Cyber Security/Information Assurance Day

  • Each year, the Institute for CyberSecurity, in collaboration with the Computer Science Department and IT Support Services, hosts Cyber Security Day (known previously as Information Assurance Day). This day-long event features nationally recognized security experts as well as speakers from regional law enforcement, the government, the security industry, and academia. Cyber Security Day is open to the public, community colleges, and neighboring universities.

    This Year’s Cyber Security Day will be held on October 26, 2017.

    Please join us in the Stouffer auditorium. Presentations lined up for the event include:

    • 9:00 a.m. — Welcome and Opening Remarks
        Deanne Snavely, dean of College of Natural Sciences and Mathematics
    • 9:10 a.m. — Welcome Message
        Francisco E. Alarcón, acting chair of the Department of Computer Science
    • 9:20 a.m. — Event History, ICS Work and Recent Achievements, and Logistics
        Waleed Farag, professor of Computer Science and director, Institute for Cybersecurity at IUP
    • 9:30 a.m. — Insider Threats: Challenges and Mitigation Approaches
        James Joshi, professor, Department of Informatics and Networked Systems,School of Computing and Information, University of Pittsburgh
    • 10:20–10:35 a.m. — Morning Break
    • 10:35 a.m. — The State of Security Awareness and Education: Phishing and Beyond
        Skip Irwin, account executive for Wombat Security Technologies
    • 11:25–12:50 p.m. — Lunch Break
    • 12:50 p.m. — Provost's Remarks
        Tim Moerland, IUP's provost and vice president for Academic Affairs
    • 1:00 p.m. — Cyber Power and the Reserve Component
        Isaac Porche, director, Acquisition and Development Program, Homeland Security Operational Analysis Center, RAND Corporation
    • 1:50–2:00 p.m — Afternoon Break
    • 2:00 p.m — The 2018 Cyber Security Employment Landscape and You
        Joe Harford, president and founder, Reclamere
    • 2:50–3:00 p.m — Afternoon Break
    • 3:00 p.m — The Cybersecurity Professional's Current and Future Challenges
         David Brown, CISSP, PMP,  manufacturing information security business strategist, Business Complete Solutions
    • 3:50 p.m — Conclusion
         Waleed Farag, director, Institute for Cybersecurity at IUP

    Biographical Information

    James Joshi

    James Joshi is a professor of School of Computing and Information at the University of Pittsburgh, and the director and co-founder of the Laboratory of Education and Research on Security Assured Information Systems (LERSAIS), which has been designated as a Center of Academic Excellence in Information Assurance and Cyber Defense Education and Research (CAE and CAE-R). He is an elected fellow of the Society of Information Reuse and Integration (SIRI) and a senior member of the IEEE and the ACM. His research interests include access control models, security and privacy of distributed systems, trust management, network security, and security and privacy services in cloud computing, critical infrastructures, and social networking environments. He is a recipient of the US NSF-CAREER award in 2006. He has served as program co-chair and/or general co-chair of several international conferences/workshops. He currently serves as the steering committee chair of IEEE CIC. He was a founder and co-Editor-in-chief of EAI Endorsed Transactions on Collaborative Computing. Currently, he is the EiC of the IEEE Transactions on Services Computing. He had also served in or is in the editorial board of several international journals. His work has been recognized with Best Paper award in ACM CODASPY 2011 and BigData Congress in 2017, and Best Student Paper award in ACM SIGSPATIAL 2011. He is a co-editor of the book titled “Information Assurance: Dependability and Security of Networked Systems” published in 2007. He has published over 120 articles as book chapters and papers in journals, conferences and workshops, and has served as a special issue editor of several journals including Elsevier Computer & Security, ACM TISSEC (now TOPS), Springer MONET, IJCIS, and Information Systems Frontiers

    Skip Irwin

    Skip Irwin is an account executive for Wombat Security Technologies, a leading provider of security education that changes employee behavior.  Founded in 2008, Wombat’s Security Education Platform includes integrated knowledge assessments, a library of simulated attacks, and interactive training modules.

    Isaac Porche

    Isaac is a senior engineer at the RAND Corporation, where he currently serves as the director of the Acquisition and Development Program in the Homeland Security Operational Analysis Center.  As the director, Isaac overseas a wide range of projects supporting the Department of Homeland Security and its components.  He joined RAND in 1998 after graduating from the University of Michigan with a PhD in electrical engineering.  He has led research projects for the US Navy, US Army, the Department of Homeland Security, the Joint Staff, and the Office of the Secretary of Defense. He has served on the US Army Science Board supporting a number of its cyber-related panels. At the Institute of Politics and Strategy at Carnegie Mellon University, Isaac serves as an adjunct instructor, where he teaches a graduate class titled Policy and Technology of Cyberwar. He has authored numerous RAND publications, peer-reviewed journal articles, and conference papers. He is also a frequent contributor of op-eds and commentary for news outlets on military and science topics and has been quoted in other media outlets, including National Public Radio, the San Francisco Chronicle, and the Baltimore Sun.

    Isaac’s areas of expertise include cybersecurity, network and communication technology, intelligence, surveillance and reconnaissance (ISR) systems, data mining, modeling and simulation, cybersecurity, rapid acquisition processes, and operations research techniques. In 2016, he presented testimony on emerging cyber threats and implications before the House Homeland Security Committee, Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. Isaac’s latest publication, Cyber Power Potential of the Army’s Reserve Component, focuses on research conducted on how to train, manage, and develop the Army’s cyber force.

