U.S. Cyber Command Selects University of Maryland Global Campus for New Academic Engagement Network

Network Schools Support USCYBERCOM in Promoting Cybersecurity Workforce Growth and Collaborate on Research and Analytics 

Adelphi, MD (April 25, 2022) — The U.S. Cyber Command (USCYBERCOM) has selected University of Maryland Global Campus (UMGC) to join its Academic Engagement Network (AEN), a select partnership of more than 80 colleges and universities throughout the United States tasked with supporting the USCYBERCOM mission of promoting cybersecurity workforce growth and collaborating on research and analytics. 

“The selection of UMGC as an inaugural member of the USCYBERCOM Academic Engagement Network aligns with our goal of preparing a more diverse, robust and qualified pool of cyber professionals for today’s workforce,” said Douglas Harrison, vice president and dean of the School of Cybersecurity and Information Technology at UMGC. “With a proud heritage of offering award-winning, flexible academic programs and services for active-duty military service members, veterans, and families, we are particularly honored to help the USCYBERCOM strengthen the Department of Defense (DoD) cybersecurity capabilities.” 

UMGC is one of 84 civilian and military academic partner institutions forming the network. Other AEN partners include the U.S. Naval Academy, National Defense University, and the U.S. Army War College. 

Along with the other AEN partners, UMGC will assist the DoD in fortifying its cybersecurity capabilities and expertise, and engage with USCYBERCOM in cyber-related applied research and analytics to provide insight into our adversaries’ cyberspace activities and help USCYBERCOM identify key issues and responsibilities in national security and cyber operations. 

About University of Maryland Global Campus

Celebrating its 75th anniversary in 2022, University of Maryland Global Campus is a world leader in innovative educational models with award-winning online programs in biotechnology, cybersecurity, data analytics, information technology, and other high-demand disciplines in today’s increasingly technical, global workplace. With an enrollment of some 90,000 students, UMGC offers open access with a global footprint and a specific mission—to meet the learning needs of students whose responsibilities may include jobs, family, and military service. The university offers both undergraduate and graduate degrees and certificate programs, including doctoral programs. A pioneer in distance education since 1947, UMGC is harnessing the power of learning science and technology to deliver accessible high quality, low-cost higher education.

UMGC Takes Third Place in a Strong Field at the Hack the Port 22 Maritime Cybersecurity Competition

Adelphi, MD — The University of Maryland Global Campus (UMGC) cybersecurity competition team earned a bronze award at the Hack the Port 22 Virtual and Live Maritime and Control Systems Cybersecurity event, finishing behind first-place Northeastern University and second-place Texas A&M University. For its accomplishment, the UMGC team was awarded a monetary prize of $3,000. 

The event, which took place in Fort Lauderdale, Florida, from March 21-25, was hosted by the U.S. Cyber Command and its innovation and prototyping partner, DreamPort. The competition featured teams from more than 30 universities nationwide.

Jesse Varsalone, associate professor of cybersecurity technology, coached the five-member UMGC team. Team members were Joshua Taylor and Artem Asoskov, undergraduate students majoring in computer network and cybersecurity; Scott Horner, an undergraduate majoring in Business Administration; Raiden Redila, an undergraduate in cybersecurity policy and management; and Team Captain Michael Frauenhoffer, a graduate student in the UMGC Cyber Operations Program. 

“It’s notable that all five UMGC team members have earned their CompTIA Security+ certification and two-thirds of the team is currently working in the field of cybersecurity, which puts us in a strong position for success,” said Varsalone. 

During the event, teams either chose to participate as attackers, known as “red teams,” or defenders, known as “blue teams.” Red teams attacked the critical infrastructure of the port, including gates, trains and ships. Blue teams tracked down and thwarted the actions of the attackers. 

“We chose to defend primarily because a large majority of the jobs in the field are associated with defending networks, so establishing that position offers our students an opportunity to gain real-world experience that best reflects the cybersecurity professional landscape,” said Varsalone. 

