Careers & People

7/31/2015
12:00 PM
Marilyn Cohodas
Marilyn Cohodas
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Cyber Boot Camp: Lessons Learned

What happens when 50 young people spend a week in the trenches with cybersecurity researchers from ESET? One picture is worth a thousand words. Here are seven.
Previous
1 of 7
Next

Source: ESET
Source: ESET

Today’s young adults are growing up in a world where computers are essential to the way we live, where data breaches seem to be a weekly occurrence, and the world’s top businesses ward off cyber attacks daily. Solving the STEM gap starts with taking young people with a demonstrated aptitude and interest in technology and giving them the opportunity to experience for themselves what it means to work in a particular field.

Cyber Boot Camp, an annual, week-long, intensive program sponsored by ESET, is one example of such an opportunity. It's a place where students get hands-on experience from experts in the field to find out what it means to be a cybersecurity professional. By educating young people early and often, ESET researchers say they help mold mindful citizens who can inform their family and friends and open their eyes to a career path they might not otherwise discover.

In June, more than 50 young people had the chance to get their hands dirty at ESET’s Cyber Boot Camp at National University and other sites in San Diego. These students learned skills and lessons every aspiring cybersecurity researcher needs to know. What follows are highlights and takeaways from the week, as recounted by the Boot Camp faculty.

 

 

Marilyn has been covering technology for business, government, and consumer audiences for over 20 years. Prior to joining UBM, Marilyn worked for nine years as editorial director at TechTarget Inc., where she launched six Websites for IT managers and administrators supporting ... View Full Bio

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
lynnbr2
50%
50%
lynnbr2,
User Rank: Strategist
8/7/2015 | 9:03:11 PM
Re: Real Problem: Bad Relations Practices By Tech Industry
I hope your cynicism doesn't rub off on your students. It's a fine line between a white hat & a black hat. Maybe even a few shades of grey fedora in there as well. 

Interesting that the students in the boot camp took a pledge. But the jury is out on pledges - virginity pledges for instance, don't seem to hold very long. Sure wouldn't want these guys ending up trying to stick it to the man.
GlennN075
50%
50%
GlennN075,
User Rank: Apprentice
8/6/2015 | 4:22:35 PM
Real Problem: Bad Relations Practices By Tech Industry
As a college instructor I see this problem first-hand, every time a recruiter approaches me for hot security students. They supposedly passionately want these people, but American students are not so stupid that they can't see the way American workers are discarded by a tech industry that's practicing extremely bad public relations.

I tell my students: Don't get a job, get a contract. Don't worry about hurting your employer because they are not worried about hurting you. Do what's best for you, not your boss or your company. The "honor system" only works one direction now, so be clear that what they expect from you is not what they will give you. Above all, be really, really good, so that THEY have to come begging to YOU.

Sorry to be so cynical, but as a 25 year veteran of IT and education, the reality is quite clear to me. The tech industry has brought this on themselves.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
8/3/2015 | 2:52:41 PM
Re: Fantastic!
Yes, this is a fantastic program on so many levels? Love to see more secuiry companies take on similar inititiaves! 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
8/3/2015 | 2:38:11 PM
Fantastic!
In security, user awareness is a huge facet. Getting to technology users in there earlier years will help reinforce the principles throughout their lifetime. This is a much better alternative than retroactively trying to impose security training to people set in their ways.
tzubair
50%
50%
tzubair,
User Rank: Apprentice
7/31/2015 | 10:51:44 PM
Re: Inspiring
"In a time when it seems like every cyber headline is about a new breach or about how fragile our defenses are, it's great to have a positive article for once."

I agree. I believe it's equally important to have all the positive news amidst all kind of reports related to cybercrimes and security breaches. A good journalist should give a holistic view of the environment and bring in enough positivity to cover the negative aspects circulating around.
Broadway0474
50%
50%
Broadway0474,
User Rank: Apprentice
7/31/2015 | 5:08:47 PM
Inspiring
Thank you for this post. In a time when it seems like every cyber headline is about a new breach or about how fragile our defenses are, it's great to have a positive article for once. Especially the part about closing the gender divide. That is what we will need to succeed with a mobile, hyperconnected and privacy-less world --- tapping into ALL of our human talent. Not just 49% of it.
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc.,  8/20/2018
Ohio Man Sentenced To 15 Months For BEC Scam
Dark Reading Staff 8/20/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10902
PUBLISHED: 2018-08-21
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possib...
CVE-2018-10932
PUBLISHED: 2018-08-21
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
CVE-2018-15660
PUBLISHED: 2018-08-21
** DISPUTED ** An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. If an attacker controls an application with accessibility permissions, then the attacker can read certain Ola Money data such as a credit card number, expiration date, bank account numbe...
CVE-2018-15661
PUBLISHED: 2018-08-21
** DISPUTED ** An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. If an attacker controls an application with accessibility permissions and the ability to read SMS messages, then the Forgot Password screen can be used to bypass authentication. NOTE: th...
CVE-2018-15481
PUBLISHED: 2018-08-21
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in the...