About the Program
Houston Community College fully endorses the NSA CAE2Y program and supports the HCC Cyber Center established under the HCC Digital and Information Technology Center of Excellence.
AWARD TYPES: Associate of Applied Science, Certificate Level 1, Certificate Level 2
AREA OF STUDY: Science, Technology, Engineering & Math
NSA and the Department of Homeland Security (DHS) jointly sponsor the National Centers of Academic Excellence in Cyber Defense (CD) Education (CAE-CDE), Two-Year Education (CAE-2Y) and Research (CAE-R) programs. The goal of these programs is to reduce vulnerability in our national information infrastructure by promoting higher education and research in CD and producing a growing number of professionals with CD expertise in various disciplines. Students attending CAE-CDE and CAE-R schools are eligible to apply for scholarships and grants through the Department of Defense Information Assurance Scholarship Program and the Federal Cyber Service Scholarship for Service Program.
Information Security, Security Incident Managemant - CSA Regulation May 2017
Computer Systems Networking - Cyber Security - AAS
Computer Systems Networking - Cyber Security Certificate Level 1
Computer Systems Networking - Cyber Security Certificate Level 2
General Requirements for Cybersecurity
Students will be able to:
The goal of the Network Systems and Cybersecurity is to train and educate students in the various technical areas associated with Computer Network Operations that encompasses Computer Network Defense, Computer Network Exploitation, and Computer Network Attacks.
Students will be able to:
- Understand the security fundamentals required to help safeguard computer networks;
- Implement wireless network security protections; Identify and counteract attacks on workstations, servers, and other networking devices;
- Identify vulnerabilities, discuss their resolutions, and generate vulnerability reports Install and utilize various security industry accepted tools.
- Install and configure firewalls and Virtual Private Networks.
In addition, please note that a student may only earn one Occupational Skills Award (OSA) per academic year.
TSI testing required prior to first enrollment for all AAS degrees and Level II certificates.
More Program Information
What is cyber security?
The technology and processes designed to protect all digital devices from attack, damage or unauthorized access. It is the fastest growing area in the Information Technology (IT) sector.
Why learn about it?
Under increased hacking threats and new homeland security policies, there is a growing national demand for cybersecurity professionals. It is estimated there will be a million and a half unfilled U.S. positions in cyber security within the next five years.
How does it work?
Cybersecurity professionals plan, coordinate, and maintain an organization’s security posture. They protect people, technology, and information from damage, theft, and improper disclosure.
Who can use cyber security?
Business owners need to understand the threats to their assets, and what defenses are available. IT workers must defend mobile devices, servers, workstations, and cloud resources.
With over a million and a half unfilled positions in cybersecurity/cyberdefense expected to be available in the next five years, job prospects in computer forensics, network analysis, network security, and computer protection are excellent. Students in our programs can transfer to universities for completion of baccalaureates or transition directly into the workforce.
Information & Publications
Stephen Miller's new book; for free!
CWW professor offers free e-book on SCADA Stephen Miller, associate professor and department chair of business and information systems at CWW member institution Eastern New Mexico University‹Ruidoso, has released his book Framework for SCADA Cybersecurity as an e-book that can be downloaded for free from the website Smashwords.com. The book is used as a class textbook in ENMU-Ruidoso's cybersecurity curriculum. The book explains the NIST Cybersecurity Critical Infrastructure Framework and how to apply it to new and existing SCADA applications and implementations. It was co-written by Richard H. Clark, a technical specialist and controls engineer at InduSoft concentrating on cybersecurity and third-party product integration.The e-book, available in epub, mobi (Kindle), and PDF formats, can be downloaded by following this link:
It's necessary to sign up for a free Smashbooks account in order to download Framework for SCADA Cybersecurity.
The Student Center is a repository for tools and other resources facilitated through the program academic partnership. Students need to request access through their instructors.
Cyber Defense Resources
National Science Foundation (NSF) Advanced Technological Education (ATE) Centers
The National Science Foundation (NSF) helped fund five National and Regional Advanced Technological Education (ATE) Centers in Security Technologies.
