Too many phish in the sea
On Thursday, several students in the 6th quarter Information Technology – Network Security and Computer Forensics program made an impressive presentation on computer security to a selection of guests that was also recorded on Facebook Live. The project was part of a security awareness module taught by School of Information Technology instructor Mike Russell.
“Annual Security Awareness training is typically a compliance requirement for organizations today, and it is the responsibility of the Security Team to ensure that it is carried out,” Mr. Russell explained. “Many organizations have taken an asynchronous approach to the delivery of the training content and support materials. Our students have followed this approach in the context of a Security Awareness Training to be provided to End Users at a fictitious college.”
The students described the challenges to IT security as walking across a bridge with alligators underneath. The alligators are the threats to IT security such as phishing and other system attacks that continue to be a challenge to business operations. A strong IT security operation is designed to protect the company from these threats.
The students in PTC’s program worked in teams to plan, prepare and present a real-life training module to their “end users” as they would on the job in their IT careers.
“The End User Security Awareness Project was a very great learning experience,” said Tyler Kotto, one of the students involved in the project. “It has taught me how to be a strong member of a team and how to efficiently and effectively convey a message to end users.”
A unique part of the presentation was that it used a donated computer device, PINE64, as the platform for the demonstration of a phishing attack to underscore the objectives of the training module. PINE64 is a breakthrough device that PTC is working with, that offers basic computing services at the cost of only $15. The college has been given these devices for testing and analysis. Using this device and presenting a real-world case was a valuable experience for the students.
“We accomplished the things we intended to in this presentation,” said Garrett Frazee. “We educated our viewers on information security and its key concepts, the threats to it, and ways to protect oneself, and we demonstrated the reality of cyber-attacks with statistics and news stories.”
The project was a culmination of the program of study in “Ethical Hacking,” part of the Network Security and Computer Forensics program at PTC. The program is designed to prepare students for careers in network security and other positions in the IT industry.
“The project was a good first step into working as an Information Security Professional,” said Zachary Cox, one of the students who worked on the project. “We got to create a team project charter, and I felt like a full professional while working on it.”
“I am using my knowledge to begin my career at my current internship at Midnight Blue Technology Services,” explained Kevin Reiche. “I have already helped with minor input and problem-solving situations in the short time I have been there with the knowledge I have acquired at PTC and the ITSF program.”
The presentation module was filmed not only so that it could be watched by others interested in network security, but also because companies are creating these films to educate their end users on network security. In their future positions, PTC graduates may be preparing these films for their employers.