Cybersecurity

• Security Analyst – Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, and/or management of security solutions.
• Security Engineer – Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements.
• Security Architect – Designs a security system or major components of a security system, and may head a security design team building a new security system.
• Security Administrator – Installs and manages organization-wide security systems. May also take on some of the tasks of a security analyst in smaller organizations.
• Security Software Developer – Develops security software, including tools for monitoring, traffic analysis, intrusion detection, virus/spyware/malware detection, anti-virus software, and so on. Also integrates/implements security into applications software.
• Cryptographer/Cryptologist – Uses encryption to secure information or to build security software. Also works as researcher to develop stronger encryption algorithms.
• Cryptanalyst – Analyzes encrypted information to break the code/cipher or to determine the purpose of malicious software.
• Chief Information Security Officer – A high-level management position responsible for the entire information security division/staff. The position may include hands-on technical work.
• Security Consultant/Specialist – Broad titles that encompass any one or all of the other roles/titles, tasked with protecting computers, networks, software, data, and/or information systems against viruses, worms, spyware, malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever increasing list of attacks by hackers acting as individuals or as part of organized crime or foreign governments.

• Intrusion Detection Specialist – Monitors networks, computers, and applications in large organizations, looking for events and traffic indicators that signal intrusion. Determines the damage caused by detected intrusions, identifies how an intrusion occurred, and recommends safeguards against similar intrusions. Also does penetration testing to identify vulnerabilities and recommend safeguards as preemptive measures.
• Computer Security Incident Responder – As a team member usually, prepares for and mounts rapid response to security threats and attacks such as viruses and denial-of-service attacks.
• Source Code Auditor – Reviews software source code to identify potential security issues and vulnerabilities that could be exploited by hackers to gain unauthorized access to data and system resources.
• Virus Technician – Analyzes newly discovered computer viruses, and designs and develops software to defend against them.
• Penetration Tester (also known as Ethical Hacker or Assurance Validator) – Scans for and identifies vulnerabilities, and exploits them to provide hard evidence that they are vulnerabilities. When penetration-testing large infrastructures such as power grids, utility systems, and nuclear facilities, large teams of penetration testers, called Red Teams, are employed.
• Vulnerability Assessor – Scans for, identifies and assesses vulnerabilities in IT systems including computers, networks, software systems, information systems, and applications software.

The fourth annual Virginia Cybersecurity Education Conference will be held on July 20 in a virtual  format as in 2020.  Details can be found at https://www.virginiacyberrange.org/events/VACyberEduCon2021.  Agenda is still being developed.

The third annual Virginia Cybersecurity Education Conference was hosted by the Virginia Cyber Range, on July 27-28, 2020 which was originally scheduled to be at Old Dominion University in Norfolk, Virginia. Due to the COVID-19 pandemic, the conference follow a virtual format.  TPlease refer to the main Virginia Cyber Range at the hyperlink above for further details on the program, conferences and other activities that occurred.  This annual conference is open to all Virginia high school, college, and university faculty, administrators, and partners. Stay up to date on the conference by subscribing to the Cyber Range newsletter here.

The Volgenau School of Engineering at George Mason University received approval for a Masters in Cybersecurity Engineering so that student scan now move from the BS in Cyber Security Engineering to the MS in Cyber Security Engineering.  For the Laurel Ridge student, this provides an opportunity for the student in the Associate of Science: Cybersecurity Engineering specialization to follow a career path to a masters degree level.   Check out GMU’s Engineering web site for details.

The National CyberWatch Center has opened registration for the National Cybersecurity Student Association. Membership allows students to display member logs within social networking and media sites and on their resumes. Please go to the association website at http://www.cyberstudents.org/ to learn more.

CAE in Cybersecurity Community distributes cybersecurity information frequently during the month.  The information may include happenings in competitions, conferences, tech talks, vacancy announcements, and other newsworthy events.   The news component of the site can be reviewed at https://www.caecommunity.org/content/news.  Some components are only opened to CAE (Center of Academic Excellence) members.

On February 25, 2014 Governor McAuliffe signed Executive Order Number 8: Creating Cyber Virginia and the VA Cyber Security Commission. More details on cyber initiatives can be found at http://cyberva.virginia.gov/

When selecting an antivirus software package, there are a few things to keep in mind before making your selection. The following lists what many experts say should be considered before making your choice.

By following these simple steps, your choice of antivirus software will provide you with compatibility, protection, and detection designed for your computer and avoid all of the potential pitfalls along the way.