Participating schools included Bowie State, Florida Institute of Technology, Fordham University, Georgia Institute of Technology, Kennesaw State University, Naval Postgraduate School, New York University, Norfolk State University, Northeastern University, Pennsylvania State University, Stevens Institute of Technology, Texas A&M University, The Citadel, Towson University, and the United States Naval Academy, among others. 

Established in 2012, the UMGC cybersecurity competition team is composed of students, alumni, and faculty who compete regularly in digital forensics, penetration testing, and computer network defense scenarios that help them gain experience to advance their cybersecurity careers. To prepare for competitions, students detect and combat cyberattacks in the university’s Virtual Security Lab and work through case studies in an online classroom. 

Through its history, the UMGC team has received numerous top honors, including recent first-place finishes in the 2021 Maryland Cyber Challenge and the 2020 MAGIC, Inc. Capture the Flag competition and a second place finish in the 2012 Global CyberLympics.

About University of Maryland Global Campus

Celebrating its 75th anniversary in 2022, University of Maryland Global Campus is a world leader in innovative educational models with award-winning online programs in biotechnology, cybersecurity, data analytics, information technology and other high-demand disciplines in today’s increasingly technical, global workplace. With an enrollment of some 90,000 students, UMGC offers open access with a global footprint and a specific mission—to meet the learning needs of students whose responsibilities may include jobs, family and military service. The university offers both undergraduate and graduate degrees and certificate programs, including doctoral programs. A pioneer in distance education since 1947, UMGC is harnessing the power of learning science and technology to deliver accessible high quality, low-cost higher education.

Gender Diversity in Cybersecurity Starts with Early Education and Overcoming Biases

Historically, women’s path to STEM-related careers has been challenging, whether through unconscious bias, lack of early education and mentoring, or work-life balance hurdles. According to the latest research by the non-profit cybersecurity certification group (ISC)2, men continue to dramatically outnumber women in the field—only 24 percent of cybersecurity professionals are female—and pay disparity persists.  Still, there was a bright spot: The report found that women in the field are earning leadership positions in higher numbers. 

What is the most effective way to close the gender gap in cybersecurity? Loyce Pailen, Valorie King, and Tamie Santiago, members of the UMGC School of Cybersecurity & Information Technology faculty, share their thoughts and experiences.  

 Loyce Pailen, D.M., senior director of the Center for Security Studies, believes that embedding cybersecurity into media and popular culture will lead to early education and increased diversity. 

I firmly believe that early cybersecurity education, which incorporates the interdisciplinary nature of cyber-related topics and careers, will help increase gender diversity in cybersecurity through expanded exposure in all media, with special emphasis on social media. Political agendas, daily news about cyber breaches and personal injury from cyberattacks will force more people to engage and focus on the cyber concerns of the future. 

These forces will energize our society to put more emphasis on cyber in elementary and secondary schools on both the technical and non-technical sides. To support this effort, we need to see cyber make it to the forefront of our minds through media and popular culture that includes diverse players in multidisciplinary careers. TV shows and social media are featuring more cybersecurity themes today, which will engrain some of the concepts.

 Professional mentors helped Valorie King, Ph.D., director of UMGC’s Cybersecurity Management and Policy Program, overcome education bias early on and work-life challenges later. 

Throughout my career, I was guided and mentored by a succession of managers, executives and senior executives—all women—in the U.S. Department of Defense. Following in their footsteps, I mentor women who are just starting out in the field. 

Early preparation in advanced math prepared me for college [and a B.S. in computer science]. However, 15 years into my career, motherhood-related work-life balance challenges derailed my career advancement. As a full-time mother, I made sure that my daughter had access to math, science and computer classes and resources that neither public nor private schools provided because STEM wasn’t yet a priority for girls. 

