Academic Relations Committee and Student Club Presidents Overview
The Academic Relations Committee, headed by Eugene Levin with Barry Dynkin as Deputy, focuses on fostering student awareness in audit, control, and information security professions. The committee encourages engagement with member schools to promote ISACA certifications and career growth. Additionally, the Student Club Presidents meet regularly, representing various cybersecurity and IT audit clubs in different universities. These gatherings provide opportunities for networking, skill development, and community building among students interested in these fields.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Academic Relations Committee Chair: Eugene Levin Deputy: Barry Dynkin Eugene.Levin@isacany.org Barry.Dynkin@isacany.org
Academic Relations Committee Charter The Academic Relations Committee promotes student awareness of the audit, control, and Information Security professions, identify member schools and maintain ongoing working relationships with School Advocates. Objectives Promote awareness of, and interest in, Chapter events by providing information on education and training offered by the Chapter Promote benefits of ISACA certifications and the positive impact on career and professional growth Why Volunteer? For Chapter Members Mentor the next generation of IT Audit, Cybersecurity, Risk, Control, Governance professionals Personal satisfaction of aiding in the development of students Meet highly capable and motivated students. Identify candidates for future internships and employment. Network with professors and deans Experience ISACA s academic side Good for your health - volunteering has tremendous health benefits For Students The best way to network with 4100+ professionals in Metropolitan area ISACA volunteering is good for your career, looks great on resume and LinkedIn profile Become part of a community and make new friends Student discounts. Many chapter activities are free for volunteers.
Volunteers Academic Committee Volunteers meet every 1st Thursday of the month Evelin Urbaez, Horizon Blue Cross Blue Shield Maisha Ahmed, Recent Graduate Silvia Paolini, New York Life Insurance Michael Shanahan, CVS Health Kristie Roman, Citi Ashton Laurent, NYC Cyber Defense David Gianna, Wells Fargo Michael Newman, Signature Bank Ashrafur Rahman, Baruch Cybersecurity Club Robert Gockley, Sumitomo Mitsui Trust Bank Jenny Jo, MJJT Consultants, Ltd Alexander Obraztsov, Soci t G n rale Stewin Camargo, Scotiabank Joseph Donohue, ZeroDayLab Tatyana Lemberskaya, Soci t G n rale Willie Session, Farmingdale State College Anthony Lunan, Baruch Cybersecurity Club Kenia Arias, A-FE Consulting LLC global.gotomeeting.com/join/794771145 Call 630-869-1013 Access code 794-771-145
Student Club Presidents Club Presidents meet every 2nd Tuesday 8:30pm of the month Baruch College Cybersecurity Club Samad Sunny St. Johns University Audit Club Pavle Dokic Queens College Fordham University Cybersecurity Club Jingting Rubyanne Ye IT Audit and Cyber-Security Club Richard Balram NYU Tandon Cybersecurity Club The OSIRIS Lab Wolfgang von Stuermer John Jay College of Criminal Justice Cybersecurity Club Sonica Lama Yeshiva University Cybersecurity Club Jared Weintraub City College Grove School of Engineering Cybersecurity Club Adnan Mostafa
Academic Relations Call To Action Student Cybersecurity Case Study Competition was launched on March 16th. 11 teams from Baruch College, Queens College, John Jay College of Criminal Justice, and City College have answered the call and will be competing for the top 3 prizes. 7 finalist teams are now competing for the top 3 prizes. Please see slides 37-59 for more details. Looking for guest lecturers to help professor Solieri of Queens College to deliver IT Audit course in the Fall of 2020. See slides 24-26for more details. Looking for IT Audit and Cybersecurity Summer Internships Will your company have IT Audit and/or Cybersecurity internships in the summer? New York Metropolitan Chapter sponsors seven (soon to be eight?) ISACA Student Groups with several hundred motivated and ambitious members who are interested in IT Audit and Cybersecurity careers and will be looking for internships. There are 4160+ members of the chapter working for at least 1215+ different companies. Please let me know if you come across any internship opportunities and I will pass it to Student Club leadership. Looking for Student Mentors In the Fall of 2020 we plan to pilot a mentorship program with 10 female diversity mentees from Baruch Cybersecurity Club. Please see slides 10-21 for more information. 14 seasoned professionals volunteered so far. We are looking to scale mentorship program and I already have two more universities that are interested in pairing students with chapter mentors. Please let me know if you are interested to be a mentor. Looking for Cybersecurity Experts for Guest Lectures at NYU NYU Tandon Cybersecurity Club is looking for Cybersecurity Experts to deliver guest lectures in April and May every Tuesday, 1pm at 370 Jay Street, Brooklyn, NY, room 1066, at the NYU Tandon School of Engineering. If you are interested and have an interesting Cybersecurity topic to present, please contact Wolfgang von Stuermer wvs215@nyu.edu
Academic Relations Chapter Events Sep 26: NY Metropolitan 2019 Member Social and Volunteer Recruitment Nov 26: Academic Relations Committee dinner: We discussed why we are interested in Academic Relations, our areas of expertize, interests, availability, and how we can help in the development of student clubs. Feb 19, 2020: Break Bar Social Apr 25: Student Cybersecurity Case Study Competition stay tuned.
