PROPOSAL FOR X NEW INSTRUCTIONAL PROGRAM SUBSTANTIAL EXPANSION/MAJOR MODIFICATION COOPERATIVE DEGREE PROGRAM

PROPOSAL FOR X NEW INSTRUCTIONAL PROGRAM SUBSTANTIAL EXPANSION/MAJOR MODIFICATION COOPERATIVE DEGREE PROGRAM (For each proposed program, attach a separate cover page. For example, two cover pages would accompany a proposal for a degree program and a certificate program.) Baltimore City Community College Institution Submitting Proposal 6/9/2014 Projected Implementation Date Certificate Cyber Security and Assurance Award to be offered Title ofproposed Program 5103-02 150305 Suggested REGIS Code Suggested CIP Code Department of Business and Technology Dr. Eyinnaya Bob Iweha Department ofproposed Program N arne ofdepartment Head Chima Ugah cugah@bccc.edu 410 462 8542 Contact Name Contact E-Mail Address Contact Phone Number Signature and Date President/ChiefExecutive Approval Date Date Endorsed/ Approved by Governing Board

Page 2 of2 A. Centrality to institutional mission statement and planning priorities: The new cettificate program in Cyber Security and Assurance is in line with BCCC institutional mission as a dynamic institution ofhigher education that is responsive to the changing needs of its stakeholders and community at large. Protecting corporate and individual data from identity theft is critical to the survival ofthose whose data may be compromised. Industrial espionage is on a consistent rise across the globe through organized hacking and systems' access denial. The rise in cyber-crimes has outpaced the knowledge base needed to provide the required counter measures, and educational institutions must provide adequate training to fill the void. Protecting computer data and networks is a mission-critical process in planning and implementing IT security infrastructure by addressing multiple vulnerabilities, and has evolved into full cuniculum across the nation. The Cyber Security and Assurance Program will: 1. Provide outstanding Cyber Security-related education to the citizens of Baltimore and the State ofmaryland; 2. Provide activities in collaboration with Computer Infmmation Systems, Computer Aided Design/Drafting, and Electronics courses that should enhance interests in those courses; 3. Introduce Cyber Security concepts to underserved and disadvantaged 11th and 12th graders in the Baltimore City Public School System (BCPSS) thereby improving their math problem-solving sldlls through hands-on robotics exercises; 4. Create a career pathway from Baltimore City Community College's Cyber Security to University ofmaryland and John's Hopkins University Cyber Security and related Bachelor's Degree; 5. Partner with industries to provide internship and job opportunities for Baltimore City Community College's Cyber Security graduates. Maryland is the epicenter for cyber security in the United States. Local universities Sl;LCh as Johns Hopkins University, University of Maryland-Baltimore County, Capitol College and UMUC are offering courses and programs in Cyber Security and are interested in mticulating similar courses with BCCC. Fmther, there have been frequent inquiries about a Cyber Security program at BCCC from external stakeholders. It is important to note that the State ofmaryland has designated BCCC and Johns Hopkins as the Cyber Security educational center for Baltimore City. BCCC is a member of Cyber Watch Consortium headquartered at Prince George's Community College B. Adequacy of curriculum design and delivery to related learning outcomes consistent with Regulation.10 of this chapter: 1. Provide a list of courses with title, semester credit hours and course descriptions, along with a description ofprogram requirements. 2. Describe the educational objectives and intended student learning outcomes.

Page 3 of3 Cyber Security and Assurance Certificate* Catalog Description The Cyber Security and Assurance Program at BCCC emphasizes on the need to build a wall between our infmmation and those that want to exploit it. The recurring events such as virus and wmm attacks and the success of criminal attackers illustrate the weaknesses in current infmmation technologies and the need to heightened security ofthese systems. Students will gain practical experience in understanding the threats and dangers, security assessments and analysis to a wide range of different businesses, and the steps that need to be taken to mitigate these vulnerabilities by using state-of-the-art technology. The progi am prepares students for vendor-specific or commercially available security certification. * Cyber Security and Assurance students may have summer internship opportunities at industries or Morgan State University School of Engineering. ** Depending on a student's BCCC college Math placement scores (through the Accuplacer Te~t) and the Cyber Security and Assurance Coordinator's evaluation of the student's Math placement scores, a Cyber Security student has to place into a higher level Math course such as MAT 107.