Re-entering the workforce was not easy and it took almost a year to find a well-paying job as a management consultant. Along the way, mentors helped me identify ways to update my technical and soft skills. My mentors also encouraged me to pursue a master’s degree. During my degree program, peers supported me and provided a professional network that led me to my next career fields, information assurance and later cybersecurity. I now lead an academic program where my duties allow me to continue mentoring and coaching cybersecurity professionals who are building and improving their skillsets through advanced studies and teaching in the discipline.

Tamie Santiago, M.S., D.B.A., collegiate professor in the School of Cybersecurity & Information Technology, maintains that we must overcome unconscious biases if we’re going to close the gender gap.

Unconscious biases often lead to conclusions that frame inquisitiveness as nosiness, curiosity as potentially self-destructive, and the gift of organizing and leadership as being “bossy.” A girl or woman who is investigative is often considered “nosy or a busybody.” One who has great attention to detail and organization is thought of as “controlling.” Someone who demonstrates the gift of problem-solving may be considered a trouble-maker, while another who has a fascination with the mechanics and methods of things may be looked at as being weird. 

However, these are the very skills and traits needed in the cybersecurity field. The making of great digital forensic experts, data analytic scientists, cyber technologists, and management and policy professionals all draw from the strength of these talents. 

How do we overcome these gendered biases? Mentors who can observe and correctly discern the importance of raw talent and the gifts in others will recognize the hidden biases in language and labels and will know how to avoid or dismiss them. Young women and girls who are fortunate enough to be mentored will see a future far greater than otherwise imagined. 

Mentees value mentors with whom they identify or have shared values. They also feel a sense of connection to mentors who positively challenge them academically and in discovery. I should know—I’m one of them! Correctly harnessing, properly directing and creatively exposing young women and girls often and early to the field of cybersecurity are key success factors.

With demand from both the public and private sectors, cybersecurity is one of the fastest-growing career sectors. According to the Bureau of Labor Statistics, employment of information security analysts is projected to grow 33 percent from 2020 to 2030, much faster than the average for all occupations. With a median pay of $103,590 (as of March, 2020), combined with growth in the frequency of cyberattacks, demand for information security analysts is expected to be very high. Initiatives to eradicate bias, promote early education and encourage mentorship are vital to supporting women in this field, now and in the future. 

Degree in Cybersecurity Opens a Door to Space Exploration for Rachel Jones 

Growing up on a farm near the Coca-Cola Space Science Center in Columbus, Georgia, Rachel Jones always looked forward to Astronomy Night. That’s when she could gather with other stargazers. It was then, pondering the unknown, that she fell in love with outer space.  

“It’s pretty normal for kids to go through a space phase,” she said. “For me that phase never stopped.”  

Fast forward to Dec. 10, 2021, when Jones officially introduced her space dream to a new generation. On that date, she culminated a year-long project by helping 10 students at Savannah River Academy in Georgia talk to an astronaut on the International Space Station using the ARISS (Amateur Radio on the International Space Station) Program. Over 200 people attended the event, and Jones’s coordination with the local community enabled 2,000 others to live stream the conversation.  

The project had begun two years earlier with Jones reaching out to schools, completing an application, designing a curriculum, teaching students and, ultimately, coordinating a large-scale event.  

Jones knew early on that she wanted to pursue a career in outer space, but her path was circuitous. After a stint at a community college in Florida, she graduated from LaGrange College, not with a STEM-related degree, but as a political science major with a minor in graphic design. However, internships with NASA and former Sen. Bill Nelson, the second sitting member of Congress to travel into space and current NASA administrator, allowed her to keep her dream in sight.  

After college, Jones worked as a graphic designer and then traveled to China to teach English. In China, she used Google to search for universities that offered programs about outer space and discovered the International Space University near Strasbourg, France. She was accepted into its Master of Space Studies (MSS) program, keeping her space dream alive.  

It was during her graduate program that Jones had an “aha” moment. Through a thesis project that involved security breaches of space assets, she discovered a love for cybersecurity and realized she could combine this with her passion for space.  