Baruch Cybersecurity Club The student advocate: Professor Trevor Moores President: Samad Sunny linkedin.com/company/isgbaruch/ Past Activities A new Student Leadership installed in 2019 Jul 26: Eugene and Barry had an introductory call with club s president Bhavin Darji about Baruch Cybersecurity Club Aug 15: Karen, Barry, and a few other members of the board visited Baruch College for a dinner to introduce themselves to the new Baruch Cybersecurity Club eBoard and Professor Moores. Aug 27: Convocation 2019: Club Fest where a few members of the Baruch College s ISACA Cybersecurity Club eBoard introduced the club to Freshmen. Sep 6: New York Metropolitan chapter, IQ4, and Baruch College reached an agreement to co-sponsor Cybersecurity Apprenticeships for 30 students during Winter session. Sep 12: Eugene made a presentation about ISACA at the General Interest Meeting. Oct 3: FinTech Fireside Chat: Cyber and Risk/ Recruiting event with the Depository Trust & Clearing Corporation. Oct 17: Time Equities Event. Professionals from Time Equities Inc. shared their knowledge and experience in ransomware and investments in real estate. Oct 28: Professor Moore selected and accepted students for Winter iQ4 apprenticeships. Nov 7: EY: Cybersecurity vs Cyber Resilience Nazir Vellani who is a senior manager from EY had an interactive discussion with students about Cybersecurity and Cyber Resilience. Nazir also provided interview tips as a hiring manager.
Baruch Cybersecurity Club - cont The student advocate: Professor Trevor Moore President: Samad Sunny linkedin.com/company/isgbaruch/ Past Activities Nov 21: Cybersecurity in Banking Cyber from MUFG & Deutsche Bank A panel discussion about Cybersecurity in Banking and interview/resume advice moderated by then President of Baruch College s ISACA Cybersecurity Club Bhavin Darji After the panel discussion there was a networking session with Directors, Hiring managers, and Vice Presidents of respective divisions. December: ISACA Cybersecurity Club Baruch College was recognized by ISACA Global as a Student Group of the month! Dec 3: Samad Sunny is announced as the acting president of the club. Jan 2020: 30 Baruch College students participated in iQ4 apprenticeship program . The program was co-sponsored by The New York Metropolitan Chapter, iQ4, and Baruch College. Jan 10: The ISACA Cybersecurity Club conducted eBoard election followed by a networking session with the elected members outside campus at Sous Vide Kitchen Caf . Jan 28: Executive members took part in Baruch Officer Leadership Training organized by Baruch Jan 30: The ISACA Cybersecurity Club participated in Baruch Club Fair of the year, where the club networked with students and shared information about ISACA and upcoming club events. Feb 6: Eugene made an ISACA presentation at the Spring 2020 General Interest Meeting. Mar 5: Technology Risk Consulting with RSM 90-min interactive session on RSM culture, service lines, followed by networking. June 3: Eugene and Sunny reviewed proposed amendments to club bylaws.
Baruch Cybersecurity Club - cont The student advocate: Professor Trevor Moore President: Samad Sunny linkedin.com/company/isgbaruch/ Planned Activities TBD: Innovation with KPMG A co-sponsorship event with Beta Alpha Psi (BAP), a renowned business fraternity, geared towards providing students with knowledge on KPMG s leading technology innovation in audit, tax, and advisory. TBD: We will join Beta Alpha Psi again to host the muti-national network of accounting firms, RSM, to speak about their use of technology in risk and management consulting. TBD: Deloitte s Cybersecurity and Tech recruitment pipeline event debut with Baruch just like DTCC last semester!
Our Mission Our Vision The ISACA Technology Fellowship Program is geared towards promoting diversity and inclusion on campus by providing aspiring technology professionals with the knowledge, skills, and support necessary to excel in the technology industry. To bring inspiration and innovation to every aspiring technology professional and help in paving their path to becoming leading technology industry professionals.
