Advanced Cybersecurity Education (ACE) Consortium Daytona State College

Advanced Cybersecurity Education (ACE) Consortium Daytona State College National Science Foundation (NSF) ATE Grant Number 1204800 Year One Annual Report - June 2013 Prepared by Blake Urbach-Buholz Preferred Program Evaluations 8226 Via Rosa Orlando, FL 32836 (407) 375-2289 Blake@ppeonline.net www.ppeonline.net

TABLE OF CONTENTS Executive Summary 2 Methodology 4 Project Objectives and Outcomes Matrix 6 Findings and Recommendations 8 Appendix 34 1

EXECUTIVE SUMMARY In September 2012, Daytona State College was awarded a four-year National Science Foundation Advanced Technological Education (NSF ATE) grant in the amount of $1.8M to support the Advanced Cybersecurity Education Consortium (ACE). Daytona State College will serve as the lead institution of the consortium whose goal is to design and deliver an industrydriven, proven curriculum that produces highly qualified and adaptive graduates equipped to work in the field of cyber forensics and secure our nation's electronic infrastructure. The vision, objectives, and framework of ACE were modeled after the successful efforts of the "Computer Security Education Consortium" (CSEC). Community and state colleges in the southeastern region of the United States are the targeted geographic audience of ACE. In year one of the project, state leads from each of the initial four states included in the consortium -- Florida, Georgia, South Carolina, and North Carolina -- were chosen based on their proximity to a significant industry base or military population. The findings and baseline data that comprise this annual report are based on grant-related activities and accomplishments occurring between October 2012 and May 2013. The implementation of ACE in year one has been fluid and meaningful as a direct result of the efforts of the P.I. and Co-P.I.s at Daytona State College, Middle Georgia State College, South Piedmont Community College, and Trident Technical College. Daytona State College is serving as the principal training provider and mentor to the consortium institutions. In May 2013, Daytona State College hosted a three-day conference for the state leads to introduce them to the proposed objectives of the consortium and discuss the particulars of grant administration. There are five courses that have been identified by the project's P.I., Dr. Mark Pollitt, and Co- P.I., Dr. Philip Craiger, as the foundation for the development of core competencies in cyber forensics: Linux Administration, Fundamentals of Digital Forensics, Introduction to Digital Forensics, Advanced Digital Forensics, and Network Forensics and Incident Response. All five courses in the series have previously been taught at Daytona State College by the project's P.I. and Co-P.I. who have partnered on the development of the train-the-trainer videos and online modules for ACE in accordance with several authoritative sources: Scientific Working Group on 2

Digital Evidence, the Department of Defense s National Centers of Digital Forensics Academic Excellence, the Technical Working Group for Education and Training in Digital Forensics, and the Committee on National Security Systems Certifications (CNSS). The project is emphasizing effective pedagogy relevant to online educational delivery methods. Quality course delivery is to be accomplished by standardizing faculty instruction through the dissemination of instructional materials that keep pace with technology. Students, in turn, will receive a solid technical foundation that offers a competitive edge in the workforce. Consortium members have begun taking the initial steps to map their course curricula to established standards and create an educational pathway for students to progress to the graduate level. Prior to the conclusion of the performance period, the community and state colleges will be expected to seek accreditation from an approved accrediting body. Participating institutions have been encouraged to seek leadership from an advisory board whose members can offer input on the development of a coherent academic program that meets the needs of government and private industry. Members of the consortium will be guided by Daytona State College in the establishment of a quality digital forensics degree program, certificate, or concentration with a focus on workforce development. Two additional organizations funded through NSF have been incorporated under the umbrella of ACE. The first is Cyber Nexus, but due to uncertainties regarding funding during the sequester, and with the concurrence of NSF, this aspect of ACE will not be pursued until a later date. The second is the Career Technical Education Foundation (CTEF), a non-profit with the mission of influencing education through industry and community partnerships. Through its Cyber Warrior Club, CTEF is proving early on to be a valuable partner in the project's ability to reach K-12 students and, in due course, build a pipeline of incoming high school graduates with knowledge of cyber security. 3

METHODOLOGY The evaluation of ACE is intended to help the project better serve its constituents and the broader cyber forensics education community by documenting accomplishments and disseminating critical project-specific findings. To adequately assess the project, a holistic evaluation plan using both qualitative and quantitative measures has been developed. Data collection methods will include project records and meeting notes; stakeholder interviews; focus groups; institutional records of student performance; website analytics, and surveys of participating faculty, students, and industry partners. Coupling these methods with direct observation will provide the evaluator with a framework to understand the context within which the project operates. ACE Evaluation - Sources of Data Year 1 Year 2 Year 3 Year 4 Qualitative Sources Stakeholder Interviews x x x x Student Focus Group x x x x Participant Surveys Faculty Survey x x x Student Survey x x x Post-Graduation/Program Survey x x Industry Leader Survey x x x Project and Institutional Records x x x x Qualitative Data Sources: 1. Stakeholder interviews will be conducted semi-annually with a cross-section of the project team, participating faculty, industry partners, and other key players deemed relevant to successful project administration. This task will focus on the quality and delivery of trainings and materials, and provide an in-depth examination of the project implementation and management processes. 2. Focus groups will be facilitated annually with student participants enrolled in one or more of the core curriculum classes. Student input on the benefits, challenges, and implications of the project will provide a candid, nuanced assessment largely unobtainable through traditional surveying methods. 4

Participant Surveys: 1. An annual faculty survey will provide a means for tracking changes in knowledge, attitude and behavior related to participation in the online professional development activities of ACE. Survey responses will yield valuable feedback for improving the content and relevancy of materials, the method(s) of engagement, and practical classroom application. 2. A student survey will be used to solicit candid feedback from students who have completed at least one core curriculum class. Participants will be asked to describe their personal experience with the project and offer suggestions to increase student interest in and aptitude for learning the material 3. Six to twelve months post-graduation and/or program completion, former student participants will be encouraged to share their educational or employment status via an electronic survey. This data will be used to track how many participants remain engaged in the field of cyber security or cyber forensics in various capacities. 4. An annual survey for industry leaders affiliated with the project will be designed to gauge their experience with the project, impressions of flagship activities, and suggestions for enhancing the project s ability to produce graduates who can succeed in the field. Project and Institutional Records: Institutions will collaborate with their respective Offices of Institutional Research or equivalent to provide required data for cross-site evaluation. In partnership with the project team, the evaluator will ensure that data collection is maintained at rigorous standards. This will be accomplished, in part, by designing a user-friendly template that defines the types of data to be collected at the institutional-level and the methods for doing so to ensure uniformity across all partnering institutions. Student performance measures related to course enrollment, grades, and completion will be gathered annually by each participating institution. 5

