Decoding Your Cyber Career
- Articles, Blog

Decoding Your Cyber Career


WELCOME. MY NAME IS NIKKI, THE ASSOCIATE VICE PRESIDENT OF CAREER SERVICES AND ALUMNI RELATIONS AT UNIVERSITY MARYLAND COLLEGE. WE ARE SO THRILLED TO HAVE ONLY HER JOINING US TODAY IN PERSON FOR THOSE OF YOU JOINING US ONLINE FOR TODAY’S DECODING YOUR CYBER CAREER. SO WE HAVE A VERY SPECIAL GUEST I AM HONORED TO INTRODUCE TODAY, DOCTOR RICHARD. HE HAS WORKED IN INDUSTRY AS A QUALITY CONTROL MANAGER IN THE CARBIDE SECTOR BEFORE ASSUMING HIS TEACHING AND ADMINISTRATION DUTIES IN THE COMMUNITY COLLEGE SYSTEM. HE IS ALSO WORKED FOR OVER 25 YEARS IN THE COMMUNITY COLLEGE SYSTEM. DURING THIS TIME HIS FACILITATED LEARNING IN MATHEMATICS, PHYSICS, CHEMISTRY, PHYSICAL SCIENCE, EARTH AND SPACE SCIENCE, INDUSTRIAL SCIENCE CLASSES AND HAS SERVED FOR 11 YEARS AS THE CHAIR OF THE PHYSICAL SCIENCES DEPARTMENT. HE IS THE CURRENTLY DIRECTOR OF INTERDISCIPLINARY SCIENCE, TECHNOLOGY, ENGINEERING AND MATHEMATICS. NETWORK HERE AT MONTGOMERY COLLEGE.E HAS EXTENSIVE EXPERIENCE IN A VARIETY OF STEM DISCIPLINES AND PROGRAM DEVELOPMENT, INSTRUCTIONAL TECHNOLOGY, GRANT WORK, WORKFORCE DEVELOPMENT, TEACHING PREPARATION AND DEVELOPMENT K-12 OUTREACH. HE ALSO HAS HIS BACHELORS OF SCIENCE DEGREE IN CHEMICAL ENGINEERING AND A MASTERS OF SCIENCE DEGREE IN PHYSICSAND A PHD IN CURRICULUM . THE DOCTOR LOVE AND IS EXECUTIVE DIRECTOR AS WELL FOR THE NATIONAL STEM CONSORTIUM AND IT START UP PHASE OF A 19.7 MILLION TAA CCT GRANT, WHICH DEVELOPED ONE-YEAR CERTIFICATES AND TAKE MESSAGE PATHWAYS CONNECTED TO WORKFORCE NEEDS AND AT THE SAME TIME WAS A COMMUNITY COLLEGE INSTITUTIONAL LEAD FOR THE BILL AND MELINDA GATES FOUNDATION GRANT PETITE STEM PARTNERSHIPS AT UMB SEE THROUGH THIS IS A NATIONAL MODEL FOR STEM TRANSFER SUCCESS. CURRENTLY LEADING AS ONE OF THE PIS ON MONTGOMERY COLLEGE IS 5.6 MILLION AMERICANS PROMISE GRANT, WHICH IS TITLED THE CAPITAL REGION COLLABORATIVE JOBS AND TECHNICAL CAREERS, WHICH TOPS OFF THE PROFESSIONAL AND ADVANCEMENT CONTENT SKILLS EMERGING PROFESSIONALS NEED FOR HIGH SKILLED OCCUPATIONS AND IT RELATED IN AN CYBER SECURITY INDUSTRIES. THE DOCTOR WAS ALSO THE INTERIM DIRECTOR OF THE 15 MILLION CYBER SECURITY PATHWAYS ACROSS THE MARYLAND PROJECT THAT INCLUDED 14 MARYLAND COMMUNITY COLLEGES. WILL YOU PLEASE WELCOME HIM. [ CLAPPING ] >>ALL RIGHT. THANK YOU VERY MUCH. YOU LEFT OFF THE MOST IMPORTANT ONE, AND A PROFESSOR AT UMUC. I’M VERY PROUD OF THAT. I’M HERE TO WELCOME YOU TO THE DECODING YOUR CYBER CAREER SPONSORED BY UMUC IN MONTGOMERY COLLEGE. ON BEHALF OF THE VICE PRESIDENT OF STEM AND THE CAMPUS, WILL COMMUTE TO MONTGOMERY COLLEGE. WE ARE CURRENTLY RIGHT NOW IN THE BIOSCIENCE EDUCATION BUILDING, WHICH HOSTS THE BIOTECHNOLOGY PROGRAM HERE AT THE COLLEGE WHICH BOASTS INDUSTRY GREAT EQUIPMENT SUCH AS BIOREACTORS AND SHE SEQUENCERS AS WELL AS A COMPLETE BIO MANUFACTURING SUITE OUR STUDENTS GET TO WORK THROUGH IN THE BIOTECH AREA. JUST A FEW BUILDINGS DOWN AND DOWNHILL A LITTLE BIT IS OUR HIGH TECH BUILDING, WHICH HOUSES ARE MONTGOMERY COLLEGE CYBERSECURITY CENTER, WHICH HAS A STATED ARTS CYBERSECURITY LAB AND SECURITY OPERATIONS CENTER THAT OUR STUDENTS GET TO USE. WHAT I WOULD LIKE TO DO TODAY IS THANK YOU, PARTICIPANTS ESPECIALLY, FOR COMING HERE TODAY. PLEASE MAKE THE MOST OF IT. LIKE TO THANK UMUC FOR THEIR SPONSORSHIP AND THEIR PARTNERSHIP AND MR. JOSEPH ROUNDY FOR MONTGOMERY COUNTY CYBER CENTER FOR HIS COORDINATION AND LOGISTICS TODAY. CERTAINLY WANT TO THANK ALL THE SPEAKERS, THE PANELISTS, THE INDUSTRY REPRESENTATIVES, THE ADVISORS AND ALL THE OTHER SUPPORTIVE FOLKS HERE TODAY FOR YOU.O PLEASE SEE THEM, TALK TO THEM, GET THEIR HELP. THAT YOU’RE HERE JUST FOR YOU. I WOULD ALSO LASTLY LIKE TO THINK WE ARE DOING THIS TODAY AND TOMORROW.[LAUGHTER] >>OR ELSE JOE WOULD HAVE A LOT MORE LOGISTICS TO HAVE TO DO. WITH THAT, AND YOU CAN HAVE A GREAT DAY AND WILL HAND YOU BACK TO NIKKI. [ CLAPPING ] >>THANK YOU SO MUCH. WE REALLY APPRECIATE THE PARTNERSHIP WITH MONTGOMERY COLLEGE.O IT IS ALSO MY PLEASURE TO INTRODUCE TODAY’S EVENT HOST, MIKE JANKE. MIKE IS A SIX-TIME FOUNDER ACCOMPLISHED ENTREPRENEUR AND FORMER MEMBER OF THE SEAL TEAM SIX. MIKE ALSO WAS A COFOUNDER OF DATA TRIBE, A UNIQUE START OF STUDIO AND VENTURE CAPITAL FIRM SPECIALIZING IN COMMERCIAL TECHNOLOGY STARTUPS. AND HIS FOCUS ON CYBERSECURITY AND DATA SCIENCE. DATATRIBE COMPANIESARE BUILT AROUND TECHNOLOGY DEVELOPED BY INTELLIGENCE AGENCIES, DEFENSE AND RESEARCH . LABS THAT ARE TO SOLVE LARGE PROBLEMS USING OVER THE HORIZON TECHNOLOGY. DATA TRIBES AND ON APPROACH INCLUDES CO-BILLING STARTUPS ALONGSIDE FOUNDERS AND THE DATA TRIBE FACILITY. IN ADDITION TO DATA TRIBE, MIKE IS A COFOUNDER OF BLUE PACIFIC STUDIOS AND LA-BASED MEDIA, A CONTENT PRODUCTION COMPANY HE FOUNDED ALONG WITH DANIEL, THE FOUNDER OF SHALL PROVIDE. AND MIKE WAS THE COFOUNDER OF SILENT CIRCLE, WHICH DELIVERS PRIVATE SECURITY COMMUNICATION HARDWARE AND SOFTWARE WORLDWIDE.ND THE FOUNDER OF BLACK PHONE, THE WORLD FIRST MAINSTREAM COMMERCIAL SECURE ANDROID SMART PHONE. MIKE IS A BOARD MEMBER OF DATATRIBE, OPT LABS, BIND BRIDGE AI, BLUES PACIFIC STUDIOS AND PROVOLONE. WILL YOU PLEASE JOIN ME IN WELCOMING MIKE JANKE. [ CLAPPING ] >>ALL RIGHT. THE BEAUTY OF BEING IN TECH IS YOU CAN DRESS LIKE A BUM LIKE I DID. THAT’S THE IMPORTANT PART. IGHT? THE INTERESTING PART ABOUT TECHNOLOGY IS THAT YOU CAN BE ANYTHING YOU WANT. I’M A FORMER SEAL TEAM SIX MEMBER, THAT FOR ALL INTENT AND PURPOSES HAVE NO BUSINESS BEING A SIX-TIME TECHNOLOGY CEO. SO THERE ARE COMPONENTS OF TECHNOLOGY THAT HAVE NOTHING TO DO WITH RACE, RELIGION, WHERE YOU COME FROM. IT HAS TO DO WITH IDEAS, BUILDING A TEAM AND TAKING A RISK. FOR THE FIRST 10 MINUTES BEFORE I INTRODUCE OUR GUESTS, LET ME TELLYOU A LITTLE BIT ABOUT THIS AREA. BECAUSE IN THIS CROWD WE HAVE STUDENTS, WE HAVE ENTREPRENEURS, WE HAVE A FACULTY MEMBERS, BUSINESS OWNERS . IN THE PAST, WHEN I SAY THIS AREA I’M IN VIRGINIA, D.C. AND MARYLAND. WAS VERY BAD. THERE WAS A FEW WINS HERE AND THERE. MOSTLY FOCUSED OVER THE LAST 10 YEARS ON GOVERNMENT SERVICES. TECHNOLOGY, DON’T GET ME WRONG, BUT GOVERNMENT SERVICES. HOWEVER, THIS AREA HAS BECOME SOMETHING VERY UNIQUE. THE COMMERCIAL CYBERSECURITY AND DATA SCIENCE IS BOOMING FASTER THAN ANY