Each year, the Institute for Cyber Security, in collaboration with the IT Support Services, hosts Cyber Security Day. This daylong event features nationally recognized security experts as well as speakers from law enforcement, government, security industry, and academia. Cyber Security Day is open to the public, community colleges, and neighboring universities.

The tenth annual Cyber Security Day was held Thursday, October 26, 2017, in the Stouffer Auditorium.

Information for the Event

The 10th Annual Cyber Security Day featured presentations from James Joshi, Skip Irwin, Isaac Porche, Joe Harford, and David Brown. Topics included phishing, cyber power, the employment landscape, and current challenges, and many others.  View the guest speaker and title abstract sections for more information. 

Brochure | Presentations | Photo Gallery | Schedule

Gues Speaker Biographical Information

Dr. James Joshi, Professor, Department of Informatics and Networked Systems, School of Computing and Information, University of Pittsburgh

James Joshi is a professor of School of Computing and Information at the University of Pittsburgh, and the director and co-founder of the Laboratory of Education and Research on Security Assured Information Systems (LERSAIS), which has been designated as a Center of Academic Excellence in Information Assurance and Cyber Defense Education and Research (CAE and CAE-R). He is an elected fellow of the Society of Information Reuse and Integration (SIRI) and a senior member of the IEEE and the ACM. His research interests include access control models, security and privacy of distributed systems, trust management, network security, and security and privacy services in cloud computing, critical infrastructures, and social networking environments. He is a recipient of the US NSF-CAREER award in 2006. He has served as program co-chair and/or general co-chair of several international conferences/workshops. He currently serves as the steering committee chair of IEEE CIC. He was a founder and co-Editor-in-chief of EAI Endorsed Transactions on Collaborative Computing. Currently, he is the EiC of the IEEE Transactions on Services Computing. He had also served in or is in the editorial board of several international journals. His work has been recognized with Best Paper award in ACM CODASPY 2011 and BigData Congress in 2017, and Best Student Paper award in ACM SIGSPATIAL 2011. He is a co-editor of the book titled "Information Assurance: Dependability and Security of Networked Systems" published in 2007. He has published over 120 articles as book chapters and papers in journals, conferences and workshops, and has served as a special issue editor of several journals including Elsevier Computer & Security, ACM TISSEC (now TOPS), Springer MONET, IJCIS, and Information Systems Frontiers.

Mr. Skip Irwin, Account Executive for Wombat Security Technologies

Skip Irwin, Account Executive for Wombat Security Technologies, a leading provider of security education that changes employee behavior. Founded in 2008, Wombat's Security Education Platform includes integrated knowledge assessments, a library of simulated attacks, and interactive training modules.

Dr. Dr. Isaac Porche, Director, Acquisition and Development Program, Homeland Security Operational Analysis Center (HSOAC), RAND Corporation

Isaac is a senior engineer at the RAND Corporation, where he currently serves as the Director of the Acquisition and Development Program in the Homeland Security Operational Analysis Center (HSOAC). As the director, Isaac overseas a wide range of projects supporting the Department of Homeland Security and its components. He joined RAND in 1998 after graduating from the University of Michigan with a Ph.D. in electrical engineering. He has led research projects for the U.S. Navy, U.S. Army, the Department of Homeland Security (DHS), the Joint Staff, and the Office of the Secretary of Defense. He has served on the U.S. Army Science Board supporting a number of its cyber related panels. At the Institute of Politics and Strategy at Carnegie Mellon University, Isaac serves as an adjunct instructor, where he teaches a graduate class titled Policy and Technology of Cyberwar. He has authored numerous RAND publications, peer-reviewed journal articles and conference papers. He is also a frequent contributor of op-eds and commentary for news outlets on military and science topics and has been quoted in other media outlets including National Public Radio, the San Francisco Chronicle, and the Baltimore Sun.

Isaac's areas of expertise include cybersecurity, network and communication technology, intelligence, surveillance, and reconnaissance (ISR) systems, data mining, modeling and simulation, cybersecurity, rapid acquisition processes, and operations research techniques. In 2016, he presented testimony on emerging cyber threats and implications before the House Homeland Security Committee, Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. Isaac's latest publication, Cyber Power Potential of the Army's Reserve Component, focuses on research conducted on how to train, manage, and develop the Army's Cyber force.