PROJECT OBJECTIVES AND INDICATORS MATRIX Objective Process Measure(s) Outcome Measure(s) Data Source(s) 1.1 Develop a rigorous curriculum that will foster an environment of learning and success in the field of cyber forensics 2.1 Consortium institutions will develop articulation agreements with four-year institutions Implementation of a model curriculum that addresses current educational gaps within the regional context and aligns with DoD's CDFAE and NIST NICE initiatives 6 10 institutions will have adopted the curriculum in whole or part by project completion Faculty at each consortium institution Production and dissemination of a will develop quality instructional coherent sequence of 50 educational materials tailored to their pedagogical videos needs Best practices related to the design and execution of articulation agreements will be shared with consortium members An annual workshop will be held with faculty from consortium institutions 80% of consortium institutions will 3.1 Provide ongoing professional have one or more faculty members development for faculty aimed at in attendance at the annual improving instructional practices workshop and learning outcomes 4.1 Involve industry and community to grow a sustainable infrastructure that supports regional economic growth in the field of cyber forensics 5.1 Attract and advance a diverse group of students who can meet the challenges of an emerging and changing IT workforce landscape 13 faculty from consortium institutions will complete the training series in full 8 industry leaders will be recruited for participation in the project 25% of industry leaders will be in attendance at the annual workshop 200 students will be recruited for participation in the project 18% of students will self-identify as a population traditionally underrepresented in STEM fields 20 new articulation agreements will be in place by project completion 80% of faculty will report an increase in content knowledge related to cyber forensics education 4 faculty will report serving in a trainthe-trainer capacity at their institution 5 principal instructors will have or receive industry credentials within 18 months of joining the consortium Task completion Project records Website analytics Project records Meeting minutes Project records Faculty survey Stakeholder interviews Website analytics 80% of industry partners will report that the project is graduating students with Project records enhanced competencies who are Industry leader survey prepared to enter the workforce 70% of students will complete their core curriculum class(es) satisfactorily with a final grade of C or better 5% of students will report pursuing advanced education in the field of cyber security/cyber forensics 60% of students will seek employment in the field of cyber security/cyber forensics Institutional records Student survey Post-graduation survey Focus groups

Objective Process Measure(s) Outcome Measure(s) Data Source(s) 6.1 Evaluate the project to determine the usefulness and viability of ACE, and disseminate project findings accordingly 7.1 Establish the Cyber Warrior Program as an academic program or official school club designed to foster an environment of learning and success in the field of cybersecurity Formative and summative evaluation activities will be ongoing Findings and recommendations will be disseminated among consortium members Identification of K-12 schools/organizations prepared to implement the Cyber Warrior Program and form school-based student clubs Findings and recommendations will be presented at regional or national conferences of cyber forensics practitioners Project team will submit a draft article for publication in a scholarly journal At least 5 K-12 schools/organizations will fully adopt the Cyber Warrior Program as an academic program or official school club by the conclusion of the performance period At least 50 student participants will actively take part in the curriculum or Delivery of the rigorous curriculum to club during the performance period K-12 student participants of the Cyber Warrior Program 70% of student participants will increase their knowledge of cybersecurity as evidenced by their scores on a pre/post test 80% of student participants will report that their interest in engineering, graphic arts, or technology careers has increased as a result of their participation in the program/club Evaluation reports and presentations Publications Project records Pre/post content knowledge assessment tool Participant satisfaction survey 7

FINDINGS AND RECOMMENDATIONS Project Administration Within weeks of learning that the project was funded, the P.I. and Co-P.I. at Daytona State College created an online password-restricted management blog as a way to chronicle project developments, track new partnerships, and log activities related to the implementation of ACE. In addition to the management blog, documents are uploaded to the Google Drive where they are accessible to the larger project team for sharing and editing in real-time. The domain name www.cyberace.org has been secured, and information about the project, its partners, resources, and findings will be uploaded to the site for public consumption. The project's designated learning management system (LMS), lms.cyberage.org, will securely store course-related material for the use and benefit of consortium institutions. The LMS homepage also features a discussion group where participants can post, respond to, and browse questions and comments submitted by their colleagues. This electronic forum will serve as a centralized site for faculty to engage in an ongoing dialogue, record challenges encountered, share lessons learned, and post updates with one another. It may also serve the dual purpose of bringing new consortium members -- in year two and beyond -- up to speed on how the project has progressed at each institution. Drs. Pollitt and Craiger have developed the videos and supplemental train-the-trainer materials for each course. At the time of this report, the first two train-the-trainer courses, Linux Administration and Fundamentals of Digital Forensics, were available on the project's LMS. Linux Administration is a pre-requisite for all of the courses in the series. Once the requirements for this course are complete, participating faculty will be eligible to move on to Introduction to Digital Forensics, Advanced Digital Forensics, and Network Forensics and Digital Response. The high-quality videos appear very professional, and cover content, facilitation, and technical aspects of teaching digital forensics in both an online (including hybrid) and face-to-face format. The first series of modules provides a step-by-step introduction and best practices on the planning and design of video lectures. Participants learn how to create labs, incorporate virtualization, and effectively communicate with students in an online format. 8

Only full-time faculty members at institutions participating in the consortium are eligible to take the courses. As stipulated by the P.I. and co-p.i., the requirements for "passing" each course and receiving the $1,500 stipend are as follows: A. A 70% complete passing rate on all quizzes (a total of five quizzes composed of 10 multiple choice questions) B. Submission of 20 multiple choice questions and answers to be shared among participating faculty C. An assignment and answering key for the course The assignments to be generated by the faculty will be "graded" by Drs. Pollitt and Craiger, and will serve as a way to assess the faculty members' mastery of the subject matter. While a formal scoring rubric has not been designed, the assignments must "provide something of substance," per Dr. Pollitt. All materials, including question banks and assignments contributed by faculty members, will be housed on the project's LMS and made available for the use of consortium members who have met the course requirements. Although participating faculty will receive their stipend upon successful completion of the online course, they are supposed to commit to actually teaching the course and providing feedback at the semester's conclusion. Year two of the project will serve as an early barometer of how many trained faculty end up teaching one or more of the courses they have completed. Upon signing the sub-agreement for year one, the partner schools were entitled to $20K for their initial costs. At the conclusion of year one, pending completion of all required deliverables, the partners are entitled to the remaining $22K for the performance period. Any unused portion of the funds will be rolled over in accordance with NSF guidelines for the institutions' use in the subsequent year. The P.I. has been actively engaged in the activities of the DoD Academic Cyberforensics Curriculum Alliance (DACCA). Daytona State College is working with the Department of Defense Cyber Crime Center (DC3) to create an online, automated system for educational 9

institutions to use for the accreditation process. By streamlining the method for uploading required documentation and making the process more transparent, it is believed that the consortium institutions will be more likely to pursue accreditation through DC3. At the time of this report, there was no contractual obligation between the two parties, and the key resource being committed to this enterprise was the time and human capital of the P.I. and Co-P.I. In May 2013, the first annual ACE Conference was held at the Advanced Technology Center (see Appendix). The three-day conference was attended by faculty and/or staff from each of the institutions in the consortium. Mr. Paul Wahnish and Mrs. Debra Thasho from CTEF were also in attendance for the duration of the conference. The conference featured several presentations on various aspects of curriculum development and delivery, training, virtualization, accreditation, grants administration, and evaluation. On the third day of the conference, each partner institution and CTEF were given time to present their proposed contribution to and vision for the consortium. The conference was very well-organized and the schedule provided ample time for attendees to engage face-to-face in informal dialogue and discuss opportunities for collaboration. The conference was the ideal opportunity to underscore the purpose and importance of collecting baseline data from each participating institution in an effort to measure progress over the course of the grant. A data collection template was created and distributed to the participating schools to ensure uniformity in collection. Emphasis was placed on the importance of being able to track students longitudinally, and all state leads have been encouraged to put a mechanism in place (if one does not already exist) to compile participants' grade distribution, enrollment status, and degree/certificate completion from semester to semester. The state leads were informed that all instruments and consent forms will be approved by the Institutional Review Board (IRB) at Daytona State College prior to being distributed. However, since reciprocity is not afforded, it is the institutions' responsibility to seek formal approval for project-related tools from their respective IRBs. 10