Page 4 of4 ~ - 7 ~ :4a :~ B.vogva~ [pe~rvpigg,muj~gjl}es ~pvl<slie~~ _,,,, Program Name: Cyber Security and Assurance (A.A.S.) (MHEC #: 510301) Division: BSTEM Program Coordinator: Chima Ugah Department: Business and Technology Coordinator Extension: 410-462-8542 Information Security Ethics Computer Forensics Operating Systems and Network a. Examine of ethical issues in information technology as well as an understanding of how ethical theory can be applied to a discussion and analysis of those issues. b. Examine a cluster ofinformation technology issues within the framework of ethical theory, and develop rational, coherent, consistent, and systematic approach to addressing moral issues in information technology. c. Make recommendations on "risk management" by conducting fundamental information security assessment and developing policies for identifying and prioritizing threats and assets, and the procedures for identifying what controls are in place to protect corporate assets from threats. d. Implement ethical and information security policies and procedures for an organization or a corporate entity. e. Implement security maintenance procedure that requires ongoing technical and administrative evaluation that an organization must perform to maintain the security ofits information "u,,t.,,n'l a. Conduct the appropriate computer investigation procedures that include examining a computer crime, taking a systematic approach in assessing a case and securing evidence. b. Demonstrate the knowledge of operating systems file structure that includes Windows, DOS, Macintosh, and UNIX/Linux. c. Follow the computer forensics analysis and methodology, and use digital intelligence computer forensics tools. d. Use a systematic approach to conduct computer network forensics. e. Utilize appropriate methodology to investigate e-mail crimes and violations. f. Conduct the mobile phones and PDAs computer forensic investigations. g. Write reports and generate report findings with forensic software tools. h. Write reports and generate report findings with forensic software tools. a. Design security measures into physical and network topology that includes wireless and virtual machines security

Page 5 ofs )Jji "" lw J!ffi!V W''i' \11 ;: B>z;;"'& N~<*WE'~"'~~i1h-"'fi1;,ffFf~~A!lJ?J#~» 7?1!l~*fA:fff!W:~~\of~M :~?lm;'rf~ir~~?::;rtrpw41j!!jw(!\i!? 7'? ;:s::;/!ffi;!j:&jjtfff:jxj~ '0 (, " ";,?! e~z;ox- «8%, ', /, fq~og'~a'llli:d"~itn~ilf~ tg:~~,~~m~s,~q!ir J!e~t ',, -;; P "'* 7xpdilj);}'lli\'" 0 #%"'J?JJ.,;:".lf!f~'"' "'y;q~!fj';,;l "'"'y"'p ; 0 0{i!/";;;"' "'! "" '1 Program Name: Cyber Security and Assurance (A.A.S.) (MHEC #: 510301) Division: BSTEM IDepartment: Business and Technology Program Coordinator: Chima U gah Coordinator Extension: 410-462-8542 I Date Submitted: 3.1.12 b. Use different approach to operating systems hardening c. Secure the network through authentication and encryption d. Implement file, account-based, directory, e-mail, and shared resource security. e. Implement firewalls and boarder security. f. Implement Web, remote-access, and VPN security. g. Maintain the network security through monitoring and auditing. Cyber Security a. Demonstrate the knowledge of the evolution of computing, Implementation communications, and social network from mainframe computers to client-server to World Wide Web; from Brick-and Mortar to E-Commerce to E-business transformation; and from personal communication to social networking. b. Secure Web-enabled application deployment and social network c. Mitigate risk when connecting to the Internet. d. Mitigate Web-site risks, threats, and vulnerabilities. e. Mitigate Web application vulnerability. f. Secure end-point device communication. g. Secure personal and business communication. Ethical Hacldng a. Describe the basics of ethical hacking aspects such as the phases ofthe hacking cycle and the different types ofhacker attacks. b. Use hacking tools and document their functionality. c. Use security testing and monitoring methodologies to practice their knowledge with the various penetration testing tools. d. Explain the basic concepts oftcp /IP protocol stack.,0 4 e. Identify physical security attacks and vulnerability, and fix them f. Use Web tools for footprinting to find out how a corporate network is designed. g. Enumerate operating systems targets by discovering logon accounts and passwords, and gaining access to network resources. Business Continuity and a. Develop a risk management plan. Disaster Recovery b. Perform risk assessment and identify assets and activities to be protected. c. Plan risk mitigation throughout the organization. d. Mitigate risk with a business impact analysis. e. Mitigate risk with a business continuity plan. f. Mitigate risk with a disaster recovery plan. g. Mitigate risk with a computer incident response team plan.

Page 6 of6 Listed below is the course description. BCAP 104: Introduction to Operating Systems: DOS/Windows Students are introduced to the Disk Operating System (DOS), the Windows Operating environment, and the UNIX Operating System. Students leam some ofthe most important topics ofthe command line, including DOS sessions, displaying directories, working with files and using directories and subdirectories. The windows features presented include working on the Windows desktop, file, document and folder management, Windows Explorer, modifying the desktop environment, customizing toolbars and folders, using Help troubleshooter, customizing the computer using the Control Panel, search for information with Intemet Explorer, and setting up a computer to use offline files. Students also acquire an introduction to creating and manipulating directories and files using UNIX operating systems. CISS 105: Introduction to UNIX operating System (3 credits) A basic overview ofthe UNIX operating system is provided. Topics include file managing, text file utilities, text-editing with vi, shell programming, ways to communicate including electronic mail, and various UNIX utilities. CISS 201: Systems Analysis and design (3 credits) Programmers are given an overview ofthe role ofthe analyst in the development of an entire system and on-the-project team. Topics include use ofsystem flow charts, decision tables, and process flow charts to promote standards for documentation. Techniques for project management used by the analyst are included along with CASE tools. ITNT 235: Networking with TCPIIP (3 credits) Students are introduced to computer communications protocols. Principles such as architecture, layering, multiplexing, address mapping, and routing are discussed along with such topics as intemet protocols and subnet and super-net extensions. This course prepares students for the professional world of computer communications. ITSA 125: Security Fundamentals, Principles and Ethics (3 credits) Security Fundamentals, Principals and Ethics provides a broad view ofthe entire field of infmmation security with a structured methodology that can be used to implement information security in an organization that has little or no formal information security procedure in place; a study of ethics and moral philosophy as a means for providing a framework for ethically grounded decision making in the information age. ITSA 233: Ethical Hacking (3 credits) Ethical Hacking engages students in an interactive environment where they willleam how to scan, test, hack and secure information systems. Students will gain practical experience with es.sential security systems with a plethora of offensive security topics ranging from how perimeter defenses work to scanning and attacking simulated network. A wide variety oftools, viruses, and mal ware is presented, providing a complete understanding oftactics and tools used by hackers.