Program Goals Program Objectives Diversity and Inclusion Engagement and Retention Succession Planning/Leadership Development Build and Strengthen the Tech Community on Campus Career Planning and Development Behavioral and Technical Interview Skills Opportunity to Build a Cross- Functional Professional Network
Program Roles & Responsibilities Mentor Mentee Feedback on mentee s strengths and weaknesses Explain changing demands of the tech industry Encourage two way exchange of information Encourage mentee to take calculated risks Help mentee reach full potential Establish goals for mentorship program Develop an action plan that focuses on achieving specific goals and objectives for the duration of the program Actively schedule meetings and engage with mentor Attend quarterly events
The strengths and weaknesses of each mentee participating in the mentorship program will be evaluated to make the best mentor and mentee matches. Matching Method Mentees will be paired with mentors whose strengths match the mentee s weaknesses. This way the mentee will be able to not only earn valuable insight on the technology industry and build their strengths, but work on their weaknesses also.
Begin: September 2020 Program Implementation End: April 2021 Details: One-on-one mentoring Monthly check-in Quarterly events
Quarterly Events Quarter 1 - September 2020 (Orientation) Quarter 2 - November 2020 (Thanksgiving Get-Together) Quarter 3 - January 2021 (New Years Meet-Up) Quarter 4 - April 2021 (Graduation Ceremony)
Quarterly Events (Continued) Quarter 1 - September 2020 (Orientation) Program introduction, review upcoming program events, mentor & mentee introductions, conduct a team-building exercise, announce mentor and mentee matches, distribute questionnaire and action plan, and address any questions or concerns. Quarter 2 - November 2020 (Thanksgiving Get-Together) The mentorship program participants will come together for an evening full of networking and much to be thankful for!
Quarterly Events (Continued) Quarter 3 - January 2021 (New Years Meet-Up) The mentorship program participants will come together for an evening of networking to start off the new year the right way! Quarter 4 - April 2021 (Graduation Ceremony) A graduation ceremony will be held for our first cohort of the ISACA Technology Fellowship Program where mentees will be awarded certificates for successfully completing the fellowship program. Mentees who display exceptional performance will be recognized and awarded for their dedication to the program.
ISACA New York Metropolitan Chapter Supporting Resources As a leading ISACA chapter, our mission is to serve our membership by providing world-class training, networking opportunities, and guidance while contributing to the profession both locally and internationally. ISACA Career Centre Access to resources to help direct your next career move Job openings for IT Audit, assurance, risk, security, cybersecurity, and governance professionals Worldwide search-by-country, by certification Members can: Post resumes/CVs in a searchable database Receive email notifications of new job listings Baruch College Starr Career Development Center The mission of the Starr Career Development Center is to provide comprehensive career services to Baruch College undergraduates. We encourage students to come to the Center from the time they are freshman through senior year graduation and as alumni. The staff of the SCDC is dedicated to assisting students and alumni in all aspects of their career development as they make decisions about majors, apply to graduate and law school, prepare for internships and jobs, and progress in their professions.
Eugene Levin Barry Dynkin Alexander Obraztsov Bob Gockley Michael Newman Evelin Urbaez Kristie Roman Ashton Laurent Rajesh Kumar Michelle A. Schaap Ilya Pozharsky Sam Vohra Barry Sears Craig Harris Timothy Sheng Volunteers
St. Johns University Audit Club The student advocate: Professor David Chan; President: Pavle Dokic Past Activities A new Student Group Board of Directors installed 2019. Club has about 30 members. Oct 10: Eugene, Barry and Wei met with Pavle Dokic and Professor Chan to discuss current club status and next steps. Nov 12: Soft and Hard Skills needed for Career in Advisory Consulting. Nov 19 : Cyber Security and Internal Audit presentation by Teena Bacchus. 2nd week of Dec: Deloitte Audit Innovation Campus Challenge Planned Activities Involve St. Johns University Audit club in joint events with other colleges, Emerging Professionals committee, and New York Metropolitan Chapter membership events.