Stakeholder Interviews For each institution, at least one faculty and staff member participated in a stakeholder interview. Additionally, two staff members from CTEF were interviewed. Nearly all of the meetings were conducted in person during the annual conference in May 2013. Verbal consent was gained from all participants prior to the start of the question line. Stakeholder interviews are valued for generating a candid, in-depth dialogue about the project implementation and management processes. Respondents were asked to respond candidly to a set of questions about their early involvement with the project, impediments to implementation, and recommendations going forward. Ideas about strengthening project activities, design, and process were also solicited from the interviewees and are incorporated in the relevant subsections of this report. Introduction to the State Leads Dr. Mark Pollitt, P.I., and Dr. Philip Craiger, Co-P.I., Daytona State College Drs. Pollitt and Craiger are well-respected cybersecurity educators with 22 years combined cybersecurity teaching experience. They have figured prominently in the development of cybersecurity-related programs and courses at six academic institutions: Syracuse University, Johns Hopkins University, University of Central Florida (B.S. and M.S.), University of Nebraska at Omaha (B.S. and M.S.), New York Polytechnic Institute, and Daytona State College. Primary roles of Daytona State College as the lead institution: grant administration and project development budgeting and procurement leadership capacity building for faculty develop lead partners (state leads) create and disseminate curriculum and instructional materials design and administer online instructor development training organize annual ACE conference serve as a national liaison 11

Two positions were funded by the grant to support the administration of ACE by its lead institution, Daytona State College (see Appendix). Ms. Emily Rossi officially came on board as the full-time ACE Project Coordinator in February 2013. Emily has been tasked with overseeing the day-to-date operations of the project, corresponding with the consortium members, serving as the liaison between Daytona State College and its partners, organizing activities and conferences, and maintaining internal data collection processes. Mr. Patrick Vilkinofsky, a senior at Daytona State College, was hired as the part-time Senior Technical Specialist for the project in January 2013. He oversees the technical components of the project, such as the ACE webpage, LMS, and permissions for each of the electronic files. Additionally, Mr. Vilkinofsky provides assistance to Dr. Craiger and his students in the classroom while they are completing the in-class labs. Kevin Floyd, Co-P.I., Middle Georgia State College Middle Georgia State College (formerly Macon State College) is serving as the lead institution for the state of Georgia. The college's recent name change and consolidation has resulted in a service delivery area for the college more than double its previous size. Two faculty and one staff member from Middle Georgia State College attended the first annual ACE conference in May 2013. In addition to Dr. Floyd, Mr. Jonathan Yerby serves as a fulltime faculty member in information assurance and security. It is anticipated that one additional faculty member will be recruited to teach cyber forensics courses at the college. Dr. Floyd noted that the college plans to recruit other SACS-accredited technology-centered schools in the region. They currently have articulation agreements with eight different tech schools and hope to enhance the existing agreements to include the proposed cyber forensics track. Mr. Yerby shared that the regional economic outlook points to cyber security as a quickly emerging industry with promising job growth. The biggest employer in the region is Robins Air Force Base and there is a great deal of interest in this project from local military personnel. The 12

interviewees shared that they have identified some potential constituents and guest speakers for their program. Middle Georgia State College currently offers a Bachelor's Degree in IT (in person or online) with a concentration in information assurance. The other consortium institutions were surprised to learn that out-of-state students enrolled in the fully online program pay the same tuition as instate students. This may come as a benefit to students transferring to Middle Georgia State College from other schools in the consortium, and help facilitate the first round of articulation agreements among the consortium members. As part of the ACE consortium, Dr. Floyd and his colleagues want to expand the college's current offerings to include five new courses specific to cyber forensics. In due time, Dr. Floyd and his colleagues expect to establish the "Middle Georgia Center for Cyber Forensics Education," and encourage the involvement of K-12 schools in the region. The team from Middle Georgia State College is in the early stages of assembling an advisory board specific to this discipline. They also anticipate picking up additional accreditations from an approved accrediting body. Oscar Gonzalez, Co-P.I., South Piedmont Community College South Piedmont Community College is serving as the lead institution for the state of North Carolina. The college draws from a relatively small population of potential students, and Mr. Gonzalez expressed concern that he will have to "sell" the proposed courses to incoming high school students. He does not anticipate that the classes will be at capacity, but he is hopeful that enough students will enroll in the courses that they "will at least make" and not be cancelled. Mr. Gonzalez, an instructor for "Security Concepts" and "Linux," cited the importance of "creating pathways" for students in North Carolina" and he has his sights set on a preliminary partnership with Union County Public Schools. He is also eager to visit other counties that have their own community colleges and recruit them into the consortium. 13

Mr. Gonzalez acknowledged that it is a major undertaking to create a new class. He has, however, already sought and received endorsement from the state for the creation of "Computer Forensics I." The class will be taught as a hybrid, and is presently showing in the course catalog for Fall 2014. With the administrative backing of his colleagues, Mr. Gonzalez has made known his desire to create a cyber forensics certificate (possibly 18 credit hours) within the existing framework of the IT degree. He has received a verbal commitment from the lead criminal justice professor at the college to allow cyber forensics courses to serve as electives in the criminal justice program. As interest in cyber forensics grows among the student population at South Piedmont Community College, Mr. Gonzalez would like to see the college offer a two-year degree in cyber forensics. The FBLA of southern North Carolina is having a conference at South Piedmont Community College in October 2013. Mr. Gonzalez is slated to present a workshop about ACE during the conference. He mentioned that flyers will be made available to the students that feature the upcoming cyber camp and/or course offerings. One suggestion to make the most of the encounter with these students is to connect with them via a Facebook page dedicated to the project as a means to keep them abreast of upcoming opportunities. Laurie Boeding, Co-P.I., Trident Technical College Trident Technical College is serving as the lead institution for the state of South Carolina, and ACE is being incorporated into the college's existing business technology framework. Currently, Trident Technical College offers a security course, and two new forensics courses were just recently added to the list of course offerings. The proposed cyber forensics courses will also be open to the students of a related department, Information Systems. Ms. Boeding noted that there is a digital forensics class already being offered by the college's Division of Law Related Studies. The course, however, has an exclusively legal-centric approach instead of covering the technical side of digital forensics. 14

Trident Technical College is in a different position than the rest of the schools in the consortium in that it charges different tuition for students who reside out of the county, let alone out of the state. Furthermore, the college is not supposed to advertise or recruit students outside of the tricounty area where its three campuses and five sites are located. As a result of discussion that took place at the first annual ACE conference, Ms. Boeding intends to create an initial articulation agreement with Middle Georgia State College (the state lead for Georgia) and then use that agreement as leverage in the creation of additional partnerships. She is taking a course release during the summer of 2013 to focus on recruiting for the ACE consortium. The college currently offers a certificate in network security. With the assistance of ACE, Trident Technical College is positioned to create a cyber forensics certificate (likely to be 24 credit hours). In time, Ms. Boeding is hopeful that the institution will be able to offer an AAS in cyber forensics and create a cyber forensics career path. As the department chair of Network Systems Management -- a department with five full-time faculty members -- Ms. Boeding will be making the decisions regarding which faculty can participate in the training and, subsequently, teach the applicable courses. The only challenge Ms. Boeding vocalized was the initial frustration of not knowing the status of the grant in terms of funding, scope, and focus areas. The administration of the project by Daytona State College has exceeded her expectations and is far superior to her experience to date with another (non-nsf) grant. Ms. Boeding shared that she found the conference "so helpful, useful, and informative," and thought the three days were well spent with the other Co-P.I.s. 15