OTHER PLACE IN THE UNITED STATES OVER THE LAST THREE YEARS. THERE ARE A LOT OF PARALLELS TO WHAT HAPPENED IN SILICON VALLEY IN THE EARLY DAYS TO HEAR. IN SILICON VALLEY IF ALOT OF PEOPLE KNOW THE HISTORY, I SPEND MY TIME BETWEEN BOTH HERE AND THERE . DURING WORLD WAR II THERE WAS A TREMENDOUS AMOUNT OF UNIVERSITY RESEARCH DEVELOPMENT PHD PUT INTO SIGNALS INTELLIGENCE, RADAR, MICHAEL PROCESSING, YES, AND WEAPONRY OUT OF BERKELEY AND STANFORD. AFTER THE WAR YOU HAVE 30,000 SCIENTISTS WHO HAVE NO JOB, RIGHT? SO THEY BEGAN TO TAKE UPON THEIR WORK IN THE COMMERCIAL. MICROPROCESSORS AND COMPUTERS AND CELL PHONES AND EVERYTHING CAME ABOUT. THIS AREA IS VERY SIMILAR. WE HAVE THE NSA. YOU HAVE CYBER CALM, YOU JOHNS HOPKINS PHYSICS LAB, CIA. YOU HAVE UNIVERSITIES LIKE UMUC IN UNIVERSITY OF MARYLAND THAT FOR THE FIRST TIME EVER IN 2017 GRADUATED MORE CYBER RELATED ENGINEERS IN CALIFORNIA. FIRST TIME. 7208. I KNOW THAT NUMBER. SO YOU SEE YOU HAVE THIS GROUNDSWELL OF TENS OF BILLIONS OF GOVERNMENT INVESTMENT JUST LIKE HAPPENED DURING WORLD WAR II. NOW YOU ARE SEEING THE COMMERCIALIZATION. WHAT WE DO IS WE INVEST LOTS OF MONEY INTO TEAMS THAT COME OUT OF THE INTELLIGENCE AND RESEARCH. WE WORK WITH THEM TO BUILD TOP AT THE CUTTING EDGE COMMERCIAL COMPANIES FUNDED BY SILICON VALLEY AND HERE. THIS AREA IS LITERALLY THE EPICENTR OF CYBERSECURITY. AT ANY ONE TIME THROUGH MARYLAND AND VIRGINIA THERE WERE 17,000 OPEN JOBS IN CYBERSECURITY. 17,000. CROSSED OUR PORTFOLIO AT DATA TRIBE WITH COMPANIES ZERO, ZERO, B ROUND. YOU 58 OPEN POSITIONS. ANYONE TIME. TO THOSE STUDENTS WHO ARE HERE LOOKING AT A CAREER CHOICE, WE COULDN’T FIND SOMETHING BETTER WERE PEOPLE WERE BEGGING YOU TO PLEASE FINISH UP YOUR DEGREE TO COME IN. A LOT OF PEOPLE HAVE ASKED ME, DO YOU NEED A DEGREE? I WATCHED SILICON VALLEY ON HBO AND THEY SEEM LIKE COOL KIDS. THEY ARE SMOKING DOPE AND HACKING AND MAKING A LOT OF MONEY. YOU DO NEED A DEGREE! YOU WILL MEET OUR NEXT GUEST WHO WAS THE CHIEF INFORMATION OFFICER OF ONE OF THE LARGEST FORTUNE 500 COMPANIES, HIRING PEOPLE, SYSTEMS AND SORTING OPERATIONS WHO DO YOU HAVE TO BE ABLE TO KNOW THE JOB, BUT A DEGREE IS IMPORTANT. SO I JUST WANTED TO SEND THAT MESSAGEAND TALK A LITTLE BIT ABOUT THE AREA . AND NOW I’M GOING TO INTRODUCE MY GUEST WE ARE GOING TO HAVE A LITTLE FIRESIDE CHAT, CLARK GOLESTANI. CLARK HAS OVER 30 YEARS OF EXPERIENCE IN HEALTH, LIFE SCIENCES AND TECHNOLOGY AND IS AN ACTIVE INVESTOR ADVISOR AND BOARD MEMBER WITH A FOCUS ON HEALTHCARE, TECHNOLOGY, MEDIA AND TELECOMMUNICATIONS SECTOR. CLARK CURRENTLY SERVES AS A MANAGING DIRECTOR OF C SINCE A GROUP LLC, AND ADVISORY SERVICES FIRM. AND HE SERVES AS SENIOR ADVISOR TO NEW MOUNTAIN CAPITAL BASED IN NEW YORK CITY. AND IS AN INVESTMENT ADVISOR TO THE C XO FUND, WHICH IS A REALLY UNIQUE VENTURE FIRM IN SILICON VALLEY. HE IS ALSO A SPECIAL ADVISOR TO THE DEAN AT THE UNIVERSITY OF TEXAS AT AUSTIN AT THE JAIL MEDICAL SCHOOL. CLARK RETIRED FROM MERCK IN 2018 AS THE PRESIDENT OF A MERGING BUSINESS AND THE GLOBAL CIO WITH RESPONSIBILITY FOR HIS DIGITAL HEALTH SERVICES AND SOLUTIONS COMPANIES INCLUSIVE OF THE COMPANIES VENTURE AND ITS EQUITY FUNDS. EACH OF WHICH EXTENSIVELY LEVERAGED FURTHER OPPORTUNITY TO CROSS THE DIGITAL HEALTH ECOSYSTEM. FURTHER, CLARK LED THE COMPANIES GLOBAL INFORMATION TECHNOLOGY ORGANIZATION, STRATEGY AND EXECUTION WORLDWIDE SPANNING ALL LINES OF BUSINESS. SO WITH THAT, I WOULD LIKE TO INTRODUCE CLARK GOLESTANI. WE ARE GOING TO DO A FIRESIDE CHAT HERE. THANKS. [ CLAPPING ] >>YOUR PATHS AND HOW YOU ENDED UP AS A CIO IS ONE OF LARGEST COMPANIES IN THE WORLD.>>Clark Golestani : HAPPY TO SHARE THAT. SO I DID GRADUATE. MUCH TO THE HAPPINESS OF MY PARENTS, BECAUSE WHEN I WAS AT UNIVERSITY, WHICH I WAS AT MIT, I DID DO A STARTUP.T WAS PROBABLY MY LATE SOPHOMORE YEAR, AND THAT WAS BOOMING UP UNTIL THE LATE 80s. ANYONE KNOW WHAT HAPPENED IN THE LATE 80s? STOCK MARKET CRASHED, VENTURE DRIED UP AND SO DID THE COMPANY. BUT I DID STAY FOCUSED ON MAKING SURE THAT I DID GRADUATE AND I DID. AND THE NETWORK WENT FOR ANOTHER START AT THE TIME, WHICH WAS A COMPANY THAT HAS GROWN QUITE WELL. I WAS WITH THEM FOR SIX YEARS IN THE LATE 80s INTO THE mid-90s CALLED ORACLE. MOST FOLKS IN THE ROOM PROBABLY KNOW ORACLE. THAT WAS THE EARLY DAYS AND GROWING. FROM THERE AND THEN WENT TO MARK AND BECAME PART OF THE IT ORGANIZATION MANAGING TECHNOLOGY GLOBALLY. OVER 24 YEARS ENDED UP WORKING MY WAY UP TO RUNNING A GOOD PART OF THE ORGANIZATION.>>Mike Janke: THAT’S GREAT. WE HAVE A FEW QUESTIONS. THE IDEA HERE WITH THE QUESTIONS FOR CLARK IS TO BOTH HIT FROM THE STUDENT QUESTION IDEAS, BOTH TO AN ENTREPRENEUR AND TO SOME OF THE BUSINESS SIDE. THEN WE WILL ROUND OFF WITH ABOUT 15 MINUTES OF Q&A. SAVE YOUR QUESTIONS, IF YOU HAVE SOME GOOD QUESTIONS, CLARK WILL BE TAKING THEM HERE IN A LITTLE BIT. ALL RIGHT. SO DESCRIBE THE EMERGING CYBER LANDSCAPE IN THE MID-ATLANTIC REGION. EVERYBODY CALLS THE MID-ATLANTIC REGION D.C. VIRGINIA, MARYLAND, PART OF PENNSYLVANIA AND SOUTH.>>Clark Golestani : WELL, FIRST FROM A CYBER PERSPECTIVE, WHEN I THINK ABOUT WHERE WE WOULD RECRUIT TALENT, THIS ACTUALLY WAS A PRIMARY AREA THE TALENT WOULD BE RECRUITED FROM. WAS INTERESTING AND CYBER IS THAT ESPECIALLY BEING BASED IN NEW JERSEY AT MERCK, WHICH IS PHARMACEUTICAL COMPANY, ACROSS THE RIVER IF YOU WILL IN YORK OVER MANY YEARS WE WATCHED THE WALL STREET FIRMS EXPAND AND REALLY BUILD UP CYBER CAPABILITY. GIVEN SOME OF THE ISSUES AND THINKING. WHAT’S AMAZING IS VERY QUICKLY IN THE LAST FIVE YEARS WHEN JUST ABOUT EVERY INDUSTRY HAS TO BUILD UP ITS CYBER CAPABILITY. WHEN I THINK ABOUT THE BUDGET THAT WAS BEING SPILT ON CYBER, THAT BUDGET OVER THE LAST SEVERAL YEARS HAS ALMOST DOUBLED EVERY 12 TO 24 MONTHS. ONE OF THE ONLY AREAS OF IT WERE THE BUDGET IS GROWING AT THAT RATE. MOST IT BUDGETS ARE STAINED FLAT, PERHAPS GOING DOWN OR A COUPLE EMERGING TECHNOLOGIES MAY BE EXTENDED. CYBER JUST CONTINUES TO EXPAND IN THE AMOUNT OF MONEY SPENT, AND THE TYPES OF RESOURCES THAT NEED TO COME IN-HOUSE AND REALLY IS, I THINK, CREDIBLE AREA OF EXPANSION. THAT’S NOT JUST GOING TO WORK FOR THOSE COMPANIES, BUT ALSO THE SERVICE FIRMS BUT IN FACT, ONE OF THE SERVICE FIRMS, TO THE SERVICE FIRMS I USE ACTUALLY ARE BASED HERE IN THIS AREA AND ALSO SERVE.