“I focused on the cybersecurity of what’s called a ‘ground station,’” she said. “I never knew before where I’d fit in with outer space, but I knew I loved it, and so this was the moment I realized this was my niche.”  

After several job searches, Jones discovered that her newfound interest in cybersecurity was not enough to get a job in the field, especially without a degree or certifications. Eventually, she landed a civilian position with the U.S. Air Force in Washington, D.C. After three years, she transferred to San Antonio. There, she worked toward a second master’s degree—in intelligence, focusing on cyber. She was fortunate to join a cybersecurity group, and within that group even more fortunate to meet her future husband.  

After her husband transferred from the Air Force to the Army, the couple relocated to Fort Gordon in Augusta, Georgia. During the onset of the COVID-19 pandemic, Jones embarked on her fourth degree, the one that would move her closer to her career goal. She expects to complete that Bachelor of Science in Cybersecurity from UMGC this spring. 

“I know this will help me prepare the certifications I need to advance my career,” she said.  

If that’s not enough, Jones is also working toward a Ph.D. in aerospace sciences from the University of North Dakota. She expects a cybersecurity degree combined with an aerospace sciences degree will establish her as an expert in cybersecurity of space assets. 

The degrees will help her fulfill her dream, but it was the ARISS project with students at Savannah River Academy that brought home for her the importance of fostering a love of science at a young age.  

“I really didn’t have the mentorship to recognize what I wanted to do earlier in life,” she said, “so I want to make sure I provide that to others.”  

The Present and Future of Data Science: Five Questions for Elena Gortcheva  

University of Maryland Global Campus (UMGC) this year began enrolling students in its new Bachelor of Science in Data Science program. Offered through the School of Cybersecurity and Information Technology, the program is designed to meet the growing need for skilled data science professionals who can transform data into actionable insight.  

We caught up with Elena Gortcheva, UMGC professor and director of the data analytics program, for her thoughts about the field, the new program, and the future of data science.  

  1. Data science is in the news almost every day. What is it and how is it used in business decisions?   

We live in a data-driven society, flooded with data. Data science comes to the rescue by making sense of data. It provides expertise in how to manage and manipulate data; create data visualizations; build predictive models using different machine learning techniques, applying artificial intelligence and natural language processing techniques to get insights from free text, images and videos data; and make strategic data-driven recommendations to influence business outcomes.  

Large companies use data science in their everyday business. For example, Apple uses data to develop new products to meet their customers’ needs. Data science helps Amazon deliver the right products at the right time. And pharmaceutical companies like Pfizer use data science to develop new drugs and vaccines in a timely fashion. Data science helps local governments build smart cities to improve quality of life, and it helps streaming companies like Netflix build new products based on customer preferences.  

  1. What types of jobs does the B.S. in Data Science prepare students for?   

Data scientist is one of the most in-demand careers. Job demand exceeds supply by 50 percent and the shortage of skilled professionals is expanding. For the third year in a row, Glassdoor places data scientist in the top spot of the 50 best jobs in America in terms of salary, job satisfaction, and openings.  

Potential careers, among others, include data scientist, data analyst, business analyst, machine learning engineer, AI application developer, and cognitive analyst. Professionals in data science are essential in any organization, from federal and local government to private companies in just about any sector—finance, insurance, health care, social assistance, transportation, manufacturing, education, entertainment, food services, you name it. 

  1. What if I’m coming from a non-technical background? Can I succeed in the UMGC bachelor’s degree program in data science?  

Candidates from different backgrounds are well-suited for the program. Knowledge and experience in other fields, such as accounting, finance, health care, environment or industry are extremely important and useful in data science. The skills you’ve obtained from your work experience will supplement your newly acquired knowledge and skills in data science.  

You also are in the right place if you have no previous experience. You will learn about application fields through data used for course projects.  

The main prerequisite is that you love finding solutions to business and social problems and that you are willing to dedicate time to learn and to be an active, non-stop learner. This field provides the opportunity to work at the cutting edge of technology and its applications in any field or industry.  

