{"id":154230,"date":"2024-09-11T12:30:16","date_gmt":"2024-09-11T16:30:16","guid":{"rendered":"http:\/\/www.bu.edu\/tech\/?page_id=154230"},"modified":"2024-09-11T13:04:07","modified_gmt":"2024-09-11T17:04:07","slug":"2024-2","status":"publish","type":"page","link":"https:\/\/www.bu.edu\/tech\/services\/security\/education\/camp\/archives\/2024-2\/","title":{"rendered":"2024"},"content":{"rendered":"

Strengthening Your Organization\u2019s First Line of Defense, the Humans\u00a0<\/b><\/span><\/strong><\/h1>\n

Julius Newton, <\/span>Sharon Robsky, & <\/span>Kerrie Sacovitch<\/span><\/strong><\/p>\n

Slide Deck<\/h3>
<\/strong><\/p>\n

Strengthening Your Organization\/s First Line of Defense, the Humans<\/a><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the talk<\/em><\/h3>
<\/strong><\/p>\n

Cybersecurity attacks, such as phishing and social engineering, pose a constant threat to your institution\u2019s information technology infrastructure. Educating your users can be a low-cost way to strengthen your first line of defense. The more cybersecurity awareness users have, the more likely they are to protect their accounts, handle data with best practices, and recognize social engineering tactics.\u00a0<\/span><\/p>\n

In this presentation, a team from Worcester Polytechnic Institute’s Information Technology Services will explain the origins of their multimedia cybersecurity education and outreach program, how it can be replicated at other institutions, and lessons learned from the program\u2019s first year.\u00a0<\/span><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the speakers<\/em><\/h3>
<\/strong><\/p>\n
\n

Julius Newton<\/strong>, Information Security Analyst at WPI, <\/span>jnewton@wpi.edu<\/a><\/span><\/u>\u00a0\u00a0<\/span><\/p>\n

Julius\u2019s journey into the technical industry began with help desk and IT technician jobs, which provided the platforms needed for gaining experience, and led to an opportunity working in the security operations center at WPI.\u00a0<\/span><\/p>\n

\u00a0<\/span><\/p>\n

Sharon Robsky<\/strong>, Technical Communications Specialist at WPI, <\/span>srobsky@wpi.edu<\/a><\/span><\/u>\u00a0\u00a0<\/span><\/p>\n

In addition to cybersecurity education, Sharon trains users on the university\u2019s latest software implementations. She completed the Google Cybersecurity Professional Certificate program in March 2024.\u00a0<\/span><\/p>\n

\u00a0<\/span><\/p>\n

Kerrie Sacovitch<\/strong>, Assistant Director of Communication and Change Management at WPI, <\/span>kls@wpi.edu<\/a><\/span><\/u>\u00a0\u00a0<\/span><\/p>\n

Kerrie focuses on keeping the community informed and engaged in the latest technology adoption through strong partnerships within IT and across campus departments. Her 27 years in Higher Ed IT have been guided by values of customer service, continuous process improvement, and teamwork!\u00a0<\/span><\/p>\n<\/div>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

The Journey of Innovation: From Concept to Reality at BSU\u2019s Cyber Range<\/span><\/strong><\/h1>\n

Michelle<\/span> Stanfield<\/span><\/strong><\/p>\n

Slide Deck<\/em><\/h3>
<\/strong><\/p>\n

The Journey of Innovation- From Concept to Reality at BSU\u2019s Cyber Range<\/a><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the talk<\/em><\/h3>
<\/strong><\/p>\n