>>Mike Janke: I CAN TELL YOU IN THE PAST FIVE YEARS, CYBER SECURITY IS THE FASTEST GROWING SEGMENT OF TECHNOLOGY FOR ITS MARKET. FROM WHERE IT STARTED. SO WHEN YOU MATCH THAT UP WITH OPEN JOB LANDSCAPE PREDICTING BY 20, 21 THERE WILL BE A MILLION JOBS UNFILLED AND CYBER.IT’S STAGGERING. SO WITH THAT, IF YOU ARE A STUDENT, FROM YOUR PERSPECTIVE, FORGET THE NUMBERS AND THE JOB OPPORTUNITIES, WHY SHOULD THEY GET A DEGREE IN CYBERSECURITY OR CYBER?>>Clark Golestani : THIS IS PROBABLY SOMETHING MOST FOLKS ARE NOT AWARE OF. MOST MAJOR CORPORATIONS WILL SCREEN YOU OUT FROM THE APPLICATION PROCESS THE MOMENT YOU DON’T HAVE A DEGREE. SO IF YOU WERE TO APPLY TO MARK, HIRING MANAGER WOULDN’T EVEN SEE YOUR RESUME UNLESS HE HAD A DEGREE AND THERE WAS A REASONABLE LEVEL OF VERIFICATION THAT OCCURS THROUGH THE RECRUITING OFFICE. WHICH IS UNFORTUNATE BECAUSE THERE IS PROBABLY MANY TALENTED INDIVIDUALS WHO COULD DO THE JOB THAT DON’T HAVE THE DEGREE, BUT THE REALITY IS WITHOUT THE DEGREE YOU ARE IMMEDIATELY SCREENED OUT SO YOU ARE NOT EVEN SEEN. WHEN IT COMES TO CYBER, I ACTUALLY DO BELIEVE THE LEVEL OF KNOWLEDGE AND TECHNICAL CAPABILITY THAT YOU LEARN WHILE GETTING THAT DEGREE IS ESSENTIAL. SOME FOLKS ARE SELF-TAUGHT, BUT THE REAL LOUD LADY IS TO BENEFIT FROM THE FORMAL TRAINING. WHEN YOU THINK ABOUT THE RISK INVOLVED IN THE JOB, IT’S INTERESTING THAT WHEN I THINK ABOUT THE SKILL TO PROTECTING THE COUNTRY, THAT CYBER TIVOLI PROTECTS THE COMPANY. I CAN SPEAK TO EXPERIENCES FOR MAJOR CORPORATIONS WE HAVE BEEN BROUGHT DOWN DUE TO CYBER ATTACKS. IT’S ONLY BECOMING MORE COMPLICATED EVERY DAY. GOING. AND WILL BE LEARNING ALL THE DETAILS TO BE ABLE TO FORM ROLES WITHIN THE CYBERSECURITY TEAM IS ESSENTIAL.>>Mike Janke: THAT’S A GREAT ANSWER. FIVE, SIX YEARS AGO IF A COMPANY WAS HACKED, AND MADE THE NEWS A COUPLE HUNDRED MILLION ADDRESSES TAKEN NOTHING REAL DRASTIC WAS DONE. TODAY WHEN COMPANIES ARE HACKE , CEO LOOSE HIS JOB, STOCK IS CUT IN HALF, INVESTORS FLEE, REPUTATION DAMAGED. IT IS A CANNED HURRICANE HITTING THE SEA. THE AMOUNT OF DAMAGE. THIS WHY CYBERSECURITY PROFESSIONALS WITHIN A COMPANY WHO WORK UNDER CLARK ARE SO PRIZED MAKING THE MOST AMOUNT OF MONE AND HONESTLY HAVE THE HARDEST JOB WITHOUT A DOUBT. SO WHEN YOU WERE RECRUITING, WHEN YOU ARE LOOKING TO BUILD THAT A TEAM, WHAT KIND OF SKILLS FROM THIS PARTICULAR AREA DID YOU PRIZE OR EXPERIENCE?>>Clark Golestani : SO A TECHNICAL BASE. HAVING A COMPUTER SCIENCE BACKGROUND, BUT ALSO WAS VERY HELPFUL FOR FOLKS WHO ARE ACTUALLY TRAINED IN CYBERSECURITY OR EVEN HAD CERTIFICATIONS ARE TRULY ESSENTIAL. IT MADE THE JOB QUITE EASY IN HIRING FOLKS. I CAN’T SPEAK LOUDLY ENOUGH TO THE SALARY STRUCTURE. IT’S INTERESTING. THE FOLKS WHO WORK IN CYBER, EVERY YEAR ENDED UP HAVING TO HAVE SPECIAL ALLOTMENTS BECAUSE THEY WOULD BREAK THE SALARY INCREASE CURVES OF THE COMPANY. SO IF YOU ARE BEGINNING YOUR CAREER AND CYBER INTERESTS YOU, BECOMING CERTIFIED AND EDUCATED, IT’S A CAREER THAT ALSO PAYS VERY WELL TOO, WHICH CAN BENEFIT YOU AND YOUR FAMILY.>>Anchor: ALL OF THIS CHANGED WITH THE LAST 5 TO 7 YEARS, RIGHT? THERE WAS A ÃPEOPLE JUST CALLED IT IT IN THE PAST. CYBERSECURITY. THE ONE THING I WILL TELL YOU WORKING WITH 200 OF THE FORTUNE 500 AND NOW, THINGS HAVE SHIFTED A LOT TOWARD WHAT I’LL CALL THE NATIONSTATE NATIONAL SECURITY INTELLIGENCE COMMUNITY TYPE BACKGROUND BECAUSE CORPORATIONS LIKE MERCK AND OTHERS ARE NO FIGHTING THE HACKER AND THEIR MOMS BASEMENT, THEY ARE STILL DOING THAT, BUT IT’S NATIONSTATE LIKE RUSSIA, CHINA, IRAN, NORTH KOREA AND OTHERS WHO ARE EASTERN EUROPEAN HACKING GROUPS THAT ARE MORE WELL-FUNDED THAN THE UNIVERSITY. SO THE ADVERSARY IS SO SOPHISTICATED. THAT IT IS PRIZED IN THIS AREA IF YOU LOOK AT THE MORGAN STANLEY, JP MORGAN, GOLDMAN SACHS IS AND ON AND ON. THAT YOU LOOK FOR SOMEONE WITH THE QUALIFICATIONS CLARK HIGHLIGHTED, BUT ALSO MAYBE SPENT 4 TO 5 YEARS AT THE MSA OR CYBER CALM. IT’S INTERESTING. THE ONE COMMENT CLARK MADE, IF YOU WERE OLD ENOUGH, YOU SEE THAT THERE ARE THESE TROUGHS. ECONOMY GOES UP, NOT A LOT OF VENTURE MONEY, WE’RE IN A RECESSION, THINGS ARE GOOD AND HAVE THE 2000, THE BUBBLE BURST, THINGS WENT UPWARD TODAY IS A LITTLE DIFFERENT AGE. EVEN IN A DOWNTURN, THE ONE AREA THEY CANNOT CUT THAT THEY HAVE TO KEEP GROWING CYBERSECURITY. I WON’T SAY ANYTHING IS RECESSION PROOF, BUT IT’S ABOUT AS CLOSE AS YOU ARE GOING TO GET. WHEN YOU LOOKED AT CANDIDATES CLARK OTHER THAN THOSE, WITH THEIR SPECIFIC CERTIFICATIONS THAT MATTERED MORE, OR WAS IT JUST AN OVERALL BODY OF EDUCATION AND EXPERIENCE?>>Clark Golestani : HAVING DEEP TECHNICAL SKILLS IS VERY HELPFUL, BUT THERE WERE AND ARE SOME CYBER CERTIFICATIONS AND FOLKS HAVE THOSE. IS EXTREMELY VALUABLE. THE REASON WHY IS I CAN’T OVER EMPHASIZE HOW THE GAME HAS CHANGED IN THE LAST SEVERAL YEARS. HOW MANY OF YOU HAVE HEARD OF THE NOT PET YET ATTACK? I SEE A COUPLE HANDS. WORTHWHILE GOING BACK AND TAKING A LOOK AT IT. WHICH IS NOW A CONFIRMED NATIONSTATE ATTACK OF WHICH MURK WAS IMPACTED. SO WERE MANY OPERATIONS. SHIPPING, FEDERAL EXPRESS, EUROPEAN OPERATIONS. THIS WAS AN ATTACK THAT LITERALLY BROUGHT CORPORATIONS TO ITS KNEES. IN FACT, MANY CORPORATIONS IMPACTED BY IT HAD TO REBUILD EVERYTHING. WE ARE NOT TALKING 10 COMPUTERS. OR A THOUSAND COMPUTERS, WE ARE TALKING TENS OF THOUSANDS OF COMPUTERS THAT NEED TO BE REBUILT FROM SCRATCH. AND THE COST OF DOING THE IS ENORMOUS JUST IN THE TECHNOLOGY SIDE. THE IMPACT OF THE CORPORATION IS HUGE. BECAUSE YOU’RE NOT SHIPPING A PRODUCT. NOW, DEPENDING ON THE BUSINESS YOU ARE IN, IT’S ALSO A MATTER OF LIFE AND DEATH. ESPECIALLY IN THE PHARMACEUTICAL BUSINESS WHEN PEOPLE NEED THEIR MEDICINES TO SURVIVE. THE IMPACT ON THE RISK IS ENORMOUS. NOW THAT THE GAME HAS CHANGED IN THE LAST FEW YEARS AND IT HAS ACTUALLY BECOME FAR MORE OF A NATIONSTATE GAME, CORPORATIONS HAVE TO CONTINUE TO INVEST AND INCREASE THAT INVESTMENT. WHEN YOU THINK ABOUT THAT CERTIFICATION, I CAN’T OVER EMPHASIZE WHAT YOU SAID. SOME OF OUR KEY INDIVIDUALS THAT HAVE COME IN AS EVEN THE PHARMACEUTICAL BUSINESSES HAVE INCREASED THEIR GAME AND CYBER. I’VE ACTUALLY HAD GOVERNMENT TRAINING, WHICH IS ENORMOUSLY HELPFUL BECAUSE THEY’VE ACTUALLY SEEN THINGS FROM THE INSIDE, IF YOU WILL. THAT THEN CAN BRING THAT KNOWLEDGE TO CORPORATE AMERICA.