The mission of these centers is to improve the education of technicians who work in advanced technology industries that are important to the nation’s security.
The centers accomplish this by providing support to test innovations for teaching science, technology, engineering, and mathematics (STEM) to undergraduates and secondary school students, and the educators who teach them.
The organizations listed below offer a wealth of information and support for educational institutions and their students in the areas of Information Security and Cyber Defense.
- Advanced Cyberforensics Education (ACE)
- Cyber Security Education Consortium (CSEC)
- National Center for Security System and Information Assurance (CSSIA)
- National CyberWatch Center (CyberWatch)
- CyberWatch West (CWW)
Cyber Defense Awareness Resources
The most effective tool we have to defend our information and privacy against the growing attacks we are facing daily is knowledge. Below you will find links to a variety of resources that will allow you to participate in the protection of your country, community, family and yourself.
- DHS Stop.Think.Connect
- Center for Internet Security
- Multi-State Information Sharing and Analysis Center(MS-ISAC)
- National Institute of Standards and Technology (NIST) Computer Security Resource Center
- United States Computer Emergency Readiness Team (US-CERT)
- OnGuardOnline.gov: Videos, Media and Security Games
- CAE Community
Online TrainingAn online resource offering free cybersecurity and IT training courses that students can use at their own pace. Registering for a free account is required. Fees are charged for some options such as access to virtual practice labs for Microsoft, Cisco, CompTIA, VMware, etc.
Events & Activities
Mark Your Calendar For These Upcoming Events
26 Jan 2017
Consumer Privacy vs Data Mining: Issues with Smart Meter Data (1:10-1:50 pm ET) and
Defeating Malware Packing and Code Obfuscation Techniques (2:00-2:40 pm ET)
Mark your calendars and come join your friends in the CAE community for a Tech Talk. We are a warm group that shares technical knowledge. CAE Tech Talks are free and conducted live in real-time over the Internet, so no travel is required. You can attend from just about anywhere (office, home, etc.) Capitol Technology University (CTU) hosts the presentations using their online delivery platform (Adobe Connect) which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation(s).
Below is a description of the presentation(s) and logistics of attendance:
Date: Thursday 26 Jan 2017
Time: 1:10-1:50 pm ET
Just log in as “Guest” and enter your name. No password required. Title/Topic: Consumer Privacy vs Data Mining: Issues with Smart Meter Data Audience Skill Level: Intermediate, Advanced
Presenter(s): Vitaly Ford (Tennessee Tech University)
Smart Grid technologies have been revolutionizing the legacy power grid through advanced sensor networks, two-way communication capabilities, and immediate detection of outages. As a critical part of the Smart Grid, the Advanced Metering Infrastructure (AMI) can provide granular energy consumption data and report them to a utility company, utilizing electrical smart meters. This talk will address an intricate challenge in AMI concerning a protocol supporting consumer privacy protection within the energy consumption data analysis. We will discuss security issues in the existing AMI infrastructure and demonstrate how data can be secured in a privacy-preserving way without losing data mining opportunities. The proposed AMI protocol is based on a certificateless public key encryption that is used as a baseline for establishing a session key. Utility companies will be able to perform an energy consumption data analysis and maintain consumer privacy. At the same time, consumers will be able to retrieve their own data and keep their true identity anonymous. This talk will conclude with a discussion about various attacks on the protocol and address a novel energy consumption differential attack against consumers.
Date: Thursday 26 Jan 2017
Time: 2:00-2:40 pm ET
Just log in as “Guest” and enter your name. No password required. Title/Topic: Defeating Malware Packing and Code Obfuscation Techniques Audience Skill Level: Intermediate
Presenter: Josh Stroschein (Dakota State University)
Modern malware goes to great lengths to thwart detection and analysis during distribution, infection and operation. In this talk we’ll discuss common techniques used by modern malware to hide its intentioned functionality through packing, obfuscation and anti-analysis techniques. We’ll cover effective approaches that a malware analyst can use to peel back these layers and reveal the malwares true purpose. Topics include, but not limited to, reverse engineering, static and dynamic analysis, use of debuggers, and IDA Python.