Page 7 of7 ITSA 242: Computers Forensic and Investigation (3 credits) Computer Forensics and Investigation provides the knowledge ofa "digital detective" in the investigative and evidence-gathering protocols related to computer crimes in hardware and software systems. The course covers the required knowledge, skills, and experience to acquire digital evidence, conduct complex and data-intensive forensic examinations involving multiple computer operating systems and file types to reporting findings. ITSA 245: Cyber Security Implementation (3 credits) Cyber Security Implementation teaches students how to develop an overall security program necessary to protect data and secure mobile users as infmmation migrates from mainframe computers and application servers to Web-enabled applications. It covers computing, communications, and social networldng; and pt'esents methods to secure systems against the risks, threats, and vulnerability associated with Web-enabled applications' accessibility through the Internet. ITSA 255: Information System Security (3 credits) Systems administrators are provided with knowledge ofthe approaches intruders use to gain access to the system. Concepts ofvulnerability ofthe system exploited by the intruder through threats ofinterruption, interception, modification, and fabrication are discussed. The use of frrewalls and other preventive approaches to the security ofa UNIX-based network environment are examined in detail. Cyber Watch/BCCC Curriculum Mapping CyberWatch CW160 Security+ CW110 Ethics in the Information Age CW130 Microcomputer Operating Systems CW225 Hardening the Infrastructure CW235 Network Defense & Countermeasures Computer Forensics I Disaster Recovery & Risk Management BCCC ITNT235- Networking with TCP/IP ITSA255- Information Systems Security ITSA 125- Security Fundamentals, Principles and Ethics BCAP104- Introduction to Operating Systems ITSA245- Cyber Security Implementation N/A ITSA242- Computer Forensics & Investigation ITSA270- Business Continuity & Disaster Recovery Students entering into the cyber security program will have completed all remedial courses or obtained appropriate ACCUPLACER scores. Describe the educational objectives and intended student learning outcomes A student who completes the Cyber Security and Assurance program will be able to: 1. Follow a structured model in Security Systems Development Life Cycle (SDLC) 2. Detect attack methodology and combat hackers from inu usion or other suspicious attempts at connection to gain unauthorized access to a computer and its resources 3. Protect data and respond to threats that occur over the Internet

Page 8 of8 4. Design and implement risk analysis, security policies, and damage assessment 5. Plan, implement and audit operating systems' security in a networked, multi-platform and cross platform environment 6. Provide contingency operations that include administrative planning process for incident response, disaster recovery, and business continuity planning within information security All BCCC students must meet the College's Computer Literacy requirement in order to receive a degree or a certificate. All first-time full- and part-time degree and certificate seeking students are required to complete the PRE-100 course within the first six credits 4. Identify any specialized accreditation or graduate ce1iification requirements for this program and its students. BCCC is cunently accredited by the Middle States Commission on Higher Education (MSCHE). BCCC will apply for MSCHE approval ofthe Cyber Security and Assurance Program once it has secured MHEC approval. 5. Ifcontracting with another institution or non-collegiate organization, provide a copy ofthe written contract. Not applicable at this time. C. Critical and compelling regional or statewide need as identified in the State Plan: 1. Demonstrate demand and need for the program in terms ofmeeting present and future needs ofthe region and the State in general based on one or more ofthe following: o The need for the advancement and evolution ofknowledge; o Societal needs, including expanding educational opportunities and choices for minority and educationally disadvantaged students at institutions ofhigher education; o The need to strengthen and expand the capacity ofhistorically black institutions to provide high quality and unique educational programs. Cyber Security Industry Analysis Cyber Security is a technology that is in high demand in the private, governmental, and military sectors. The Federal government and the State of Maryland are pro-active in protecting national and state data. The recent "Cyber Maryland" publication states that President Barak Obama pledged to make securing the country's most vital computer networks a top economic and national security priority. There is a greater need for knowledge base to improve the safety of information networks that power the government and the U.S. economy. The State ofmaryland is the national epicenter offederal cyber security activities and the home to: The National Security Agency The Intelligent Advanced Research Projects Activity