>>Mike Janke: THAT’S GREAT INSIGHT. NOW WHAT I WOULD LIKE TO DO IS KIND OF SHIFT THE LANDSCAPE A LITTLE BIT MORE OF THE CYBER CAREER LANDSCAPE, RIGHT? THERE’S A LOT OF NOISE OUT THERE, ESPECIALLY IF YOU ARE A STUDENT. PEOPLE ARE LOOKING AT ALL MY GOSH. HERE’S WHAT I CAN TELL YOU. IT DOESN’T MATTER IF YOU WENT TO HARVARD, GEORGIA TECH MORE A GOOD CYBER COLLEGE THAT IS SMALL. IT’S ABOUT GETTING THE DEGREE, BUT IT’S ALSO ABOUT SOME OF THE SKILLS YOU LEARN AND THE BIT ABILITY TO COME OUT OF THE GATE HAVING AN UNDERSTANDING OF HOW CYBER WORKS IN A CORPORATION OR COMMERCIAL SOFTWARE. WHAT YOU ARE SEEING TODAY THERE IS A LOT OF MARKETING OUT THERE FOR COMPUTER SCIENCE AND OTHER CERTAIN SKILLS THAT YOU WANT TO START LOOKING INTO EDUCATIONS THAT ARE PARTICULARLY FIT WITH THE INDUSTRY IS LOOKING AT. SO PART, FROM YOUR PERSPECTIVE, WHAT DO YOU SEE KIND OF ON THE EDUCATION LANDSCAPE TODAY. BOTH THE PLUS AND MINUS. JUST ANY THOUGHTS ON THE EDUCATION TODAY AND CYBER.>>Clark Golestani : I THINK ABOUT IT, HE UMUC FOR EXAMPLE, THE CYBER PROGRAM WAS DEVELOPED THERE. THOSE ARE EXTRAORDINARILY HELPFUL. SPECIFICALLY TRAINED IN CYBERSECURITY. THERE ARE SO MANY ASPECTS OF CYBER TODAY. USED TO BE WHERE THERE WOULD JUST BE A SMALL CYBER TEAM THAT WAS DEALING WITH ALL THE PROBLEMS. NOW CYBER EXTENDS ALL THE WAY FROM THE WAY TESTING TECHNOLOGIES AND THEIR ASPECTS OF TESTING ALL THE WAY AND THE HUNT TEAMS THAT ARE CONSTANTLY LOOKING FOR ISSUES AND ASPECTS OF TELECOM IS MANAGED. TODAY WHEN I THINK ABOUT THE ENTIRE LANDSCAPE OF IT WITHIN A FIRM, AS WELL AS THE TECHNOLOGIES YOU PUSH OUT TO CUSTOMERS AND CLIENTS, WHICH WE ALSO DID. WE PUSHED TECHNOLOGY INTO HOSPITALS AND CLINICS. ALL THE ASPECTS OF CYBER BECOMES ONE OF THE KEY RISK FACTORS AND EVERYTHING WE NEED TO LOOK AT. WHEN I THINK ABOUT CYBER, ACTUALLY SEE SUBSPECIALTIES ACROSS THE CYBER LANDSCAPE AND WHAT DOES IT MEAN TO ACTUALLY UNDERSTAND AND DO TESTING OF SOFTWARE WITH THAT ASPECT OF CYBER? WHAT DOES IT MEAN TO ACTUALLY GO OUT AND HUNT AND UNDERSTAND AND FIND THE PROBLEMS ACROSS LANDSCAPE? WHAT DOES IT MEAN TO MANAGE TELECOMMUNICATIONS AND NETWORKING CAPABILITY FROM THE CYBER DIMENSION? I COULD GO ON AND ON. THERE ARE MANY OF THE SUBSPECIALTIES.HE DEGREE WHICH YOU ACTUALLY GO FOR, CERTAINLY IT USED TO BE HAVE BROUGHT ASIDE PERSPECTIVE. THAT’S VERY HELPFUL. HAVING A CYBER PERSPECTIVE IS EXTREMELY HELPFUL. BUT THEN YOU CAN ALSO SOME SPECIALIZE IN THE MANY OF THESE AREAS.>>Mike Janke: WE TOUCHED A LITTLE BIT ABOUT THIS, BUT HOW HAVE YOU SEEN THE CYBER THREAT LANDSCAPE AS WE DISCUSSED CHANGE? WHERE DO YOU SEE IT GOING? WHERE DO YOU SEE THE CYBER THREAT LANDSCAPE IN THE NEXT YEAR OR THREE YEARS? I KNOW THAT IS HARD TO TELL, BUT WHAT ARE YOUR THOUGHTS?>>Clark Golestani : IT’S INTERESTING. WE HAD A LOT OF CONVERSATIONS ABOUT THIS WITHIN AND ACROSS COMPANIES AFTER THE LAST ATTACK. FOR THOSE THAT AREN’T AWARE OF THAT ATTACK, WHAT THAT ATTACKED IT WAS REALLY, IF YOU WILL, DESTROY COMPUTER SYSTEM BY ERASING EVERYTHING FROM THE WAY IT WOULD BOOT UP. SO ALL THE DATA WAS GONE. AND IN FACT, IN ENTIRE COMPANY, TYPICALLY DESTROYED IN 2 TO 3 MINUTES. IT DIDN’T TAKE LONG TO DESTROY HUNDREDS OF THOUSANDS OF COMPUTERS. WE ALSO WENT BACK AND THINK OURSELVES THAT IT ACTUALLY WAS DESTROYED. BECAUSE YOU KNEW THAT THE MACHINE HAD A PROBLEM OR NOT. NOW JUST IMAGINE, ESPECIALLY FOR A NATION, SOMEONE DECIDES TO WRITE SOMETHING THAT GOES IN AND CHANGES DATA AND DISAPPEAR . AND BECO ACHEN CHANGES DATA LITTLE BIT MORE AND DISAPPEARS. IMAGINE THAT TO THE FINANCIAL SECTOR OR THROUGH LIFE-SCIENCES OR PEOPLES LIVES DEPEND ON IT OR HOSPITAL SYSTEMS. THAT, MY FEAR, AND THAT IS WHY I THINK WHEN I LOOK AT CYBER, THE ABILITY TO ALTER DATA AND DO THAT IN A WAY THAT IS UNDISCOVERED THAT MAY TAKE WEEKS, MONTHS, YEARS TO SURFACE OR CALL INTO QUESTION THE CREDIBILITY, IMAGINE IF YOU OPENED UP YOUR BANK STATEMENTS AND ALL OF A SUDDEN SOMETHING DIDN’T LOOK RIGHT BUT THEY DIDN’T REPORT IT AND YOU HAVE TO GO BACK. HOW MANY OF YOU KEEP IT POINTED COPY OF YOUR BANK STATEMENTS? I’M AMAZED AT HOW MANY PEOPLE SAY NO.THIS IS TRUE OF MANY THINGS. THAT IS WHERE I SEE IT GOING. ESPECIALLY ITS NATIONSTATE. FRANKLY, IT’S A LOT CHEAPER TO BUILD A CYBER OFFENSIVE CAPABILITY THAN IT IS TO RUN A PROGRAM. AND BECAUSE OF THAT THEY THINK THE GAME WILL CONTINUE TO INCREASE AND BECOME FAR MORE DANGEROUS.ND WITH THAT, THERE WILL BE FOURMORE PROFESSIONALS THAT ARE NEEDED TO KNOW ABOUT IT.>>Mike Janke: I THINK THAT’S A REALLY GOOD VISION AND IS HAPPENING ALREADY . IN THE EARLY STAGE IN ITS.NE OF OUR COMPANIES, PROBABLY THE WORLDS LEADING INDUSTRIAL CONTROL CYBER COMPANY. THIS IS POWER GRIDS, WIND, NEW. BUT ALSO CAMPBELL SOUP, AMERICAN AIRLINES, BASF. ANYWHERE THERE IS AUTOMATED MANUFACTURING, THEY CALL THAT OT AS OPPOSED TO IT. FOR THE FIRST TIME EVER IN NATIONSTATE DIRECTED A HACK TO THE ENERGY SECTOR IN SAUDI ARABIA THAT WAS DESIGNED TO COST LIVES. TO BLOW UP THINGS. YOU KNOW, YOU SEE A LOT IN THE PRESS FOR THE ENTIRE EAST COAST IS GOING TO GO DARK. NOT REALLY. WE HAVE PRETTY WELL BIFURCATED SYSTEM. A LOT OF THE NEW ATTACK VECTOR BY NATIONSTATES IS IN THE INDUSTRIAL CONTROL AREA. LOOK, GENERAL FOODS, GENERAL MILLS WHO MAKES YOUR BREAKFAST CEREAL, THEY WERE HACKED AND IT LITERALY COST THEM MILLIONS OF DOLLARS. ALL IT DID WAS STOP UP SECTION AND CLARK MENTIONED IN EARLIER. YOU ARE NOT SHIPPING PRODUCT. IF IT COMES TO A NUKE PLANT OR ANY TYPE ENERGY PRODUCING, YOU CAN COST LIVES. IT’S A DIFFERENT CYBERSECURITY STILL APPLIES. HUNT TEAMS, THE WHOLE NINE YARDS. ISJUST A LITTLE DIFFERENT . YOU ARE SEEING A LOT OF THAT STARTUP, AND A LOT OF TECHNOLOGY IS BEING DIRECTED TO IT. I AGREE WITH CLARK. THINGS AREN’T GETTING NICER GETTING SCARIER. THE STAKES ARE HIGHER. I THINK WE ARE ALL NUMB RIGHT NOW. IF I SAID LET ME PULL OUT MY PHONE, OH MY GOD NIKE WAS HACKED, ANYBODY WHO BOUGHT SHOES ONNIKE , THEIR CREDIT CARD INFORMATION, THE HACKERS HAVE IT. AT THIS POINT YOU WOULD BE LIKE SO WHAT? THEY GOT IT FROM YAHOO, GOT IT FROM OPM, SONY, I DON’T HAVE ANY INFORMATION OF TO GIVE TO THE BAD GUYS, RIGHT? SO THE PUBLIC GETS SOMEWHAT NUMB FROM ALL OF THIS REPETITIVE. THIS IS WHY AT UMUC AND PLACES LIKE THIS THAT ARE CONSIDERED SPECIALISTS IN CREATING SOME OF THE TOP CYBERSECURITY PROFESSIONALS WILL CONTINUE TO BE MORE RELEVANT THAN OTHERS. ALL RIGHT. SO WE TALKED A LOT ABOUT THE CYBER THREATCONCERNS THAT WE SEE . THIS IS ONE THAT IS UNIQUE, BUT I WOULD LOVE TO HEAR CLARK’S VIEW ON A. WILL CAN INDIVIDUALS DO TO PROTECT THEIR PERSONAL PROFESSIONAL DATA FROM AN ATTACK?