Cyber and Information Security

International Women’s Day Celebration Today

emdecker — Tue, 08 Mar 2022 20:24:38 +0000

International Women’s Day Celebration Today emdecker March 8, 2022

Today, March 8^th, is the annual observance of International Women’s Day, a day celebrating the significant impact of women to all aspects of our society. In addition to this single day observance, the entire month of March is also dedicated to honoring the influential women who have contributed to the important societal, economic, political, and cultural changes seen throughout history. This year’s themes are: Gender equality today for a sustainable tomorrow and #BreaktheBias. On social media, many are posting photos of themselves with arms crossed, symbolizing an “X”, as in X-chromosome and also “stop” the bias.

Taking time to celebrate these contributions is important to the empowerment and encouragement of women to seize opportunities in historically male-dominated fields. Diversity in these fields notably increases creativity and cultural insight, ensuring representation and engagement of all genders, as well as drives the advancement of STEM areas.

Over the month of March, Capitol Tech invites you to partake in our retrospective honoring the many amazing women who have contributed to innovations in STEM. The following biographies outline the lives of women who redefined their fields. From programmers, engineers, hackers, and celebrities, click through the links below to learn more about these pioneering women:

Amanda Finnerty: Director of Internal Operations for Commodore Builders
Danielle Dy Buncio: Co-founder and CEO of VIATechnik, a Construction Technology Firm
Rebecca Clark: Operations Executive for Skanska, a Global Construction Firm
Dr. Nina Tandon: Co-Founder of the First Company to Grow Human Bones for Reconstruction
Ada Lovelace: The Mother of Computer Programming
Hedy Lamarr: Star of the Silver Screen and Inventor of a WWII Changing Communications Device
Edith Clarke: A Trailblazing Leader for Women and a Pioneer in Computing and Engineering
Katherine Johnson: In Commemoration of the Mathematician and Computer Scientist Responsible for the first U.S. Moon Landing
Ana Sol Gutierrez: "I wouldn’t follow the role they attributed to me"
Kimberly Bryant: Accomplished Electrical Engineer and Founder of Black Girls Code
Sabrina Gonzalez Pasterski: The Young Woman Dubbed the “Next Albert Einstein”
Velma P. Scantlebury, M.D.: the first black female transplant surgeon in the U.S.
Mae Jemison: Doctor, Teacher, Founder of Two Technology Companies, and the First African-American woman in Space

Judith Milhon: Programmer, Civil Rights Activist, Hacker

Judith Love Cohen: Aerospace Engineer, Feminist, Actor Jack Black’s Mother

To read about past Capitol Tech Women’s Day celebrations, click here.

Categories: Cyber and Information Security, Data Analytics, Engineering Technologies, Computer Science, Artificial Intelligence and Data Science, Women in STEM

High-Performance Computing (HPC): Applications and Trends in Computer Science

emdecker — Mon, 07 Mar 2022 19:06:44 +0000

High-Performance Computing (HPC): Applications and Trends in Computer Science emdecker March 7, 2022

High-performance computing (HPC) is a relatively new application being used across many STEM fields of study. From bioinformatics and genetic research, to running artificial intelligence programs and space flight simulations, any instance where huge amounts of data and complex calculations need to be processed at high speeds is where HPC becomes not only useful, but necessary.

Typical computers cannot handle the amount of “big data” generated by, say, sequencing the human genome, which can produce several terabytes of complex data. This and other types of research often require the more heavy-duty computing seen with HPC. HPC setups are comprised of a system of servers using supercomputers equipped with powerful processors, graphics cards, and memory. According to IBM, these setups can be one million times more powerful than the fastest personal laptop. With HPC, the ability to correctly process large amounts of data is as important as the ability to do so quickly. But this comes at a price, as some trade-off between speed and processing is believed to be unavoidable. However, a team of computer science research students and professors at Massachusetts Institute of Technology (MIT) are now revisiting this issue and have developed a promising solution to this problem. Through their joint effort, they have developed a new programming language written specifically for HPC. And it all comes back to zeros and ones.