Page 9 of9 The National Institute of Standards Defense Information Systems Agency headquarters U.S. Cyber Command headquarters Department of Defense expansions ofthe intelligence and communications responsibilities at Fort Meade and at Aberdeen Proving Ground through the BRAC initiatives. Maryland is the base for our nation's effmt to defend and protect U.S. information networks. Cyber Security Local/Neighboring States Project Concentration Currently, there are not enough Cyber security technicians in Maryland, Virginia, Delaware, New Jersey, or New York [6, 7] where high-tech industry and minority populations are highly concentrated. To address the demand for Cyber Security technicians in Maryland, Baltimore City Community College (BCCC) proposes the Cyber Security and Assurance Curriculum model that, through Cyber Security instruction for the highly technical workplace, will scale nationally to increase the number oftechnicians, especially African Americans, with proficient skills in Cyber Security, computer and information technology, as well as manufacturing. Job opportunities available to persons who complete AAS degree in Cyber security Today's in-demand Cyber Security career paths include but not limited to the following areas: Information Technology Application Development NetworkAdministration Web Development 2. Provide evidence that the perceived need is consistent with the Maryland State Plan for Postsecondary Education (pdf). The 2009 Maryland State Plan for Postsecondary Education calls for Quality and Effectiveness; Access and Affordability; Diversity; A Student-Centered Learning System; and Economic Growth and Vitality. This proposed program fits all ofthese goals. This proposed program provides valuable skills and knowledge in one ofthe fastest-growing employment sectors in the region. Baltimore City Community College offers ready access and affordability to a diverse population of learners empowering them to go out and fulfill the workforce needs as well as becoming lifelong learners. The program follows a student-centered and learning-centered approach. Most ofthe Core courses are handson and intemship opportunities will be provided. The Cyber security and assurance program at Baltimore Community College is working closely with the Baltimore City Public Schools Morgan state University, University ofmaryland Baltimore City, John's Hopkins University and local Businesses to provide career pathways. D. Quantifiable & reliable evidence and documentation of market supply & demand in the region and State:

Page 10 oflo There is a growing need for cyber security careers pmiicularly within this geographic location. The U.S. Bureau of Labor Statistics projects a 48 percent increase in jobs for computer softwme engineers and 55 percent growth in jobs for network system and data communications analysts by 2014. Computer software engineers, network systems and data communication analysts, and network and computer systems administrators are projected to go up between 40 and 50%, and computer information systems managers are projected to grow by 23%. Projections for Maryland mimic this trend. Much ofthis demand is fueled by the growing IT industry, which is particularly strong in MD, DC, and VA because ofthe large federal infrastructure including intelligence and Department of Defense govermnent agencies and related contractors. There is anticipated much increase through BRAC movements to Ft. Meade and the Aberdeen Proving Ground. State of Maryland has more room for a robust higher education system that trains the next generation of cyber security expe1is with innovative cuniculum to address the shmiage ofthe nation's technically advanced workforce. The Baltimore Development Corporation (BDC) has created a formal strategy for the attraction and retention of cyber security companies. This strategy includes the development and maturation oftwo cyber pipelines- one for workforce and one for businesses. A Baltimore City cyber security workforce pipeline would ensure that local firms have access to qualified talent. Baltimore City Community College along with Johns Hopkins University has been designated by State of Maryland to form the backbone ofthe workforce educational system. E. Reasonableness of program duplication: There are variations ofthe cuniculum being offered at the State institutions and BCCC curriculum program will enhance and design to fill the void of difference with other colleges. School Program Name Certificate Degree #of #of Certs. Associate/ Awarded Bachelor 2012 Degrees Awarded 2012 Anne Arundel fuformation & Cyber Yes & with AAS 6 4 Corum. Col. Security (Cert.); various Cybercrime (Degree) vendors certifications Capitol College Computer and Yes AAS, 2 5 Network Security BS, fuformation MS Assurance (Bachelors and Masters) Community College fuformation Security Yes Yes 1 4 of Baltimore County (Cert.); fufonnation Systems Security (Degree) Garrett College Cyber Security (Cert.) Yes N/A 0

Page 11 ofll School Program Name Certificate Degree #of #of Certs. Associate/ Awarded Bachelor 2012 Degrees Awarded 2012 Harford Community Information Systems Yes AAS 0 9 College Security Montgomery College Cybersecurity Yes AAS 0 6 Prince Georges Information Security Yes & with AAS 5 6 Comm. Col. various vendor certifications Source: MHEC (May, 20 13). Trends in Degrees and Cettificates By Program, Maryland Higher Education Institutions, 1999-2012. F. Relevance to Historically Black Institutions (HBis) National Science Foundation (NSF) data revealed that in 2000, only 7.5% of engineering/science technicians were African Americans [1 0]. This percentage is considerably lower than the 12.2% national population of African Americans [11]. To increase the number of African American technicians, more African Americans must be trained in emerging technologies such as cyber security, and the undergraduate engineering enrollment/retention/success rate for African American students at community colleges and fouryear institutions must be significantly increased. Baltimore City community College has articulation agreement with Morgan State and Coppin State Universities. It is hoped that students from this program will definitely contribute to these historically Black Institutions when they transfer to them. G. If proposing a distance education program, please provide evidence of the Principles of Good Practice (as outlined in COMAR 13B.02.03.22C). N/A H. Adequacy of faculty resources (as outlined in COMAR 13B.02.03.11). A new position is created for a faculty in Cyber security. This individual should have Masters' degree in Cyber Security and Assurance or in related discipline Information Technology Security. Other support faculty members are: Prof. Chima Ugah, MS, MBA Business and Technology Email: cugah@bccc.edu, Phone: 410 462 840 Associate Prof. Wan en Turner, MSc Computer Information Systems Email: wtumer@bccc.edu, Phone: 410 986 5567 Robert Smith, M.S.., Adjunct Faculty Computer Information Systems Email: rsmith@bccc.edu, Phone: 410 986 5553