>>Clark Golestani : YOU KNOW, THIS IS AN INTERESTING ONE. BECAUSE MOST COMPANIES AND PROBABLY UNIVERSITIES TOO ARE TRYING TO TRAIN EVERYONE TO BE MORE AWARE AND COGNIZANT OF THE RISKS AND ACTIONS THEY TAKE. HOW MANY OF YOU HAVE INSTALLED A ROUTER IN YOUR HOUSE? DO YOU ALL CHANGE THE PASSWORD? THAT’S GOOD. THAT’S INTERESTING.E ASK THAT QUESTION AT A CORPORATION, ABOUT HALF THE FOLKS ÃWHAT PASSWORD? WERE THEY SENT THE SERVICE PROVIDER INSTALLED IT. THEY DID CHANGE THE PASSWORD. THERE’S A WHOLE SET OF BASIC AND FAIRLY VIGILANT, WHICH STOPS 80 PERCENT OF THE PROBLEMS. AND ESPECIALLY FROM INDIVIDUAL LEVEL. WE EXPERIENCE IN NATIONSTATE ATTACK INDIVIDUALLY, NO. AND WE GET CAUGHT UP IN SOMETHING LIKE THAT, POSSIBLY. BUT BY DOING THAT LEVEL OF DILIGENCE ACROSS EVERYTHING WE DO AND ALSO TAKING THE EXTRA STEP TO ASK THE QUESTION TO YOUR PARENTS, YOUR NEIGHBORS. THAT WILL CREATE A FAR MORE SAFER WORLD FOR MORE DATA AS WELL AS EVERYONE AROUND.>>Mike Janke: THAT’S A GREAT ANSWER. ALL RIGHT. YOU HEARD ENOUGH FOR ME, LET’S GET SOME QUESTIONS FOR CLARK YOU CAN ASK ANY QUESTION YOU WANT. CAREER, WHAT WAS IT LIKE TO BE IN THE CIO OF A MAJOR CORPORATION, QUESTIONS ABOUT THE PATH, COULD BE ABOUT ENTREPRENEUR. PLEASE, STAND UP IF YOU WOULD. WE WILL GIVE YOU A MICROPHONE HERE. SO EVERYBODY CAN HEAR YOU.>>HI. I’M HERE WITH MY DAUGHTER. AND TRY TO GET HER INTO CYBERSECURITY . YOU TALKED ABOUT DEGREES PRITI SAID IT’S GOOD TO GET A DEGREE. ALSO MENTIONED CERTIFICATIONS. CAN YOU EXPLAIN A LITTLE BIT ABOUT THAT? SHOULD YOU GET A CERTIFICATION ON YOUR WAY TO A DEGREE, SHOULD YOU GET CERTIFICATIONS AFTER YOU GET A DEGREE? HOW DO YOU SORT OF PUT THOSE TWO TOGETHER?>>Clark Golestani : I VIEW Ã WHEN I THINK ABOUT THE DEGREE AND THE ADVANCED DEGREE UMUC OFFERS, I LOOK AT THAT AS THE GOLDEN TICKET. ONCE YOU HAVE GOT AN UNDERGRADUATE DEGREE, I THINK THERE ARE A SET OF CERTAIN CERTIFICATIONS YOU CAN GET TO DEMONSTRATE YOUR PROFESSION BOTH IN CYBER AS WELL AS THE UNDERLYING TECHNOLOGY BEEN CERTIFIED IN THE UNDERLYING TECHNOLOGY. BUT DOING AN ADVANCED DEGREE IN CYBER, I THINK THAT IS THE GOLDEN TICKET. ANYONE THAT IS GOING TO REALLY FORM A COMPLETE CAREER AROUND CYBER SHOULD THINK ABOUT DOING THAT. THE REALITY IS CEASES, WHO USED TO BE BURIED IN ORGANIZATIONS NOW MINIMALLY REPORTS TO THE CIO, AND EVEN IF YOU ARE IN BANKING, YOU WERE ALL THE WAY UP AT THE RISK LEVEL QUITE OFTEN REPORTING TO THE CEO. HAVING THOSE ADVANCED DEGREES AS YOU PURSUE THAT TYPE OF A CYBER CAREER, I THINK IS TREMENDOUSLY IMPORTANT AND I THINK CAN CARRY A VERY LONG WAY AS YOU GO THROUGH YOUR CAREER.>>THAT’S A GREAT ANSWER. ANOTHER QUESTION? SIR OVER HERE? GO AHEAD. STAND UP IF YOU WOULD. THERE HE IS.>>THANK YOU. I HAVE THREE QUESTIONS ACTUALLY. THE FIRST QUESTION IS I HAVE BEEN DOING SOME RESEARCH ON THE MARKET AND CYBERSECURITY. ESPECIALLY IN THE AREA IT LOOKS LIKE MOST OF THE JOBS REQUIRE SOME TYPE OF CLEARANCE. SO MY QUESTION IS, ARE THEY SELLING OFF OPPORTUNITIES FOR THOSE FOLKS LIKE ME WHO DOES NOT HAVE THE REQUIREMENT TO OBTAIN THE CLEARANCE RIGHT NOW? AND THE OTHER QUESTION I HAVE |>>Clark Golestani : LET’S TAKE ONE AT A TIME.>>Mike Janke: I THINK I CAN TAKE THIS ONE. YOU DON’T HAVE TO HAVE A CLEARANCE WHEN YOU GRADUATE. MOST ORGANIZATIONS WOULD BE LIKE YOU, YOU HAVE THE GOLDEN TICKET TO THE DEGREE, WE ARE GOING TO GET YOU CLEARED EVEN BEFORE YOU START TO GRADUATE. SO DON’T WORRY ABOUT THAT. IT’S LIKE EVERYBODY JUST TO GET A CLEARANCE AT SOME POINT, RIGHT? IT WILL BE A FUNCTION OF YOUR JOB. WHAT YOU ARE SEEING IS NOW THE OTHER SIDE WITH AMAZON AND ALL THESE COMMERCIAL CYBERSECURITY FIRMS, YOU DON’T NECESSARILY HAVE TO GET ONE IF YOU ARE JUST LOOKING WITHOUT THEM. BUT THE BOEINGS, AMPEX, WHATEVER, THEY WILL BE RECRUITING YOU. THEY WILL WHITE GLOVE THAT FOR YOU.O DON’T MAKE THAT BE A WORRY.>>Clark Golestani : I WAS GOING TO ECHO EXACTLY WHAT YOU SAID ON THE COMMERCIAL SIDE PRINT A CLEARANCE IS NICE, ESPECIALLY IN SOME OF THE PARTNERSHIP ACTIVITIES THAT GO ON WITH GOVERNMENT, BUT EVEN ON THE GOVERNMENT SIDE THEY WHITE GLOVE IT. AND IN FACT EVEN ON THE COMMERCIAL SIDE WHEN THERE IS INTERACTION THAT NEEDS TO HAPPEN WITH THE GOVERNMENT AND CLEARANCES ARENEEDED, SOME FOLKS AT MY CYBERORGANIZATION HAD CLEARANCES. THOSE WERE EVEN WHITE GLOVED.>>OKAY. THANK YOU. SO IN THE MARKET , AND RELATED STUDIES FROM PRIOR EDUCATION , DO THEY HELP. FOR EXAMPLE, I HAVE A MASTERS IN GLOBAL POLITICS BUT I DON’T KNOW HOW IT IS GOING TO HELPED ME WITH CYBERSECURITY DEGREE OR ASSOCIATES DEGREE GOING TO OBTAIN. DO THEY HELP IN THE MARKET?>>Clark Golestani : I’LL GIVE YOU A PERSPECTIVE. WHEN YOU LOOK AT CYBER, THERE IS CERTAINLY THE TECHNICAL ASPECTS OF THE ROLE, BUT THERE IS ALSO THE CALCULATING OF THE RISK. ONE OF THE KEY QUESTIONS THAT CAME FROM THE BOARD OF DIRECTORS IS POLICE CHARACTERIZED GEOPOLITICALLY ALL THE RISKS AND ALL THE ACTORS. FOR MY TECHNICAL ANALYSTS, THAT WAS A VERY DIFFICULT QUESTION TO ANSWER.ROBABLY WITH YOUR TRAINING AND BACKGROUND YOU WOULD HAVE HAD A BETTER OPPORTUNITY IN ANSWERING THAT QUESTION. I THINK WHEN YOU THINK ABOUT CYBER , WHAT DOES IT MEAN TO MANAGE RISK AND THEN CERTAINLY THERE IS ALL THE TECHNICAL ASPECTS. BUT HAVING OTHER AREAS OF EXPERTISE CAN CERTAINLY HELP PLAY INTO THE WAY YOU MANAGE RISK.>>Mike Janke: I WOULD SECOND THAT. IF ALL THINGS BEING EQUAL, THERE ARE TWO WITH EQUAL CAPABILITIES AND DEGREES COMING OUT AND YOU HAVE MASTERS THAT IS POLITICAL AND YOU HAVE DONE SOME OTHER THINGS, ALL CHOOSE THAT. BECAUSE IT SHOWS YOU ARE MORE WELL-ROUNDED. IS NOT JUST BINARY. YOU DON’T JUST SHOW UP AND SIT AT A COMPUTER, RIGHT? THERE’S ALL KINDS INTERACTING WITH SENIOR EXECUTIVES, VENDORS. HAVING A SEASONED EXPERIENCE BEHIND YOU REALLY HELPS. ALL RIGHT. WHERE WE AT? THIS GENTLEMAN WAS STANDING FIRST. PLEASE, GO AHEAD. RIGHT BEHIND YOU. HE’S COMING OVER. YOU GO.