1.  What operating system you are currently using and if you are likely to upgrade should be taken into consideration before making your choice. Some antivirus software will not work on certain operating systems. Some are made specifically for certain systems. For example, software made by Windows is not going to work on a Mac.
2. What do you use your computer for? Are you a gamer? Do you surf the Web a lot? Or do you use your computer primarily for work? There are different levels of protection needed for the different uses of your computer. Your selection should be based on what you predominantly use your computer for.
3. After you have made a list of selections that you think are good, check them against lists made by certification and testing companies to see how they stack up against the competition. If you don’t see your selection on one of these lists, chances are that it is not a very good antivirus software. Two labs noted for testing this software are VB100% and ICSA labs.
4. After you have checked to make sure your choices are certified, notice the test scores attributed to the different software packages. The test scores are based on how well each software ranks with respect to protection and detection. Make sure your final choices are ranked consistently high before the final step.
5. The final step is to test each of your final selections to see how well they do on your system. Your computer system may be similar to others, but it is distinctive in that it is a reflection of you and how you use the computer.

When looking for a registry cleaner, investigate your options thoroughly. There are a multitude of companies that claim to have the best registry cleaner and will back their claims up citing surveys or magazines. However, buyer beware applies here. If you read several reviews from different magazines and see three consistent registry cleaners at or near the top, you should investigate these further before deciding on your selection. A registry cleaner should do a variety of things including but not limited to the following:

1. Provide a free scan of your computer
2. Provide the ability to back up your computer creating a restore point in case of future corruptions
3. Provide an automatic or manual repair of the registry for items detected during the scan
4. Provide technical support if you are having a problem with the software or need assistance on how to use the product
5. A full refund guarantee in the event you are not satisfied with the results. The length of time allowed to return the product should influence which product you choose.

The following eight security organizations address a variety of topics such as incident response, technical standards, cyber international policies, information technology protections and critical infrastructure.

• The Computer Emergency Response Team Coordination Center, created in 1988, to organize interaction among authorities during security crises and to help provide intelligence and communication for the prevention of attacks.
• The Forum of Incident Response and Security Teams (FIRST) is an international organization whose goal is the prevention and response to both local and international security crises and the promotion of collective information.
• Infraguard is dedicated to improving and sharing security information between private industries and the FBI when confronted by crises involving essential national infrastuctures.
• The Information Systems Security Association is comprised of security professionals and consultants that provides research and education with regard to computer security.
• The Computer Security Resource Center provides guidelines and technical assistance when security threats involve national security interests of the United States.
• The National Security Institute (NSI) works to provide knowledge about security vulnerabilities and threats.
• SANS is the most trusted and by far the largest source for information security training in the world
• (ISC)²® is the global, not-for-profit, leader in educating and certifying information security professionals throughout their careers.

1. You act respectfully and responsibly as a participant on this effort and to your team.  You follow the code of ethics unless the competition rules allow otherwise.
2. The faculty mentor may advise as needed and as best the faculty mentor can but you and your team must find a faculty member who is willing to lead and direct the teams actions as a sponsor.  In addition, the faculty person must discuss and come to consensus with the faculty mentor so chosen before any registration ensues.  (Oh yes, the mentor and team director may be one and the same.)
3. You and/or team provide updates to the mentor on progress based upon a mutually agreed upon schedule.
4. All members of the team must demonstrate willingness and dedication to actively participate in all events of which the team has registered.
5. The mentor, the college, and/or the faculty director have the right to disband the team or make notice of non-participation to all members at any time.
6. The team and its members or an individual will be responsible for costs and logistics of traveling unless otherwise noted and approved by the college and faculty mentor and/or sponsor.

Virginia Cyber Fusion Cup at Virginia Military Institute (VMI):

Virginia Cyber Fusion Cup is a cybersecurity CTF competition of selected invited Virginia universities and community colleges which is held at VMI each year during February. The annual event is  jointly sponsored by VMI and the Virginia Cyber Range.  This is normally a four hour on site competition at VMI.

Radford University RuSecure:

The RuSecure event for Spring 2020 proved to be a victim of the COVID 2019 pandemic in that the finals were canceled.  One of two Laurel Ridge team s made the finals after a tough preliminary round but unfortunately did not have the opportunity to continue into the final round.

Trevor Riley-Jewell and Matthew Cascio on their third-place finish in 2018 RU Secure cybersecurity competition at Radford University. They were one of two Laurel Ridge competing. https://twitter.com/lfccedu/status/991037634947571712

National Cyber League Cybersecurity Competition:

The National Cyber League site is at http://nationalcyberleague.org  This competition allows you to compete with other students to get ranked Nationally and demonstrate your skills to a perspective employer.   The competition is held online throughout the various seasons of the year.  The teams progress through various levels (pewter, bronze, silver and gold) with the top team receiving a monetary award.