Mr. Joe Harford, President and Founder, Reclamere

Joe Harford, President and Founder, Reclamere, a 16-year old information security company located in Central Pennsylvania that serves clients in highly regulated market sectors. The company has been providing its' clients with information security solutions throughout the Mid-Atlantic region. Reclamere works with clients of all sizes and stages of the security maturity model.

Mr. David Brown, CISSP, PMP, Manufacturing Information Security Business Strategist, Business Complete Solutions

David C. Brown, PMP, CISSP, is the founder of Business Complete Solutions. He shows leaders of manufacturing companies how to grow their business, and improve their competitiveness while they manage the risk of cyber-attacks and Compliance penalties.He has more than twenty-five years experience in manufacturing and seventeen in various cybersecurity roles. He has filled leadership positions in diverse engineering, consulting, and management positions at a wide variety of companies and industries.He specializes in using cybersecurity tools, techniques, and procedures to enable companies to innovate and improve business profits.

Titles and Abstracts

Dr. James Joshi, Professor, University of Pittsburgh

  •  Title: Insider Threats: Challenges and Mitigation Approaches
  • Abstract: Insider threats pose as an increasingly challenging issue that has significant potential impacts on organizations. Detection, mitigation and/or prevention of insider attacks present complex challenges while the boundary between an insider and an outsider within the context of an organizational information system is becoming increasingly blurry because of the immense interconnectivity among devices and applications, and organizational information systems; this is further aggravated by evolving and emerging technologies such as Cloud computing and the Internet of Things (IoT). In this talk, I will discuss various challenges, potential mitigation approaches and our ongoing research efforts related to tackling insider threats.

Mr. Skip Irwin, Account Executive for Wombat Security Technologies

  •  Title: The State of Security Awareness and Education: Phishing and Beyond
  • Abstract: This session will provide a comprehensive overview of the different threats facing end users today and the steps proactive organizations are taking to protect themselves. In addition to phishing, it will highlight lesser known, but equally as dangerous threat vectors such as social engineering, mobile security, and ransomware. Skip will also discuss why an effective security plan must address a full scope of threats and share best practices on how to create an actionable security awareness and training program to effectively change behavior and reduce risk.

Dr. Isaac Porche, Director, Acquisition and Development Program, Homeland Security Operational Analysis Center (HSOAC), RAND Corporation:

  •  Title: Cyber Power and the Reserve Component
  • Abstract: The military services are formalizing and bolstering their contribution to the nation's cyber force, known as the U.S. Cyber Command Cyber Mission Force. As part of a Total Force approach, the Army is considering using both active component and reserve component personnel to fill the Cyber Mission Force and other requirements in support of Army units. This presentation will discuss ways in which these soldiers can be leveraged to conduct Army cyber operations as well as the broader challenges and opportunities that the use of reserve component personnel presents.

Mr. Joe Harford, President and Founder, Reclamere

  •  Title: The 2018 Cyber Security Employment Landscape and You
  • Abstract: OK, so you have that prized information security degree, solid internship experience, and your first job offer - now what? The now what question is one that has plagued graduates for decades. This presentation is not about your short-term savings plan, 401K strategy, or winning real estate advice, although that would be helpful. Rather this speaker will explain to you how important organizational culture, attitude, and a PIVOT mindset will differentiate you from your other professional colleagues.

Mr. David Brown, CISSP, PMP, Manufacturing Information Security Business Strategist, Business Complete Solutions

  •  Title: The Cybersecurity Professional's Current and Future Challenges
  • Abstract: The cybersecurity field is extremely complex and fast moving. Each year cybercriminals victimize thousands of large and small companies. David C. Brown, PMP, CISSP, founder of Business Complete Solutions, will discuss some of the current and future challenges facing cybersecurity professionals as they endeavor to protect their company and their career

More Information

For more information about Cyber Security Day at IUP, please contact Waleed Farag, Director, Institute for Cybersecurity, at farag@iup.edu, 724-357-7995.