Queens College IT Audit and Cyber-Security Club The student advocate: Professor Steven Solieri President: Richard Balram Past Activities Oct 21: Eugene, Barry and Wei had a call with and prof. Solieri to discuss current status and on next steps. Oct 23: "ISACA IT Audit and Cyber-security Club" is approved as a student club/organization at Queens College. Approximately 20 people are already interested. Nov 4: Eugene, Barry, Wei had a call with Richard Balram to discuss ISG ISACA international application and General Interest Meeting on Wednesday, Dec 4th 12:15-1:30. Nov 6: Richard have submitted the ISG application with ISACA international. Nov 11: Queens College IT Audit and Cyber-Security Club is officially recognized by ISACA. Dec 4: Barry introduced ISACA at the General Interest Meeting. Planned Activities TBD: POSTPONED BKD Office Visit , Co-sponsorship with Ascend and World of Work TBD: POSTPONEDCanon U.S.A. HQ Office Visit , Co-sponsorship with Ascend and World of Work TBD: POSTPONEDIT Audit presentation by Mr. Aadesh Gandhre, Group Head of Audit - IT Americas and Latin America Business, Chief Innovation Officer - US Audit at Soci t G n rale TBD: POSTPONEDPresentation by Mr. Odrej Krehel, PhD, CISSP, CEH, CEI , EnCE, Digital Forensics Lead, CEO and Founder, LIFARS on Career in Digital Forensics and Case Studies: Cryptocurrency Hacking and Nation States
Dr. Steven A. Solieri, CPA, CMA, CIA, CISA Queens College (CUNY) Associate Professor SASolieri@aol.com Queens College IT Audit Course Professor Solieri is looking for 14+ IT Audit practitioners for Fall 2020 introductory 14 week IT Audit Course (mostly grad students and some undergrads) to deliver 1.5-2 hour lectures and demos. I would enjoy discussing my plans for the IT Audit class and hope you would provide some feedback and ideas to make it even better. My goal is to break the course into 14 main subjects and to have one or two practitioners present a topic for the class (2 hours). Each week new practitioners will discuss the topic and present/demonstrate how the topic can be carried out. The semester is 14 weeks and consist of 2 hours 50 minutes each week. I will use the extra time each class to discuss the submission of projects based on presentations and I will use the two additional weeks (classes) for testing and students presentations. I would greatly appreciate ISACA's help in choosing the topics (using the CISA curricula) and finding good practitioners interested in assisting in the class. Thank you so much for volunteering to assist me in the development of the IT Audit class at Queens College. It is amazing how many people are willing to help us in our endeavor thanks to the mutual association with the Metropolitan Chapter of ISACA and the Educational Committee led by Eugene and Barry. We are truly blessed by such outstanding people. I have attached the ISACA CISA Domains and Sub-Domains that I would like to propose as a starting point. It is likely too aggressive, but it would be nice to be able to aim for a higher goal as a starting point. I would be very happy with even achieving half this in our first iteration of the course. My goal is to make the class "come alive" for the students and be a mixture of topic coverage via lecture and hands-on achievement by performing exercises in- class and as a follow-up assignment. We can anticipate a computer lab setting with approximately 20-25 seats. I am eager to know your thoughts and share possible experiences with others who have taught and delivered this content. While I am a CISA and keep my CPEs current I have not be heavily practicing for almost 25 years and need the assistance of active practitioners to make the course current. Thank you for your volunteerism and the guidance you will provide. I would also appreciate any SMEs that you can recommend to us for possible topical coverage. I am hoping for the following organization of each class: 1) Pre-readings available two weeks or so in advance, 2) Presentation by a Subject matter Expert (SME) for about 45-75 minutes, 3) Some small hand-on exercise in-class to get students on the right track (to be completed at home before the next week's class) with total time required of one to three hours. 4) Possible follow-up presentations at the end of the semester via ZOOM/GoToMeeting or other media with the SMEs This will give the students the theory, some practice of implementation or working with the theory, and then delivery using that theory with possible presentation.
Queens College IT Audit Course PROSPECTIVE SYLLABUS
Fordham University Cybersecurity Club The student advocate: Prof Thaier Hayajneh President: Jingting Rubyanne Ye Past Activities August: Fordham University ISG was officially recognized by ISACA International. Oct 7: Eugene, Barry, Wei met with prof Hayajneh and Rubyanne to discuss Fordham s ISG. Nov 4: The first official club meeting. The club has 40 members. Working on getting ISACA recognized as a club at Fordham. Dec 10: Cybersecurity Club website is ready and is announced on Instagram and LinkedIn. Feb 27, 2020: Eugene Levin and Chapter s Immediate Past President Alexander Abramov delivered a guest lecture to professor Tim Ryan IT Audit and Information Assurance students at Fordham University Gabelli School of Business. Planned Activities Start planning Spring semester events. Rubyanne is looking for Speaker will let us know topics she is interested in. Cyber mixer event - moved to Feb.