The Laurel Ridge Cybersecurity team competed for the first time in 2019-2020 and was awarded the silver level.  The silver level and above are used for scouting reports for career positions from perspective employers. In the 2020-2021 cycle, the Laurel Ridge Cybersecurity competition team finished in 50th place out of 900+ participants across the world.

Collegiate Cyber Defense Competition (CCDC) site is at http://www.nationalccdc.org/index.php The mission of the competition is to provides a controlled, yet competitive environment for students to assess their understanding and operational competency in managing the challenges inherent in protecting a corporate network infrastructure and business information systems.

CyberFed as it is called can be located at http://www.cyberfed.org/   Again, if faculty sponsor is required, please contact Dr. Henry Coffman. (Note: site seems to be marked by Asian fonts; checking on reasons.)

Cyber Cup is In support of Science, Technology, Engineering, and Mathematics (STEM) outreach, the National Cyber Summit is hosting a 2 day cyber challenge. The competition will include teams of 2 competitors each with 3 qualifying rounds. Registration is open to middle and high school students, and as well as college and industry professionals. The Cup’s objective is to provide a competition environment testing competitors ability to work through increasingly challenging tasks.This competition will be for teams of 2 competitors each. During the registration process, you will identify which members are on your team. Find out the details at http://naissa.org/cyber-cup-details/.

Mid-Atlantic Collegiate Cyber Defense Competition site is at http://maccdc.org/. This competition allow your Laurel Ridge team to defend a system against a Red Team of hackers determined to bring it down!

Black T-Shirt Cyber Forensics Challenge site is at https://www.facebook.com/BlackTshirtCyberForensicsChallenge/?fref=nf

The National Cybersecurity Student Association is a one-stop-shop to enhance the educational and professional development of cybersecurity students through activities, networking and collaboration. This group supports the cybersecurity educational programs of academic institutions, inspires career awareness and encourages creative efforts to increase the number of graduates in the field.  More information can be found at https://www.cyberstudents.org/ .

Epsilon Pi Tau (EPT) International Technology Honor Society

Epsilon Pi Tau (EPT) is the Leading International Honor Society for Technology.  Epsilon Pi Tau recognizes academic excellence of students in fields devoted to the study of technology and the preparation of practitioners for the technology professions. Students having a 3.5 grade point average and having completed least 30 semester credits are eligible to join. Epsilon Pi Tau also extends the honor of membership and advancement activities to outstanding practitioners in the technology professions, scholars with exemplary research interests in technology in society and/or persons who have significantly supported or advanced technology professions.

Epsilon Pi Tau is a certified member of the Association of College Honor societies.

The Delta Phi Chapter of Epsilon Pi Tau at Laurel Ridge strives to help each member:
• Reach for Excellence
• Career Advancement
• Enrich your Education
• Resume Building
• Perform Community Outreach
• Recognized for Achievements
• Build Professional Network

Leadership Opportunities: Employers look for signs of potential leadership characteristics during the interview process. Officer positions and the worthwhile projects carried out by the Delta Phi Chapter provide excellent opportunities for the acquisition of leadership experience and the satisfaction of accomplishment.

Benefits of joining: Two issues of the EPT newsletter The Preceptor, and two issues (in
one combined volume) of The Journal of Technology Studies (hard copy or online) annually. Members only access to the Epsilon Pi Tau web site, and eligibility to compete for the annual Warner Awards.

Faculty Advisors

• Jose Nieves

Laurel Ridge employs full-time faculty, all of whom possess many years of teaching and professional experiences along with a variety of professional certifications.

Dr. Jose’ Nieves

Dr. Jose Nieves as extensive public and private sector Information Technology experience. He served as a USAF officer for 5 years and several progressive senior technical and management positions with corporations in the Washington DC metropolitan area for over a decade. In addition to his Laurel Ridge teaching, Dr. Nieves has taught courses in security, forensics, project management, and information management at American Intercontinental University Online at the bachelor’s and master’s levels. At Capella University, Dr. Nieves consults on doctoral-level seminar courses in information systems management. Dr. Nieves is certified as a CIW Associate and as a VCCS Online Instructor. Email him at [email protected].