Page 12 of12 I. Adequacy of library resources (as outlined in CO MAR 13B.02.03.12). Baltimore City Community College has an excellent electronic database sufficient to run the program. The print collection will be expanded as needed. However, special collection for Cyber security collections may be necessary. The students at Baltimore City Community College have access to the University of Maryland Library system through the UMB BioPark. J. Adequacy of physical facilities, infrastructure and instructional equipment (as outlined in COMAR 13B.02.03.13) Baltimore City Community College has adequate physical facilities and infrastructure to initiate the program. The college has adequate spaces for classrooms, staff and faculty offices, and laboratories for the program. The program will have minimal impact on the use of existing campus space and facilities. Provision has been made to acquire laboratory equipment. However, BCCC will pay for the new equipment and facility modifications. There will be need for acquisition ofstate-of-the-mi technology to deliver instructions properly. Also, CISCO lab for credit courses will be required to accommodate shared credit/non-credit CISCO courses to be moved from BCED to Cyber Security Program. The table below summarizes the needs. Item Description Units Cost One Full-time faculty Specialized in IT Security 15TAU $60,000.00 + member courses Fringes Hands-on Cyber Lab ITSA242, ITSA245, I1NT260 26 computers @ $54,600.00 LSB 307 &ITNT265 $2,100.00 each Renovation/Fixtures Wiring, a Smmi station, a 25 desks. 25 chairs $65,100.00 LSB 307 smart board and 25 work stations Software Acquisition $45,000.00 Faculty Training Professional development 2 faculty members $15,000.00 Total Startup Cost $239,700.00 K. Adequacy of financial resources with documentation (as outlined in COMAR l3b.02.03.14) The proposed Cyber security and Assurance program is expected to generate revenue in excess of expenses from the third year.

Page 13 of13 FINANCE DATA TABLE 1: RESOURCES: Resource Categories Yearl Year2 Year3 Year4 YearS 1. Reallocated Funds $0 $0 $0 $0 $0 2. Tuition/Fee Revenue $44,790 $64,960 $77,270 $97,440 $122,060 (c + g below) a. Number off/t Students 15 20 25 30 40 b. Annual Tuition/Fee Rate $2,462 $2,462 $2,462 $2,462 $2,462 c. Total FIT Revenue (ax b) $36,930 $49,240 $61,550 $73,860 $98,480 d. Number ofp/t Students 5 10 10 15 15 e. Credit Hour Rate $131 $131 $131 $131 $131 f. Annual Credit Hour Rate 12 12 12 12 12 g. Total PIT Revenue $7,860 $15,720 $15,720 $23,580 $23,580 (dxexf) 3 ~ Grants, Contracts & Other $0 $0 $0 $0 $0 External Sources 4. Other Sources-State aid based on $83,252 $118,934 $142,721 $178,401 $225,974 students FTE TOTAL (Add 1-4) $44,790 $64,960 $77,270 $97,440 $122,060 1. Reallocated Funds No funds will be reallocated from existing programs. 2. Tuition and Fee Revenue We assumed that tuition and fees will be constant in the next five years. In-state tuition rate is cunently $88 per credit and a total fee of$43(consisting of consolidated fees of $12, registration fee of $20 and facilities capital fee of $11) for a total of $131 pre credit was used in calculating the revenue; with 24 credit per year for full-time students and 12 credit per year for part-time students. 3. Grants and Contracts The college will look for/and apply for grant when opportunity presents itself. 4. Other Sources No additional sources of funding are expected at this time.

Page 14 of14 5. Total Year: The Cyber security and assurance program at Baltimore City Community College is expected to generate revenue from the third year of its inception. TABLE 2: EXPENDITURES: Expenditure Categories Yearl Year2 Year3 Year4 YearS 1. Faculty (b + c below) $86,634 $88,367 $90,134 $91,938 $93,776 a. #FTE.6.8 1.0 1.2 1.6 b. Total Salary $60,000 $61,200 $62,424 $63,673 $64,946. c. Total Benefits $26,634 $27,167 $27,710 $28,265 $28,830 2. Admin. Staff (b + c below) $0. $0 $0 $0 $0 a. #FTE $0 $0 $0 $0 $0 b. Total Salary $0 $0 $0 $0 $0 c. Total Benefits $0 $0 $0 $0 $0 3. Support Staff (b + c below) $0 $0 $0 $0 $0 a. #FTE $0 $0 $0 $0 $0 b. Total Salary $0 $0 $0 $0 $0 c. Total Benefits $0 $0 $0 $0 $0 4. Equipment $54,600 $15,000 $15,000 $15,000 $10,000 5. Library $800 $800 $800 $800 $800 6. New or Renovated Space $65,000 $20,000 $22,000 $24,000 $26,000 7. Other Expenses,Lab supply $45,000 $20,000. $15,000 $10,000 $10,000 TOTAL (Add 1-7) $252,034 $139,167 $134,934 $137,738 $138,576 NARRATIVE FOR EXPENDITURES 1. Faculty(# FTE, Salary; and Benefits) One new faculty member is required for this proposed program. The faculty member is required to teach all the core courses in the program. He/she will also serve as the program coordinator. A 2% Cost Of