Year 1 Deliverables: Each partner institution was made aware of the minimum required deliverables for year one of the project prior to signing the partner agreement. Additionally, each of the required deliverables was covered at length during the first annual conference in May 2013 (see Appendix). A data collection template was provided to the institutions in an effort to streamline and organize the task of compiling the requested data. The five primary deliverables in year one include: 1. A signed and fully executed partner agreement. Contracts for each consortium institution/organization After several iterations of the partner agreements were circulated, each institution/organization signed their year one contract with the approval of their respective Board of Directors and the Board of Directors at Daytona State College in April 2013. 2. Identification of qualified faculty members: Name, title, and qualifications of each faculty member qualified to teach Linux Administration and Fundamentals of Digital Forensics or name and title of each faculty member to receive release time to take the online train-the-trainer courses for the first two courses in the series. As evidenced in Figure 1, some of the faculty who are slated to take the train-the-trainer courses have already earned various industry certifications. Institution Name and Title Current Industry Qualifications Daytona State College Daytona State College South Piedmont Community College South Piedmont Community College Dr. Mark Pollitt, Associate Professor of Engineering Technology Dr. Philip Craiger, Associate Professor of Engineering Technology Fellow, American Academy of Forensic Sciences (AAFS); Certified Cyber Forensics Practitioner (CCFP, [ISC 2 ]); DFCP-F from the Digital Forensic Certification Board* Member, American Academy of Forensic Sciences (AAFS); Certified Cyber Forensics Practitioner (CCFP, [ISC 2 ]); Certified Information Systems Security Professional (CISSP, [ISC 2 ])* Will Take Train-the- Trainer Course? Oscar Gonzalez, CIT Instructor -- Yes Chris Johnson, CIT Instructor -- Yes *See Appendix for exhaustive list of credentials Figure 1. 16 No No

Institution Name and Title Current Industry Qualifications Trident Technical College Trident Technical College Trident Technical College Trident Technical College Middle Georgia State College Middle Georgia State College Laurie Boeding, Department Head, Network Systems Management Will Take Train-the- Trainer Course? -- Yes Walter Browning, Instructor CHFI Yes Terry Richburg, Instructor -- Yes Dane Schupbach, Instructor CISSP; RHCSA; CHFI; Security + Yes Shannon Beasley, Assistant Professor or Information Technology Johnathan Yerby, Lecturer of Information Technology Comptia A+ with all three specializations: Linux+, Server+, Yes Network+; MCSE Windows 200 A+; Microcomputer Servicing; GaCSI; Yes Symantec AV Admin Figure 1. (continued) 3. Evidence of course mapping: Plans to map current and proposed courses for accreditation by an approved accrediting body. Daytona State College Dr. Pollitt has been working with DC3 on the possibility of seeking Center for Digital Forensics Academic Excellence (CDFAE) accreditation in the future. Furthermore, Dr. Craiger has spoken with Dr. Ron Eaglin, Associate Vice President, College of Technology, about developing "a certification, specialization, or concentration in forensics within the existing ENT degree." Middle Georgia State College The Bachelor of Science in Information Technology Program at Middle Georgia State College is accredited by the Accreditation Board for Engineering and Technology (ABET). Dr. Floyd noted that a School of Information Technology ad-hoc committee dubbed "Cybersecurity Education Committee" was established in late-may 2013 to provide direction and oversight for meeting project-specific objectives. The committee will begin exploring options for becoming accredited by DoD, FEPAC, or NICE, with the long-term goal of earning accreditation during the course of the grant. 17

South Piedmont Community College Per Oscar Gonzalez, Co-P.I., "We plan to meet during the fall 2013 semester to develop course mapping for current and proposed courses." Trident Technical College The college intends to establish its plan for course mapping during summer 2013. Laurie Boeding noted," We will present curriculum changes to the TTC curriculum committee in the fall 2013 semester." 4. Establishing relationships with industry and government: Documentation of an advisory board. Daytona State College The advisory board for the College of Technology at Daytona State College meets each fall and spring. The board has attracted an extensive group of representatives from municipalities and businesses in the region (see Appendix). The P.I. and Co-P.I. from Daytona State College have assembled a group of nationally recognized individuals from industry and academia to serve on the ACE Advisory Board. The board has not yet formally met; its first meeting is slated for fall 2013. Daytona State College - ACE Advisory Board Name and Title Affiliation Dr. Sujeet Shenoi, FP Walter Professor of Computer Science University of Tulsa Dr. Mark Rogers, Professor, Department of Computer and Information Technology Purdue University Hord Tipton, President (ISC) 2 Figure 2. Middle Georgia State College The advisory board for the School of Information Technology at Middle Georgia State College was formed in 2007. The advisory board is comprised of representatives from the public and private sectors, and meets twice per academic year (Figure 3). Two additional members with a 18

background in forensics and law enforcement are to be recruited and begin serving on the board during fall 2014. Middle Georgia State College - Advisory Board Name and Title Affiliation Robert C. Betzel, Owner Bernard E. Lannan, Director Lori Brewer, Owner Thomas M. NeeSmith, Jr., ALMSS Systems Engineering Manager John Cozart, IT Manager Rob Rhodes, Chief Information Officer Michael Dodds, Owner Louis Schlesinger, Investigator Josh Epps, Senior Engineer Neil Goodenough, Information Systems Compliance Officer Mick Williams, Security Officer Infinity Network Solutions 78th Communications Group, Warner Robins Air Logistic Center L. Brewer and Associates, LLC SAIC Robins Federal Credit Union Houston Healthcare DoddsTech CyForensics, LLC Infinity Network Solutions System Administrative Services Persons Banking Company Stephen Masteller, Director of IT Martin Mickalonis, Deputy Communications Director The City of Macon Robins Air Force Base Figure 3. South Piedmont Community College South Piedmont Community College has an advisory board in place for its Computer Information Technology Program. The board has been in existence for over 10 years and meets at least once per academic year. Representatives from private industry and educational institutions serve on the board (Figure 4). 19

South Piedmont Community College - Advisory Board Name and Title Affiliation Jim Broadus, President Ken Menzel, Network Engineer Robert Mullis, Network Engineer Dave Sanders, Senior Project Manager Larry Harrison, Technology Teacher HIS Communications Family Dollar Corporation Family Dollar Corporation LabCorp Central Academy of Technology and Arts Terri Landis, Network Manager Lisa Webb, Project Leader the Way Instructor Stanly Community College East Union Middle School Figure 4. Trident Technical College The advisory board at Trident Technical College is comprised of representatives from private industry and educational institutions. Trident Technical College - Security & Digital Forensics Advisory Board Name and Title Affiliation Edward S. Bodie, IT Manager Michael Cortright, CIO Michael Haschker, Network Systems Manger Douglas Lauer, CIO Dr. W.R. Poston, II, Academic and Research Systems Director Eric Wright, Linux Systems Engineer Shann Ladiser, Information Assurance Technical Specialist Santee Cooper Ralph H. Johnson VA Medical Center Medical University of South Carolina Hagemeyer North America Medical University of South Carolina SPARC SPAWAR Systems Center Atlantic Figure 5. 20