Fauquier Campus Vacant Position under Recruitment

Professor Brewer left the faculty staff after Spring 2020 semester to return to industry. A replacement hiring is underway. At times, finding a qualified replacement is not easy due to competitive salaries and industry needs. The full time faculty position is located at the Fauquier campus in Warrenton and hiring is continuing. The completion of this action is hopefully resolved in the near future.

Professor George Hurley (Mel)

George Hurley has more than 26 years’ experience in Information Technology (IT). He currently serves as Program Director for an IT consulting company. He has extensive experience as a scientist, architect, engineer and developer. He holds a MS in Information Assurance and BS in Information Technology from Capella University. Mr. Hurley is a Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) and Project Management Professional (PMP). He is affiliated with (ISC)2, ISACA, ACT-IAC. He served as Chair, Intel subcommittee, TechAmerica; Deputy Commissioner, CLOUD2 commission; and member, FEAv2 Security Reference Model Working Group. He is a member of Cyber Security Forum Initiative (CSFI), Red Team and InfraGard.

Dr. James Allen

Dr. James Allen currently works as Senior Security Architect and Authorizing Official for the Federal Bureau of Investigation in Washington DC and a former Chief of Service Operations and Information Assurance at Defense Security Services.   He has industry experience in Information Technology (INFOSEC), hardware, and network engineering.  He is also a United States Navy Veteran of 23 years.  His role in the Navy was training and educating his fellow military sailors on technical and non-technical curricula. He possesses several certifications including CISSP, CCSP, and NSA INFOSEC.  In addition, he has received  numerous awards including:

1. FBI Director’s Award for Excellent in Management
2. Commander’s Award for Civilian Service
3. Navy Achievement Medals (3)
4. Navy Commendation Medals (3)
5. Joint Service Civilian Achievement Medal

Dr. Allen has a Doctor of Science in Cybersecurity from Capitol Technology University. He teaches cybersecurity concentration courses in the cybersecurity program.

Professor Mark Sunderlin

Mark Sunderlin has over 37 years in the government/industry field. He spent 16 years at the Internal Revenue Service as Chief of the LAN and Workstation Branch where he performed oversight of workstation and local area network activities including security audits. From there, he moved on to private industry where he was a Senior Technical Manager for AOL for 7 years and was then a Data Engineer for Verizon Media. Currently, he is a Principal Data Engineer for Yahoo. At Yahoo, he designs and oversees the creation of Big Data, Cloud, and Database services. His concentrated skills are in Databases, Linux operating systems, and Big Data. Mark earned a Masters of Science in Information Technology from George Washington University and a Bachelor of Science in Computer Science from Shenandoah University. He has been an adjunct professor at Laurel Ridge Community College since 2012. Mark has recently received the Virginia Community College System George B. Vaughan Leadership Award for Outstanding Adjunct Faculty (Spring 2020) and the Laurel Ridge Community College Distinguished Adjunct Faculty Award (2020).

Jason Pell

Jason Pell works in the Northern Virginia area as a Cybersecurity Systems Engineer. He has performed years of service as a Cyber Analyst and Incident Responder for organizations such as the Securities and Exchange Commission, the United States Army, and the United States Marine Corps. He possesses years of industry experience in network intrusion detection analysis, network engineering and quality assurance, network vulnerability assessment, and digital forensics. Jason earned a Master of Science in Digital Forensics and Cyber Investigations and a Bachelor of Science in Cybersecurity from the University of Maryland Global Campus. He currently holds the SANS GCIA, GCIH, and GCFE certifications.

In addition to faculty, the Cybersecurity program is supported by and administration and advising staff as listed below.

Administrative Support

Major administrative support is provided by a Dean, Dr. Craig Santicola, and his administrative assistant, Ms. Emma Hott.

Dr. Craig Santicola, Dean of Professional Programs, provides overall program support in initiatives, resource requirements, and external communication to the Executive levels (President, Provost, Vice Presidents) and the VCCS Offices in Richmond. He also provides sponsorships for accreditation and conferences activities.

Emma Hott provides crucial support in program and course scheduling, in program changes, travel, training and conference registrations, although she may acquire assistance on processing such items from other assistants.

Advising Support

The college has several advisors which can be viewed on the advisor web page. Please note that the list represent advisors who provide assistance to specific populations and are not necessarily dedicated to the cybersecurity or technology programs as the primary target(s).

Cybersecurity Student Gets the Outstanding Student at Middletown Campus Award

Laurel Ridge Outstanding Student at the Middletown Campus is a Cybersecurity program student and graduate.  The student competed with several thousand students to receive the award.  Unfortunately the name cannot be divulge at this time so as to maintain a somewhat perception of a surprise but will be divulge around May 15.