  1. How does the UMGC program differ from other similar programs?  

There are several ways in which we believe we rise above other programs.  

  • We offer a skill-based curricula, designed on what emerged as the workforce needs of the industry. Additionally, we focus on application—the ability to do—as employers are looking for employees with hands on experience who are prepared to meet the challenges of today and tomorrow.  
  • Our program is multidisciplinary, involving both technical and managerial skills. This program is unique in preparing students with business, data analytics and computational competencies. The graduate will dominate the business operations of an organization and the information technology requirements necessary to ensure its viability and competency. The program culminates with capstone projects addressing real life problems from industry sponsors. 
  • Our program is cost effective. There are no additional fees for textbooks and software. Free access to all advanced data science software is made available in the cloud. 
  • All faculty have strong industry credentials in the field. Most of them are practitioners, with ample expertise in the field of data science and analytics, who bring their current relevant expertise to the classroom. 
  1. What are the emerging trends in data science? What does the future hold?  

Data science is impacting almost any industry. From the arts to science and healthcare, very soon data science, through machine learning (ML) and artificial intelligence (AI), will be at the center of every major technological system in the world. For example, during the pandemic ML/AI helped accelerate the development of the Covid 19 vaccine by using powerful deep learning algorithms to predict protein folding. In the future, data science will permeate every aspect of health care, from providing clinical decision support for disease diagnosis and patient care delivery to developing new and more effective drugs and vaccine. We also will see data science play a significant role in helping the blind through the ability of ML to leverage sensors in smartphones as well as Bluetooth radio waves to determine the location and provide detailed information that the visually impaired need to explore the real world.  

UMGC Recognized for Academic Excellence in Cybersecurity 

Adelphi, Md. (Feb. 14, 2022)—The National Security Agency (NSA) Program Management Office has once again designated University of Maryland Global Campus (UMGC) as a National Center of Academic Excellence in Cyber Defense, singling out the university as a leader in cybersecurity education.  

Since April 2002, the U.S. Department of Homeland Security and the National Security Agency have consistently designated the UMGC as a leader in cybersecurity education.  

“Receiving the National Center of Academic Excellence designation validates the high quality of our cybersecurity-related programs,” said Helen Barker, department chair of the Cybersecurity program at UMGC. “The rigorous application process demonstrated our commitment to academic excellence in this area.”  

The announcement this month places UMGC among a select group of two-year, four-year, and graduate-level institutions nationwide to receive the prestigious CAE-CD distinction. It follows the recent approval of UMGC’s Master of Science in Cybersecurity Management and Policy as a recognized program of study with the NSA and Department of Homeland Security. 

The CAE-CD designation validates UMGC programs of study through the academic year 2027 and continues the university’s advancement at the forefront of teaching and training the nation’s cybersecurity workforce.   

“The designation reflects UMGC’s ability to meet the increasing demands of the program criteria to contribute to the protection of the national information infrastructure and address the critical shortage of professionals with cybersecurity skills,” said Dr. Loyce Pailen, senior director for the Center for Security Studies, which led the CAE Institutional and Program of Study redesignation process.  

The U.S. Bureau of Labor Statistics has forecasted a 32 percent growth rate in the cybersecurity industry through 2028, highlighting the critical importance of quality higher education in the field. Pailan said the 10-month process that resulted in the CAE-CD designation “was the culmination of a significant cooperative effort among many academic and administrative stakeholders at UMGC.”  

Since April 2002, the U.S. Department of Homeland Security and the National Security Agency have consistently recognized UMGC strength in cybersecurity education.  

“(UMGC’s) ability to meet the increasing demands of the program criteria will serve the nation well in contributing to the protection of the national information infrastructure,” said Karen Leuschner, national CAE program manager at NSA.  

The CAE-CD designation is awarded to regionally accredited academic institutions offering cybersecurity-related degrees including majors, minors, and/or certificates at the associate, bachelor and graduate levels. An applicant institution must show significant community involvement, academic activities, and institutional practices in cybersecurity, as well as have one or more programs of study under consideration that meet the CAE-CD requirements. 