>>SO I THINK CYBERSECURITY ONLY INVOLVES PROTECTING DATA AND CODE AND ALL OF THAT, DOES IT ALSO INVOLVED OTHER THINGS SUCH AS SECURITY CAMERAS AND LIKE OTHER FORMS? LIKE SECURITY |>>Clark Golestani : I GOT IT. THAT’S A GOOD QUESTION. THAT’S A GOOD QUESTION. IT COVERS JUST ABOUT EVERYTHING. UNDER CLARK’S JOB EVERY CAMERA IN THAT BUILDING HAS FIRMWARE. IT REPORTS IN. IT’S WHAT IS CALLED AN ENDPOINT. THAT PHONE IN YOUR POCKET WOULD BE CLARK’S RESPONSIBILITY, RIGHT? THE ANYTHING THAT IS PASSING DIGITS, BITS AND DIGITS, TODAY IT’S ALSO CLARK’S BRITNEY THINK OF A FLEET OF CARS AUTOMATED SENDING DATA. WI-FI. SMART TVS. THE LANDSCAPE THAT CYBER HAS TO COVER HIS ENDLESS. GREAT QUESTION. PAULA CLARK EXPOUND A LITTLE ON THAT.>>Clark Golestani : WELL, IT’S INTERESTING. IF YOU THINK ABOUT COMPUTING USED TO BE THE MAINFRAME COMPUTER AND IT WAS ONE. AND THEN WE WENT TO DISTRIBUTE COMPUTERS AND THEN THERE WERE TENS OF HUNDREDS RIGHT AND THEN WE GOT PCS AND NOW YOU HAVE THOUSANDS AND NOW YOU HAVE IPHONES AND ALL THESE DEVICES WE HAVE TENS OF THOUSANDS. AND NOW WE ARE ABOUT TO EMBARK ON RAPIDLY GOING INTO THE SENSORY REVOLUTION, WHERE IT EASTVIEW OR SOMEONE ON SITE DO YOU HAVE TWO IPHONES ON YOU AND A LOT OF HANDS WOULD GO A. AND HAD TWO PHONES ONE WORKING ONE PERSONAL. NOW WHEN YOU LOOK AT AN INDIVIDUAL IN THE NUMBER OF SENSORS, OR IF YOU WALK INTO A FACTORY FLOOR, THE AMOUNT OF SENSORS THAT ARE GIVING BACK DATA IS INCREDIBLE. SO WE WENT FROM THE TENANTS TO THE THOUSANDS TO THE 100S OF THOUSANDS. WE ARE NOW INTO MILLIONS LIVE IN POINTS THAT NEED TO BE PROTECTED IN ANY GIVEN COMPANY. WHEN YOU THINK ABOUT THAT, WHETHER IT’S THE CAMERAS WHERE THE SENSORS ALL OF THAT NEEDS PROTECTION. BY GOODNESS, I’M JUST THANKFUL I’M ON THE RETIREMENT SIDE BECAUSE MY HEAD STARTS TO BLOW OUT WHEN I THINK ABOUT TENS OF MILLIONS UPON HUNDREDS OF MILLIONS WITH JOE’S WHERE IT’S GOING. GREAT QUESTION.>>QUESTION OVER HERE.GO AHEAD, SIR.>>SO I WANTED TO ASK IF YOU HAVE CERTIFICATIONS AND YOU DO NOT HAVE A DEGREE IN THE FIELD OF CYBERSECURITY, THERE USUALLY IS A ROADBLOCK AND THEN IF YOU ARE COMING FROM SOMEWHERE, LET’S SAY I USED TO WORK IN RETAIL AND I WORK AS AN IT SUPPORT TECHNICIAN.I GOT SERVICE CERTIFICATIONS. BUT WHEN YOU ARE APPLYING FOR A JOB THEY WOULD ASK FOR SO MANY YEARS OF EXPERIENCE. I MIGHT NOT HAVE THE YEARS OF EXPERIENCE, BUT I HAVE THE ABILITY TO UNDERSTAND AND ACTUALLY DO THE WORK AND WHY IS THAT SUCH A BIG ROADBLOCK AND WHY IS THAT WHEN YOU’RE TRYING TO APPLY FOR A JOB?>>Clark Golestani : FROM A CORPORATE PERSPECTIVE, MOST COMPANIES PUT IN PLACE CERTAIN SCREENS FOR DEGREES OR JUST ONE OF THOSE SCREENS. I THINK YOU WILL FIND A LOT OF SERVICE ORGANIZATIONS WILL PROBABLY TAKE INDIVIDUALS THAT ARE NOT DEGREES, BUT I THINK YOU’LL FIND MOST OF CORPORATE AMERICA WOULD REQUIRE THE DEGREE.HAT’S BEEN MY EXPERIENCE WHEN TALKING WITH COLLEAGUES.>>Mike Janke: ONE THING I WOULD ADD TO THAT, I KNOW A LOT OF GOOD YOUNG HACKERS THAT MIGHT WORK AT AND HIM SSP OR SOMETHING. WITH TODAY WITH UNIVERSITIES LIKE UMUC THERE’S NO REASON YOU COULDN’T GET A DEGREE RIGHT AFTER DINNER THAT NIGHT WORKING HOURS TO PUT THAT IN. IT BROADENS YOUR ABILITY. BY THE WAY, JUST LIKE THIS GENTLEMAN ASKED HERE, WHEN YOU GET THAT DEGREE, YOU ARE WORTH MORE THAN OTHERS WHO DON’T HAVE YOUR EXPERIENCE. BECAUSE YOU ARE A PLUS PLUS. SO DON’T LOOK AT IT IS WHAT I DON’T HAVE TODAY. IF YOU GET THAT DEGREE, YOU ARE FURTHER AHEAD ON THE CANDIDATE LIST THAN OTHERS BECAUSE OF WHAT YOU DID IN IT FOR THOSE YEARS. DOES THAT MAKE SENSE? OKAY. SIR?>>HIGH. SO YOU WERE TALKING ABOUT CERTIFICATIONS AND GETTING EXPERIENCE AS WELL. I KNOW IN POLITICAL SCIENCE OR THE OTHER SCIENCES, THEY ENCOURAGE STUDENTS TO GET INTERNSHIPS. AND CURIOUS, IS IT POSSIBLE TO GET AN INTERNSHIP IF YOU DON’T HAVE THE CERTIFICATION JUST AT LEAST TO GET YOUR ÃJUST TO FEEL COMFORTABLE BEFORE YOU CAN APPLY FOR A FULL-TIME JOB AND SAY I DO HAVE THIS EXPERIENCE AND I DO HAVE THE CERTIFICATION AND I DO HAVE THIS DEGREE?>>Clark Golestani : ABSOLUTELY. IN FACT, BECAUSE THE CYBER FIELD IS SO COMPETITIVE WITH SO MANY UNFILLED JOBS, WHEN YOU ARE WORKING TOWARD A DEGREE IN CYBER AND THEN YOUARE APPLYING FOR AN INTERNSHIP , COMPANIES WANT YOU.BECAUSE THEY WANT TO DURING YOUR INTERNSHIP SO THAT WHEN YOU GRADUATE FROM THEY ARE THERE WAS AN OFFER TO HIRE YOU. AND HOPEFULLY IF YOU HAVE HAD SOME EXPERIENCE INSIDE THE COMPANY, YOU LIKE THE PEOPLE YOU HAVE WORKED AROUND AND YOU ARE GOING TO TAKE THE JOB WITH THAT COMPANY. SO ABSOLUTELY. WHEN YOU ARE DEMONSTRATING THAT YOU ARE WORKING TOWARD THAT DEGREE, I WOULD HIGHLY ENCOURAGE YOU TO LOOK FOR THE INTERNSHIPS. ABSOLUTELY.>>Mike Janke: THERE IS A YOUNG LADY ÃGO AHEAD.>>I WOULD LIKE TO SAY THANK YOU FOR COMING OUT TODAY AND SPEAKING WITH US. MY QUESTION REALLY GETS BACK TO WHAT YOU BROUGHT UP ABOUT THERE BEING A MILLION JOB OPPORTUNITIES BY 2020. IT’S HISTORICALLY ÃTHERE BEEN STUDIES THAT HUMANS ARE REALLY BAD AT RECOGNIZING CYBERSECURITY EVENTS SO THAT IS CAUSING THE INDUSTRY TO TRANSITION TO MACHINE LEARNING AND AUTOMATION. I JUST WOULD LIKE TO SEE YOUR PERSPECTIVES ON HOW THAT IS GOING TO AFFECT THE CYBERSECURITY INDUSTRY IF WE ARE GOING TO CONTINUE TO PUSH MACHINE LEARNING IN A WAY THAT IT AUTOMATES THESE AND RECOGNIZES THESE BREACHES AND VULNERABILITIES THAT’S A GREAT QUESTION, ACTUALLY.>Clark Golestani : I THINK WITH THE VOLUME OF DATA COMING IN THERE WOULD BE NO WAY HUMANS WOULD BE ABLE TO ADDRESS THAT. I DON’T SEE A I AND MACHINE LEARNING BECAUSE THE REALITYIS , THOSE WILL BE APPLIED TO BEING ABLE TO SIFT THROUGH THE DATA BETTER, BUT MY EXPERIENCE IS THERE IS A LAYER OF HUMANS THAT NEED TO APPLY A LOT OF EXPERIENCE IN MAKING SURE THE ACTIONS BEING TAKEN MAKE SENSE. IN THE AMOUNT OF ÃALL THE AI AND ML IN THE WORLD ISN’T GOING TO CREATE UPGRADES AND COMMUNICATE WITH ORGANIZATIONS ON UPGRADE SCHEDULES AND EDUCATE THEM AND LOOK AT NEW TECHNOLOGIES THAT NEED TO BE DEPLOYED. I COULD KEEP GOING ON AND ON AND ON, WHICH IS WHY WHEN YOU LOOK AT HIRING WITHIN THE COMPANY, THE CYBER ORGANIZATION KEEPS GOING LIKE THIS IN THE NUMBER OF PEOPLE COMING IN NOT ONLY HIS FULL-TIME EMPLOYEES, BUT THIRD PARTIES TO GET THE WORK DONE. I JUST SEE IT AS A NECESSARY AUGMENTATION TO BE EFFECTIVE. I DON’T THINK IT WILL REPLACE JOBS WHATSOEVER.