5. Course-specific information: Applicable only to courses in the series, or existing courses that contain sufficiently similar materials and have been taught in the preceding two academic terms. Two of the baseline measures being captured among the consortium institutions are the number of "course completers" and the distribution of grades for each course in the series being offered (Figures 6 and 7). Two primary caveats with the dataset deserve mention. First, the definition of "course completers" varies by institution. At Daytona State College and South Piedmont Community College, students earning a "D" or better are included in the count. At Middle Georgia State College, students earning a "C" or better are included in the count. "Successful" course completion at Trident Technical College is defined as earning a "C" or better. Second, the instructors, course content, book and supplemental materials, assignments, and test banks vary considerably from one institution to another within and between years. As such, drawing comparisons from the dataset should be considered an academic exercise only and not an indication of the instruction provided at each institution. Institution Daytona State College Daytona State College Daytona State College Daytona State College Daytona State College Middle Georgia State College Middle Georgia State College Course Title and Prefix Linux Administration (CTS3348) Fundamentals of Digital Forensics (CIS2381) Introduction to Digital Forensics (CET4860) Advanced Forensics (CET4861) Network Forensics and Incident Response (CET4862) Linux Systems Administration (ITEC.3328) Forensics/Data Recovery (ITEC.43210) # Sections; Modality 2; Fully online Term(s) Fall 2012, Spring 2013 # Students Enrolled (combined) # Course Completers* (combined) 42 34 1; Blended Spring 2013 12 11 1; Fully online 1; Fully online 1; Fully online 1; Fully online 1; Fully online Spring 2013 21 20 Fall 2012 17 16 Fall 2012 17 16 Fall 2012 26 24 Fall 2012 27 21 South Piedmont Community Linux/Unix Single User 1; Fully Fall 2012 16 14 College (NOS120) online Fall 2012, Trident Technical College Linux Essentials (IST-190) 8; Varied 167 114 Spring 2013 *The definition of "course completers" varies by institution. Figure 6. 21

Grade Distribution (combined) Institution Course Title and Prefix Term(s) "A" "B" "C" "D" "F" "I" "W" Daytona State College Linux Administration Fall 2012, (CTS3348) Spring 2013 29% 38% 12% 2% 17% 2% -- Daytona State College Fundamentals of Digital Forensics (CIS2381) Spring 2013 67% 8% 8% 8% -- 8% -- Daytona State College Introduction to Digital Forensics (CET4860) Spring 2013 52% 38% 5% -- 5% 0 -- Daytona State College Advanced Forensics (CET4861) Fall 2012 59% 35% -- -- -- 6% -- Daytona State College Network Forensics and Incident Response Fall 2012 41% 35% 12% 6% 6% -- -- (CET4862) Middle Georgia State College Linux Systems Administration (ITEC.3328) Fall 2012 58% 31% 4% -- -- -- 8% Middle Georgia State College Forensics/Data Recovery Fall 2012 56% 18% 4% -- 11% -- 11% South Piedmont Community College Trident Technical College (ITEC.4321) Linux/Unix Single User (NOS 120) Linux Essentials (IST-190) Fall 2012 69% 13% -- 6% 6% -- 6% Fall 2012, Spring 2013 25% 27% 17% 4% 20% 1% 7% Figure 7. Student Focus Group Focus groups, while valued for their ability to solicit a unique perspective from participants engaged in one or more facets of a particular project, are not necessarily representative of the views of the larger sample. They do, however, promote a candid, nuanced dialogue typically unattainable in the traditional method of pen/paper or electronic surveying. Focus groups inherently concentrate on words instead of numbers. Participants who elect to engage in a focus group may feel more strongly about the topic under consideration, or have an otherwise vested interested (either for or against) in the subject matter being examined. A focus group was held in April 2013 with eight students enrolled in the spring 2013 "Foundations in Digital Forensics" class being taught by Dr. Craiger. All eight participants were sophomores, and one of the students was female. The students were each pursuing an AS in network administration with a concentration in security, and this particular course is a requirement for the security track. 22

The focus group was facilitated by the external evaluator, and to ensure the students confidentiality (and candidness), members of the project team were asked not to sit in as observers. Students were advised that the sessions would be both video- and audio-taped, but assured that only the evaluator would have access to the recordings. The P.I. and Co-P.I. from Daytona State College provided input on the question line and protocol used for facilitation. A consent form outlining the purpose of the engagement and the students rights in terms of participation was designed by the evaluator and approved by the college s IRB. The consent form was printed in duplicate, allowing both the evaluator and student to keep a copy for their records. Aspects of "Foundations of Digital Forensics" have been a welcome challenge for the students. The most frequently cited challenge centered on report writing: knowing what to include in each report, how to consolidate information, and explaining the steps and findings using an appropriate level of technical expertise for the intended audience. One student remarked, "He [Dr. Craiger] does grade kind of harshly because we are learning how to write a report." Nonetheless, the students were surprisingly receptive to being required to perform at a higher level. They bemoaned the fact that the other classes they have taken at the college were too rudimentary and required very little effort to succeed. When asked to describe what they find rewarding about this class, "knowledge" was echoed repeatedly. One student eagerly shared, ""I feel like I'm learning things that I'll actually be using." Another student quipped, "Where do we start?". Additionally, several of the participants had very little exposure to Macs prior to this course. The female student noted, "Now I have Mac knowledge," and a second student felt that he has benefitted from learning the Mac-specific commands. The students are looking forward to enrolling in Dr. Craiger's higher level courses. When asked why they chose to focus on this specific discipline, the students unanimously shared that they have an interest in the subject matter. Additionally, several students were outspoken about cyber security being critical to the field of IT, both at present and in the future. One student commented, "I chose this because it's something that's more viable." Interestingly, three 23

of the students noted that they originally intended to pursue an AS; however, given their interest in cyber forensics and the level of instruction being provided, they have since decided to seek a BS in IT with a concentration in cyber security at Daytona State College. Dr. Craiger was lauded for being a tremendous asset to the college, and one of the few professors the students have taken that forces them to think critically. The students appreciated that Dr. Craiger has "passion for the subject," and one described him as a "higher level teacher." "Dr. Craiger has knowledge other than reading the book before class," remarked another. The hands-on aspect of this class received good reviews and the curriculum was favored for being up-to-date and fluid. The students shared that they realized early in the semester that Dr. Craiger's teaching style -- namely, his lack of reading PowerPoint slides during the lecture -- set the tone for a different standard in terms of learning expectations. All eight focus group participants reported making use of the modules available on the course homepage. The quality of materials provided by Dr. Craiger were deemed "excellent," "direct," and "to the point." The participants were quick to point out that some of the lectures in their other classes were not being refreshed and felt altogether "canned." After the in-class lecture (approximately 30 minutes in length), the students complete the lab at their individual workstations. The course dynamic is an interactive one where teamwork and brainstorming are encouraged. Per one student, "It's an open classroom. Anybody can talk to anybody and ask questions." The students greatly appreciate the constructive feedback the instructor provides. More than merely providing a level of transparency in grading, the students feel that Dr. Craiger's feedback helps them learn from their mistakes and missteps the first time around. Moreover, e-mails and questions posted on the class discussion board are returned promptly from Dr. Craiger or Patrick. The students were receptive to the hybrid nature of the class, and a few vocalized that they are on their computers for 12 hours a day anyway and prefer completing their coursework online. 24