UMGC Cyber Competition Team Concludes Fall 2021 Season with 1st Place Finish at Parsons CTF

Adelphi, Md. (Dec. 28, 2021)–The University of Maryland Global Campus (UMGC) cyber competition team placed first in a capture-the-flag (CTF) competition sponsored by Parsons Corporation, a global provider of cyber and converged security services.

The jeopardy-style event tested participants’ skills on a range of relevant topics, including network forensics, coding, web hacking, cryptography, analytics, penetration testing, malware analysis, algorithms and reverse engineering. Normally a face-to-face event, the team participated remotely due to ongoing pandemic restrictions.

“This win provides a nice bookend to a successful season, which started with a first-place finish at Parsons in October,” said Jesse Varsalone, associate professor of Digital Forensics and Cyber Investigations at UMGC and coach of the competition team. “The skills tested in this competition will help current and future team members gain the real-world experience they need to network with prospective employers and advance their cybersecurity careers.”

At the Dec. 7 event, which attracted cybersecurity professionals and students of all skill levels, UMGC scored 9912 points to beat out 11 other teams and take first place. The UMGC team included current students Tim Nordved and David Saez, along with UMGC faculty members Jesse Varsalone and Matt Harvey, an adjunct professor in the School of Cybersecurity & Information Technology.

Established in 2012, the UMGC cybersecurity team is composed of students, alumni, and faculty who compete regularly in digital forensics, penetration testing, and computer network defense scenarios that help them gain experience to advance their cybersecurity careers. To prepare for competitions, students detect and combat cyberattacks in the university’s Virtual Security Lab and work through case studies in an online classroom. Through its history, the team has received numerous top honors, including recent first-place finishes in the 2021 Maryland Cyber Challenge and the 2020 MAGIC, Inc. capture the flag competition and a second place finish in the 2012 Global CyberLympics.

About University of Maryland Global Campus

Celebrating its 75th anniversary in 2022, University of Maryland Global Campus is a world leader in innovative educational models with award-winning online programs in biotechnology, cybersecurity, data analytics, information technology, and other high-demand disciplines in today’s increasingly technical, global workplace. With an enrollment of some 90,000 students, UMGC offers open access with a global footprint and a specific mission—to meet the learning needs of students whose responsibilities may include jobs, family, and military service. The university offers both undergraduate and graduate degrees and certificate programs, including doctoral programs. A pioneer in distance education since 1947, UMGC is harnessing the power of learning science and technology to deliver accessible high quality, low-cost higher education.

Faculty Experts at University of Maryland Global Campus Predict Cybersecurity Trends for 2022 

Zero Trust networks, attacks on the metaverse, cooperative threat hunting, and more. Faculty members in the School of Cybersecurity & Information Technology offer their forecasts for the year ahead.  

The Metaverse Will Become More Vulnerable to Ransomware Attacks 

Jason M. Pittman, Sc.D., collegiate faculty, School of Cybersecurity & Information Technology 

We will begin to see ransomware attacks push into the metaverse, the burgeoning iteration of the internet that supports online 3-D virtual environments accessed through conventional personal computing, as well as virtual and augmented reality devices such as headsets. Specifically, these attacks will target social media influencers on Facebook, Instagram, and other platforms. Augmented reality brings with it a host of truly novel vulnerabilities. Cybercriminals will seek to exploit weaknesses in the devices that enable access to the metaverse, or even from within augmented reality itself.  

An Increase in Zero-trust Frameworks Will Help Security Architects Protect Cloud and On-site Premises 

James Robertson, Ed.D., Program Director, Cyber DevOps, School of Cybersecurity & Information Technology  

As the number of cloud migrations increase, understanding the shared responsibility model—between the security team and provider—continues to be problematic. Cloud migrations and environment updates happen on an increased timeline which, if not handled, can cause security controls to be missed or weakened. Authorization boundaries are often blurred or ill-defined in cloud development efforts leaving additional security gaps. Adopting a Zero Trust model, which incorporates many mechanisms, including the monitoring and logging of all network traffic at those authorization boundaries, will enforce controls for system and application access and protects data. 