>>Mike Janke: MOST OF THAT ÃI WILL SEE MOST. I WOULD SAY 50 PERCENT OF THE CYBERSECURITY PRODUCTS OUT THERE CLAIM SOME FORM OF ML OR AI. IT COULD BE A COUPLE ALGORITHMS THAT DO SOMETHING. IT’S NOT LIKE A LOT OF THE FEAR. AI WILL REPLACE THE FACTORY WORKER ROBOTS. CYBER IS VERY DIFFERENT. THERE WILL BE CERTAIN PROCESSE AND PROCEDURES MACHINE CAN BE TRAINED ON , BUT IN SOME WAYS IT’S CAUSING MORE NEED FOR PEOPLE. YOU HEARD WHAT CLARK SAID ABOUT THE ENDPOINTS JUST KEEP GOING. A FRIEND OF MINE USED TO BE THE CTO OF GOLDMAN 30 HE SAID GOLDMAN SACHS ISN’T A FINANCIAL COMPANY. WE ARE IN ENGINEERING COMPANY. WITH 9000 ENGINEERS. WE ARE A DATA COMPANY. FORD, THE TRUCK COMPANY, TALK TO THEIR CEO. THEY ARE A DATA COMPANY.EVERY YEAR THE AMOUNT OF DATA THEY PULL IN DOUBLES OR TRIPLES. THEY BECOME A DATA COMPANY. AI, ML, JUST A CERTAIN PART OF IT. IS NOT LIKE THERE IS A ROBOT THAT IS GOING TO TAKE OVER. EOPLE OF THE MOST IMPORTANT PART OF CYBERSECURITY BUT NOT NECESSARILY PRODUCTS. PEOPLE USE THE PRODUCTS. THAT’S ALL. BUT THAT’S A GREAT QUESTION BECAUSE I HAVE HAD THAT BEFORE AND IT’S HARD TO ARTICULATE BECAUSE PEOPLE CAN PICK UP A WIRE MAGAZINE AND ANYTHING ELSE AND IT’S IS THE ROBOTS ARE COMING. ALL THESE AUTO FACTORY WORKERS WILL BE GONE. YEAH, THAT’S TRUE, RIGHT? THAT’S TRUE. BUT CYBERSECURITY IS VERY DIFFERENT.>>Clark Golestani : I WOULD BE CAREFUL WITH ALL THE PREDICTION. I THINK THEY ARE SO RIGHT, BUT A FUN. GO BACK TO THE 60S. WE WOULD ALL BE INCLINED CARS RIGHT NOW. THAT’S RIGHT. WE HAVE ONE MORE QUESTION TIME LEFT.I’M SORRY. THAT LADY HAS BEEN STANDING SINCE THE GET GO. DIDN’T THINK I SAW YOU. [ INAUDIBLE ] >>Clark Golestani : I DON’T THINK AGE WILL PLAY IN WHATSOEVER TO IT. YOU ARE LOOKING AT A CAREER FOR THAT. WE NEED MORE WOMEN FOR SECURITY. SO NO, NOT AT ALL. ACTUALLY BELIEVED DOING THE DEGREE WORK WILL HELP IN CREATING THAT TRANSITION. REGARDLESS OF WHAT CAREER IS. THAT LOOKED TO DO THE CAREER TRANSITION. NOT JUST FROM IT, BUT ACTUALLY FOR BUSINESSES. AS WE DEPLOY THE PROGRAM THAT EDUCATED PEOPLE IN CYBER, THERE WERE FOLKS IN THE COMMERCIAL PARTS OF THE OPERATION AND MANUFACTURING THAT FOUND A NEW CALLING IN LIFE. [ LOSS OF AUDIO ] [ INAUDIBLE ] >>AT THIS TIME AGAIN THANK YOU BOTH FOR YOUR TIME.AT THIS TIME I AM VERY EXCITED TO INTRODUCE SOMEONE MANY OF YOU MAY KNOW ALREADY. MR. JOSEPH ROUNDY, WHO WILL LEAD US THROUGH A LIVE SECURITY PACK DEMONSTRATION. FIRST I WOULD LIKE TO SHARE A LITTLE BIT WITH YOU ABOUT JOE. HE IS THE CYBERSECURITY PROGRAM MANAGER FOR MONTGOMERY COLLEGE. HE HAS HIS MASTERS IN COMPUTER SYSTEMS MANAGEMENT FROM UMUC IN A BACHELORS OF SCIENCE IN COMPUTER SCIENCE ALSO FROM UMUC. JOE HAS OVER 30 YEARS EXPERIENCE IN OPERATIONAL IT FOR MORE THAN HALF OF WHAT IS NOW CALLED CYBERSECURITY. AND IN 2015, JOE COMPLETED THE MODERNIZATION OF THE INTERNET AVAILABLE CYBERSECURITY LAB HERE AT MONTGOMERY COLLEGE. HE IS A FACULTY MENTOR FOR THE MC CYBERSECURITY CLUB, HE HOSTS HIGH SCHOOL AND MARYLAND COMMUNITY COLLEGE COMPETITIONS AND IS IN AFA CYBER PATRIOT MENTOR FROM MONTGOMERY COUNTY PUBLIC SCHOOLS. HE IS ALSO A RECIPIENT OF THE SANDS DIFFERENCE MAKER AWARD AND IS CURRENTLY THE PRINCIPAL INVESTIGATOR ON IN SF CYBER CORPSE SCHOLARSHIP FOR SERVICE AWARD. AND IN HIS SPARE TIME HE IS A TRAINER FOR THE BALTIMORE CYBER RANGE. PLEASE JOIN ME IN WELCOMING JOSEPH ROUNDY. [ CLAPPING ] >>Joe Roundy : SO I HAVE SOME BOLLEN TOLD STUDENTS HERE ARE GOING TO HELP US DEMONSTRATE SOME OF THE THINGS THAT SHOULD YOU DECIDE TO PURSUE A DEGREE IN MONTGOMERY COUNTY COLLEGE OR UMUC OR IT. SOME OF THE THINGS THAT ONLY YOU WILL LEARN TO DO WHAT YOU WILL UNDERSTAND HOW IT’S DONE. JUST FOR THOSE OF YOU WHO MAY BE NERVOUS, DON’T TEACH THEM HOW TO HACK, BUT WE DO TEACH THEM SOME OF THE TOOLS USED. AND WE TEACH THEM HOW TO SECURE SYSTEMS SO THEY ARE LESS VULNERABLE TO HACKS. SO HERE WE HAVE ÃGO AHEAD. WHAT IS YOUR NAME? CHRIS. CHRIS AND DAN FOR CHRIS, THE FIRST THING WE DO IF YOU WERE TO BE AN ATTACKER OR HACKER, YOU WANT TO DO SOME RECONNAISSANCE. SPOKE I DISLIKE PASSWORD. I HAVE LIKE 20 OF THEM. DISCOUNT OR THAT ACCOUNT. CAN BE FRUSTRATING. THE FIRST THING WE DO IS RECONNAISSANCE. WE HAVE DEFINED TARGETS. CHRIS IS GOING TO USE ONE OF THE TOOLS WE TEACH ACTUALLY DO WHAT WE CALL NUMERATION. YOU KNOW HOW I AM T.V. IN THE MOVING MOVIES THINGS HAVE AND LIGHTNING FAST? NONE IF THAT IS REAL. I DON’T GET TO WATCH MOVIES WITH MY WIFE BECAUSE SHE WAS A STOP TALKING WHEN YOU SAY THAT’S NOT REAL, IT DOESN’T HAPPEN THAT WAY. THAT’S BALONEY. NOT THE ACTUAL TERM I USE, ANYWAYS. CHRIS WILL START NUMERATION HERE IN THE ONCE WE GET THAT UP AND RUNNING WE ARE THEN GOING TO BRING UP JASON, WHO IS GOING TO EXPLOIT A TARGET. THAT WOULD BE DAN OVER HERE. I DON’T KNOW IF YOU CAN ALL SEE THE SCREEN OF YOUR, BUT HE’S CONNECTED HIS LAPTOP HERE AND TO GAIN ACCESS TO IT. SO THIS MIGHT BE FAMILIAR TO SOME ANYBODY HERE FAMILIAR WITH THE KELLY DESCRIPTOR BHUSHAN? A FEW PEOPLE. WE HAD THIS RUNNING REALLY WELL BEFORE THIS THING STARTED.THE FIRST THING WE HAVE TO DO IS GATHER NETWORK INFORMATION AND THEN WE ARE GOING TO START TO ATTACK THE NETWORK. THIS PARTICULAR COMPUTER IS CONNECTED TO A NETWORK BUT AS PER THE CYBERSECURITY LAB, MENTIONED BEFORE.ITH SIGNIFICANT INFRASTRUCTURE ALL VIRTUALIZED KIND OF LIKE VEGAS WE CAN DO WHATEVER YOU WANT THERE. WE CAN ATTACK SYSTEMS AND BREAK THEM. IT’S THINKING. ALL ITS THINKING ÃWHAT’S THAT? THIS IS ACTUALLY WHAT IT’S LIKE. WE DO THIS TAX AND IT TAKES NO TIME. WE ACTUALLY SPENT MANY HOURS PUTTING THIS TOGETHER SO IT WOULD RUN SMOOTHLY.ND IT’S NOT. BUT IT WILL. TRUST ME. LET ME TALK ABOUT THE PROGRAM TO KILL SOME TIME. MONTGOMERY COUNTY COLLEGE PROGRAM WE HAVE A TWO YEAR DEGREE IN CYBERSECURITY NETWORKING. WHAT WE TEACH OF THE TECHNICAL TOOLS BOTH MIKE AND CLARK REFERRED TO EARLY FOR THE TECHNICAL SKILLS. HOW DO YOU BUILD NETWORK SECURE AND SECURE SYSTEMS AGAINST AN ATTACK. AS THEY POINTED OUT, THE REAL TARGET IS THE DATA THESE COMPANIES HAVE. THEY MENTIONED HOW THE LARGE COMPANIES, YOU WOULD THINK OF THEM AS A TRUNK COMPANY BUT THEY HAVE TONS AND TONS OF DAT . THE REAL TREASURE CHEST, TREASURE TROVE IS THE DATA. THAT’S WHAT EVERYBODY IS ASKING. AS A USER AT HOME YOU WANT TO PROTECT YOUR OWN SYSTEMS, BUT WHAT ATTACKERS TEND TO GO AFTER OUR USERS WITHIN ORGANIZATIONS. THEY WANT TO GAIN ACCESS TO YOUR COMPUTER BECAUSE YOU MAY HAVE SOMETHING OF VALUE, SOMETHING OF INTEREST TO THEM THROUGH THE REAL TARGET WILL BE THAT NETWORK