“Everything in our language is aimed at producing either a single number or a tensor,” explains MIT PhD student Amanda Liu. This is by using what they call “a tensor language” or “ATL”. Tensors are n-dimensional arrays, which replace the need to use one-dimensional vector objects and two-dimensional matrices, and allow for more complex dimensions to be computed. And while this language optimization already exists in some form as “TensorFlow” in the well-known R and Python software, MIT Assistant Professor of Electrical Engineering & Computer Science Jonathan Raglan-Kelly states that this language has been seen to cause slowdowns and complicate downstream optimizations, “violating the Cheap Gradients Principle”. According to Cornell University, this principle states that “the computational cost of computing the gradient of a scalar-valued function is nearly the same (often within a factor of 5) as that of simply computing the function itself…[and] is of central importance in optimization.” This is due to the way that programs like TensorFlow compute certain original functions against their gradient solutions. Thus, the need for a more specialized HPC language arose.

Liu explains “given that high-performance computing is so resource-intensive, you want to be able to modify, or rewrite, programs into an optimal form in order to speed things up.” This can be accomplished by the added framework toolkit that comes with their ATL language, which shows the ways in which simplified program conversion can be attained. A “proof assistant” is included as well, which expands upon the existing Coq language and helps guarantee that the optimization is correct by performing mathematical proofs.

While this language is still a prototype, there are indications that ATL could be the next avenue in HPC optimization, especially when approaching the more complex issue of cybersecurity in the HPC environment. Some emerging studies show promise in using tensor language decompositions in securing data in the cloud or on Amazon Web Services (AWS), but further research needs to be done in this area.

Want to learn more about our computer science, artificial intelligence, and cybersecurity program offerings? Visit our website to learn more about Capitol Tech’s diverse degree programs, or contact admissions@captechu.edu.

References:

Bernstein, G., Maria, M., Li, T., MacLaurin, D., and Ragan-Kelly, J. (2020). Dierentiating A Tensor Language. Arxiv. https://arxiv.org/pdf/2008.11256.pdf

Cornell University. (2018). Mathematics > Optimization and Control > Provably Correct Automatic Subdifferentiation for Qualified Programs. Arxiv. https://arxiv.org/abs/1809.08530#:~:text=The%20Cheap%20Gradient%20Principle%20(Griewank,to%20quickly%20obtain%20(high%20dimensional)

IBM. (2022). What is supercomputing technology? https://www.ibm.com/topics/supercomputing

Nadis, S. (7 Feb, 2022). A new programming language for high-performance computers. MIT News. https://news.mit.edu/2022/new-programming-language-high-performance-computers-0207

Ong, J., et. al. (2021). Protecting Big Data Privacy Using Randomized Tensor Network Decomposition and Dispersed Tensor Computation [Experiments, Analyses & Benchmarks]. Arxiv. https://arxiv.org/pdf/2101.04194.pdf

Categories: Computer Science, Artificial Intelligence and Data Science, Cyber and Information Security, Astronautical Engineering

A President's Day Celebration of Our STEM Leaders

emdecker — Mon, 21 Feb 2022 15:27:09 +0000

A President's Day Celebration of Our STEM Leaders emdecker February 21, 2022

It’s President’s Day here in the United States, a time to celebrate the past leaders of this country and all they have done to further develop it. This year, the Capitol Technology blog would like to celebrate by highlighting a few Presidents’ contributions to the fields of science, technology, engineering, and math (STEM).

According to reporter Christina P. Hooton of Fisher Scientific, there are plenty of presidents who contributed to what is commonly known today as STEM. John Adams, for example, made great medical strides during his presidency. “Perhaps one of his most lasting contributions is signing into law the Act for the Relief of Sick and Disabled Seamen. This… led the way for the present-day Department of Health and Human Services (DHHS), National Institutes of Health (NIH), and other federal health programs.” Franklin Roosevelt spearheaded government-funded research for cancer treatment. “The National Cancer Act of 1937, signed into law by President Roosevelt, led to the creation of the National Cancer Institute (NCI) and was the first time Congress provided funding for a non-communicable disease.” It is because of this act that chemotherapy exists, and that thousands of cancer treatment facilities across America get their funding.