Threat Intelligence Sharing and Cooperative Threat Hunting Activities Will Rise 

Valorie King, Ph.D., Program Director, Cybersecurity Management and Policy, School of Cybersecurity & Information Technology  

Threat intelligence sharing and cooperative threat hunting activities will increase in importance as businesses and government organizations seek to improve collaboration and proactively identify potential threats and sources of threats. Stand-alone defenses of an organization’s assets and infrastructures are no longer sufficient to prevent and deter attacks against digital assets and business processes. Additionally, phishing will become more subtle and focused as attackers increase their use of data analytics to target and manipulate specific individuals within organizations.  

  

Innovative Attack Methods Using Artificial Intelligence Will Expand the Threat Landscape  

Philip Chan, Ph.D., Adjunct Professor, School of Cybersecurity & Information Technology  

In 2022, the use of Artificial Intelligence (AI) will expand the cybersecurity threat landscape, bringing new dangers and altering the typical characteristics of threats. Attackers will employ new and highly innovative methods, notably Machine Learning (ML), which will enable cybercriminals to use AI to carry out more cyber and ransomware strikes. AI/ML techniques will generate more sophisticated phishing intrusions, pervasive ML email attacks and zero-day attacks on top of other well-known ransomware deployments. In the hands of cybercriminals, AI/ML can create significant harm as machine-learning and deep-learning techniques will make cyberattacks more accessible. The result? Faster, better-targeted, and more destructive assaults.  

Attacks on the Software Supply Chain Will Ramp Up, as Will Demands for Transparency  

Chris Hughes, Adjunct Professor, School of Cybersecurity & Information Technology  

Due to several high-profile software supply chain attacks, most notably SolarWinds, we will continue to see an increased focus on the software supply chain. With the Cybersecurity Executive Order, the evolution of the Software Bill of Materials, the Cybersecurity and Infrastructure Security Agency and emerging guidance from the National Institute of Standards and Technology, the software supply chain is one of the most talked-about subjects—and will continue to be so for the coming year. Software consumers are demanding increased transparency from software producers who, in turn, are eager to gain consumer trust. Organizations such as the Cloud Native Computing Foundation are hosting entire conferences that focus on the software supply chain. Emerging technologies and practices are being honed to provide never-before-seen levels of transparency in the software ecosystem.  

Brain-Computer Interfaces: A New Frontier for Hackers 

Guest author Jason Pittman, Sc.D., is a collegiate faculty member at UMGC where he teaches in the School of Cybersecurity and Information Technology. 

The potential of Brain-Computer Interfaces (BCIs) is enormous, from helping people with disabilities to improving work and personal performance but so, too, are the untold cybersecurity risks. 

The idea of using our brains to control a computer may seem far-fetched, even in science fiction. Yet, brain-computer interfaces (BCIs) are already commercially available. We can use a BCI to float a ball in mock Jedi fashion, enable the physically disabled to enter data into a computer, and academically plumb the mysteries of human-computer interaction. Indeed, companies such as OpenBCI and Emotive offer research-grade equipment. Manufacturers including Mattel and NeuroSky sell toy BCIs.  

The good news is these devices benefit millions of people today. The bad news is that BCIs provide three new frontiers for hackers.  

First, a little background about BCI technology. BCI technology is either invasive or noninvasive. Invasive BCIs measure neural activity from within the brain through some form of implant. While such methods are medically intrusive, the fidelity of recording is high since the sensors connect into neural clusters and can measure single-neuron activity. Noninvasive BCIs gauge neural activity using sensors placed on the scalp. Signal recording in noninvasive BCIs is broad because sensors can only measure clustered neural activity. Currently, all commercial BCIs are noninvasive except for some medical implementations, such as cochlear implants. 