John Jay College of Criminal Justice Cybersecurity Club The student advocate: Professor Aftab Ahmad; President: Sonica Lama Past Activities Oct 15: First General Interest Meeting and Club Election. 24 people attended. Oct 29: Eugene, Barry and Wei had a call with Sonica Lama (Pres), Arnold Moctezuma (VP), and prof. Ahmad to discuss current status and agree on next steps Oct 30: Emailed John Jay club a list of Great Speakers for a potential presentation. Nov 11: Sonica submitted ISACA International application. Nov 11: Director of the Center for leadership approved the ISACA Student Group by-laws and sent all the documents to the Judicial Board. Nov 12: Connected Sonica with Cybereason which will help with speakers and demos in the Spring semester once John Jay club gets approved. Nov 20: Cybersecurity Club was interviewed by John Jay College Judicial Board and is expected to approved at the end of the semester. Nov 22: ISACA International application is waiting to see Cybersecurity Club web site under John Jay student clubs/organizations. Dec 15: John Jay has officially recognized ISACA Student group. Checking with ISACA Global regarding Web site requirement alternatives. Jan 22, 2020: ISACA officially recognized ISACA Student group. Feb 9: Connected Sonica with Jacob Berry , Principal Incident Response Specialist at Cybereason, a terrific speaker election hacking, incident response, and careers in cybersecurity. Feb 18: John Jay Cybersecurity Club Spring General Interest Meeting
John Jay College of Criminal Justice Cybersecurity Club - cont The student advocate: Professor Aftab Ahmad; President: Sonica Lama Planned Activities Apr 8: Virtual Zoom Session with Mr. Abraham Rivera to learn about the opportunities at NYC Cyber Command and explore the tips to land in cyber jobs during the college or after the graduation. Apr 30: VirtualZoomPresentation by Mr. Odrej Krehel, PhD, CISSP, CEH, CEI , EnCE, Digital Forensics Lead, CEO and Founder, LIFARS on Career in Digital Forensics and Case studies Cryptocurrency hacking and Nation States Here is the link to the recording: https://us02web.zoom.us/rec/share/-eMrA637zENOHZ3XyF- YBat9L5umaaa8g3Af-qIJnR4ojqpq2lqHCk3lYuNP4mPF TBD: Zoom Panel Discussion: FBI, CEO TBD: Presentation by Mr. Gotham Sharma on Access CYBER: our cyber security list and how students can use it to launch their careers. Link: https://www.accesscyber.org/
Yeshiva University Cybersecurity Club The student advocate: Professor David Schwed; President: Jared Weintraub Past Activities Jul 25: Eugene and Barry had a call with David Schwed regarding potential ISG at Yeshiva University. Provided an ISG welcome package and offered assistance. Aug 27: Barry presented ISACA at MS in Cybersecurity student orientation and got a very positive reception from program director and Dean of YU Katz School Science and Health. Oct 7: Eugene, Barry, Wei met with prof Schwed, Malka to discuss Yeshiva s ISG. Jared had technical difficulties so Eugene had a separate conversation with Jared on October 10th. Nov 26: Cybersecurity Club application is under final review by Yeshiva University. ISACA International application is submitted. Mar 2, 2020: Cybersecurity Club is recognized by Yeshiva University as a student organization. Planned Activities Waiting for Yeshiva University and ISACA International Approvals.
City College Cybersecurity Club The student advocate: Dr Claude Brathwaite (acting) President: Adnan Mostafa (acting) Past Activities Oct 2: Karen, Barry and iQ4 team met with Dr. Ardie Walser, Associate Dean of Undergraduate & Graduate Studies and Professor of Engineering to discuss ISACA Student Group opportunities on campus. Nov 19: Eugene made an ISACA introduction to City College Grove School of Engineering students at the General Interest Meeting. We have very strong support from City College officials and some students already volunteered for club officer roles. Dec 11: Acting club President Adnan Mostafa met wit Dr Claude Brathwaite to discuss finding an academic advisor for the club, and the process for creating student club and student web page at City College. Dec 19: Adnan met with Samad Sunny (Baruch College Cybersecurity Club President) to get some tips on running a successful student club
NYU Tandon Cybersecurity Club The student advocate: Brendan Dolan-Gavitt President: Wolfgang von Stuermer https://www.osiris.cyber.nyu.edu/ http://cyber.nyu.edu/ https://twitter.com/osirislab The mission of The OSIRIS Lab and the Cybersecurity Club is educational. We invite with open arms, all who possess the desire, the drive, and the dedication to learn about The Cyber , reciprocating in good faith the promise to provide for every peer the knowledge and tools needed to explore their individual interest. We run two events weekly: Cyber Security Club (CSC) and Hack Night for a more technical-skills focused approach. CSC is a lecture series that we host at 1pm EST on Tuesdays where we provide pizza and bring in a "cyber security expert" to give that week's guest lecture. These talks are usually framed so that people with very little prerequisite knowledge can hop right in, but hopefully contain enough technical meat to interest a more advance crowd. We seek a diversity of speakers to learn about a spectrum of cyber security and individual ideologies, approaches, and so much more. Further we conduct research where our students determine what research projects they want to pursue. This results in interesting tools, code repositories, blog posts, and even bug bounties. Lastly, the OSIRIS Lab runs the annual CSAW global Capture the Flag (CTF) event, which is the largest student-run CTF event existing. The reason that the OSIRIS Lab exists is to provide an unrestricted space for those individuals to explore and collaborate on exactly that which captivates them. To that end, the Lab is (almost) always open, and entirely student run.
