Seidenberg celebrates Cybersecurity Awareness Month with stellar alumni panel

On Tuesday, October 19, 2021, the Seidenberg School of Computer Science and Information Systems at Pace University hosted an alumni panel dedicated to the topic of the month, cybersecurity.

Facilitated by faculty members Li-Chiou Chen and Darren Hayes, the panel comprised of four alumni who came together over Zoom to share their wisdom and expertise with current students.

Alumni panelists included:

    • Michael D’Angelo, Director of Forensics Operations practice at Driven
    • Pierre Jeppsson, Senior Associate at Ankura Consulting Group
    • Daniel Walker, Senior Intelligence Analyst, Homicide Bureau, Bronx District Attorney’s Office
    • Jasmine Washington, Computer Scientist, Defense Information Systems Agency (DISA)

Over the course of the hour long conversation, panelists discussed their current positions, how they got there, and what about their experience at Seidenberg helped prepare them for a career in cybersecurity.

The panel was recorded and will be released soon (we’ll update this post when it is). In the meantime, here are some quick answers to pressing questions Seidenberg faculty posed:

What’s the most significant cyber security problem right now in industry or in government?

Jasmine: Supply chain risk – being aware of what third parties you’re connected to and how they are secured . . . another trend is ransomware attacks. We see that really relevant relevant now that we’re doing telework and we’re working from home and we’re doing this education at home

Daniel: Phishing emails, because I know that is still prevalent today. I know a lot of you probably think, Oh, maybe it was done, five years ago, but no today it’s still happening. People are still clicking on links.

As a hiring manager, what do you look for in a candidate?

Michael: I want to find analysts or investigators that . . . maybe don’t know the full breadth of what’s out there and they want to get their feet wet. Even more, they want to be exposed – they want to delve into new topics and continue to learn . . . the ability to go outside of your comfort zone.

What advice do you have for interviewing?

Pierre: For me, It was just the conversations I was having. So, I did like three or four interviews . . . but I didn’t let them interrogate me. They asked me about my life, and I just told my story . . . there wasn’t enough time for them to go “so tell me about some-” you know . . . they hit you with those kind of gotcha interview questions. I was enthusiastic and I really thought a lot about what I would say. I even did some background work, like I went on the Anchor website and I looked at their mission statement and I looked at their their history and what their employees do in the matters that they’ve been involved in and it . . . painted a picture for who I might be talking to and once I knew who I was talking to I could just be myself. You tell them about yourself and and they go “Okay, this is a person I could see working here, somebody I would want to work with.”

The recording of the event will be available soon – we’ll share on Seidenberg social media as soon as it’s up!

Follow us on social media for updates!

The Return of Sunflower Hack

For its second year in a row Sunflower Hack is returning – but virtually. This year the hackathon is being hosted once again by Pace Women in Tech, alongside Pace University’s POPTV and Cybersecurity clubs. The event, which will take place on March 13th from 9:00 am to 6:00 pm, will be open for registration until March 7th, right before midnight.

Sunflower Hack is open to all participants over the age of 18, regardless of whether they’re enrolled at a university or not. Teams must consist of three to four members to create a hack with this theme in mind: Interaction and Communication. Once your teams are formed, you will have five hours to come up with an idea and a presentation. At the end of the event, a few teams will receive prizes based on different categories, including Best Entrepreneurial Hack, Best UX/UI Hack, and Crowd Favorite. Other potential categories include Best Communication Hack, Best Interaction Hack, and Most “Out-Of-The-Box” Hack.

The Seidenberg community is excited for the success of another engaging hackathon, where participants with various degrees of coding experience are encouraged to join in on the fun. Taking part in this hackathon will be the perfect way to meet new people with common interests, while also developing your programming, designing, and/or presentation skills. For updates on the event, please feel free to check out Sunflower Hack on Instagram, or if you have any questions, they can be answered at gosunflowerhack@gmail.com.