Page 15 of15 Living Adjustment is factored into the salary in the subsequent years after the first year. He/she is expected to teach 15Teaching Assignment Unit equivalent to 15 credits per semester for a total of 30 credits a year. 2. Administrative Staff(# FTE, Salary, and Benefits) There will be no need for an additional administrative staff. The existing department and School administrative staffwill be sufficient to run the program. 3. Support Staff(# FTE, Salary, and Benefits) The existing suppmt staff in the school ofbstem will be sufficient to administer the program. 4. Equipment Funds will be needed to provide basic laboratory equipment for startup of the labs. $54,600 will be needed to purchase desktop computers (see table L4 below). 5. Library A minimal fund is needed to purchase Cyber Security textbook. 6. New and/or Renovated Space There will be need to renovate and configure existing laboratory room space to serve as dedicated lab for the program. Room 307 in the Life Sciences Building has been identified for this purpose: 7. Other Expenses Funding is available through professional development funds for two faculty to benefit from. These PD funds will enable the faculty members to attend conferences and be trained in the use of new soft wares as needed. 8. Total Year We project that the program will be self-sustaining from the third year ofits inception. L. Adequacy of provisions for evaluation of program (as outlined in COMAR 13B.02.03.15). Baltimore City Community College has a compreh~nsive course and program evaluation process. Each course syllabus has a set of written student learning outcomes. The course learning outcomes are assessed through embedded questions on tests, assignments and pmifolio that address specific course outcomes. Data is collected and analyzed and results are used to improve course curriculum and pedagogy. Each course is assessed in four semester cycle. Program assessment takes place in a five year cycle. Data regarding program enrollment, retention and graduation rates, are collected by the Institutional, Advancement, Marketing, and Research in conjunction with the program coordinator. The data are analyzed against program outcomes and results are used to improve the program. Every faculty is evaluated each year. The evaluation process includes an assessment of faculty teaching, student evaluation of faculty, community service, college wide and department service. In order to receive high evaluation, a faculty member must demonstrate effective teaching above all. There is also provision for administration to set out an improvement plan for faculty

Page 16 of16 members who have not done well in the area ofteaching. M. Consistency with the State's minority student achievement goals (as outlined in COMAR 13B.02.03.05 and in the State Plan for Postsecondary Education). Baltimore Community College mission is compatible with the State of Maryland.minority achievement goals. The college provides assessable and affordable education to the inner city dwellers and it's environ. Cunently, Baltimore City Community College is well positioned to provide affordable education to inner city dwellers with over 88% African American students. The rich cultural diversity of Baltimore Community College is epitomized by the various countries ofthe world represented in its student population. This proposed degree and certificate program will enhance science, Technology, Engineering and Mathematics assess to the African American thus bridging the technological divide among the. undenepresented. This program will also provide the student with opportunity to be integrated into the workforce as well as transfer to a four institutions or university. Through the college's web site, Institutional Advancement, Marketing and Research, and college catalogue Baltimore City Community college provides increased visibility of its programs to the world. N. Relationship to low productivity programs identified by the Commission: References: Cyber security and assurance has no relationship with any low productivity program at the college. 1. Legislation: 2005-2006 (109th Congress), 2. S. 1042 [109th]: National Defense Authorization Act for Fiscal Year 2006, http://www. govtrack. us/ congress/bill.xpd?bill= s 1 09-1 042. 2. Maryland Department of Business and Economic Development, "Base Realignment and Closure Study Assesses Impact on Maryland's Resources," (February 9, 2007). http:/ /www.choosemaryland.org/newsandevents/pressreleases/page 5 67 5.html 3. Downtown Partnership, "2006-08 Downtown Development Report: Downtown Baltimore Real Estate Overview," (June 2006). 4. US Census Bureau, Race and Ethnicity, M0202. Percent ofthe Total Population Who Are Black or African American Alone: 2005, http://www.census.gov 5. Conrad, Cecilia A., Final Report, African Americans and High-Tech Jobs: Trends and Disparities in 25 Cities, Joint Center Board of Governors, 2006.