NYU Tandon Cyber Fellowship Program Building on over 150 years of technological leadership, New York University Tandon School of Engineering today provides the opportunity to develop the same valuable skill-set as on-campus students, entirely online. In collaboration with industry partners on the NYU Tandon Advisory Council , The Cyber Fellowship program is an elite, highly technical Cybersecurity Master's degree offering students a scholarship that covers 75% of their tuition. NYU Cyber Fellows is a unique, affordable online program designed to address the acute US shortage of trained, underrepresented technical professionals. The program's sizable scholarship brings the total cost for this rigorous, highly- technical education to approximately $16,000 for the entire program. Additionally, NYU Tandon s Department of Technology Management and Innovation offers an online Management of Technology Master s degree preparing professionals for management and leadership roles focusing on the strategic, behavioral, organizational, and social business aspects. Management of Technology (MOT) graduates are trained in entrepreneurship and commercialization, global innovation and R&D strategy, leadership of distributed and virtual organizations, and other high-growth, 21st-century opportunities. Finally, for individuals with Non-STEM backgrounds looking to get into cybersecurity, or if those looking to polish up computing and security skills, the NYU Tandon Bridge certificate program is the best fit. This non-credit course is offered for the low price of $1,850 and is available in 17 or 24-week formats with the same material taught in each. The only difference is the hours students are expected to devote to the course each week.
Partnerships iQ4 2019: New York Metropolitan Chapter and iQ4 announced a partnership that allowed members of the chapter to earn CPEs by volunteering as Cybersecurity Apprenticeship Mentors. In June 2019 Newsletter Alexander Abramov announced that around 690 CPEs were granted due to iQ4 mentoring. Sept 6: New York Metropolitan chapter, IQ4, and Baruch College reach an agreement to sponsor Cybersecurity apprenticeship for 30 students during Winter session. Sept 18: Karen, Eugene and Barry have a dinner with Frank Cicio, Dennis O Connel, Ed Moskal, and Debra Korner regarding the concept of a Cybersecurity Center Nov 1: Discussion of New York Metropolitan Chapter and iQ4 collaboration. Jan 2020: 30 Baruch College Students have attended Threat Within cybersecurity apprenticeship co-sponsored by Metropolitan Chapter, iQ4, and Baruch college, led by Prof Moores. Feb 20: Barry and Karen met with IQ4 leadership to continue the conversation about potential collaboration, Memorandum of Understanding, etc. They discussed a self sustaining model that would truly benefit students by funneling them into jobs and ISACA clubs & memberships. We are collaborating to work out the details and plan to meet in the next couple of weeks to discuss. Emerging Professionals Committee Nov 4: Eugene, Barry and Megan Soriano (Chair of Emerging Professionals committee) discussed a potential networking event with students in January. Options discussed: NYC SPIN (table tennis, billiards club), Break Bar NYC/Anger Room/Rage Room/The Wrecking Club. Dec 11: Eugene, Barry, and Tatyana Lemberskaya met with Megan Soriano to discuss the next steps. Jan 7: The event was scheduled for Feb 19th and capped for 75 people half emerging professionals and half students. This became the Break Bar Social (see slide 6) which sold out and became a major success.
