Ohio Cyber Range Institute hosts cybersecurity symposium
Experts stress importance of innovation, workforce development
University of Cincinnati
Continual innovation and more individuals who are trained to combat an array of malicious actors and evolving threats are needed in cybersecurity, experts in the field said during a symposium at the University of Cincinnati.
The Ohio Cyber Range Institute (OCRI) at UC hosted its fourth annual Cybersecurity Education Symposium for cybersecurity educators, experts and thought leaders from across the state and the nation on Oct. 12 at UC Digital Futures. During the symposium, more than 150 attendees heard about cybersecurity threats and how the government and industry are responding.
“The threats we face today as a nation and as a state are very, very real,” said Col. Gregg Hesterman, Ohio Air National Guard cyber mission transformation and recruiting and retention director. “It used to be you had to worry about the kid in his mom's basement hacking into your email account and doing something nefarious. Now it's organized cyber crime that is through the roof. And when you think about the nation-state competition, it is a very real, everyday threat. We can't wait until another 9/11 to respond. We have to be ready now every single day.”
Stephanie Domas, chief security technology strategist at Intel, said enterprise security isn't the only threat as product security is another key aspect of cybersecurity. Things such as heating, ventilation and air conditioning systems or a child's doll can be hacked and open major vulnerabilities, she said.
“The threat landscape continues to grow. It continues to evolve,” Domas said. “The old threats we had before unfortunately are not going anywhere. They continue to evolve to plague us, but we also have revolutionary threats, things that we never thought we'd see.”
UC is uniquely postured to help combat the growing threats. The university was selected to develop and administer the OCRI due to its multi-disciplinary expertise and demonstrated collaborative approach. One of the missions of the OCRI is to manage the statewide Cyber Range, an integrated cyber education-workforce and economic development platform that has begun activities in every congressional district in its first year of operation.
“What is incredible is how the entire state of Ohio has rallied around this initiative,” said Valerio Ferme, PhD, executive vice president for academic affairs and provost at UC.
The four co-chairs of the OCRI come from three colleges at UC: College of Engineering and Applied Science (Department of Electrical Engineering and Computer Science), College of Education, Criminal Justice, and Human Services (School of Information Technology), and College of Arts and Sciences (School of Public and International Affairs). UC is one of only 18 institutions in the country to hold the National Security Agency’s designation as Centers of Academic Excellence in both cyber operations and cyber defense.
“UC's commitment to the OCRI is shown at the top levels of leadership,” said Rebekah Michael, executive staff director of the OCRI and associate professor in UC's School of Information Technology.
Prior to joining Intel a year and a half ago, Domas spent 10 years doing ethical hacking, reverse engineering and advanced vulnerability analysis. She also built and led two cybersecurity businesses.
She said there is no such thing as a secure device and that security needs to be addressed continually.
“Security is not a point-in-time thing you do to a product,” she said. “It is a process, it is a continuous loop, while you're designing that product.”
The average time to detect and contain a malicious breach is 315 days, Domas said, which gives malicious individuals and organizations months to potentially wreak havoc.
“We can't secure everything just through practices alone,” she said. “We do have to innovate in the technology we're using to solve some of these threats.”
To develop that innovation, Col. Hesterman said it's imperative to train individuals not only for initial skills but to provide continuing education to work in the constantly changing environment.
“You can have the most beautiful infrastructure possible, the most secure network possible, but if you don't have the right people at the keyboard doing the job you will not be anywhere near accomplishing the mission,” he said.
During a workforce development industry panel discussion, Erick Alanson, director of UC's computing and IT co-op programs, said co-op programs develop the next wave of cybersecurity experts and allow students to apply the knowledge and skills they learn in the classroom in real-world environments.
“There is a significant talent deficit across the nation and in particular the state,” Alanson said. “One of the ways we can combat that talent deficit at the moment is through intentionally integrated work-based programs like the University of Cincinnati's co-op program.”
UC invented cooperative education in 1906 and ranks No. 4 in the nation for co-op. The university has almost 2,000 global partners for the co-op program with students participating in more than 7,500 co-op opportunities each year.
“My first co-op was an eye-opening moment,” said Shyam Pema, a 2016 UC alumnus who is an information security engineer with Total Quality Logistics and a security engineer and sales consultant for ARMOUREYE, both in Cincinnati. “It gave me a leg up against some of my friends who were not doing co-ops. It led to an opportunity of me getting hired out of college with a job while everyone else was still scrambling.”
Benjamin Fraley, a 2017 UC alumnus who now is manager of information security for Cincinnati-based The Health Collaborative, also said UC's co-op program prepared him for his career.
“It teaches you the appropriate skills. It teaches you how to handle certain situations,” Fraley said. “Most importantly, it got me networking with a lot of people who work in the field of cybersecurity who I befriended.”
The OCRI is a partnership sponsored by the Ohio Department of Higher Education and Ohio Adjutant General's Department office of the Ohio National Guard and is headquartered at UC. The goal of the OCRI is to advance an integrated approach to cybersecurity education, workforce and economic development in cyber-related fields throughout the state.
“We need entities that have skilled personnel to protect these vital cyber networks,” Col. Hesterman said. “It protects our entire way of life. The cyber reality and the persistent threats that are out there every single day prowling our networks truly requires a whole nation approach.”
Guests were able to attend breakout sessions during the symposium tailored for K-12 education, higher education, workforce development and economic development. Experts in industry and education presented on topics about cybersecurity challenges.
To end the symposium, two new Regional Programming Centers — Cuyahoga Community College and Shawnee State University — were dedicated into the OCRI ecosystem, bringing the total of RPCs throughout the state to 17.
Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.