    Joe Harford

    Joe Harford is president and founder of Reclamere, a 16-year old information security company located in Central Pennsylvania that serves clients in highly regulated market sectors. The company has been providing its clients with information security solutions throughout the Mid-Atlantic region. Reclamere works with clients of all sizes and stages of the security maturity model.

    David Brown

    David C. Brown, PMP, CISSP, is the founder of Business Complete Solutions®. He shows leaders of manufacturing companies how to grow their business, and improve their competitiveness while they manage the risk of cyber-attacks and Compliance penalties.

    He has more than twenty-five years experience in manufacturing and seventeen in various cybersecurity roles. He has filled leadership positions in diverse engineering, consulting, and management positions at a wide variety of companies and industries.

    He specializes in using cybersecurity tools, techniques, and procedures to enable companies to innovate and improve business profits. https://www.businesscompletesolutions.com/.

    Titles and Abstracts

    James Joshi: Professor, University of Pittsburgh

    • Title: Insider Threats: Challenges and Mitigation Approaches
    • Abstract: Insider threats pose as an increasingly challenging issue that has significant potential impacts on organizations. Detection, mitigation and/or prevention of insider attacks present complex challenges while the boundary between an insider and an outsider within the context of an organizational information system is becoming increasingly blurry because of the immense interconnectivity among devices and applications, and organizational information systems; this is further aggravated by evolving and emerging technologies such as Cloud computing and the Internet of Things (IoT). In this talk, I will discuss various challenges, potential mitigation approaches and our ongoing research efforts related to tackling insider threats.

    Skip Irwin: Account Executive for Wombat Security Technologies

    • Title: The State of Security Awareness and Education: Phishing and Beyond
    • Abstract: This session will provide a comprehensive overview of the different threats facing end users today and the steps proactive organizations are taking to protect themselves. In addition to phishing, it will highlight lesser known, but equally as dangerous, threat vectors such as social engineering, mobile security, and ransomware. Skip will also discuss why an effective security plan must address a full scope of threats and share best practices on how to create an actionable security awareness and training program to effectively change behavior and reduce risk.

    Isaac Porche: Director, Acquisition and Development Program, Homeland Security Operational Analysis Center (HSOAC), RAND Corporation

    • Title: Cyber Power and the Reserve Component
    • Abstract: The military services are formalizing and bolstering their contribution to the nation’s cyber force, known as the US Cyber Command Cyber Mission Force. As part of a Total Force approach, the Army is considering using both active component and reserve component personnel to fill the Cyber Mission Force and other requirements in support of Army units. This presentation will discuss ways in which these soldiers can be leveraged to conduct Army cyber operations as well as the broader challenges and opportunities that the use of reserve component personnel presents.

    Joe Harford - President and Founder, Reclamere

    • Title: The 2018 Cyber Security Employment Landscape and You 
    • Abstract: Okay, so you have that prized information security degree, solid internship experience, and your first job offer—now what? The “now what” question is one that has plagued graduates for decades. This presentation is not about your short-term savings plan, 401K strategy, or winning real estate advice, although that would be helpful. Rather, this speaker will explain to you how important organizational culture, attitude, and a PIVOT mindset will differentiate you from your other professional colleagues.

    David Brown: CISSP, PMP, Manufacturing Information Security Business Strategist, Business Complete Solutions

    • Title: The Cybersecurity Professional's Current and Future Challenges
    • Abstract: The cybersecurity field is extremely complex and fast moving. Each year cybercriminals victimize thousands of large and small companies. David C. Brown, PMP, CISSP, founder of Business Complete Solutions, will discuss some of the current and future challenges facing cybersecurity professionals as they endeavor to protect their company and their career.

    Past Cyber Security Days Information:

  • IA Day Schedule 2010
    The 3rd Information Assurance Day November 9, 2010 Studio 210,Fisher Auditorium – IUP Time Speaker Topic Title 9:00 – 9:30 Dr. Mary Lou Zanich, Interim Dean, College of Natural Science and Mathematics Opening Remarks 9:30 – 10:45 Mr. Dominic Glavach and Mr. Scott Zimmerman, Concurrent Technologies Corporation Cloud For
    IA Day Schedule 2009
    This is the schedule for the second annual Information Assurance Day 2009, hosted by the Computer Science Department.
    IA Day Schedule 2008
    This is the schedule for Information Assurance Day 2008, hosted by the Computer Science Department.
    IA Day Program 2009
    This is the schedule for the second annual Information Assurance Day 2009, hosted by the Computer Science Department.
    Information Assurance Day 2011
    The Computer Science Department, in collaboration with the Institute of Information Assurance at IUP, will host the fourth annual Information Assurance Day on November 10, 2011, at the Delaware Room in the HUB at IUP.
    Information Assurance Day 2012
    The Computer Science Department, in collaboration with the Institute for Information Assurance at IUP, will host the fifth annual Information Assurance Day on November 1, 2012, from 9:00 a.m.– 4:00 p.m., at the Delaware Room in the HUB at IUP.
    Information Assurance Day 2013
    The Institute for Information Assurance at IUP, in collaboration with the Computer Science Department, will host the sixth annual Information Assurance Day on November 7, 2013, from 8:30 a.m.–4:00 p.m. at the Ohio Room in the HUB at IUP.
    Information Assurance Day 2014
    The Institute for Information Assurance at IUP, in collaboration with the IT Support Center and the Computer Science Department, will host the seventh annual Information Assurance Day on Thursday October 30, 2014, from 8:45 a.m. to 4:30 p.m. in the Ohio Room at the HUB.