’s vSphere, which increasingly provides students with full virtualization of Cisco routers and switches (Herbert & Wigley, 2015).
  • 23. 23 User discussions needed (e.g. faculty) • Understand, inform and discuss for areas considering Cybersecurity (virtual/mixed-mode) education: • Virtualization and Cloud-based services between and among partners • Virtualization and Cloud-based security concerns and mitigation strategies • Discussion about a design that leverages existing processes and controls (and potential enhancements) • Additional robust security controls offered by given virtualization and cloud services platforms
  • 24. 24 Architectural Conversations • Scaffold requirements for each partner that determines what is organizationally appropriate (processes, procedures, risk appetite, maintenance and support). • Investigate and discuss the technical aspects that tie to the educational drivers including server consolidation, administration, server to administrative ratio, provisioning of instances, reconfiguration, and agility across schools.
  • 25. 25 Authentic Conversations about Concerns • Manageability of the environment and who is responsible, • Security of management infrastructure, change management, capacity planning and SLA (service level agreements)/planning, • Physical access (including location, access, security, etc.), • VM sprawl (and contingency plans to manage the sprawl), • Licensing compliance issues, • Degree of resource utilization (bandwidth, servers, physical space, human resources), • Cost to acquire and operate (initial & fixed costs vs. marginal cost), • Complexity of design (provisioning multiple courses, multiple instructors, multiple colleges), • Reliance on virtualization (in contrast to physical environment), • Reliance on the organization’s/school’s/consortium capabilities and risk management approach.
  • 26. 26 General background for any virtual lab environment design and discussion • Opportunity to leverage combined resources, reduce incremental student costs, and possibly, offer expanded opportunities to a broader base of students and learners. • Overview of the various modes of instructional delivery that included lecture, the use of simulators, virtualized environments, and cloud-based services, each which offers both benefits and drawbacks. • Communication with users to define services and service-levels
  • 27. 27 How the SCCRC is approaching this (discussion) • Background • 8 regional colleges in the California Community College System • Allan Hancock • Antelope Valley • Cuesta College • Santa Barbara • Ventura District (Moorpark, Oxnard, Ventura College) • College of the Canyons
  • 28. 28 SCCRC General Approach (discussion) • Consensus-driven approach • Review of several platforms including: • Cybrary • NetLabs (NDG) • Practice Labs
  • 29. 29 References Angeles, S. (2014, January 20). Virtualization vs. Cloud Computing: What's the Difference? Retrieved June 26, 2018, from https://www.businessnewsdaily.com/5791-virtualization-vs-cloud-computing.html
 Anisetti, M., Bellandi, V., Colombo, A., Cremonini, M., Damiani, E., Frati, F., & Rebeccani, D. (2007). Learning computer networking on open paravirtual laboratories. IEEE Transactions on Education, 50(4), 302-311. Askari, M. M. U. R. (2018). Significance of Ever-evolving Cybersecurity Landscape: Challenges and Possible Pathways. National Journal of Cyber Security Law, 1(1), 22-37. Chan, J. (2011). Virtualization: Security and IT Audit Perspectives. Retrieved May 31, 2018, from https://www.slideshare.net/jason_chan/virtualization- security-and-it-audit-perspectives?utm_source=slideshow02&utm_medium=ssemail&utm_campaign=share_slideshow Cini, M., & Krause, A. (2017, January 30). Technology Set to Redefine Higher Education. Retrieved June 24, 2018, from https://evolllution.com/opinions/technology-set-redefine-higher-education/ Cybersecurity Supply And Demand Heat Map. (n.d.). Retrieved June 27, 2018, from https://www.cyberseek.org/heatmap.html Evolve Academy. (2017, June 12). Is It Time to Learn Cyber Security? Retrieved June 26, 2018, from https://www.switchup.org/blog/is-it-time-to-learn-cyber-security Drake, G. (2017). Navigating the Atlantic: Understanding EU Data Privacy Compliance Amidst a Sea of Uncertainty. S. Cal. L. Rev., 91, 163. Fontes, R. D. R., Mahfoudi, M., Dabbous, W., Turletti, T., & Rothenberg, C. (2017). How far can we go? towards realistic software-defined wireless networking experiments. The Computer Journal, 60(10), 1458-1471. Frezzo, D., Behrens, J. and Mislevy, R. (2010). Design Patterns for Learning and Assessment: Facilitating the Introduction of a Complex Simulation- Based Learning Environment into a Community of Instructors. Journal of Science Education and Technology, 19, pp. 105-114. García, J., & Entrialgo, J. (2015). Using computer virtualization and software tools to implement a low cost laboratory for the teaching of storage area networks. computer applications in engineering education, 23(5), 715-723.
