May 2021 Safe Computing

PAGE CONTENT

Cybersecurity Student Internship Program

 

Each semester the Information Security Office (ISO) hosts a 15-week‌ ‌cybersecurity internship program‌ ‌that ‌allows‌ ‌students‌ ‌to‌ ‌gain‌ ‌insight‌ ‌into‌ ‌and‌ ‌experience‌ ‌in‌ ‌a‌ ‌wide‌ ‌variety‌ ‌of‌ ‌ISO‌ ‌functions, often‌ ‌while‌ ‌receiving ‌course‌ ‌credit.‌ This paid experiential learning opportunity integrates academic teachings with professional supervision, mentorship, and application of coursework to cybersecurity employment duties. 

The beginning – ups and downs. ISO hosted its first intern in 2015. This intern was referred to ISO by Project>Login. As John Forker, the Chief Information Security Officer recalls, “This experience was all new and we had an instant win-win situation. There aren’t many internships in the Bangor area and we were able to provide a needed opportunity. The intern was terrific; her interests and skills aligned with our needs. She helped us, and we provided her with practical experience and mentorship. We felt good supporting the Academic Program.” However, the next semester revealed deficiencies in this underdeveloped internship program. The student desperately needed an internship, but there wasn’t a program, faculty referral, or a vetting process. There wasn’t a direct need that aligned with the student’s interests or talents. “It felt awkward,” Forker relayed. “We didn’t have standardized processes, duties, or a good way to mentor in the breadths of the profession. We needed to revamp this program.” The ISO team huddled and determined a few basics, including an intake process that involved the Academic Programs and a standard set of engaging tasks.

The growth of the program. Through working with faculty and offering a standard set of expected duties, the program steadily matured. Between 2017 and Spring 2020 ISO sponsored six more interns. These interns were associated with programs from UMA, USM, UMFK, and UMaine. By that point, the program had ramped up to include two interns per semester. In 2020, Ben Grooms, an Information Security Specialist, spearheaded an expansion effort that involved cybersecurity training for interns through a set of topic areas taught by ISO staff with expertise in a wide variety of areas. All ISO staff are involved in teaching and mentoring every intern. This model not only exposes them to a breadth of practical activities, but also provides experience with mentors who offer differing interests, skills, backgrounds, and styles. The intent is to mimic qualitative aspects of their future careers, such as adapting to different communication styles or quickly adjusting to multiple work topic areas. 

The online intern experience and continued growth. In this last year, due to the pandemic, the internship program has been moved online. Because so much that the ISO does is accomplished remotely, this model correlates to our real-world environment. To keep interns engaged, these students work in pairs in virtual rooms created by continually opened video sessions. These sessions allow mentors to join these virtual rooms to monitor and support their efforts. Because many of these students have been from different cybersecurity programs, working together allows them to share skills and the knowledge they bring. Whether it is the geographic breakdown due to online presence, lack of other internship opportunities during a pandemic, or the mere growth in the academic programs, the demand has flourished. Over 20 interns have applied to this program in the past year. Since Summer 2020, 6 new interns have passed through this program, for a total of 14 since the onset.

The internship program today. Because ISO’s mission is broad (technical operations, policy, training, incident response, risk assessment, compliance, etc.), this affords the opportunity to expose interns to a wide variety of activities. Besides exposure, interns are expected to aid the ISO in a variety of these cybersecurity discipline areas. Additionally, as possible, interns are provided work opportunities within their stated area of interest. Common tasks students may perform include updating and configuring the University’s vulnerability management software or network intrusion detection system. To add structure to the variety of programs, ISO staff build a set of eight modules that all interns will go through. Current modules include:

  •   Orientation – helps prepare interns with needed resources and access for future modules
  •   Awareness & Training – Explores methodology in developing information security training, the University’s application of content and format, and resources for users
  •   Phish Response – Explores phishing techniques and how to extract forensic details from phishing messages
  •   Phishing Awareness Training – Explores the development of simulated phishing emails for training purposes
  •   Risk & Compliance – Explores risk assessment methodology, frameworks, and compliance programs 
  •   CISO Perspective – Explores the entirety of information security, from the vantage point of the Chief Information Security Officer     
  •   Automation – Explores automating tasks in security operations   
  •   Network Intrusion Detection System – Explores concepts of monitoring and responding to network-based threats

Additional specific focus areas are being developed in threat intelligence, digital forensics, malware detection and response, and vulnerability management.

 A solid intake process. Departing from the earlier ad hoc acceptance of interns, the ISO has developed a means to allow a broader array of applicants. Prior to each semester, a request is sent to each cybersecurity program with descriptions of internship activities and application instructions. Resumes are reviewed and the top candidates are invited to interview for the positions. The interview tests students’ academic understanding, communications, and the ability for self-reflection. In the event a student applies for but is not accepted into the program, they may request feedback and suggestions for improvement. Successful candidates proceed to gain experience in common professional onboarding and post-hire training requirements. In the nature of this profession, interns are also subject to background checks and must agree to confidentiality agreements.

A sustained win-win. Student internship programs help students better understand their career interests, statistically improve career placement post-graduation, and allow students an informed choice in continuing studies or refocusing areas of study. Graduates with work experience in their chosen fields gain competitive employment prospects. Cybersecurity interns bring innovative attitudes, fresh perspectives, enthusiasm, and a desire to make a difference. Students’ abilities provide needed support in common cybersecurity task areas. 

The ISO encourages feedback to our program. We encourage you to spread the word to students who may be interested in a career or gaining work experience in cybersecurity. We will soon be recruiting for summer 2021, followed by fall; please watch for recruitment information or have interested students contact infosecurity@maine.edu.

2020-2021 – A Record Year for Widespread Scam and Malicious Phishing

While we continue to see persistent, more-common scam, credential harvesting, or malware phishing attempts, in 2020-2021 we’ve seen several events that targeted thousands in our University community.

Notable alerts included email subjects:

  • UMaine Wages Bonus, May 2020
  • Update Email Quota, May 2020
  • The University of Maine Benefits Approved, May 2020
  • COVID-19.docx, April 2020

Phishing is often difficult to discern from legitimate email. Widespread attempts targeting university communities or populations around the United States during the pandemic included:

  • From Your Health Team
  • Notice on Class Cancellations
  • Coronavirus Customer Advisory
  • Johns Hopkins Interactive Coronavirus Map
  • Spoofing imitating WHO or CDC alerts
  • An IRS warning of impersonation scams targeting universities

Interested in training that tests your ability to recognize a phishing attempt? UMS offers opt-in training that periodically sends you simulated phishing emails. You will receive feedback on whether or not you fell victim to the fake phishing attempt. You can cancel participation at any time. Email infosecurity@maine.edu and request phishing simulation training.

For a full list of news and alerts, visit the Cybersecurity News page available from the UMS portal landing; or from the Information Security portal, which additionally includes information on working remotely, policy and Administrative Practice Letters (APLs), and federal or state regulatory or compliance programs and requirements.

 

 

The Information Security Office has new information resources available, including a page on remote work and COVID-19 cybersecurity available from the Information Security portal.

Questions? Comments? Contact UMS Information Security at infosecurity@maine.edu.

(Content for this page was provided by Jean Schmidt, UMS Information Security Analyst)