In other student news, Alexia Maynard, and DJ Joachim, both cybersecurity majors hit the news circuit lately. Alexia graduated in May 2020 as the Cybersecurity Student of the Year while DJ Joachim  will complete the degree within the coming academic year.  In addition, DJ is the Team Captain for the Laurel Ridge Cybersecurity Competition Team.

Many events and articles indicated the importance of cybersecurity in the government, academics and industry.  Below provides some examples of news worthy actions occurring in the environment.

Presentations: Dr. Coffman and Dr. Stange presented “Energize Student Resumes with Non-Traditional Approaches” at the First Annual Virginia Cybersecurity Education Conference hosted by the Virginia Cyber Range, on August 14-15, 2018 at James Madison University in Harrisonburg, Virginia and, again, at the 2018 New Horizons Conference April 2018, in which they discussed five primary ways to better prepare Cybersecurity and Computer Science students outside the classroom. The ways presented were (1) participation in individual and team competitions, (2) summer internships, (3) real course projects, (4) clubs, and (5) community service. Hear first-hand from students, faculty, and partners on this approach energizes a student’s resume.

NCWIT Award Finalist: Laurel Ridge cybersecurity student Amy Buchanan is the first Virginia Community College Student in the nation to be named a finalist for the National Center for Women and Information Technology (NCWIT) Aspirations in Computing Awards. Read more about this achievement HERE.

Helping Students: Dr. Coffman and Laurel Ridge Cybersecurity Students help a dual-enrolled student get her Girl Scout Gold Award, recognition from the National Center for Women & Information Technology (NCWIT), and headed down the Cybersecurity pathway. Read more HERE.

GMU Transfer Announcement:  George Mason University links Laurel Ridge’s Associates of Applied Science in Cybersecurity to their Bachelor of Applied Science in Cybersecurity Degree. Read more at http://bas.gmu.edu/bas/bascybersecurity/

WHAG TV Interview (Now WDVM): WHAG interviews Cybersecurity Student Trevor Riley-Jewel and Program Lead Dr. Coffman about the conclusion of the first year of the A.A.S. in Cybersecurity program. Watch the interview and read more at: http://www.your4state.com/news/virginia/lfcc-completes-first-year-of-cybersecurity-degree-program/705324447

Cyber Fusion Competition Award Ceremony:  Dr. Henry Coffman and Dr. Melissa Stange represented Laurel Ridge at the first Cyber Fusion competition awards ceremony at the Executive Manson in Richmond on Friday, April 14th [2017]. Pictured below (left to right) is Karen Jackson, Secretary of Technology for the Commonwealth, Dr. Coffman, and Governor Terry Mcauliffe. More photos can be seen at https://www.flickr.com/photos/governorva/albums/72157680198453372

Additional News Bulletins:

• (This is still current as of 2020)  Laurel Ridge is part of the Virginia Cyber Range (VACR) Executive Committee and Dr. Coffman is serving on the content sub-committee. Learn more about the VACR at https://vtnews.vt.edu/articles/2016/09/it_cyberrange.html
• Laurel Ridge’s Cyber Security program has won the Program of Study post-secondary award for 2015-15 from the Virginia Career and Technical Education Excellence in Education Group. Dr. Melissa Stange, Dr. Karen Kellison, and Dean Brenda Byard accept the award on behalf of Dr. Henry Coffman (present by phone). See photos from the ceremony at https://www.flickr.com/photos/vdoe/albums/72157666918594293.
• Dr. Henry Coffman receives a Distinguished Faculty award and is selected as the 2015-16 Laurel Ridge Faculty of the Year.
• Governor McAuliffe Announces Laurel Ridge Community College’s designation as a National Center of Excellence in Cyber Defense – See more at: https://governor.virginia.gov/newsroom/newsarticle?articleId=13344#sthash.JU7xCQk6.dpuf
• Northern Virginia Daily Newspaper: Laurel Ridge designated as leader in cyber defense – See more at http://www.nvdaily.com/news/2015/11/lfcc-designated-as-leader-in-cyber-defense/
• Winchester Daily Monitor: Laurel Ridge Community College designated as National Ceter of Excellence in Cyber Defense – See more at http://www.winchester.daily-monitor.com/lord-fairfax-community-college-designated-as-a-national-center-of-excellence-in-cyber-defense/22919/
• The Winchester Star Newspaper: Cyber Security Program at Laurel Ridge gets Recognition – See more at http://www.winchesterstar.com/article/cyber_security_program_at_lfcc_gets_recognition