Explore the dynamic journey of bringing Bridgewater State University\u2019s Cyber Range from a visionary concept to an operational reality. This talk will delve into the challenges and breakthroughs encountered in the first six months, highlighting the innovative strategies used to design and implement cutting-edge cybersecurity training. Learn about the collaborative efforts with industry experts, the integration of advanced technologies, and the initial feedback from participants that are shaping the future of the Cyber Range.<\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the speaker<\/em><\/h3>
<\/strong><\/p>\n
\"\"With a steadfast focus on educational equity, <\/span>Michelle<\/span> Stanfield has distinguished herself as an insightful education consultant. Her career, ignited at Northeastern University, has been a testament to her innovative spirit, notably through a groundbreaking overnight program that elevated minority enrollment. At the Academy of the Pacific Rim, <\/span>Michelle<\/span>‘s influence extended into family engagement and DEI initiatives, significantly enriching the school’s ethos. Her consultancy, established in 2017, reflects her entrepreneurial drive, addressing educational challenges with tailored solutions, including a notable robotics fellowship aimed at empowering Black and Latinx girls. As the newly appointed Cyber Range Director at Bridgewater State University, <\/span>Michelle<\/span> is thrilled to leverage her extensive experience and passion for inclusive education to expand and enhance the university’s cybersecurity programming. Her pursuit of advanced certifications in AI and cybersecurity highlights her commitment to integrating cutting-edge technologies in education, solidifying her role as a vanguard i<\/span><\/div>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

Building Canaries with ELK and ElastAlert2<\/span><\/strong><\/h1>\n

Andrew Januszak<\/strong><\/p>\n

Slide Deck<\/em><\/h3>
<\/strong><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the talk<\/em><\/h3>
<\/strong><\/p>\n

Canaries (honeytokens, canary tokens, canary files, canary accounts, etc.) are relatively low-effort, high-gain defensive tools. We used our existing infrastructure and tooling to implement canaries in various places across different services. This solution has been successful in detecting phishing and credential harvesting attacks, and it provides a lot of flexibility in terms of how, when, and where we implement canaries and receive alerts.<\/span><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the speaker<\/em><\/h3>
<\/strong><\/p>\n
Andy is a Senior Systems Engineer at Lehigh University and also serves as a penetration tester for REN-ISAC’s Peer Assessment Program. Keith is a Systems Architect at Lehigh University. In addition to their normal duties, Keith and Andy also collaborate on Purple Team operations in order to help better secure the infrastructure they manage.<\/span><\/div>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

<\/blockquote>\n

A \u201cFunctional\u201d Approach to Tabletop Exercises at Harvard<\/strong><\/h1>\n

Adam Scaramella & Ingrid Skoog<\/strong><\/p>\n

Slide Deck<\/em><\/h3>
<\/strong><\/span><\/p>\n

A Functional Approach to TTX – BU Security Camp 2024<\/a><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the talk<\/em><\/h3>
<\/strong><\/span><\/p>\n

Tabletop Exercises are something that, as security professionals, we all know that we should be conducting.\u00a0 But getting them off the ground and into a regular cadence can be challenging and daunting.\u00a0 Harvard University\u2019s PrivSec team has leveraged a method suggested at the 2023 Educause Cybersecurity and Privacy Professionals Conference to begin conducting tabletop exercises which are repeatable, sustainable, and most importantly low-cost.<\/span><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the speakers<\/em><\/h3>
<\/strong><\/span><\/p>\n

Ingrid serves as the Data Privacy and InfoSec Officer for Harvard\u2019s Faculty of Arts & Sciences. In this role, she manages risk by promulgating the university program, ensuring systems are fortified and vulnerabilities are remediated, and by providing for unique school needs. Prior to Harvard, Ingrid served as the Director of R&D for MITRE Engenuity\u2019s Center for Threat-Informed Defense, Security Director at the Center for Digital Resilience, and built a privacy program for a global for-profit corporation.<\/p>\n

Adam<\/span> is a senior member of the Harvard Business School\u2019s Data Privacy and Information Security team.\u00a0 For over two decades, he has been focused on cybersecurity awareness and education, working with HBS faculty and staff to provide guidance and support for the community.<\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