The participants like being able to access the materials when it is convenient for them. They acknowledged consistently viewing the videos online in advance of coming to class; some watch them multiple times. The students were in agreement that success in this class was predicated on being self-motivated. The assignments were progressive, and per one participant, "The harder we work the further he takes the next assignment." The students had a piece of advice for other instructors: Test your labs ahead of time and make sure you can fix them on the fly. Dr. Craiger and Patrick were given high marks for having designed labs with very few glitches. Career interests of the participants include corporate security and government-level security. Some of the students anticipate getting a job in network administration while completing their Bachelor's Degree. As the program grows in size the students were curious about the possibility of separating the current track into two specializations: one with a corporate focus and the other with an emphasis on law enforcement (government). Interestingly, earlier in the semester, Dr. Craiger informed the evaluator that his class had progressed slower than he anticipated. He has intentionally introduced a culture of "independence" in this course, which requires the students to take a greater level of responsibility for their individual achievement. Dr. Craiger noted that the students are, on the whole, comprehending the course curriculum. The ongoing challenge, however, is getting these students to systematically articulate their knowledge and understanding of the covered material. Measuring Content Knowledge Dr. Craiger's students enrolled in the fall 2012 and spring 2013 Linux Administration class completed a content knowledge pre-test at the beginning of the term. The matched post-test came in the form of the course final exam. As shown in Figure 8, the class mean increased significantly from pre- to post-test. 90 80 70 60 50 40 30 20 10 0 Pre - and Post-Test: Linux Administration Fall 2012 Fall 2012 (t=8.08 p <.00000008) Spring 2013 (t= -4.97 p <.00005) Pre mean Spring 2013 Post mean 25 Figure 8.

Additionally, Dr. Craiger administered the 15-question beginning Cyber CSI digital forensics lab test (http://csicyber.dfilink.net/) to his students enrolled in the spring 2013 semester of Fundamentals of Digital Forensics (CIS2381). The average score on the exam was an 81; the scores ranged from 73-96. Dr. Pollitt encouraged his students enrolled in Introduction to Digital Forensics (CET4860) to complete the same online exam. The class average was an 86; the scores ranged from 73-100. Offering this free online exam to the students enrolled in the digital forensics courses at the partner institutions may provide a gauge of their knowledge of the subject matter at the semester's start. The course instructors could use this data to uncover the themes that are most unfamiliar to students and may necessitate additional concentration. End-of-Course Evaluations At the conclusion of each semester, faculty members at Daytona State College are required to distribute the college's end-of-course evaluation form to their students. The completed forms are first reviewed by the Department Chairs and Associate Vice Presidents, and then provided to the faculty member for his or her consideration. The evaluations come into play for faculty promotions and course assignments. The form consists of 22 close-ended questions and three short answer questions. An appraisal of the students' responses for the five cyber security courses in the series offered in fall 2012 and spring 2013 illustrates a great degree of satisfaction with the courses, materials and, most distinctively, the instructors. A sampling of results from the end-of-course evaluations are presented herein. Term Course Prefix The instructor is knowledgeable about the course subject area. Strongly Strongly Agree Disagree Agree Disagree Not Applicable No Answer Fall 2012 CTS3348 64% 18% -- -- -- 18% Fall 2012 CET4861 60% 40% -- -- -- -- Fall 2012 CET4862 83% 17% -- -- -- -- Spring 2013 CET3348 100% -- -- -- -- -- Spring 2013 CIS2381 100% -- -- -- -- -- Spring 2013 CET4860 94% 6% -- -- -- -- 26 Figure 9.

Term Course Prefix The instructor's feedback is useful to me. Strongly Agree Agree Disagree Strongly Disagree Not Applicable No Answer Fall 2012 CTS3348 55% 27% -- 9% -- 9% Fall 2012 CET4861 60% 20% 20% -- -- -- Fall 2012 CET4862 67% 17% 17% -- -- -- Spring 2013 CET3348 100% -- -- -- -- -- Spring 2013 CIS2381 83% 17% -- -- -- -- Spring 2013 CET4860 82% 18% -- -- -- -- Figure 10. The instructional materials contribute to my understanding of the course subject matter. Course Strongly Strongly Not No Term Agree Disagree Prefix Agree Disagree Applicable Answer Fall 2012 CTS3348 55% 27% -- -- -- 18% Fall 2012 CET4861 60% 40% -- -- -- -- Fall 2012 CET4862 67% 17% 17% -- -- -- Spring 2013 CET3348 83% 17% -- -- -- -- Spring 2013 CIS2381 83% 17% -- -- -- -- Spring 2013 CET4860 88% 12% -- -- -- -- Term Figure 11. The classroom or online environment has available the necessary tools and resources. Course Strongly Strongly Not No Agree Disagree Prefix Agree Disagree Applicable Answer Fall 2012 CTS3348 55% 27% -- -- -- 18% Fall 2012 CET4861 40% 40% -- -- 20% -- Fall 2012 CET4862 67% 17% -- -- -- 17% Spring 2013 CET3348 100% -- -- -- -- -- Spring 2013 CIS2381 100% -- -- -- -- -- Spring 2013 CET4860 82% 18% -- -- -- -- 27 Figure 12.

What did you like most about the class? "The labs and lectures have something to do with the real world. He made you think! It wasn't always step by step on the paper, and I thank him for that." "This class is meticulously organized. Assignments and expectations are very clearly explained. The lectures are not only very helpful, but entertaining as well. Dr. Craiger is personable, helpful and very knowledgeable about everything in this course." "The online wiki...." "The videos weren't just a bunch of slides and recitation of textbook material, they were filled with examples and knowledgeable explanations of the how's and why's as they would apply to real world situations." "It's a nice departure form [sic] the usual read book, take quiz, get grade, move on." "I wish more online classes used this method of teaching (no useless textbook to buy, video walkthroughs both before AND after an assignment, and regular involvements from the instructor)" "A good ratio of hands on labs and theory." "The professionalism of the professor. Kept a business aspect to the course which is necessary as it prepares you for a job in the field." "Dr. Pollitt shows an immense amount of focus on the subject matter. It helps a great deal that he has such an extensive background in the field of forensics. It was a great pleasure having him as my Professor this semester...." What did you like least about the class? "Workload should be higher. This class was not demanding enough for 4000-level. The 'moot court' exercise should be done multiple times per semester. We seem to be using old technology (e.g. examining FAT12 file systems which are virtually non-existent nowadays)." "Exams being based on the lectures. Most lectures have so much subject matter. Retaining the material from 5 lectures is difficult." "Not enough time, the classes were too short, we could have learned more, if the classes were longer." "The syllabus didn't include due dates for all assignments and exams." 28

