Indiana University of Pennsylvania's Institute for Cyber Security, in collaboration with the Information Technology Support Center, will host the thirteenth annual Cyber Security Day on October 20, 2020.
This annual event features nationally recognized security experts as well as speakers from regional law enforcement, government, security industry, and academia, including IUP graduates Murat Ozturan from Microsoft Corporation, and Amy Diehl, associate vice president and chief information technology officer from Shippensburg University of Pennsylvania.
It is free and open to the community. Programs can be accessed via Zoom.
“We have been successfully organizing the Cyber Security Day at IUP for 13 years,” Waleed Farag, director of the IUP Institute for Cyber Security and professor of computer science, said.
“All of our past events were very well attended, with more than 200 attendees in 2019. Without question, this event will be different in the way that it is presented from earlier programs, but we have remained true to our mission of sharing perspectives from nationally recognized security experts from academia, government, and the private sector to share their expertise with our participants. With so many events and businesses using technology to maintain operations, the issue of cybersecurity has become even more critical so businesses, organizations, and individuals can better understand how to protect their online information and operations.”
The program begins at 9:00 a.m. with welcome remarks from the IUP Provost and Vice President for Academic Affairs Timothy Moerland and from Deanne Snavely, dean of the John J. and Char Kopchick College of Natural Sciences and Mathematics.
At 9:20 a.m., Farag will provide comments on the event history, Institute work, and recent achievements and logistics.
Presentations are scheduled as follows:
9:40 to 10:30 a.m.
“Cybersecurity and Privacy: Challenges Ahead”
Presented by James Joshi, professor and director of LERSAIS, School of Computing and Information, the University of Pittsburgh.
The world has become an intricately interconnected, complex system spanning cyber, physical, human, and social elements. As rapid growth in technological innovations continue to present us with unprecedented opportunities for social and economic transformations, these very innovative tools also pose increasing risks to the well-being and safety of individuals and our global society, including during crisis situations such as the current pandemic. To ensure maximal benefits of the cyber-enabled world and minimize such risks, it is important to understand holistically the cybersecurity and privacy issues that current and emerging IT innovations introduce so as to tackle them effectively. During his presentation, Joshi will discuss the cybersecurity and privacy challenges, as well as resilience issues and priorities in our current and emerging cyberspace.
Joshi is currently serving as a National Science Foundation program director in the Computer and Network System Division and in the Secure and Trustworthy Cyberspace program. He is an elected Fellow of the Society of Information Reuse and Integration, a senior member of the IEEE, and a distinguished member of the ACM. His research interests include access control models, security and privacy of distributed systems, trust management, and secure and privacy-preserving machine learning. He is a recipient of the NSF CAREER award in 2006. He established and managed the NSF CyberCorp Scholarship for Service program at the University of Pittsburgh in 2006 (two rounds). He also established and continues to manage LERSAIS as a NSA-designated Center of Academic Excellence in Cyber Defense (both CAE and CAE-R).
10:45 to 11:35 a.m.
“Cyber Attack Life Cycles”
Presented by Isaac Porche, deputy director of the Applied Research Lab at Penn State University.
Attacks in cyberspace are deliberate and usually follow patterns. Often, attacks are long-lasting campaigns. Thus, a firm understanding of the steps and phases of an attack allows a higher probability of a defender detecting and mitigating it. This talk will outline common steps seen for such offensive cyber operations. Specifically, this talk provides examples and case studies to illustrate the steps involved in data exfiltration, attacks on industrial control systems, and general denial of service attacks using large botnets.
Porche received his PhD in electrical engineering and computer science from the University of Michigan. Most recently, Porche was a research scientist and chief engineer at General Dynamics Mission Systems. Previously, he worked as a senior engineer at the RAND Corporation and as program director for the Homeland Security Operational Analysis Center. He also served as associate director of the RAND Arroyo Center's Forces and Logistics Program. His areas of expertise include acquisition, homeland security, cybersecurity network and communication technology, intelligence, surveillance, reconnaissance, information assurance, big data, and cloud computing. He has led research projects for the US Navy, US Army, the Department of Homeland Security, the Joint Staff, and the Office of the Secretary of Defense.
12:50 p.m.
Welcome message presented by Francisco Alarcón, chair, Department of Mathematical and Computer Sciences.
1:00 to 1:50 p.m.
“Digital Rights Management for the Masses”
Presented by Jack Lange, associate professor of computer science at the University of Pittsburgh.
Cloud-based data sharing services are a mainstay of modern cloud service architectures, but in recent years they have suffered a significant amount of loss in confidence among the general public. Numerous cases have come to light where service providers have accessed user data in ways that users find unacceptable, disclosed data to third parties that users were unaware of and did not approve, and lost control of the data itself due to attacks or unintentional data leaks. Lange will discuss how his research group has explored the use of hardware-based security features available in modern commodity processors, to allow users to retain control over their data even after sharing it in the cloud.