CAE Tech Talks are also recorded Recordings of live presentations are posted to the website below: https://capitol.instructure.com/courses/510/external_tools/66
Pdf versions of the presentations are posted to the website below: https://capitol.instructure.com/courses/510/files
CAE Tech Talk events are advertised thru email and posted to the news and calendar section of the CAE community website: www.caecommunity.org
For questions on CAE Tech Talk, please send email to CAETechTalk@nsa.gov
#ChatSTC Twitter Chat: Managing Your Privacy in the Internet of Me[https://gallery.mailchimp.com/1cfc376f9f35e50eaea6eb1e0/images/e2646b27-51a7-43ea-b454-ce01a6dfccea.jpg]
Wednesday, Jan. 18, 3-4 p.m. EST/12-1 p.m. PST
Today, we are more connected than ever before, and by 2020 more than 30.7 million devices will be connected to the internet. Connected devices, which provide great convenience to our lives, are fueled by information about us, like our behaviors and preferences. Many of us may be unaware of how our information is being used, collected and shared. There are some things you can do to manage your privacy online. Join @STOPTHNKCONNECT and a panel of experts for a Twitter chat on managing your privacy in a growing “Internet of Me” world.
#ChatSTC Twitter Chat: Being #PrivacyAware is Good for Business
Wednesday, Jan. 25, 3-4 p.m. EST/12-1 p.m. PST
Consumers are paying closer attention to the value of their personal information and how to manage their privacy. To build trust, businesses must address customers’ preferences, needs and concerns about privacy by being transparent about their collection, use and protection of consumer data and providing easy to use privacy and security tools. This #ChatSTC Twitter chat will help you understand how privacy is good for business and the steps your organization can take to respect privacy, safeguard data and enable trust.
SAVE THE DATE: Official Data Privacy Day Event [https://gallery.mailchimp.com/1cfc376f9f35e50eaea6eb1e0/images/39566377-9eff-4189-90dc-b7f36a0b2d16.png]
Thursday, Jan. 26
Twitter HQ, 1355 Market Street, San Francisco, CA
Data Privacy Day will be recognized with a daylong event featuring panels, TED-style talks and interviews focusing on the latest privacy issues impacting you and your company. Limited space is available to attend in person, and the event will also be livestreamed. Additional details to come.
#ChatSTC Twitter Chat: Be a #CyberAware and #PrivacyAware Shopper This Holiday Season
Wednesday, Dec. 7, 3-4 p.m. EST/12-1 p.m. PST
The holidays are quickly approaching, and shoppers are visiting their favorite websites to buy gifts for friends and family. When shopping online this season, it’s important to remember to STOP. THINK. CONNECT.™ This #ChatSTC Twitter chat will discuss cybersecurity and privacy as they relate to buying gifts online and share how you can avoid scams, safeguard your personal information and enjoy a more safe and secure holiday shopping season.
September 8th, 2016
Come join us this September 8th at 5:00 pm at the Houston Technology Centerin Midtown and come grab a drink with our guest speaker:Arthur Conklin - Director of the Center for Information Security Research and Education - University of Houston.
Topic: Why OT is not IT and what this means.
Operational technology is the "IT" system used to control critical infrastructure and many physical systems. It may seem like another IT system, but it isn't. We will examine what this means to the security practitioner.
Register Here Houston Cybersecurity Happy Houris held monthly in a casual and fun environment for technology professionals to discuss the current state of cybersecurity, network, share ideas, and collaborate. Door prizes raffled at the end of the Happy Hour.
Washington, D.C., May 13, 2017 – The world was hit with a widespread ransomware attack starting Friday morning (BBC, NYT, WSJ). Preliminary reports suggest at least 75,000 computers in 99 countries were affected.