The promise of BCIs is impressive, but the technology carries attack opportunities for hackers.  It is important to understand the cybersecurity of BCIs if we are to proactively prevent threats to this new frontier of innovation. We need to be ahead of the hackers willing to use it for nefarious outcomes.  

Malicious software. Malicious software—viruses, worms, and Trojans—have existed since the dawn of the internet. This software has one purpose: to cause harm and mayhem. Modern malicious software, or malware, leads to more than $20 billion in damages every year. On one hand, the concept of malicious software infecting a wired-up brain is scary. On the other hand, the concept of ransomware or malicious software that uses encryption to lock the brain is downright terrifying. 

Integrity. Our data and their transmission are the primary drivers of modern computing. With BCI, our thoughts become part of the operating landscape. As such, BCI data are subject to the same at-rest and in-transit problems as regular data. Just as normal data can be intentionally corrupted to cause harm to the integrity of the data, hackers will be able to corrupt or otherwise alter thoughts-as-data.  

Interception. An obvious vector for hackers is going to be reading our thoughts since BCI uses our thoughts as input to a computing system. Hackers can already do this with data flowing over a computer network. They can intercept and block or intercept and alter messages. Because a BCI transmits neural activity, we should expect that existing interception techniques apply. When this happens, no thought will be private or safe. 

We should not let the grimness of potential attack vectors dampen the great potential of BCI. We have conquered harder problems. Moreover, we are in a unique position to understand the threats before hackers start exploiting these vulnerabilities. But we need to begin now, and we need to take these frontiers seriously. 

Perseverance Pays Off for Couple Pursuing Careers in Cybersecurity and Health Informatics 

Shkelzen Deshishku and his wife, Teuta, came to the United States in 1999, just after the war in their home country, Kosovo, ended. The move forced both to leave family, jobs and university studies, but it never diminished either’s desire to earn a college degree. 

In his first years in the United States, Shkelzen, who goes by Xeni, worked in a series of jobs that included selling cars. Then he discovered University of Maryland Global Campus (UMGC) and realized he could work full-time while studying in a program that afforded him the flexibility he needed. Teuta found employment as a medical assistant. 

They settled into their new life and started a family that would grow to include four children now ranging in age from 6 to 19. They juggled work, school and home life. 

With patience and perseverance, Xeni obtained a Bachelor of Science in Cybersecurity in 2019. He went on to earn a Master of Science in Digital Forensics Cyber Investigation in May 2021. Meanwhile, Teuta moved up the ranks to clinical manager at the medical practice where she works. She obtained a B.S. in psychology from UMGC. 

“It was important for us to earn degrees so that our kids would see us as role models. In fact, I graduated a year before my oldest started college,” said Xeni. “I tell my kids that college might be difficult, but it’s a gift many people around the world aren’t able to obtain.

“‘Slow and steady wins the race’ became our motto,” he added.

For Xeni, a degree in cybersecurity culminated a lifelong interest in information technology. Teuta’s childhood enthusiasm about becoming a medical doctor evolved into an interest in psychology and the administrative side of the medical field. She is now pursuing a Master of Science in Health Informatics Administration at UMGC to advance her career as a clinical manager of electronic health record systems. 

Xeni now works as an information systems security officer at Synergy ECP, where he enjoys bringing new talent together to positively address challenges. 

Teuta also recognizes the cybersecurity risks inherent in her work. “It is important to keep health records secure, especially when considering all the cyber intrusions as well as ransomware attacks that are crippling the health care systems,” she said. 

Xeni aspires to become a special agent with a focus in digital forensics and cyber investigation, while Teuta has her eye on becoming a clinical informatics analyst. For both, the biggest challenge is time management. Through their pursuit of work-life balance, perseverance has emerged as the tool that keeps them focused and committed to the end goal. 

“A letter from my son at graduation showed me that our greatest achievement is not necessarily our degrees, but the example and the expectations we set for our children,” said Xeni.