Lange received his PhD and MS degrees in computer science and two BS degrees, one in computer engineering and one in computer science, all from Northwestern University. Over the past 15 years his work has focused on high-performance computing and operating systems, as well as networking, virtualization, and distributed systems. More recently he has begun conducting research into practical system architectures to ensure user-oriented security and privacy. Currently he is working on leveraging hardware support to allow users to retain control of personal data in the era of cloud computing and social media services
2:00 to 2:50 p.m.
“Building Digital Resilience”
Presented by 1990 IUP graduate Murat Ozturan, business architect director, Azure Data and AI at Microsoft Corporation.
Almost overnight, the world has changed. #FlatteningTheCurve and other measures have led to remote work, productivity shifts, and severe business disruption. Organizations rely upon partners, planning, and often heroics; we are all doing the best we can. It's incumbent upon us to learn, grow, and become stronger during these times. Our businesses, interactions, and approaches will also change as we conquer the pandemic and embrace our learnings. Some businesses will not recover post-COVID-19. Others may shift focus, change operating models, and might even seek to acquire undervalued companies. Whether customer interactions, continuity, contingency planning, or operations, change is certain. The future is bright to learn and innovate if we embrace a growth mindset and lead.
Ozturan is accountable for driving business and technology strategy for data and AI solutions architecture and engineering in worldwide commercial business; working closely with key stakeholders across engineering, marketing, and field organizations; and driving customer success for cloud implementations. Previously, he was an Azure Data engineering member responsible for driving all technology initiatives, tools, and customer services for migrating data-related solutions/products from existing and competitive platforms to modern data platforms. He was also responsible for building OSSDB (PostgreSQL, MySQL, MariaDB) partner ecosystem. He was the CTO of Asia, Pacific, and Japan for Services until 2016, based out of Singapore, responsible for setting the technical strategy in services across Asia. He is a Microsoft veteran who is one of the North Africa/Turkey region's founding members. He has substantial field experience from TS to practice manager, resulting in a claim to perform all possible technical roles in a field organization successfully. Before Microsoft, Murat worked for Renault-France (automotive), and a major bank in Turkey.
3:00 to 3:50 p.m.
“So You Want to Work in Cybersecurity”
Panel discussion with IUP graduate Amy Diehl, associate vice president and chief information technology officer, Shippensburg University of Pennsylvania; Tom Dugas, assistant vice president and chief information security officer for Duquesne University; and Paul Grieggs, IUP executive director of information technology security.
Diehl received her PhD in administration and leadership studies from IUP. She is a regular speaker at conferences on challenges women leaders experience as well as a guest lecturer and consultant on gender bias. She was recognized in 2019 by the Central Penn Business Journal as a Woman of Influence.
Dugas is responsible for leading the information (cyber) security program to protect the availability, confidentiality, and integrity of data and systems at Duquesne University. He is a certified information systems security professional, and is a graduate of Robert Morris University with a master's degree in communication and information systems and a bachelor's degree in business administration with majors in accounting and management information systems. In 2019, he was recognized as the CISO of the Year by the Pittsburgh Technology Council. Dugas serves as a leader within the region as a co-leader of the Greater Pittsburgh CISO Group, a member of the Advisory Board for the Pittsburgh CIO Forum, and part of the governing body of the Pittsburgh CIO Executive Summit.
Grieggs is responsible for IT security, networking, and systems architecture at IUP. He has more than 30 years of IT experience and is the founding director of IUP's IT Security Office. Prior to his current position, he served as Technical Services manager at IUP and was responsible for networks, central systems, telecommunications, and IT security. Before joining IUP, he served as a technical consultant specializing in communication systems in the banking and health insurance industries. Grieggs was selected as a finalist for Pittsburgh Technology Council's Chief Information Security Officer of the Year award in 2019. He has a BBA degree from St. Bonaventure University.
IUP offers a bachelor's degree in computer science/cyber security track and a minor in cyber security. The university and the Institute for Cyber Security has a history of excellence and leadership in cybersecurity education and information assurance.
IUP, along with a selected group of national universities, has been awarded funding for the third consecutive year from the Department of Defense in support of the Cyber Scholarship Program. In addition to the scholarship recruitment award, IUP received a capacity building award for a project titled “New Collaborative and Learner-Centered Pedagogy for Faculty and Student Development in Cybersecurity.”
IUP was first selected as a National Center for Academic Excellence in Information Assurance by the National Security Agency and the Department of Homeland Security in 2002, a recognition that the university continues to hold. IUP is one of only 12 institutions in Pennsylvania currently holding this recognition.
IUP's program is unique because of its interdisciplinary character, blending the disciplines of criminology and computer science. In addition to the development of computer programs and systems for cybersecurity, IUP's program focuses on cybercrime detection, loss prevention, and how to collect the evidence to prosecute cybersecurity offenders.
For more information about Cyber Security Day at IUP, please contact Waleed Farag, director, Institute for Cyber Security, at farag@iup.edu or 724-357-7995.