Pace University Students Qualify for the 2021 Northeast Regional Collegiate Cyber Defense Competition

by Andreea Cotoranu
Clinical Professor, Information Technology

A team of eight Seidenberg students with a passion for cybersecurity, participated in the highly coveted Collegiate Cyber Defense Competition, Northeast (NECCDC) qualifier, on January 23, 2021. The ‘core eight’ team included: Logan Cusano (BS in Information Technology ’22 – captain/student coach), Alexander Zimmer (MS in Cybersecurity ’22), Alexs Wijoyo (BS in Computer Science ’22), Kyle Hanson (BS in Information Systems’21), Brendan Scollan (BS in Information Technology ’24), Zachary Goldberg (BS in Information Technology ’22), Andrew Iadevaia (BS in Computer Science ’23), and Aleks Ceremisinovs (BA in Computer Science ’21).

One of the competition goals is to “develop competitor skills to respond to modern cybersecurity threats.” The competition provides a controlled environment for students and challenges them to protect an enterprise network infrastructure and business information system against inherent challenges. The competition environment, called ‘cyber range,’ was virtual, and the communication and collaboration were supported over Discord. Industry professionals moderated the teams; the ‘core eight’ were moderated by Seidenberg alums, and former NECCDC competitors, Andrew Ku (NYC Cyber Command) and John Guckian (IBM).

The theme of this year’s competition was ‘mobility.’ In the qualifier scenario, the ‘core eight’ were part of a news organizations’ internal security team working to administer and secure both data and systems of a regional office in the face of challenges posed by COVID-19. Competing teams were expected to manage the network, keep it operational, prevent unauthorized access, maintain and provide public and internal services.

As part of the competition, a ‘red team’ played the attacker role aiming to compromise the team’s systems. The ‘red team’ launched attacks by making extensive use of bots. Memes and a curated playlist contributed to creating a suspenseful competition atmosphere, which accurately reflected the realities of the battle between the ‘red team’ and the competing teams.

NECCDC Team Discord Groupchat
NECCDC Team Discord Groupchat

As the team captain for the event, Logan Cusano ’22 explained that his role was to assign tasks and secure servers. He noted that his favorite part of his role was seeing new team members “learn an immense amount of information and real-world skills on their assigned operating systems.”

Another team member, Alex Zimmer ’22, explained that he “assisted in our team’s logistical planning as well the preparation of script and reference materials. I also played an active role with our log management on the day of the competition. I found it particularly satisfying when either my materials or advice allowed another team member to overcome an obstacle or properly counter red team actions.”

Alexs Wijoyo ’22, who specialized in Linux operating systems on the team, explained that “the best part of my task was that I was able to get my hand dirty with the tools and operation of the competition. I love these types of things.”

To start, the team had to tame bots with correct command lines to obtain clues and access resources. After that, it was up to keeping systems secure and services up against several rounds of attacks, over five hours.  By round 7, the team had 26/28 services up and running, by round 20 it was down to 11/28, and by round 27, the team rebounded to 17/28. However, by round 41, it was down to 9/28, then up to 15/28 by round 52 –  they were never gonna give those services up! Business tasks, called injects, were as important as keeping services up, especially when competing against great teams. Ultimately, the performance on both technical and business tasks contributed to the team’s qualification to the NECCDC regionals.

NECCDC Team Discord Groupchat
NECCDC Team Discord Groupchat

Alex, who recalled the experience of “the continuous monitoring of the possible attack angles” as a combination of exhilarating and strenuous, explained that the team was ecstatic when they learned of their qualification.

“When I read the news that we had made it to the next round I was elated. I knew the team was capable but this just proved me right,” Logan said of the team’s excitement.

“We love working together and we sure do get a thrill from it,” Alexs chimed in.

Overall, the competition was challenging; however, ‘the core eight’ succeeded to communicate and collaborate, in a virtual environment, under pressure – any IT team would be lucky to have them on board. (Note: for a red team review of last year’s competition and advice for competitors, check Tom Kopchak’s (Hurricane Labs) post.

Seventeen teams from the Northeast region participated in this competition.  Ten qualifying teams, including Pace, will now have the opportunity to participate in the 2021 Northeast Regional CCDC, taking place virtually, March 19-21, through the Cyber Range and Training Center, part of the Global Cybersecurity Institute (GCI) within Rochester Institute of Technology (RIT) – the host organization for 2021.

As reported by current and former participants, competitions like NECCDC are some of the most impactful learning experiences. Pace students interested in participating in cybersecurity competitions are encouraged to connect with BergCyberSec, the Pace Cybersecurity Club (Discord: BergCyberSec) to learn of opportunities for training and collaboration.