ACE Cyber Camp The three-day cyber camp will be held in mid-july 2013 on the campus of the Advanced Technology College. The camp is being hosted in conjunction with the highly regarded Air Force Association's CyberPatriot National High School Cyber Defense Competition. It will be open to a total of 40 incoming ninth through twelfth grade students from area high schools. The camp program will include guest speakers, break-out sessions, practical exercises, and a "challenge" (finding secret codes) featuring various aspects of digital forensics, browser security, malware, and virtualization. The collegiate cyber defense team from the University of Central Florida will be present to facilitate the last day's challenge. In order to assess the students' experience with the project's inaugural summer camp, a participant survey instrument will be designed and administered on the last day of camp. The travel expenses for the Co-P.I.s to attend the cyber camp will be covered by the grant. During the annual conference the state leads expressed interest in facilitating a similar camp at their respective institutions for the summer of 2014. CTEF Career Technical Education Foundation (CTEF) is a 501(c)3 dedicated to influencing STEM education through industry and community partnerships. The organization was founded in 2003 by Mr. Paul Wahnish, a retired engineer, entrepreneur, and FISSEA educator of the Year (see Appendix). Among the many achievements of CTEF is that the STEM academy at East Lake High School in Pinellas County, Florida, has been recognized as a national model by Project Lead the Way, and a Center of Excellence in the local school district. The success of this club is serving as the catalyst for the proposed expansion of the Cyber Warrior Club throughout Florida. Beginning in November 2012, the Cyber Warrior Club was piloted at East Lake High School as a weekly after-school program for students interested in learning about cyber forensics. The club is open to all students who have maintained an un-weighted GPA of 3.0 or above. Expectations for performance include a service requirement of 10 volunteer hours, and a display of leadership, honor, and ethics. Twelve students regularly attended the weekly meetings during the 2012-2013 academic year. 29

The instructor of the club at East Lake High School, Mr. Brian Hamm, serves in a volunteer capacity. He is also a local CISSP and successful business owner. Mr. Wahnish shared that the instructor is essentially able to review one week's worth of the curriculum in a 2.5 hour block of time. The supposed rationale behind this efficiency in covering material is two-fold: the students in attendance are voluntary participants, and the instructor is a current industry professional. In addition to simply providing their students with an opportunity to broaden their knowledge base and potential career prospects, it is believed that high schools will be further incentivized to adopt the Cyber Warrior Club as a result of the Career and Professional Education (CAPE) Act. The CAPE Act provides additional funding to high schools for each student who completes a program of study and receives a passing score on an industry-based, nationally-recognized certification exam. As was originally done at East Lake High School, CISSP professionals from each of the Florida chapters will be sought to serve as instructors for the Cyber Warrior Club established in their region. Mr. Hord Tipton, Director of (ISC) 2 and a CTEF board member, has agreed to co-visit each of the six chapters of (ISC) 2 in Florida with Mr. Wahnish. The two professionals intend to provide an overview of the club's framework and a discussion on how to implement the clubs locally. Per Mr. Wahnish's estimate, "Presuming there are 200+ (ISC) 2 members at each location the opportunity for implementation and growth is expected to be facilitated by CTEF and (ISC) 2 membership." ISC 2 Chapter Name Central Florida Florida Panhandle Northeast Florida South Florida Southwest Florida Tampa Bay Florida Location Orlando Panama City Beach Jacksonville Miami Naples Tampa Figure 13. 30

The current curriculum for the Cyber Warrior Club was developed jointly by the U.S. Air Force Academy, The MITRE Corporation, (ISC) 2 and the University of Colorado. The curriculum aligns with the benchmarks and standards for a four-year, 600-hour course, as established by the Florida Department of Education. The intensity of the curriculum has earned it an "honors" credit designation for high school students. Furthermore, the curriculum maintains a national focus on cyber security with a concentration on the public and private industries operating within the region. The curriculum is not static; as such, it is revisited annually to keep the content updated with emerging trends and technologies. Mr. Hamm was asked to provide feedback on his initial experience facilitating the Cyber Warrior Club. He recommends incorporating cyber challenges earlier in the curriculum and including more of them throughout the year. Although student participation and enjoyment are key to the club's success, he would nonetheless encourage students to consider pairing up with classmates other than just their friends in order to form a more competitive, well-rounded team. Logistically, Mr. Hamm noted that it was critical to schedule the club's meetings and events around school testing -- AP exams, in particular -- and other student activities, such as the robotics competition, that are likely to engage these same participants. He would find it beneficial to establish a method to communicate the club's schedule (and changes) more readily between himself and the student participants. The instructor was surprised to learn that the students were enthusiastic about continuing to participate during the summer months. He noted that engaging in a hands-on experience positively impacted the students' engagement with the associated lecture material. Mr. Hamm is currently reviewing the hardware and software that would be most useful for the students and create a secure connection to the school's servers or a cloud. As the 2012-2013 school year drew to a close, participants were asked to complete an end-ofcourse evaluation form. Using a Likert-style scale of "1" Strongly Disagree through "5" Strongly Agree, the students rated their club experience on a series of items designed to measure their satisfaction. All 10 respondents gave very high marks to their instructor, the course content and 31

delivery, and the organization of the club. The students were most receptive to the instructor's experience and helpfulness. Each of the participants "agreed" or "strongly agreed" that they will be able to apply what they have learned to current or future tasks. They list their future STEMrelated pursuits as computer science, graphic design, video game design, programming, and engineering. The students would like to have more competitions and access to better equipment. Nine out of 10 respondents noted that they experienced equipment issues; namely, with the backtrack software. Other topics of interest include Ruby, networking, viruses, cyber attack prevention, and basic programming. A content knowledge Cyber Warrior Exam was administered to 10 students in May 2013. Beginning with the 2013-2014 school year, the exam will be administered to participants as a matched pre- and post-test. The exam contains 10 close-ended questions and 12 short answer questions. For the purpose of analysis, Mr. Hamm was asked to isolate the questions that aligned with the portions of the curriculum that were covered during the most recent school year. The class average for the "covered" material questions was 55%. Cyber Warrior Club - East Lake High School Student Demographics (2012-2013) Graduation Year Gender Race 2016 Male White 2015 Male Hispanic 2013 Male Multiracial 2013 Male Asian 2013 Male White 2015 Male White 2015 Male White 2015 Male Asian 2014 Female White 2013 Male White Figure14. Some of the questions were answered correctly by nearly every participant while a few were missed by the majority of students. This feedback is useful for both the student and the instructor, as both gain a measure of how much information is being retained and which components of the curriculum require further review. Every student who actively participates in the club is to be given the opportunity to sit for the SSCP-A certification exam offered by ISC 2. Per Paul Wahnish, "(ISC) 2 as part of their 32

agreement with Career Technical Education Foundation (CTEF), has offered to allow Florida students to take the exam at no charge to the student." When asked to gauge when the students would be prepared to sit for the SSCP-A certification exam, Mr. Wahnish noted, "If an 'educated' guess were to be made, it would be after the third year of the curriculum is covered." Kelly Services, a national staffing agency, has entered into an exclusive contract with CTEF, allowing students 16 years of age and older to be placed in jobs relevant to their desired field of study. The increasing demand for cyber professionals in diverse sectors of government and private industry provide opportunities for these students to apply their skills in the workplace. One of the initial discussions with Paul Wahnish focused on reach and exposure of the club model. In order to attract a more robust and diverse audience of students, Mr. Wahnish and his team has decided not to limit themselves to high schools. Instead, they are interested in broadening their approach by targeting existing clubs, such as Boys & Girls Clubs and YMCAs, using a summer camp structure that could be rather seamlessly integrated into an after-school program during the year. Location School/Association Club or Academy Sarasota, FL Girls Inc. Club Pinellas County, FL East Lake High School Academy Pinellas County, FL East Lake High School Club Pinellas County, FL Hillsborough County, FL Westlake Christian School Berkeley Preparatory School Club TBD Palm Beach County, FL TBD Club Palm Beach County, FL TBD Academy Dates 8-5-13 thru 8-9-13 Fall-2013/14 school year Fall-2013/14 school year Fall-2013/14 school year Fall-2013/14 school year Fall-2013/14 school year Fall-2014/15 school year Status Students Expected Confirmed 20 Confirmed 25-50 Academy Confirmed 20-30 Confirmed 25-50 Description One week camp; 40 hours instruction Club; meeting 2 hrs weekly Club; meeting 1 hr weekly for 40 weeks. Proposed -- In discussion Confirmed 30-50 Confirmed 25-50 Academy Club; meeting weekly during the school year Jacksonville, FL Trinity High School Club -- Proposed -- In discussion Jacksonville, FL NE Boys & Girls Club Club -- Proposed -- In discussion (Multiple) (FBLA) Future Business Leaders of America, Inc. Club -- Proposed -- In discussion 33 Figure 15.

