Cyber Security Fair Promoting Safe Secure Technology January 5, 2010 Anna Carlin Lecturer Computer Information Systems Christopher Laasch IT Administrator Division of Student Affairs
Agenda Expected Learning Outcomes Why we hold the event Target Audience & Marketing Methods of Data Collection Demographics Actual Learning Outcomes Questions
Expected Learning Outcomes Raise level of security awareness Improve program based on student interest and emerging computer security threats
Why hold the event? October is National Cyber Security Awareness Month DHS, NSA, FBI, Educause Cal Poly Pomona is a national resource for cyber awareness Educause Resource Kit Poster and Video Contest SecureIT Conference Most Security tools are behind what crackers are using for attacks
Successful Partnerships SWIFT and MISSA - peer mentoring SAITS funding, time, and hardware Academic Affairs website & event management Computer Information Systems funding & time ISO funding & time I&IT funding & hardware
Computer Information Systems & Computer Science Professors gave extra credit, furlough assignment, exam questions. An event promoted by the Center for Information Assurance as part of their certification and RISSC grant with Mt. Sac Data collected used to propose new GE class Computer Science Department extra credit for attendance Chaffey Cisco Network Academy Mt. SAC A+ certification courses included questions from the event on their final exams along with giving extra credit CSUSB CSUSB Infosec club vanpool CPP Theater Department (2008) Student Health Services
Structure of the program Exhibit Hall Industry and Clubs Educate attendees on security related products Peer mentoring Financial Support Presentations Select topics that people are interested in exploring or learning Choose topics from emerging technologies and/or security treats Live hacking Peer to Peer education Promotes club membership for SWIFT and MISSA Website past presentations and current trends
Target Audience Security s weakest link is people - Social Engineering easiest way to break into systems - Improperly configured security tools open doors Average person is irritated by strong security Technical Focus CIS, CS and ECE Community College Tech Programs Community members with an Interest in security Professional Organizations: ISSA, ISACA Allows us to increase the technical level of presentations
Methods of data collection Bronco Access Card Session Surveys Likert Scale Open Ended Structured Survey
Bronco Access Card SAITS provided service & created standard d template t for Data Warehouse for other Divisional events Accurate attendance counts Complete biographic and major data
Exhibit Hall Attendance by College Attendance by Ethnic Group Presentation Attendance Attendance by Gender
Unknowns? 8% could be attributed to: Students from Cal State San Bernardino student club Students from Mt. Sac s A+ certification classes Students from Chaffey Community College s CISCO Network Academy General public from Daily Bulletin news article
Session Survey Likert Scale Rate the presentation on a scale from 1-5 Security Professionals Microsoft Mode 5 Foundstone Mode 5 Student Teams MISSA Mode 4 SWIFT Mode 4
Open Ended Session Question What did you learn? Passwords are not secure Architecture of security is still the same Tricks of how to secure my PC better How to possibly own my cousins computer How could it have been better? New Hacking Trends Real World Examples If the virus examples could work More time, longer presentations hands on What topics would you want to see next year? Smartphone Hacking Non-profit/low cost security solutions Hands on Different Career Fields More of how to hack Proxy switching, Botnets
Structured Survey Over 300 surveys were collected Rate your security knowledge: Novice Intermediate Expert IØwnu What tools do you use to secure your system? Antivirus i Firewall Automated t Updates WEP/WPA Encrypted files Anti-Spyware Password Has your computer infected with Malware?
Structured Survey Results Rate your security knowledge Novice (33%) Intermediate (59%) Expert (4%) I0wnu (4%) Has your PC ever been infected with malware? Yes (67%) No (33%)
Learning Outcomes Raise level of security awareness Passwords are not secure Architecture of security is still the same Tricks of how to secure my PC better Improve program based on student interest and emerging threats Non-profit/low cost security solutions Hands on
An evolving program Improve program based on student interest and emerging computer security threats Non-profit/low cost security solutions Hands on Reach students, staff, and faculty unaware of the computer security threats on how to protect themselves
Conclusions Unexpected Outcomes Quality of data from bronco access cards Rating on Foundstone presentation switched from advertised General public interest CSUSB vanpool with students Continued partnerships with community colleges Save the Date: October 28, 2010 Copyright 2010, Cal Poly Cyber Security Fair Committee
Questions Contacts t Anna Carlin: acarlin@csupomona.edu Christopher Laasch: claasch@csupomona.edu CSF 2010: Practically Ethical Hacking October 28 - Ursa Major
Resources CPP Cyber Security Fair Website http://www.csupomona.edu/~cyberfair/ Educause NCSAM Resource Kit: https://wiki.internet2.edu/confluence/display/itsg2/ncsam+resource+kit i t t2 / /di l /it 2/NCSAM Stay Safe OnLine http://www.staysafeonline.org/ NYTimes article on Cyber Ninjas http://www.nytimes.com/2010/01/03/education/edlife/03cybersecurity.html