One of the biggest leaps in the aerospace and astronomical fields is the moon landing of 1969, made possible by John F. Kennedy. He “set the goal of landing a man on the Moon and returning him safely to Earth by the end of the 1960s. Although his dream wasn’t realized until after his death, President Kennedy’s leadership inspired an array of people — from aerospace engineers to production workers — and set the stage for a number of successful space expeditions.” Just after Kennedy’s time, the push for environmentalism grew, and Richard Nixon signed several laws into place to help with this movement. These laws “include[d] the Clean Water Act, Clean Air Act, National Environmental Policy Act, Endangered Species Act, and the Marine Mammal Protection Act. He also proposed the establishment of the Environmental Protection Agency.” The various Acts and the EPA helped to curb the drastic pollution encroaching the nation, and continue to serve as regulators today.

The pursuit for a better environment and the development of medical technology was further expanded by Barack Obama, who created the Brain Research through Advancing Innovative Neurotechnologies (BRAIN). “The Precision Medicine Initiative aims to improve disease treatments by tailoring them to the unique characteristics of each individual’s genes, environment, and lifestyle. To further this work, the All of Us research program seeks to build a diverse health database with the help of one million U.S. citizens.”

The modern age of STEM would not be what it is without the effort of past American presidents. This President’s Day, take some time to learn about the countless other contributions our leaders have made, and reflect on what can be done to improve upon their actions.

Capitol Tech offers many opportunities in all STEM fields, where you can pursue careers to help pave the way to further science and technological development. To learn more about these programs, visit our website and peruse the various courses and degrees offered. Many courses are available both on campus and online. For more information, contact the Capitol Tech Admissions team.

Categories: Engineering Technologies, Astronautical Engineering, Cyber and Information Security

Google and Microsoft Investing Billions in Cybersecurity

amschubert — Mon, 11 Oct 2021 12:21:05 +0000

Google and Microsoft Investing Billions in Cybersecurity amschubert October 11, 2021

A quick search on the internet of ransomware trends will return thousands of articles on the increasing number of ransomware attacks and cyberthreats, estimated by Cybersecurity Ventures to reach $20 billion in cost of damages this year. It’s no surprise then to hear that two of the largest tech companies are making substantial investments in improving cybersecurity efforts.

In a meeting with the Biden Administration in August both Google and Microsoft pledged billions of dollars to further cybersecurity efforts.

“Google promised to invest $10 billion over the next five years on bolstering the security of software supply chains and open-source software, while Microsoft announced a $20 billion investment over the same time period (which represents a quadrupling of its prior planned spend),” writes Martin Giles in an article for Forbes.

One area of particular interest are supply chain attacks, which target the companies, hardware, and software that are used by tech giants to conduct their day-to-day business. These types of attacks can be especially difficult to detect and prevent.

To that effect, “Apple pledged to launch a new program to bolster security at its suppliers—including more than 9,000 businesses in the U.S.—that will include a greater emphasis on security training,” says Giles.

The cybersecurity skills gap is a major concern. In their annual report, “The Life and Times of Cybersecurity Professionals 2021,” the Information Systems Security Association (ISSA) and analyst Enterprise Strategy Group (ESG) stated that the cybersecurity skills gap is in its 5th year with little to no improvements shown.

“The top ramifications of the skills shortage include an increasing workload for the cybersecurity team (62%), unfilled open job requisitions (38%), and high burnout among staff (38%),” reports ISSA. “Further, 95% of respondents state the cybersecurity skills shortage and its associated impacts have not improved over the past few years and 44% say it has only gotten worse.

A number of tech companies are increasing efforts to fill the estimated nearly 500,000 vacant cybersecurity positions. IBM, Microsoft, and Amazon have all made pledges to address these gaps, shares Giles, including:

“IBM will train 150,000 people in cybersecurity skills over the next three years and will partner with more than 20 historically black colleges and universities to establish leadership centers that will help build a more diverse cybersecurity workforce.
Microsoft pledged to expand its partnerships with community colleges and nonprofits for cybersecurity training.
Amazon said it will offer to the public for free the same security awareness training that it offers its employees.”

Giles note that it’s important that these efforts extend beyond America. He noted that the Biden Administration is working with the G7 countries to hold nations accountable if they harbor ransomware criminals. The Administration is also working toward updating NATO’s cyberpolicy.