Appendix A - Personnel Bios Emily Rossi, M.B.A. ACE Project Coordinator Emily Rossi received her B.A. in Psychology from Wright State University in Dayton, Ohio. She then served as a graduate assistant to the M.B.A. Program Director while completing her M.B.A. with a concentration in International Business. She continued her career in higher education by serving as an Academic Advisor for Wright State University and Embry-Riddle Aeronautical University. Patrick Vilkinofsky ACE Senior Technical Specialist Patrick Vilkinofsky received his A.S. in Networking from Daytona State College. Patrick served as a research assistant to Dr. Craiger while continuing his education towards a B.S. in Information Systems with an elective focus of information security and digital forensics. Upon completion of the B.S., Patrick plans to continue his education with graduate studies in digital forensics. 34

35 Appendix B - Job Descriptions

36 Appendix B - Job Descriptions

37 Appendix C - Press Coverage

38 Appendix C - Press Coverage

39 Appendix C - Press Coverage

Appendix D - Daytona State College Advisory Committee DSC Computer Science Advisory Committee 2012-2013 Name Title Company Anindya Paul CPT Department Chair Daytona State College Ashley Barton Graphic Design Technician, I.T. City of Daytona Beach Balint Farkas Programmer/Analyst Pevonia International Bill Boon District Information Systems Manager Fla Department of Transportation Bill Clausen Communication Manager County of Volusia Bill Tindall IT Volusia County Schools Bill Zachary President Z Graph Bradley Korn Lead Developer Direct Mail Express Brandon McNulty Director Technology International Speedway Corp Brian Curtiss Technical Operations Manager Brighthouse Networks Bruce Caldwell IS Director Florida Hospital Casey Pickering Clinical Informatics Manager Florida Hospital Charlie Howell Director of IT Center For Business Excellence Cheryl Miller Work Experience Coordinator Daytona State College Chris Kane IT Florida Production Inc. Cliff Jackson IT Direct Mail Express Cornell Johnson Technical Supervisor Brighthouse Networks Dan Garley IT Manager Direct Mail Express Danielle Gusler HR Sparton Electronics Diane Byerly Data Center Director Volusia County Health Department Dean Schmaus IT Manager Halifax Health Deborah Michaud IT Support Manager Masco Dennis Horton Oracle Donnie Wines IT Manager Flagler County Government Dr. Ronald Eaglin Dircetor College of Technology DSC Daytona State College Edward Degnan Division Chief U.S. Airforce Elaine Whitehead Retired IT Director County of Volusia Fred Weston Senior Coordinator, IT Operations LPGA Gary Bowen Director of Information Services Florida Hospital-Flagler Gary Frass U.S.Navy Gary Van Opdorp Director of Software Development Emergency Communications Network Gregory Inguagiato Technical Recruiter Experis I.T. Gary Vela President & CEO Daytona Internet Marketing Services, Guy Savino G S Consulting Consultant Henry Okraski President/CEO Henry C. Okraski Jack Sumner Chief Information Officer Ladies Professional Golf Association James Osterman Product Support & Test Manager Raydon Corp. Jerry Ballenger Director of Technology and Operations International Speedway Corp Jim Bare Chief Information Officer Florida Health Care 40

Appendix D - Daytona State College Advisory Committee DSC Computer Science Advisory Committee 2012-2013 Joe Bonanno IT International Speedway Corp Joel Greenstein Vice-President Premiums, Promotions and Imports John Clary Manager - Information Technology City of Daytona Beach Julian Cantillo President Axiom Administrative Services Kevin Curley Operations Manager Media Tech Kevin Piper Information Services Director Florida Hospital Deland Kimberly Westberry IT Director County of Volusia Lawrence Brown CIO DME Holdings Luis Alcaraz President First Flight Consulting Group Lynn Willis MIS Senior Network Security Engineer Volusia County Schools M.Jayson Meyer Chief Executive Officer Work Smart MD Mackenize Meyer Chief Technical Officer Work Smart MD Mahyar Okhovatian President Compusystems Manjula Sathyanarayan Software Engineering Manager Raydon Corp. Matt Wanner Automated Process Manager Palm Coast Data Maurice Morissette COO/CFO Office Of The President Media Tech McKinnon, Mary Application Systems Analyst City of Daytona Beach Michael Olsen IT Director Florida Hospital Michele Jordan President Networking Magic Mike Lee Chief Information Officer Palm Coast Data Mindy Strawser Director of Client Services Work Smart MD Mitchell Nealy Director Information Technology Fklorida Health Care Neal Finkelstein U.S Army Ned Huhta IT Director City of Ormond Beach Rhonda Reed Manager, IT Client Services Halifax Health Rory Malisoff National Accounts Executive KVAR Energy Savings, Inc. Sam Samani IT Manager City of New Smyrna Raquel Schnoor Project Manager District 7 State Attorney's Office Shawn Chambers Manager of Software Development ACI Steven Narvaez ITSD Manager City of Deltona Thomas Scherer IT Manager Orthopedic Clinic of Daytona Tim Branz IT Duva Sawko Todd Huffstickler Executive Vice President VannDate Tom Stender Chief Engineer InfiniSys, Inc. Tony Marino Director of Information Technology City of Port Orange Tyrone Walker Manager, Human Resources Palm Coast Data Vincent Guzman Manager, Flight Training Devices Flight Safety International Vincent Perosi Lead Systems Technician International Speedway Corp Wil Vaught User Support Analyst II Volusia County Schools Zeddie Williams Network Administrator Sparton Electronics 41

Appendix E - Figure 1 (continued) Full list of P.I. and Co-P.I. Industry-Specific Qualifications Dr. Mark Pollitt, P.I. Fellow, American Academy of Forensic Sciences (AAFS) Certified Cyber Forensics Practitioner (CCFP, [ISC 2 ]) DFCP-F from the Digital Forensic Certification Board FBI Laboratory Examiner Access Data Certified Examiner (ACE) Dr. Philip Craiger, Co-P.I. Member, American Academy of Forensic Sciences (AAFS) Certified Cyber Forensics Practitioner (CCFP, [ISC 2 ]) Certified Information Systems Security Professional (CISSP, [ISC 2 ]) American Society of Crime Labs/Laboratory Accreditation Board (ASCLD/LAB) Certified Inspector GIAC Certified Forensic Analyst (SANS) Certified Encase Examiner (ENCE, Guidance Software) Certified Ethical Hacker (EC-Council) 42

43 Appendix F - Year One Conference Agenda

44 Appendix G - Award Acknowledgement Letter

45 Appendix H - Cyber Camp Flyer

46 Appendix I - Student Consent Form

47 Appendix J - Data Collection Template

48 Appendix J - Data Collection Template