The ransomware attack locked the files of impacted systems and demanded payment – $300 in bitcoin – to release the data. Ransomware is not new. The first known ransomware attack – using file encryption – was in 1989. In recent years, ransomware attacks have been increasing as cybercriminals become more sophisticated and as crypto-currencies create a vehicle for non-traceable payments.
“Friday’s attack is a loud and clear wake-up call,” said Michael Kaiser, executive director of the nonprofit National Cyber Security Alliance in Washington, D.C. “The attack was global in reach, and its impact was significant. When we see whole systems like the National Health System in the United Kingdom directly targeted, it reinforces how dependent we have become on our data-driven networks. It is of utmost importance that cybersecurity of those networks be a top priority of businesses and organizations large and small.”
There are defenses that can help to prevent ransomware infections. Basic cyber hygiene can provide significant immunization against such attacks, including:
- Keep clean machines: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
- Lock down your login: Strong authentication — requiring more than a username and password to access accounts — should be deployed on critical networks to prevent access through stolen or hacked credentials.
- Conduct regular backups of systems: Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
- Make better passwords: In cases where passwords are still used, require long, strong and unique passwords to better harden accounts against intrusions.
2017 Annual Cybersecurity Report - March 2017
The Cisco Annual Report presents research, insights and perspectives from Cisco Security Research while highlighting the vacillating dynamic between adversaries trying to operate more and defenders working to close the windows of opportunities that attackers attempt to exploit. The report is broken up in sections: attacker behavior, defender behavior, industry, and conclusion.
NATIONAL CYBERWATCH COMMUNICATOR – DECEMBER 2016 December 5, 2016 Newsletter
The December edition of the National CyberWatch Communicator features webinars: Navigating a Career in Cybersecurity and Critical Infrastructure Cybersecurity, Hack the Gap with CyberSeek interactive tools, NICE’s Cybersecurity Games whitepaper, Community College Cyber Summit’s theme: Strengthening our Cyber IQ, Innovations in Cybersecurity Education (ICE), Scholarship for Service research, National Cyber League’s Facebook LIVE event on NCL in the Classroom and Lab Solutions.
National Cyber Security Awareness Month (NCSAM)
As National Cyber Security Awareness Month Comes to a Close, Focus Shifts to Securing Our Nation’s Critical Infrastructure November’s Critical Infrastructure Security and Resilience Month Reinforces the Commitment to Protecting the Vast Networks Fueling Transportation, Utilities, Agriculture, Communications and Americans’ Way of Life
Washington, D.C., Oct. 31, 2016 – Critical infrastructure, which provides the essential services underlying American society – and is the backbone of our economy, health and security – relies heavily on the foundation provided by the internet. On the last day of National Cyber Security Awareness Month (NCSAM), which leads into Critical Infrastructure Security and Resilience (CISR) Month, the National Cyber Security Alliance (NCSA), the U.S. Department of Homeland Security (DHS) and their partners in industry, government and the nonprofit sector are spotlighting the importance of securing our nation’s critical infrastructure and how individuals and organizations can help protect these vital networks from cyber threats.
“Our critical infrastructure – which consists of 16 sectors, including food and agriculture, energy, water, transportation and healthcare – is fueled by the internet. Every day, through our smartphones, computers and other connected devices, we connect to the national grid without even realizing it,” said Michael Kaiser, executive director of NCSA. “For example, you connect to the financial services sector when you conduct online banking. Throughout the day, engineers, scientists, car manufacturers, legislators and other industries interact with critical infrastructure when they use their organizations’ networks to connect to the internet. With most Americans relying on the internet to conduct their business at home or at work, it’s imperative that everyone use technology safely to protect not only themselves, but also the underpinnings of the systems that sustain our day-to-day lives.”
Following NCSAM Week 4, which highlighted the growing Internet of Things (IoT), this last day of October introduces CISR Month, which builds awareness and appreciation of the importance of critical infrastructure and reaffirms the nationwide commitment to keep it and our communities safe and secure. Protecting national infrastructure requires preparation and coordination across the entire country.
Read the full press release here for more information and tips. Spread the word on social media this last day of NCSAM using the hashtag #CyberAware.