BALTIMORE CITY COMMUNITY COLLEGE Response to the June 2, 2014 Request Notice Check No. 46949290 Item i: Evidence of Agreements: BCCC and JHU as Cyber Security Educational Centers for Baltimore The existing evidence of Intent is demonstrated through the Cyber Maryland publication dated September 26, 2011, that was accessed on October 7, 2011, per the attachment. Since this time, Baltimore City Community College has experienced administrative turnovers that have prevented finalizing the collaborate effort between John Hopkins University and BCCC. Under the direction of the Interim President of the College and Interim Vice President of Academic Affaits, the opportunity to finalize the working agreements between John Hopkins University and BCCC has been strengthened through the following partnerships. These partnerships were not possible prior to recent progress made within Academic Affairs. 1. Signing of the Cyber Pathways Across Maryland Consortium by President Anderson (see attachmej:jt) 2. Letter of Endorsement from the Year Up Baltimore Initiative (see attachment) 3. L<itter of partnership between BCCC'S Basic and Continuing Education division and Academic Affairs division that establishes pathways that recognizes previous learning. Item ii -Alignment with Current State Plan The Maryland Ready 2013"2017 State Plan for Postsecondary Education calls for six goals applicable to postsecondary programs and institutions across Maryland. Those goals are (a) quality and effectiveness, (b) access, affordability, and competition, (c) diversity, (c) Innovation, (d) economic growth and vitality, and (e) data use and distribution. The Cyber Security and Assurance Certificate aligns with the six goals In the following manner. The program's quality and effectiveness shows forth through the selected course offerings that provide a succinct set of critical skills identified by the region's employers and the April 2013 study published by the State of Maryland Integrated Worl<force Plan. The effectiveness Is evidenced by the efficient course sequencing that spreads content over a three-semester period. The strongest student effectiveness Is demonstrated by a seven credit hour summer session. Students are exposed to higher education through a manageable course demand coupled with the Pre 100 Student Success course. Managing six credit courses compared to a 12 or 15 credit schedule demonstrates effective planning and student development. If students start with the fall or spring semester, the.course load shifts by two credits from seven to nine credits per semester. Baltimore City Community College continues striving to provide the most accessible options for students in the Baltimore City and surrounding areas while remaining ranked as the most affordable postsecondary Institution in Maryland. BCCC tuition remains at $88 per credit for In-county and out-of-county students. This will clearly support local employers seeking to resklll workers at an affordable rate while retaining an affordable institution with access to city and county residents throughout Maryland. The State's diversity and Innovation goal for 2013-2017 is also met through the outreach efforts achieved between the Baltimore Year Up and BCCC's partnering and endorsement. No other Maryland community college has the unique opportunity to combine its forces of academic programming, student support services, and externshlps as demonstrated by the most recent and highest certificate graduation rate In a given year. The 2014 BCCC graduation Included 97 Baltimore Year Up students that completed the course work aligned with the IT Basic Sl<llls Certificate. Adding the Cyber Security and Assurance Certificate only strengthens the Year Up students' marketable skills set and l<nowledge. More Importantly, the combined academic and life skills development further ensures progress toward degree meeting the Governor's 56% completion goal. The second Innovative opportunity specific to BCCC's Cyber Security and Assurance Certificate Is the pathway directly from 1

BALTIMORE CITY COMMUNITY COLLEGE Response to the Junl'l4,,4014 Request Notice Check No. 46949290 the BCED non-credit division to the credit division. The pathway under development meets the Plan's awarding credit of learning objective. The students are within the same operational system; therefore, easily transitions to a credit bearing program of study. Furthermore, the non-credit curricula speak to content specific skills whereas the credit certificate provides broader systems-level knowledge. Generating defined pathways between the two divisions solidifies the State Higher Education Plan's intent to rethink how a student Interested In a cyber-security career can earn his or her certificate and degree. The economic growth and vitality goal will be met by BCCC's partnered approach and pathways, which impact the learner and employer within a potential one-year period. Structuring the program's sequencing, pathways, and alignment with growing Industries further position's BCCC's student and Incumbent workers to secure and or advance his or employment status. This leads to preparing the region's,learners for a STEM related certificate and potential associate degree resulting from the certificate's structure and defined pathways. Accountability and data use have become a driving force associated with BCCC's student performance monitoring and academic decision making evidenced by annual assessment reports per program. A major contribution to this success has been the Implementation of the College's assessment database and reporting system known as Xltracs. The first year's effort focused on priming the data base and was followed by the second year of faculty training and program-level reporting. The system will be framed to pull performance data specific to the certificate's total credit hours and student performance. Generated reports will be shared among program coordinators, administrators, and faculty for analysis from a number of perspectives allowing collective academic change recommendation over the first three-year period. The system provides a three-year trend, which also aligns with making necessary academic changes In a timely manner. Such data practices further support the Middle States criteria for evidence. Item iii - Projected Employment Demands According to the April 2013 State of Maryland Integrated Workforce Plan, The Maryland Department of Labor, Licensing, and Regulation (DLLR) reported that future employment projections Indicate that just over 40% of all jobs In future Maryland's economy Will fall Into the "middle-skill" category. Currently, the middle-skill demand makes up the largest segment of jobs In the Maryland economy. The report further stated that there Is a deepening skills gap among our current workforce, and that Maryland will see grave shortages In critical occupations. Consistently throughout the DLLR publications, projected demand In middle-skill occupations Included the computer support specialist positions, which consists of occupational titles that align with BCCC's Cyber Security and Assurance certification proposal. The Integrated Workforce Plan projected continued State growth as Indicated In Table 1. Table 1: DLLR Emplo ment Projections Occupational Title Employment Openings Computer Support Specialists Network and Computer Systems Architects and Administrators 2010 2020 Change Replacement Total 15,635 18,415 2,780 4,105 6,885 9,4000 12,095 The Baltimore Region has seen strong growth In the IT sector in past decade resulting from the Baltimore Washington corridor, which Is one of the strongest IT markets In the country. The sector employs an approximate base of 68,000 worl<ers and added 18,600 jobs between 2002 and 2012 according to the Baltimore Regional Talent Development (BRTD} Pipeline Study 2013. The report also stated that the IT sector is projected to add 2,695 1,690 4,285 2