Are you interested in pursuing a course, a degree, or a career in the exciting domain of cybersecurity? Check the Seidenberg School at Pace University’s cybersecurity course and program offerings here.

Pace University recently launched a Master of Science in Cybersecurity that aims to train the next generation of cybersecurity professionals to join an ever-growing workforce.

Seidenberg’s New Graduate Degrees: a Masters in Cybersecurity and a Masters in Data Science

This year, Pace University’s Seidenberg School of Computer Science and Information Systems has introduced two new graduate degrees to its list of programs: a Masters in Cybersecurity and a Masters in Data Science. With these new degrees available, students will get a chance to explore concepts they may have previously touched on in other courses regarding computing theory or web security. By pursuing one of these graduate degrees, those wanting to expand their knowledge of these subjects will have the opportunity to learn more about their favorite topics, while also increasing their chances of making a livelihood from them.

Potential Careers With Masters in Cybersecurity and Data Science Programs

With a masters in either cybersecurity or data science, the careers you wish to pursue can expand significantly. If you’re interested in studying cybersecurity, then maybe being a cyber crime analyst or incident analyst is perfect for you. Or, if you decide to study data science, you might consider becoming a data applications architect or a machine learning engineer. Whichever path you choose, the potential careers down below can give you an idea of the jobs you can get with one of these degrees.

Why a Masters Degree in Cybersecurity?

One of the biggest advantages of specializing in cybersecurity is that it expands your list of employers significantly. With a majority of services being held online, especially during the wake of the ongoing pandemic, those with a concentration in web security are needed now more than ever. It is important to know that cybersecurity is necessary for a majority of the applications and services that we enjoy today. For example, it’s essential for securing your financial information when online banking or shopping, and it also ensures the protection of your medical records when using healthcare services. The Cybersecurity Curriculum also includes a variety of electives for students to explore. From classes like Introduction to Homeland Security to Web and Application Security, the range of electives offered helps students study aspects of cybersecurity that most align with their career aspirations.

By the end of this graduate program, students are encouraged to complete their capstone project, which is essentially a real-world test of the knowledge they’ve acquired on cybersecurity. Participating in this project prepares students for the expectations that will be required of them in their future careers. Also, as a way of replicating a team-oriented working environment, students are expected to work together in groups, which will teach them the importance of effective communication, delegation, and compromise.

Why a Masters Degree in Data Science?

Just like cybersecurity, data science is becoming increasingly relevant in the online services we frequently use. This field of computer science, which is the application of collected data, is essential to helping organizations know how to further improve their services. These improvements are determined by studying the patterns of the information gathered and assessing the most effective way to utilize it. The Data Science Curriculum here at Pace not only touches on the fundamentals of data science, but it also provides students with the chance to take an elective outside of the given computer science options. This opportunity lets students explore a topic outside of computer science, where data science can still be applicable.

The capstone project at the end of this program is more of an independent course that provides students with the freedom to take their assignment into a multitude of directions. Despite it being a less group-oriented project, assistance and recommendations from the instructors of this course are still an option for students. With this project, students will be tasked with analyzing existing data and determining the best methods needed to identify and solve potential issues. Completing this project will encourage students to make use of their data science knowledge in practical work situations, thus preparing them for a smooth transition into the workforce.

The Takeaway

If you have a love for cybersecurity or data science and want to further your knowledge on these subjects, then pursuing one of these degrees may be perfect for you. Working towards one of these graduate degrees can open up a wealth of opportunities. Becoming an expert in your field can make you much more marketable to employers, and it can increase your chances of being promoted to higher-paying positions. If you’re interested in learning more about either of these programs, please feel free to check out Seidenberg’s website for additional information.

How to Stay Productive During Quarantine

From the title of this article, you might be wondering: why would I want to be productive during a time like this? Although it feels like what’s going on will never end, that couldn’t be further from the truth. At some point, things will return back to normal–classes will resume, friends will reunite, and some of us will even return back to find exciting internships and jobs. It may feel like that’s ages from now, but it will happen, and when it does you might want to be prepared. Being productive is hard, however, when you find ways to be productive that are also fun, it becomes a tad bit easier. So, to spare you the trouble of figuring out what those ways might be, here is a list of some fun (yet beneficial) ways to stay productive during quarantine.