Want‌ ‌to‌ ‌learn‌ ‌about‌ ‌cybersecurity?‌ ‌View‌ ‌the‌ ‌full‌ ‌list‌ ‌of‌ ‌bachelor’s,‌ ‌master’s‌ ‌and‌ ‌doctorate‌ ‌degrees‌ ‌in‌ ‌cyber‌ ‌and‌ ‌information‌ ‌security‌.‌ ‌Many‌ ‌courses‌ ‌are‌ ‌available‌ ‌both‌ ‌on‌ ‌campus‌ ‌and‌ ‌online.‌ ‌To‌ ‌learn‌ ‌more‌ ‌about‌ ‌Capitol‌ ‌Tech’s‌ ‌degree‌ ‌programs,‌ ‌contact‌ ‌‌admissions@captechu.edu‌. ‌ ‌ ‌

Categories: Cybersecurity, Cyber and Information Security

Email Spoofing: What is it, how does it work, and how do we prevent it?

amschubert — Mon, 27 Sep 2021 17:23:20 +0000

Email Spoofing: What is it, how does it work, and how do we prevent it? amschubert September 27, 2021

Email phishing is not a new concept. Since email became a widely-used method of communication, unscrupulous individuals have been sending emails for fake lotteries, invented inheritances, and fake charitable schemes. Many of these types of scams were easy to identify by looking at the sender. However, as technology has advanced, so have phishing schemes—especially in the form of email spoofing.

What is it?

Email spoofing occurs when a sender “masks” the sender on an email so that it looks to the recipient like the message has come from someone they know and trust.

“When an email is sent, the From address doesn't show which server the email was actually sent from,” reports Hacker News in an article on email spoofing. “Instead, it shows the domain that was entered when the address was created so as not to arouse suspicion among recipients.”

That results in the recipient receiving an email from AuntJane@domain.com—matching the one that exists in your contacts—that isn’t actually your aunt at all.

How does it work?

Email spoofing is able to occur because of how emails are handled by client applications and email servers, says Hacker News.

“Outbound email servers have no way of knowing if the sender address is legitimate or spoofed,” says the article. “Therefore, email spoofing is possible because the email system used to represent email addresses provides no way for outbound servers to verify the legitimacy of the sender's address.”

This means that malicious users can write scripts to reconfigure some email applications to display the address of one user when it is sent by another. Hacker News reports that this level of script use is not an advanced skill, meaning that it can be used by more people even if they don’t have an expansive knowledge of coding.

How do we prevent it?

The threat of email spoofing, and other forms of phishing attacks, cost individuals and businesses vast amounts of money. And the number of email fraud attacks only continues to increase. Hacker News reported that in 2020, phishing attacks increased 220% during the peak of the global pandemic when compared to the prior year.

So what can be done to prevent this form of attack? Hacker News suggests implementing Domain-Based Message Authentication, Reporting, and Conformance (DMARC), an email authentication protocol.

“DMARC works with two standard authentication practices - SPF and DKIM - to authenticate outbound messages and provides a way to tell receiving servers how to respond to emails that fail authentication checks,” says Hacker News.

This strategy effectively blocks the unauthorized email from reaching the recipient, greatly reducing the number of spoofed messages from being sent successfully.

Cybersecurity experts need to stay on top of the latest trends in the industry in order to know how best to prevent them. Capitol Tech offers bachelor’s, master’s and doctorate degrees in cyber and information security with coursework focused on the latest techniques in fighting cyber attacks.

Many courses are available both on campus and online. To learn more about Capitol Tech’s degree programs, contact admissions@captechu.edu.

Categories: Cyber and Information Security, Computer Science, Artificial Intelligence and Data Science

Malware at the Olympics: cybersecurity pros weigh in

raherschbach2 — Thu, 15 Feb 2018 20:58:27 +0000

Malware at the Olympics: cybersecurity pros weigh in raherschbach2 February 15, 2018

If it wasn’t clear already, the weekend news out of Pyeongchang demonstrates it once more: nothing is immune from cyber attacks.

As the opening ceremony got under way, the official website for the Winter Olympics went offline. WiFi networks in the Olympic stadium and the press center crashed. Attendees found themselves unable to print out tickets or locate event venues. Reporters had difficulty filing their stories.

