Blacks In Cybersecurity Makes History with Black Badge laden Capture The Flag Competition at DEF CON 29

LAS VEGAS, NV (BPRW) — Blacks in Cybersecurity known as “BIC” seeks to ignite a cultural change in the Black community through their Cybersecurity education and career pipeline initiatives. BIC seeks to educate and operate in a way to expose Cybersecurity as a hobby and outlet that can be experienced in any walk of life, in a casual and no-pressure environment. In reimagining the traditional way in which knowledge is shared and presented, and adopting a philosophy that encourages lifelong learning, skill building and “tinkering” with concepts to gain hands-on understanding, BIC seeks to change the face of what a stereotypical Cybersecurity professional or hobbyist may look like.

Since its conception in 2018, BIC has not only been the nexus for the Black Cybersecurity community in Washington, D.C. Metro area with their events and conference series but has expanded globally with over 40+ chapters referred to as “BIC@Locations” and “BIC@Campus” (University chapters) expanding across the United States, Canada, Europe and Africa. 

Michaela Barnett, Garrison Best and Blacks In Cybersecurity Village Staff at DEF CON 29. Photo courtesy: BIC

On August 8, 2021 Blacks In Cybersecurity was able to make Black History by having the honor and privilege of being the first black owned and operated competition to be present and to present a Black Badge to the winners of their competition. The DEF CON Black Badge is a “powerful talisman” , awarded to those who have emerged unbeaten from the crucible of an elite DEF CON competition. The competition that receives this badge varies from year to year and seeks to highlight the very best in competitors. Those who receive the badge enter DEF CON free of charge for the duration of their natural life. In participating in this honored pastime of the Hacker community, BIC seeks to continue its work in creating space for and uplifting the Black community in Cybersecurity.

— Source and images: Blacks In Cybersecurity and Black PR Wire


A D V E R T I S E M E N T

Explore Careers at Northwestern Mutual

IBM To Establish New Cybersecurity Center For US Federal Clients

IBM Center for Government Cybersecurity to help agencies navigate current and future threats Convenes advisory group of former government officials for expanded expertise

WASHINGTON—IBM today announced that it is creating the IBM Center for Government Cybersecurity, a collaborative environment focused on helping federal agencies address current and future cybersecurity threats. The center will facilitate events and learnings, drawing on IBM’s cybersecurity expertise from delivering software and managed services to over 17,500 security customers globally. Working with a group of internal IBM experts and external advisors, including former government officials with decades of cybersecurity experience, the center will leverage IBM technology and host workshops focused on priorities such as zero trust frameworks and cloud security, complemented by access to IBM Research labs to collaborate around the future of encryption.

As recent threats like SolarWinds and the Colonial Pipeline ransomware attack against critical infrastructure have shown, the threat landscape has crossed over from the digital world to the physical. In fact, the 2021 IBM Security X-Force Threat Intelligence Index found that ransomware accounted for 33% of the attacks on government organizations in 2020. With the US Federal government furthering its investment in hybrid cloud, new approaches for cybersecurity should focus on protecting both systems as well as data – no matter where it is – either on premise, in the cloud, or at the edge.

The IBM Center for Government Cybersecurity will be housed at IBM’s offices in downtown Washington DC. The new facility will feature secured laboratory space where government customers can collaborate on unique solutions for advanced security threats leveraging insights from demos of IBM technologies and services. Initially, IBM will conduct virtual sessions to accommodate any challenges to meeting in person, with the capability to execute engagements at on-site customer locations.

“IBM is committed to helping our US Federal government customers meet cybersecurity modernization requirements – both for current and future threats,” said Stephen LaFleche, General Manager Public and Federal Market, IBM. “Hybrid cloud environments can provide an opportunity to implement new technologies and techniques, like a zero trust framework and advanced encryption – while helping make the government more accessible and easier for citizens work with. These techniques are also being applied in other highly regulated industries, such as financial services, telecommunications and healthcare.” 