Partnerships - cont Cybereason Oct 30: Eugene, Barry and Wei met with Siobhan Alexander and Chris Taylor (point of Contact) to discuss how they can help with putting together various demonstrations (like election hacking tabletop) for student cybersecurity clubs. Jan 7, 2020: Eugene emailed Chris Taylor regarding hosting an election hacking event in NYC in April. Feb 12: Eugene has connected Chris Taylor (Marketing Director) and Jess DeLuka (Election Hacking Tabletop Simulation Event Organizer) with David and Lev from Yeshiva University. There is a mutual interest to host the event at Yeshiva University. Follow up call is scheduled for Monday, March 2nd. Feb 12: Election Hacking Tabletop Simulation is preliminary scheduled for April and Yeshiva is checking facilities availability however it is possible that all gathering will be put on hold due to COVID-19. Yeshiva University Feb 2: Yeshiva University offered to partner with the Chapter and co-host some Cybersecurity events at their prime real estate facilities at Lexington and 33rd Street. They have a really nice conference hall that can accommodate up to 90 people where they host various cybersecurity events like this: https://www.linkedin.com/pulse/blockchain-institutional-security-next-challenge- securing-levin/ and also a variety of class rooms. Yeshiva University is interested in promoting their new MS in Cybersecurity program and will provide a venue free of charge.
Future Initiatives April: Potential Election Hacking Tabletop demonstration by Cybereason April 25: Cybersecurity Student Case Study Competition Fall 2020: Mentorship pilot with Baruch Cybersecurity Club TBD: Student Career Fair
Cybersecurity Case Study Student Competition
Overview Student Cybersecurity Competition was organized by ISACA New York Metropolitan Chapter in collaboration with Academic Advisors of ISACA Student Groups affiliated with the chapter. The competition took place in March May 2020. Teams of 4-6 students received Cybersecurity Case Study to analyze. Competition was open to students of all majors, not just members of ISACA Student clubs. Students from different universities/colleges were allowed to form teams. 11 teams from 4 colleges entered the competition. Teams of 4-6 students received Cybersecurity Case Study to analyze. After the first round of the competition Academic Advisors selected two best teams from each college to compete in the final ISACA competition. The final competition was judged by a panel of senior executives and luminaries which selected the top 3 winning teams. 37
Competition Results Team Name YouTube Link Ranking Place P.R.A.N.C.S https://youtu.be/Lc9QFvPENZ0 1.3 1st Place Soteria https://youtu.be/1ESpaJu6cPM 2.6 2nd Place Interrogation Squad https://youtu.be/DVr0YXNnTMU 2.9 3rd Place FB Consultants https://www.youtube.com/watch?v=kBD1y6QJ_WY 3.1 4th Place Winners https://youtu.be/I1qn17yhZEk 4.4 5th Place Cyber Blitz https://youtu.be/_e5_AbsHCkA 5.1 6th Place The Enforcers https://www.youtube.com/watch?v=j7COfPAw4jE&feature=youtu.be 5.4 7th Place ISACA New York Metropolitan Chapter Student Cybersecurity Case Study Competition 38
Quotes from the Judges and Academic Advisors I was very much impressed with the effort and dedication the students put into this effort What an exciting exercise! I believe the teams gave it a lot of thought, work and creativity. It was a very close call and a tough choice in some cases. The whole experience from creating the scenario to speaking with the teams has been very uplifting. They as you said are all winners great talents. From my perspective, the results were an example of what I firmly believe in: the power of combining business and technical/cyber expertise and how important it is to bring a range of skills into managing resiliency effectively. This is a great initiative from ISACA NY Chapter for encouraging students in cyber security careers. All teams really took time to understand issues and came up with good analysis and control recommendations. I am sure they learned a lot in the process. It s one thing to know the basics of how a cyber attack happens, it s another to be able to wade through the wreckage and be able to advise senior management on what they should do. I am quite impressed with the exercise and the quality of the effort by the teams. The current shortage of strong talent in the InfoSec space will be a temporary problem if enough students with this level of skill come out of schools. Kudos to you and all the other academic professionals. 39
Important Dates March 16: Competition is announced and universities are invited to participate, teams are formed. March 23 and 25: Competition kick off Q&A meetings with participating universities and teams. Universities to provide info on how many teams plan to participate. March 23: Cybersecurity Case Study is published. March 23 April 24: Teams are working to conduct case study analysis. Teams are strongly encouraged to use online collaboration tools like Skype or Google Hangout. April 24: Universities will select top 2 best teams using the Rubric provided for the final ISACA competition. Universities will provide info on which teams and the students that will go to the final competition. April 24-May 1: Finalist teams must complete their PowerPoint presentations and record team presentations of the case study analysis. Again, teams are strongly encouraged to use online collaboration tools and not meet in person. May 1: Finalist teams must email their PowerPoint presentation and video recording to ISACA NY Metropolitan panel of judges. 41