The likely culprit? Sophisticated “wiper” malware that was dropped into the network using stolen credentials. Once in, the malware harvested other logins and passwords, hijacked Windows tools used to scan the system, ran scripts and commands, and hid its tracks by cleaning out system and security logs,

“The timing and the nature of the attack suggest that the intent was primarily to embarrass the organizers of the Games,” says Dr. Mary Margaret Chantré, cybersecurity professor at Capitol Technology University. “Unlike many other cyber attacks, this one was not about theft of money or data. Rather, it appears intended to cause disruption and make problems for people during a high-visibility moment at the Olympics.”

On Monday (February 12), researchers from Cisco Talos Intelligence reported that the incident was likely carried out by someone with in-depth knowledge of the Pyeongchang network.

Those responsible “knew a lot of technical details of the Olympic Game infrastructure such as username, domain name, server name, and obviously password," wrote the researchers, Warren Mercer and Paul Rascagneres.

In addition to creating headaches and a potential public relations fiasco, the attackers may have had another motive, Chantre says. “The attack may also have been a way of demonstrating capabilities – of telling the world 'look what we are able to do. We can get into your networks and take them offline.'"

Want to help unmask cyber adversaries and fight attacks such as the Pyeongchang network breach? Consider enrolling in a cybersecurity degree program at Capitol Technology University. Capitol is an DHS and NSA-certified Center of Excellence in cybersecurity education, offering programs at the undergraduate, master’s and doctoral levels. For more information, contact the cybersecurity program at cybersat@captechu.edu

Categories: Cyber and Information Security

Capitol's cybersecurity programs to be showcased at NSA-sponsored event

raherschbach2 — Wed, 14 Jun 2017 18:46:00 +0000

Capitol's cybersecurity programs to be showcased at NSA-sponsored event raherschbach2 June 14, 2017

Cybersecurity professionals will gather at the Information Assurance Symposium (IAS) in Baltimore from June 19-21 to exchange knowledge and strategize ways of addressing today's emerging cyber threats. Capitol representatives will be on hand to inform participants about the university's pioneering programs in the field, including master's and doctoral programs that are offered online and tailored to working professionals.

"This is a very exciting event for us to be attending," said Xavier A. Richards, director of graduate recruitment. "It's hosted by the NSA and will have cybersecurity leaders, decision-makers and practictioners in attendance. The NSA has also invited international cybersecurity experts to this event, so participants will be engaging a global perspective."

During the symposium, Richards and her colleagues will help get the word out about the university's undergraduate and graduate programs in cybersecurity and the career-boosting opportunities that come with a Capitol degree. Capitol offers bachelor's and master's degrees in Cyber and Information Security as well as a doctorate in cybersecurity. Numerous post-baccaulaureate certificate programs are also available, including in Digital Forensics and Incident Handling, Secure Cloud Computing, Secure Mobile Technology, Secure Software Development and Security Management.

“One of the really outstanding things about our programs is the quality of our curriculum," Richards said. "It's practical and industry-oriented, with students gaining exposure both to theory and labs. We enable professionals to advance their skill sets and become thought leaders in their fields, addressing some of the most pressing concerns in the cybersecurity arena."

The master's and doctoral level programs are designed to accommodate the busy schedules of working professionals. Like all of Capitol's graduate degrees, these programs are offered online, utilizing a real-time, synchronous learning platform that replicates classroom conditions -- without requiring a commute.

"Our programs are very flexible," Richards said. "Professionals at all career stages can take our classes from anywhere in the world, as long as they have a computer connected to the internet. It's a very unique way to balance school and work and be able to do both at the same time."

Capitol was one of the first institutions of higher education in the country to offer graduate-level degrees in cybersecurity, as well as one of the first to offer cybersecurity degrees online. The National Security Agency and the Department of Homeland Security have designated the university as a Center for Academic Excellence (CAE).

“Having that CAE designation is very significant. It’s the gold standard for academic programs in the field,” Richards said.

"Students look for the CAE designation when they are considering their choice of schools, because they know it will unlock greater opportunities for them. They know the level of education they receive will be more reflective of emerging trends and the current standards, and that they will be taught by the very best,” Richards said.

Over 2,500 practitioners and leaders in the field are expected to attend the IAS, held annually by the National Security Agency's Information Assurance Directorate. Through a series of presentations, panel discussions, and training sessions, attendees will gain a thorough overview of emerging developments in this critical field.

The IAS will be held June 19-21 at the Washington Convention Center. More information here.

Categories: Cyber and Information Security, Cybersecurity