1. Virtual Hackathons

Robot Typing

 

 

One way to stay productive is to attend a virtual hackathon. Although many of us may be more familiar with attending in-person hackathons, it doesn’t hurt to attend a virtual one. Plus with everything going on, a virtual hackathon is definitely much safer to attend. Not only are you doing your part by social distancing, but you’re also doing yourself a favor by putting in valuable coding time. Don’t let your skills get rusty. Take part in something that will build the skills you already have. There are plenty of virtual hackathons to attend, so look into one that might fit you!

2. Coding Activities

Girl Pretending To Type

 

This next idea is more of a group effort. If you’re stuck at home with any younger, female-identifying family members who also have an interest in technology, you should try introducing them to Girls Who Code, which is a program that encourages young girls to pursue any potential interest they may have in technology. With the gender gap in this field gradually increasing, it is not only important for us to provide girls with the resources they need, but it is also important that we make them feel welcomed. If you have any time to spare, you can also sit down with your sister, cousin, etc., and walk them through some weekly Girls Who Code At Home Activities. That way you get to help them expand their knowledge while also spending time with them and learning a little bit more yourself.

3. Revamp Your Resume

Girl At Job Interview

Despite everything that’s going on, once life returns back to some level of normalcy, we all have internships and jobs to look forward to. That’s why one of the best uses of any free time you have now could be used towards tweaking your resume. Thankfully, there are ways to make that process easier. One of the first steps is to book an appointment for a resume workshop on Handshake. All you need to do is log in with your Pace credentials, click the Career Center tab, and go into Appointments. Another thing you can also do is work on your resume using the Resume and Cover Letter Guidebook before your appointment. Doing so will save you a lot of time and help you complete your resume much faster. Also, please note that in order to apply for internships or jobs through Handshake with Pace, your resume has to be completed and approved by Career Services.

4. Look Into Potential Internships

Character Saying I Got The Job

After your resume is completed and approved, you can start looking into internships on Handshake. Using the website or the app, you can search for internships based on your major and internships based on location. Also, Handshake will show you the employer’s hiring preferences and whether or not your major, year level, or experience matches what they’re looking for.

5. Work On A Project That Interests You

Woman Lowering Her Glasses

Whether it be an app, a website, or a computer, work on a project that interests you. It can be something that you’re excited to do but also sharpens your technical skills. Being productive and staying motivated are less strenuous when you’re doing something you absolutely enjoy. With all this free time available, you can finally get started on that project you’ve been thinking about. If you don’t have a project idea, think of something you’re passionate about. For instance, if you’re unhappy about something that’s currently going on, maybe you could think of an idea that has the potential to help others. It could be a big and elaborate idea, or it can be small, simple, and to the point. Whatever your idea may be, go for it!

6. Attend A Club Meeting (via Zoom)

Fictional Business Meeting

If you’re a member of any Seidenberg clubs or genuinely interested in becoming a member, you can officially attend a club meeting using Zoom. Also, Pace Women In Tech, PCS, Seidenberg Tech Collective, and the Pace Cybersecurity Club are all really active – they are sharing events on social media, Discord, and email!

7. Relax

Woman At A Spa

Yes, being productive is important, however, productivity is nothing without peace of mind. If you’re too tired or stressed to be productive, then chances are your work will reflect that. Have a spa day, do some face masks, watch a movie, FaceTime friends, etc. Do what you have to do in order to recenter your mind, body, and soul.

During this unprecedented time, the Seidenberg School of CSIS would like to thank those working on the frontlines to protect the wellbeing of others and we’d also like to send our condolences to families who have lost any loved ones to this outbreak. It is important that during this time we look out and care for one another. For any students struggling to cope with what’s currently going on, here is a link to some tips and resources that you may find helpful.

 

 

Healthcare industry talks cybersecurity at third annual Pace University conference

The third annual cybersecurity conference took place at Pace University’s Westchester campus on Thursday, October 3, 2019. The conference included a set of panelists and speakers from many top East Coast organizations and a guest appearance from a canine cybercrime specialist.

This year’s focus was the Economics of Cybersecurity in Healthcare: Understanding the Costs of Cyber Exposure to Protect Enterprises and Patients.

After a networking breakfast, the Dean of the Seidenberg School of Computer Science and Information Systems, Jonathan Hill, welcomed guests and spoke about the work being done at Pace University. “Pace University is doing a lot to address the [cyber] threat today,” he said.