Important Dates May 2: Eugene to send out welcome package to Judges that will include Zip of seven PDF and PowerPoint presentations Case Study, Questions and Answers Ranking Sheet that includes links to 10 minute YouTube recordings May 2-10 EOD: Judges to review presentations, YouTube recordings, and rank anonymous (*) team submissions from 1 to 7 using the Rubric and Scoring system (slide 4 and 5) as guidance. Judges to email Eugene Ranking Sheet by May 10th end of day. May 11: Eugene to average rankings to identify top 3 teams and schedule GoTo Meeting interviews with the top 3 teams for Sunday, May 17th morning. May 17: 10am-10:30am Judges discuss and agree on interviewing approach. 10:30-10:55am Team A (TBD) interview 11:00-11:25 Team B (TBD) interview 11:30-12:00 Team C (TBD) interview After the interviews Judges finalize 1st, 2nd, 3rd place ranking of the winning teams and email Eugene their decisions. Week of May 18 and on: Winners are announced, information is posted at Chapter s web site, LinkedIn group, awards are sent out, feedback is collected on how to improve the competition for next year. (*) All teams except one followed directions and did not disclose which college(s) they are from. 42
Invited Universities with Affiliated ISACA Student Clubs Baruch College, CUNY John Jay College of Criminal Justice, CUNY Fordham University Queens College, CUNY St. John s University Yeshiva University City College, Grove School of Engineering, CUNY New York University Tandon School of Engineering Colleges highlighted in bold responded to the invitation and have student teams participating in the competition. 43
Team Prizes * 1st Place - $600 per student 2nd Place - $500 per student 3rd Place $400 per student All students from the top 3 teams will get Diploma recognizing their achievement 44
Role of the Mentor Student teams can reach out to mentors to Ask questions Seek case study clarifications Ask for feedback Case Study Analysis must be independent work of the students with no direct inputs from the mentor. Mentors will provide guidance on how they would tackle the real-world cases in their own organizations so that you have a framework to build on. 45
Written and Video Presentation Written case study analysis should have at most 20 slides and must cover the following: Identify the threats and vulnerabilities inherent in the case. Consider how the NIST Cybersecurity Framework might apply. Recommend solutions to protect a company from similar attacks. Identify organizational constraints that affect the decision criteria. Provide an outline of the best cyber security solution. Document and present your proposal, aimed at the executive board level. Video presentation must be at most 10 minutes long and include all team members. 46
Instructions on PowerPoint and Video Presentation Submission Post your recorded presentation on your YouTube channel and email a link and PowerPoint presentation to Eugene.Levin@isacany.org. Video Recording format output should be MP4 Suggestion: PowerPoint slideshow + slide narration = MP4 All team members must participate in the presentation. In the slides and the presentation please introduce your name and team s name but not which college you are from. Dropbox, academic advisors are invited and upload the file to the folder. Dropbox, academic advisors are invited and upload the file to the folder. 47
Case Study Rubric Case study analysis and presentation will be evaluated based on how well they address the following (with % weight): Brief summary of the case (5%) Identification of the root cause of the problem (5%) Priority of actions to be completed first (10%) Understanding of who is involved in the decision-making process (10%) Applicable laws that may be used to prosecute the threat actor (10%) Legal measures to be undertaken to fulfill regulatory obligations (10%) Likely effectiveness of controls used to contain the attack (20%) Any Public Relations (PR) implications (10%) Recommendations to the Company Board (20%) 48
Scoring System For Judges The rubric given in the previous slide should be marked according to the following scoring system (on a scale of 1 to 10): 1. Discussion missing, or fails to address the issue. 2. -- 3. Some relevant points, but a lack of justification for the choices given. 4. -- 5. Most of the relevant points included, with justification for most, but not all. 6. -- 7. All relevant points included, and justified, but further elaboration required. 8. -- 9. All relevant points included, justified, and clear discussion of choices made. 10.-- 49
Judges Jessica Robinson CISO - CEO, Purepoint, Jessica@purepoint-international.com Medha Bhalodkar Chief Information Security Officer & Enterprise IT Risk Officer, Columbia University, mb2075@columbia.edu Radhika Bajpai Google, Radhika.Bajpai@gmail.com Gehan Dabare MD of Cybersecurity, MUFG, gehan@dabare.com Barry Dynkin Co-Founder and President of Atlas Cybersecurity, barry.dynkin@isacany.org Alicja Cade MD, CISO of GM, IBCM, GCIO & Americas, Credit Suisse, alicja.cade@credit-suisse.com Alex Bazay CISO, Align, alex@bazay.com Manny Cancel SVP and CEO E-ISAC, North American Electric Reliability Corporation, mannycancel@hotmail.com 50