Physical Sciences and Mathematics Commons^™

From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth

Journal of Cybersecurity Education, Research and Practice

Welcome to the second issue of the Journal of Cybersecurity Education, Research and Practice (JCERP).

Planning And Implementing A Successful Nsa-Nsf Gencyber Summer Cyber Academy, Bryson R. Payne, Tamirat Abegaz, Keith Antonia

Journal of Cybersecurity Education, Research and Practice

The GenCyber program is jointly sponsored by the National Security Agency (NSA) and the National Science Foundation (NSF) to help faculty and cybersecurity experts provide summer cybersecurity camp experiences for K-12 students and teachers. The main objective of the program is to attract, educate, and motivate a new generation of young men and women to help address the nationwide shortage of trained cybersecurity professionals. The curriculum is flexible and centers on ten cybersecurity first principles. Currently, GenCyber provides cyber camp options for three types of audiences: students, teachers, and a combination of both teachers and students. In 2016, over 120 …

Towards An In-Depth Understanding Of Deep Packet Inspection Using A Suite Of Industrial Control Systems Protocol Packets, Guillermo A. Francia Iii, Xavier P. Francia, Anthony M. Pruitt

Journal of Cybersecurity Education, Research and Practice

Industrial control systems (ICS) are increasingly at risk and vulnerable to internal and external threats. These systems are integral part of our nation’s critical infrastructures. Consequently, a successful cyberattack on one of these could present disastrous consequences to human life and property as well. It is imperative that cybersecurity professionals gain a good understanding of these systems particularly in the area of communication protocols. Traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are made to encapsulate some of these ICS protocols which may enable malicious payload to get through the network firewall and thus, gain entry into the …

Threats To Information Protection - Industry And Academic Perspectives: An Annotated Bibliography, Michael E. Whitman, Herbert J. Mattord

Journal of Cybersecurity Education, Research and Practice

Threats to information assets have always been a concern to those responsible for making information useful and defending its value. The concepts of threat, threat agent, threat events and threat sources have evolved in recent years have very precise definitions. A summary of threat classification models used in academic research is provided along with a summary of recent industry threat assessment reports. Finally, the results from a recent study, 2015 SEC/CISE Threats to Information Protection Report Including a Current Snapshot of the State of the Industry, are given.

From The Editors, Michael E. Whitman, Herbert J. Mattord

Journal of Cybersecurity Education, Research and Practice

Welcome to the inaugural issue of the Journal of Cybersecurity Education, Research and Practice (JCERP).

Using A Virtual Computing Laboratory To Foster Collaborative Learning For Information Security And Information Technology Education, Abdullah Konak, Michael R. Bartolacci

Journal of Cybersecurity Education, Research and Practice

Virtual computer laboratories have been an excellent technological solution to the problem of providing students with hands-on experimentation in information technology fields such as information security in a cost effective and secure manner. A virtual computer laboratory was utilized in this work as a collaborative environment for student learning with the goal of measuring its effect on student learning and attitudes toward laboratory assignments. Experiments were carried out utilizing specially-designed computer-based laboratory activities that included student assessments and surveys upon their completion. The experiments involved both small groups and individual students completing their respective laboratory activities and subsequent assessments/surveys. …

A Framework To Manage Sensitive Information During Its Migration Between Software Platforms, Olusegun Ademolu Ajigini, John Andrew Van Der Poll, Jan H. Kroeze Phd

The African Journal of Information Systems

Software migrations are mostly performed by organisations using migration teams. Such migration teams need to be aware of how sensitive information ought to be handled and protected during the implementation of the migration projects. There is a need to ensure that sensitive information is identified, classified and protected during the migration process.

This paper suggests how sensitive information in organisations can be handled and protected during migrations, by using the migration from proprietary software to open source software to develop a management framework that can be used to manage such a migration process. The research employed a sequential explanatory mixed …