Below is a link to a workshop that is being held at Anoka Ramsey College in the evening on April 9th. For those of you in or near the college this is a free to students or alumni of MnScu and very low cost to those not graduates of that system and is an opportunity to learn more about marketing your skills and to meet IT recruiters from the area. Check it out and be sure to register if you are able to attend.
News & Updates
The information in this section includes discussion of new attacks, technologies, or controversies of interest to the information assurance and security community. We encourage interactivity in the discussion and ask that you participate and that you share the link with anyone who may have something to contribute to the conversation. Send any suggestions for items to firstname.lastname@example.org or email@example.com
To all that were not able to join us tonight for our Information Assurance and Security Monthly talk and presentation titled: The Accidental Insider with Barry Caplin. Glad to share with you all the recording of the presentation along with some details:
Here is the link to the presentation recording:
More to follow the speaker:
Where to Learn More…
- CMU CyLab – http://www.cylab.cmu.edu/
- CERT – http://www.cert.org/insider_threat/
- Data Breach Blog – http://breach.scmagazineblogs.com/
- OSF DataLossdb – http://datalossdb.org/
- Dark Reading – http://darkreading.com/insiderthreat/
You are cordially invited to the Information Assurance Security monthly talk. For this event, we are pleased to have the Chief Information Security Officer of the MN Dept. of Human Services who is also speaking in different information security events and has been in this field for more than 30 years. Please join us for this exciting event, invite your learners, and forward to anyone who may be interested.
** The purpose of the Capella IAS Speaker Series is to provide education and information important to the IAS community
• Who? — Speakers can be experts in the field, business partners, faculty, students, and current graduates. Students can use this forum as a way to present their research or in an area of their expertise. Experts will be asked to present in an area of their expertise on a timely topic in the IAS field.
• What? — Current events, important IAS topics, and research important to the IAS community.
• When? — Once a month starting in July. All presentations will be recorded and put on the IAS community website.
• How?– Presentations will be an hour in length with a Q&A period, and will be delivered using Adobe Connect. Some presentations could be a panel discussion with questions and answers from the audience.
• Why? — To contribute to Capella’s IAS center of excellence in IA education and the larger IAS community.
Name: Capella IAS Speaker Series
Summary: The Capella IAS Speaker Series
Invited By: Mansour Sharha, MANSOUR.SHARHA@CAPELLA.EDU
Subject: The Accidental Insider
When: 03/18/2013 7:00 PM – 8:00 PM
Time Zone: (GMT-06:00) Central Time (US and Canada)
Conference Number(s): 1-888-205-5513 (US/CAN) / 1-719-955-0562 (INTL)
Participant Code: 429132
To join the meeting, Please use this link:
** About the Presenter:
Barry Caplin is currently the Chief Information Security Officer at the MN Dept. of Human Services. Barry has been in the field of IT and Information Security for nearly 30 years. He is a frequent speaker on all kinds of Information Security topics. He particularly likes talking about “home” tech issues in talks like: Internet Safety for Children and Families, Teens 2.0, Identity Theft and What You Can Do About It, How to be a Tech-Smart Parent, and Outsmarting Your Smartphone.
Core Faculty, Network Technology & Information Security Assurance
School of Technology
There is a fast growing demand, but short supply, of well-trained information security professionals. Join us in our commitment to ensuring the pipeline of today is being filled for the needs of tomorrow. Forward this email to any and all that may benefit from a scholarship opportunity!
The (ISC)2 Foundation’s Scholarship programs are open worldwide to bright, dedicated future information security professionals who would benefit from an Undergraduate, Research or Women’s Scholarship while educational professionals are highly encouraged to apply for Faculty Certification Exam Vouchers.
Application period closes at Midnight on March 31, 2013 EDT.
Interesting article on strategies for ‘hiding’ information in plain site:
NIST is offering some forensic science workshops in April and May of 2013. Below is the URL to registration information if you are interested.
There is a link to the national news that describes an incident that presents some interesting conflicts: http://news.nationalpost.com/2013/01/20/youth-expelled-from-montreal-college-after-finding-sloppy-coding-that-compromised-security-of-250000-students-personal-data/
A student was expelled according to the article because he found poorly written code while working on a project. Finding and reporting the vulnerability was not however the issue for which he was punished. Rather it was his activity following reporting the incident that got him into trouble. This student wanted to validate that his report had been taken seriously and that the vulnerability had been corrected so he ran a vulnerability tool against the schools network without their permission rather than checking in with those responsible for managing the network. Though he may not have had malicious intent he crossed the line by probing a network without permission of the owner of the network.
What would you recommend have been done in this situation? Should the student have been expelled or would you have recommended a less aggressive punishment? Do you agree that this activity crosses the line and is worthy of punishment at all? Share your thoughts…
A recent discovery of a vulnerability in JAVA has some security professionals including some in the government recommending that users disable JAVA in their browsers until a fix can be developed and distributed. Do you agree with this advice? Tell us how you are recommending this vulnerability be handled until it can be mitigated.
Capella learners are eligible to apply for the annual U.S. Department of Defense (DoD) Information Assurance Scholarship Program because Capella has been designated as a Center for Academic Excellence in Information Assurance Education (CAEIAE) by the National Security Agency (NSA) and the U.S. Department of Homeland Security (DHS).
- Full tuition, books, and expenses for one year
- $17,000 stipend ($22,000 for graduate students)
- Information security internship with the Department of Defense and a professional position with the federal government at the completion of your program; this internship requires you to fulfill a period of service with DoD—most internships are located in the Washington, D.C., area
Requirements – To be eligible for this scholarship, you must: Continue reading →