 Goel, D., & Jain, A. K. (2017). Mobile phishing attacks and defence mechanisms: State of art and open research challenges. Computers & Security.
  • 30. 30 References Goldman, Z. K., Maruyama, E., Rosenberg, E., Saravalle, E., & Solomon-Strauss, J. (2017). Terrorist Use of Virtual Currencies. Washington DC: Center for a New American Security, May, 3. Herbert, B. M., & Wigley, G. B. (2015). The Role of Cisco Virtual Internet Routing Lab in network training environments. Jalali, M., & Kaiser, J. (2018). Cyber Resiliency in Hospitals: A Systematic, Organizational Perspective. Kam, H. J., Gogolin, G., & Emerick, G. (2014, October). Authentic Learning in Cybersecurity: Learning Opportunities and Pedagogical Challenges. In 2014 IEEE Frontiers in Education Conference (FIE) (pp. 1-4). IEEE. Krishnamoorthy, S. (2018). Identification of User Behavioural Biometrics for Authentication using Keystroke Dynamics and Machine Learning. Li, P., Mohammed, T., Toderick, L., Lunsford, P., & Li, C. (2008, June). A portable virtual networking lab for IT security instruction. In Proceedings of 2008 ASEE Annual Conference. Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware: Evolution, Target and Safety Measures. Megmittal. (n.d.). 10 Cybersecurity Predictions for 2018. Retrieved June 26, 2018, from https://www.cybrary.it/0p3n/10-cybersecurity-predictions-for- 2018/ Mir, M. S., Suhaimi, B., Adam, M., Ul Islam Kahn, B. U. R. H. A. N., Matoo, U. I., Mueen, M., & Olanrewaju, R. F. (2017). Critical Security Challenges in Cloud Computing Environment: An Appraisal. Journal of Theoretical & Applied Information Technology, 95(10). Padhy, R. P. (2012). Virtualization techniques & technologies: state-of-the-art. Journal of Global research in Computer science, 2(12), 29-43. Padman, V., & Memon, N. (2002). Design of a virtual laboratory for information assurance education and research. In Workshop on Information Assurance and Security (Vol. 1, p. 1555). Xu, L., Huang, D. & Tsai, W. (2014). Cloud-based virtual laboratory for network security education. IEEE Transactions in Education, 57, 39-46.
 Robinson, M., Jones, K., Janicke, H., & Maglaras, L. (2018). An introduction to cyber peacekeeping. Journal of Network and Computer Applications, 114, 70-87.
  • 31. 31 References Rogoff, B. (1984). Introduction: Thinking and learning in social context. In B. Rogoff & J. Lave (Eds.). Everyday cognition: Its development in social-context. Cambridge, MA: Harvard University Press, 1-8. Sohal, A. S., Sandhu, R., Sood, S. K., & Chang, V. (2018). A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Computers & Security, 74, 340-354. Son, J., Irrechukwu, C., & Fitzgibbons, P. (2012). Virtual Lab for Online Cyber Security Education. Communications of the IIMA, 12(4), 5.
 Turchin, A., & Denkenberger, D. (2018). Classification of global catastrophic risks connected with artificial intelligence. AI & SOCIETY, 1-17. Vize, S. (2018, January 08). 6 Highest-Paid Cybersecurity Jobs | Mondo: Tech & IT Staffing. Retrieved June 26, 2018, from https://www.mondo.com/blog-highest-paid-cybersecurity-jobs/ Veiga, A. P. (2018). Applications of Artificial Intelligence to Network Security. arXiv preprint arXiv:1803.09992. Wang, C., Jan, S. T., Hu, H., Bossart, D., & Wang, G. (2018, March). The Next Domino to Fall: Empirical Analysis of User Passwords across Online Services. In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (pp. 196-203). ACM. Weiss, R. S., Turbak, F., Mache, J., & Locasto, M. E. (2017). Cybersecurity education and assessment in EDURange. IEEE Security & Privacy, 15(3), 90-95. Zaki, M., Erman, H., Azman, A., Faizal, A., & Rahayu, S. (2010, June). Virtualization technology in teaching information technology security. In Proceedings 3rd Regional Conference on Engineering Education and Research in Higher Education, Sarawak, Malaysia.