Lll.i l 7--~-:-.p.:; %...;;::::: -n-7 &. BALTIMORE CITY COMMUNITY COLLEGE Response to the Jllne 2, 2014 Request Notice Check No. 46949290 around 7,800 new jobs between 2012 and 2020. Baltimore City Community College and Its resldent.s are poised to significantly contribute the region's new future demands. The 2012M2020 hiring trends' report indicated that 2,272 IT Sector Employment opportunities within the Tech support exist. Further employment demand will occur through increased movement toward certifications held by an Individual. The *2013 (ISC/ Global Information Security Workforce Study reported that slightly more than 46 percent of survey respondents indicated that their organizations required certification. The report further disclosed that government-defense regulations are the driving force for certification; 47 percent of private sector employers viewed certification as an indicator of competency. Additional labor market findings revealed that the Certified Information Systems Security Practitioner (CISSP) is one of the highest-demand certifications for cybersecurlty professional, and students are able to complete course worl< to prepare for the CISSP through a community college program of study (BRTD Pipeline Study, 2013), of which BCCC graduates of the Cyber Security and Assurance Certificate qualify to take CISSP certification exam. During the next eight years, the sector Is expected to create approximately 4,500 new job opportunities for Baltimore Region workers, with an additional 8,000 jobs being created as a result of turnover and advancement within the Industry. Most new jobs created In this sector will be llnl<ed to the computer systems design and related services industry, where an expected 3,519 new jobs will be created. Again, the sector's stability Is attributable In part to the number of federal government agencies located In the Baltimore City region, Including Fort Meade, the National Security Agency, and the Social Security Administration, and the Aberdeen Proving Ground (BRTD Pipeline Study, 2013). *(IOS 2 ) was founded In 1989 as a not-for-profit global operating organization dedicated to providing education, certification, and peer-networking opportunities for information security professionals throughout their careers. The cited study was a Frost & Sullivan Market Study in partnership with Booz, Allen, and Hamilton and prepared by Michael Suby, Global Program Director. Retrieved from https:llwww.lsc2cares.org/uploadedfi/es!wwwlsc2caresorg!content/2013-/s02-giobal-lnformatlon-securlty Workforce-Study.pdf Item lv: Reasonableness of Program Duplication There are variations of the certificate curriculum being offered by four out of the 15 Maryland Community Colleges as outline In Table 2. The BCCC curriculum content, sequencing, and partnered pathways uniquely fills the program offering void for the Baltimore City residents and.employers. The closest proximity for earning a certification from a State community college Is Anne Arundel Community College at 40 miles from BCCC and as far away as Garrett College that is 285 miles from BCCC Liberty Heights campus. Table 2: Program Profiles that Include Related Cyber Security Certificate Comparison Maryland Community Colleges Related Certificate Program Name Anne Arundel Cyber Forensics, Networl< Security, Cyber Technology and Cyber Crime Garrett College Cyber Security Hagerstown Cyber Security-Network Security; Cyber Security-Advanced Networl< Montgomery College Cybersecurity Security; and Cyber Security- CISCO CCNA Prep 3

BALTIMORE CITY COMMUNITY COLLEGE Response to the ~une 2, 2014 Request Notice Check No. 46949290 Table 3: Program Profiles that do not Include a Related Cyber Security Certificate Maryland Community Colleges Allegheny Frederick Carroll Harford Baltimore County Howard Cecil Prince Georges College of S. Maryland Wor-Wic Chesapeake Source: Retrieved on 6~16~2014 from http://www.mhec.state.md.us/highered/colleges unlversities/index.asp Item v- Evidence and Discussion on Stackable Curricula Baltimore City Community College Is uniquely positioned to align with the Baltimore Year Up P~ofesslonal Training Corps Initiative. Year Up Is a one~year program that provides urban young adults ages 18-24 wlth combined technical, professional skills, college credits, and Internship experiences with a corporation or the federal government. Additionally, the program Is housed by Baltimore City Community College and students have complete access to academic support systems and services. Ninety seven students earned the IT Basic Skills certificate this past academic year (2013-2014). Providing the Cyber Certificate option for incoming fall2014 students will only strengthen the student's skills sets required by the local firms and government agencies, and expand career pathways within the information technology industries. A second unique opportunity for structuring the stackable options results from the joint collaboration between the Coileges' Academic Affairs and the Basic and Continuing Education divisions. Two years ago, under previous leadership, the progress toward developing articulation agreements was halted. The divisions, both under new leadership, are positioned to officially align faculty, curricula, and resources associated with the Cyber Security and Assurance Certificate. Table 4 illustrates the stackability and options potentially available for Incoming students whether part of the Year Up initiative, Basic Continuing Education (BCED) programs of study, general population seeking entry~level credentlallng, or employers seeking to res I<ill their current workforce. Additionally, displaced workers seeking federal Workforce Investment Act dollars easily qualify for the Cyber Security and Assurance certificate with Its one-year sequencing over three semesters. 4