YOU ARE CONNECTED TO. A COMMON ATTACK IS CALLED A PIVOT WHERE I CAN ACCESS AND I USE THAT MACHINE TO GAIN ACCESS TO ALL THE OTHER MACHINES ON THE ORGANIZATIONS NETWORK AND POSSIBLY GET THE CREDENTIAL SO I CAN GAIN ACCESS TO NEW INFORMATION. WHAT WE ARE DOING NOW HERE IS Ã WHAT CHRIS IS DOING HERE IS STARTING UP THE ENUMERATION. IS CONNECTED TO A NETWORK AND HE WILL SCAN THE NETWORK AND HE’S GOING TO FIND HOSTS CONNECTED TO THE NETWORK WITH THIS TOOL WILL ALSO BE ABLE TO DETERMINE WHAT VULNERABILITIES THESE SYSTEMS MAY HAVE. THIS USUALLY TAKES A COUPLE SECONDS, A COUPLE MINUTES HERE. BUT WHAT YOU WILL SEE HERE IS THE SCREEN WILL START POPULATING WITH SYSTEMS CONNECTED TO THE NETWORK. IT WILL IDENTIFY THE OPERATING SYSTEM AND IT WILL IDENTIFY SOME OF THE THINGS RUNNING ON THOSE DEVICES AND BY KNOWING WHAT’S RUNNING WE CAN DETERMINE WHAT MAY BE VULNERABLE, AT WHICH POINT WE CAN BEGIN OUR ATTACKS. TAKES ABOUT TWO MINUTES. MONTGOMERY COLLEGE IS A TWO-YEAR PROGRAM IN CYBERSECURITY NETWORKING AND WE WILL HEAR A LITTLE BIT LATER ABOUT THE PROGRAM. THEY HAVE A FOUR YEAR DEGREE IN CYBER AND WE HAVE A GREAT ARRANGEMENT WITH THEM. THEY HAVE A CONTINUATION SCHOLARSHIP, RIGHT? CONTINUATION SCHOLARSHIP. I CAN’T KEEP ALL THESE WORDS STRAIGHT. GRADUATES MONTGOMERY COUNTY AND ANY COMMUNITY COLLEGE TRANSFER HERE AND THEY GET A GREAT DEAL. YOU WILL LEARN ABOUT THAT IF YOU GO AND SPEAK WITH THE COUNSELORS AND ADVISERS HERE. THERE IT IS. SO NOW WE HAVE IDENTIFIED ALL THE SYSTEMS ON THIS NETWORK AND WE HAVE EVEN FOUND SYSTEMS THAT ARE VULNERABLE. SO NOW WHAT CHRIS IS GOING TO DO IS HE’S GOING TO TARGET ONE OF THESE MACHINES AND GAIN ACCESS TO THAT MACHINE . NOW, YOU MAY HAVE HEARD ÃI DON’T KNOW IF ANYBODY HAS HEARD THE TERM SCRIPT KEATING. A LOT OF THESE TOOLS ARE AVAILABLE, UNFORTUNATELY THERE ARE SOME PEOPLE WHO WILL TAKE THESE TOOLS AND TARGET SYSTEMS, TARGET NETWORKS. WE CALLED SWIFT KIDS BECAUSE THEY DON’T KNOW WHAT THEY ARE DOING AND UNDERSTAND WHAT’S GOING ON. THIS IS A TOOL THAT AUTOMATES A LOT OF THE ATTACKS, MAKES IT EASIER TO IDENTIFY SYSTEMS THAT ARE VULNERABLE AND HOW THEY MAY BE ATTACHABLE. SO AT THIS POINT CHRIS HAS IDENTIFIED THE MACHINE THAT IS VULNERABLE AND HE’S GOING TO EXERCISE ONE OF THE ATTACKS AGAINST IT, AT WHICH POINT HE WILL HAVE ACCESS TO THE MACHINE AND HE CAN DO PRETTY MUCH WHATEVER HE WANTS ON THE MACHINE. AS YOU CAN SEE, THE PENGUINS ARE ASSOCIATED WITH THE LENOX OPERATING SYSTEM BOOT WHAT THE TOOL HAS DONE IS IT IS DETERMINE THE OPERATING SYSTEMS OF THESE MACHINES. YOU CAN SEE THE ONES OBVIOUSLY WINDOWS, THE ONE HE’S WORKING WITH RIGHT NOW IS A LENOX MACHINE. THE TOOL HAS IDENTIFIED WHAT IS VULNERABLE AND NOW BY SIMPLY EXERCISING A COUPLE COMMANDS HE NOW HAS ACCESS TO THE MACHINE THAT HE IS ROOT ACCESS. SO NOW HE CAN DO WHATEVER IT IS HE WOULD LIKE TO DO ON THAT MACHINE. EVEN WITH THE DELAYS IT TOOK US A COUPLE MINUTES, TOOK HIM A COUPLE MINUTES. “IN THE REAL WORLD IT TAKES A LITTLE LONGER WHEN WE HAVE TO DO IS GAIN ACCESS TO THE NETWORK, BUT ONCE AGAIN ACCESS, WHICH IS NOT THE HARDEST THING TO DO, ENUMERATING NETWORKS AND GETTING ACCESS IS NOT THAT DIFFICULT. NOW WE ARE GOING TO SWITCH GEARS AND SWITCH ATTACKERS WHEN WE WENT FROM KRISTA JASON. ONE OF THE COMMON THREAT VECTORS, AS WE CALL IT, FOR USERS FORGET SPAM, GET EMAIL WITH A LINK OR A FILE AND IT. OUR ATTACKER JASON IS TARGETING OR VICTIM, DAN, AND HE HAS SENT DOWN AN EMAIL AND THE EMAIL IS A LINK, OR IF YOU HAVE YOUR EMAIL UP THERE YET? SO THIS MAY BE HARD FOR SOMEONE IN BACK SEE, BUT DAN IS LOOKING AT HIS EMAIL. HE GOT AN EMAIL FROM JASON OVER HERE. LOOKS LIKE IT WAS CAME FROM MONTGOMERY CYBER CENTER. WE HAD COMPETITIONS WE HOLD AS WELL AS OTHERS IS ALSO SENT HIM A LINK TO DOWNLOAD A PDF YOU WILL CLICK ON THE LINK AND OPEN UP THE PDF IS VERY INFORMATIVE AND HELPFUL. NOW DAN IS GETTING A DOCUMENT THAT AND IT HAS THE HACKER PLAYBOOK. THIS IS A COMMON BOOK USED BY SEVERAL CLASSES WERE WE TEACH THE TOOLS HACKERS USE PRETTY WILL OPEN THIS UP BUT THERE YOU GO. HE’S NOW GOT ACCESS BUT HE’S LOOKING AT THE HACKER PLAYBOOK IN PDF FORM. WELL, THE INTERESTING THING WAS THE EMAIL THAT WAS SENT TO HIM INCLUDED THE LINK, BUT IT WAS A PDF FILE HAD MALWARE EMBEDDED IN IT. WHEN HE CLICKED ON IT BUT WHAT HAPPENED OVER HERE WAS JASON WAS ABLE TO CREATE A WERE REVERSED SHALL, REVERSE PCP CONNECTION. MANY ORGANIZATIONS, YOUR HOME COMPUTERS IN YOUR HOME FIREWALLS ALLOW YOU TO CONNECT FROM YOUR COMPUTER OUT TO THE INTERNET. FIREWALL IS GOING TO BLOCK ANYONE TRYING TO CONNECT INTO YOUR MACHINE. SAY WITH ANY CORPORATE ORGANIZATION. WHAT WE HAVE BEEN ABLE TO DEMONSTRATE HERE, OR WHAT JASON HAS BEEN ABLE TO DO HERE. BY HAVING DAN, THE VICTIM FROM OPEN FILE. HE CREATED A REVERSE CONNECTION. SNOW HIS MACHINE CREATED AN OUTBOUND CONNECTION TO JASON’S MACHINE. AND BY DOING SO JASON IS ABLE TO CONNECT AND GAIN ACCESS TO HIS MACHINE DO PRETTY MUCH HOWEVER HE WANTS. TRYING TO FIND ANY INFORMATION WITH THE DATA THAT MAYBE HIS IMPORTANT PERSON IN HIS ORGANIZATION. OR MAYBE HE IS ON A LARGER NOTE ÃSORRY. ON A LARGER NETWORK THAT HE HAS ACCESS TO DATA FROM THE ORGANIZATION. NOW JASON IS CONNECTED. DAN DOESN’T KNOW HE’S NOT ANY THE WISER. IS LOOKING SEE WHAT HIS COMPUTER NAME IS, WHAT VERSION OF THE OPERATING SYSTEM IS RUNNING. FOR THE NEXT THING IS HE WOULD CREATE HIMSELF FROM ACCOUNT ON THE MACHINE AND ACCESS WHATEVER HE WANTS WITHOUT DAN BEING ANY THE WISER OR THE ORGANIZATION HE WORKS FOR. NOW AGAIN, THESE TOOLS ARE NOT TOOLS YOU SHOULD RANDOMLY PLAY WITH BECAUSE THEY CAN BE QUITE DANGEROUS AND BREAK MACHINES, BUT SHOULD YOU DECIDE TO PURSUE A DEGREE WILL UNDERSTAND WHAT ALL THIS MEANS FOR THOSE OF YOU WHO MAY NEW TO THIS FIELD. AND WHAT HE’S DOING NOW, HE WILL START DUMPING USER NAMES AND OTHER INFORMATION ON THE SCREEN SO HE CAN POSSIBLY ATTACK OTHER MACHINES OR OTHER USERS WITHIN THAT ORGANIZATION. AND AGAIN, THE TARGET REALLY DOESN’T KNOW ANY OF THIS IS HAPPENING. SORRY ABOUT THAT. WE ARE GOING TO MOVE ALONG HIM FOR THE NEXT THING HE WOULD DO IS CREATE A SESSION IN THERE AN HISTORIC ACCOMPLISH THAT. TO SAVE SOME TIME, WE WILL MOVE ON TO OUR NEXT THING. WE WILL CHANGE GEARS A LITTLE BIT HERE. WE’VE TALKED ABOUT THE TOOLS YOU WILL LEARN ON EITHER OF OUR PROGRAMS FOR THE NEXT THING WE WANT TO LOOK AT IS