President Marvin Krislov also gave remarks, noting that “healthcare is the largest sector in the Westchester economy,” – an economy which Pace University contributes nearly $360 million to, it was recently announced.

The conference got started with an opening conversation between Jennings Aske, the Senior VP and CISO at NewYork-Presbyterian, and Anthony Johnson, Managing Partner at Delve Risk. The topic of the conversation was a threat briefing on the healthcare landscape. Jennings and Anthony dove into a fascinating discussion on risk management, patient privacy, and leading cybersecurity initiatives.

After the discussion, the Dean of the College of Health Professions, Harriet Feldman, took to the podium to discuss the industry outlook. “The intersection of technology and healthcare could not be more important than it is now,” she said.

Following was a new addition to our conference program – an interactive cyberattack exercise. The exercise was run by Shawn Fohs, Managing Director of Forensics US Cyber Response & Privacy Leader, Ernst & Young; Kevin M. McGuire, the Commissioner at Westchester County Department of Social Services; Jonathan Bandel, Assistant VP for Strategic Service Lines at White Plains Hospital, Robert Largey, Co-Founder of East Post Road Ventures, LLC, the Innovation Accelerator Arm of White Plains Hospital, and Pace University’s very own Kit Lee-Demery, the Assistant Director for Emergency Management and Fire Safety.

The session consisted of a tabletop exercise that aimed to create an opportunities for conference attendees – stakeholders within the healthcare critical infrastructure sector – to enhance their understanding of key issues associated with a focused cyberattack, including coordination and information sharing amongst private entities and government agencies in response to such an attack. Participants got to come up with a response to a fake, albeit plausible, cyberattack based on current plans, policies, and procedures. It involved contact from the FBI, hacking from malicious agencies, increasing panic, media scandals, and stolen information – all the makings of a quality drama!

Once the exercise was finished, the first panel discussion of the day took place over lunch. The panel, titled Quantification of Risk Management of the Healthcare Enterprise, included guests Michael Corcione, Managing Director at Treliant Risk Advisors and Robert Zandoli, Global CISO and Chief Technology Officer at BUNGE LTD, both of whom are Pace alumni. Co-Founder and CEO of Sovy, John Popolizio completed the group alongside moderator and Seidenberg School faculty member, Li-Chiou Chen.

No cybersecurity conference at Pace is complete without an appearance from our four-legged friend, Harley the Cyber Dog. As in previous years, Westchester County Police Department’s Detective Brett Hochron and his K9 partner Harley gave a demonstration of Harley’s skills at sniffing out cybercrime. Trained to detect a particular chemical scent present in many tech devices, Harley is capable of discovering hidden USBs, SD cards, smartphones, and more – even if they are very carefully hidden. Detective Hochron explained that, as Harley only eats when she successfully finds a hidden device, she associates working with a worthy reward, making her quite possibly one of the happiest professionals in the cybersecurity industry.

Prior to the demonstration, Detective Hochron hid several devices around the conference room, including a micro USB taped to an electrical outlet and another one tucked under a pillow. Harley found them all within minutes.

Harley’s training has enabled her to assist police and the FBI’s cyber crime unit in convicting criminals. When police conduct physical searches, they may miss evidence that is hidden under floorboards, in electronic sockets, inside furniture, and other imaginative locations. Dogs like Harley are able to provide the backup that ensures no laptop is left unturned or undiscovered.

The final panel of the day looked to the past, present, and future. The panel was titled the Evolution of the Cybersecurity Program for the Healthcare Enterprise and featured Chris Hetner, Managing Director of Marsh Risk Consulting’s Cyber Risk Consulting; Steven Goriah, DHA, CHCIO, FACHE, VP of Information Technology/CIO, Chief Information Security Officer at Westchester Medical Health Network, Seidenberg professor and digital forensics expert Darren Hayes; and Jennings Aske, SVP and CISO at NewYork-Presbyterian. Seidenberg professor and Associate Dean, Jim Gabberty, moderated the discussion.

Following the panel, Dean Jonathan Hill gave his closing remarks and the conference was open for guests to network and meet with panelists.

We are grateful to our sponsor, Treliant, for the generous support in making this conference a success.

Thanks also go to Detective Brett Hochron of Westchester County Police Department for another fantastic presentation with Harley.

Skip to toolbar