Phishing-Resistant MFA: Worth Your Time<\/b><\/strong><\/h1>\n

Reid Gilman, Cybersecurity Architect\u00a0<\/span><\/strong><\/p>\n

Slide Deck<\/em><\/h3>
<\/strong><\/span><\/p>\n

Phishing-Resistant MFA: Worth Your Time<\/a><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the talk<\/em><\/h3>
<\/strong><\/span><\/p>\n
We will describe how we deployed FIDO2 passwordless authentication for all of our Azure admins, lessons learned along the way, how we overcame objections and concerns.<\/div>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the speaker<\/h3>
<\/strong><\/span><\/span><\/p>\n

Reid has worked in operational, research, and architectural cybersecurity roles for over 15 years. He currently focuses on strategies to make enterprise IT systems more resilient to ransomware and extortion tactics.<\/span><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

Embracing AI and Cybersecurity: Navigating Risk Management in Higher Education<\/span><\/b><\/strong><\/h1>\n

Monsurat Ottun Cybersecurity Advisor (CSA)<\/span><\/strong><\/em><\/p>\n

Slide Deck<\/em><\/h3>
<\/strong><\/span><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the talk<\/h3>
<\/strong><\/p>\n

This presentation explores the essential role of risk management in integrating cybersecurity and artificial intelligence (AI) within higher education. By focusing on protecting sensitive data, ensuring compliance, and developing effective incident response plans, we will highlight how to create a secure academic environment. Additionally, we will demystify AI, emphasizing the importance of understanding its potential and limitations, how to develop clear policies, and assessing institutional needs. Through real-world examples, data-driven insights, and practical recommendations, this talk aims to dispel fears around AI, fostering open discussions and equipping educational leaders with the tools to build an innovative and resilient future.<\/span><\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n

About the speaker<\/h3>
<\/strong><\/p>\n

\"\"Monsurat Ottun currently serves as a Cybersecurity Advisor for the Commonwealth of Massachusetts at the Cybersecurity and Infrastructure Security Agency (CISA), an entity within the Department of Homeland Security (DHS). Her role involves enhancing the state’s cyber resilience in collaboration with key partners.<\/p>\n

Her professional advancement is rooted in her time as an attorney for the City of Providence, where she distinguished herself by spearheading the development of the city\u2019s cybersecurity infrastructure. This initiative led to her promotion to the city’s first Chief Information Security, Data Privacy, and Risk Management Strategist, where she forged significant interagency relationships and laid the foundation for robust cybersecurity practices.<\/p>\n

Subsequently, Monsurat’s career path led her to PricewaterhouseCoopers (PwC), where she directed key project initiatives related to data privacy and protection as well as data and AI governance within the Business Services sector, specifically Products and Technology.<\/p>\n

She holds a Juris Doctor from Roger Williams University School of Law and an M.S. in Cybersecurity Governance and Policy from Boston College, supplementing her expertise with certifications including a Certification in Security Management (CISM) and specialized certificates in AI and Cybersecurity from Harvard\u2019s Kennedy School.<\/p>\n

Monsurat is an active member of several advisory boards, lending her cybersecurity insights to both educational and industry leadership circles. Her mission is firmly centered on elevating cyber and AI practices to create a secure and unbiased technological environment.<\/p>\n

<\/div>\n<\/div>\n<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Strengthening Your Organization\u2019s First Line of Defense, the Humans\u00a0 Julius Newton, Sharon Robsky, & Kerrie Sacovitch The Journey of Innovation: From Concept to Reality at BSU\u2019s Cyber Range Michelle Stanfield Building Canaries with ELK and ElastAlert2 Andrew Januszak A \u201cFunctional\u201d Approach to Tabletop Exercises at Harvard Adam Scaramella & Ingrid Skoog Phishing-Resistant MFA: Worth Your…<\/p>\n","protected":false},"author":4352,"featured_media":0,"parent":18974,"menu_order":2,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/154230"}],"collection":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/users\/4352"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/comments?post=154230"}],"version-history":[{"count":6,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/154230\/revisions"}],"predecessor-version":[{"id":154242,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/154230\/revisions\/154242"}],"up":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/18974"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/media?parent=154230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}