Center Exploring Current and Future Threats

A central goal of the IBM Center for Government Cybersecurity is to provide access to information on cybersecurity technologies IBM is using with the public and private sectors, and security innovations being developed in IBM Research laboratories via workshops. Some of initial examples of the sessions IBM will conduct include:

  • Adapting to a Zero Trust World – Exploring the unique implementation needs for government to apply the core principles of zero trust: least privilege access; never trust, always verify; and assume breach. IBM will leverage blueprints from successful public and private sector implementations to assist agencies to plan their zero trust journey. The session will explore four initiatives including: Securing the hybrid and remote workforce, Reducing the risk of insider threats, Protecting the hybrid cloud and Preserving customer privacy. As part of the center, IBM can demonstrate the capabilities of IBM Cloud Pak for Security to help orchestrate zero trust approaches. Customers can also experience the IBM Zero Trust Acceleration workshop to help manage new emerging requirements for a zero trust approach at US Federal agencies – with added expertise via partnerships like Zscaler and Illumio.
     
  • Hybrid Cloud Security Challenges for Data Portability – Part of adapting zero trust models is disrupting the architecture design for IT systems. Agencies using multi-cloud and multi-tenant environments may be looking to securely modernize their applications and move data between on premise and cloud environments. As part of this workshop, IBM Security architects can demonstrate the use of trusted execution environments, containers, and open standards as a reference point for future hybrid cloud designs via  IBM Security Services for Cloud. IBM is also helping customers protect data across hybrid environments for current threats. For example, IBM services and technologies are designed to maintain the highest available level of cryptographic key encryption protection to help protect existing data in the cloud1 and prepare for future threats that could evolve with advances in quantum computing. 
     
  • The Future of Cryptography – With modern day cryptographic techniques threatened by advancements in computing, IBM Research is expanding its efforts in hardening this essential technology. IBM currently has several Quantum-safe cryptography standards in consideration with NIST and is at the forefront of making data usable while encrypted via Fully Homomorphic Encryption (FHE) and Confidential Computing. As part of this workshop, IBM researchers can help US Federal agency teams understand the implications that the technology will have on next-generation architectures and security protocols. IBM Z helps agencies protect against, and respond to threats, with technologies such as: encryption everywhere for data at rest and in transit to protect against data loss or corruption.

Expertise Available via IBM Center

The IBM Center for Government Cybersecurity Advisory Group brings together former public sector leaders and private sector experts that can advise US Federal customers on historical challenges and help evaluate best practices for navigating current and future regulations and orders. Access to the advisory group will be made available via on-site and virtual conferences as well as individual discussions. The Center Advisory Group will also publish thought leadership and research on cybersecurity issues and solutions.

Advisory group members include:

  • Tony Scott – Former US Chief Information Officer
  • Curt Dukes – Former Information Security/Cyber Security Lead for NSA
  • Kiersten Todt – Former Cybersecurity Advisor for President Obama
  • Margaret Graves – Former Deputy Federal CIO and Deputy DHS CIO
  • Daniel Chenok – Former Branch Chief for OMB
  • Brian Dravis, Major General (ret) – Former Director Joint Service Provider DISA, DOD
  • Terry Halvorsen – Former DOD CIO, DON CIO, and Deputy Commander Network Warfare Command

The world-renowned IBM Security X-Force research organization will also be available via Center events. IBM Security X-Force monitors 150 billion+ security events per day in more than 130 countries. Early access to research from X-Force will be available for US Federal customers engaged via the Center.

IBM X-Force Command Cyber Tactical Operations Center

Industry’s first fully functional Security Operation Center (SOC) on wheels was launched by IBM in 2018. The IBM X-Force Command Cyber Tactical Operations Center (C-TOC) travels onsite for cybersecurity training, education and response, including immersive cyberattack simulations to help organizations improve their incident response efforts.

The IBM X-Force Command Cyber Tactical Operations Center (C-TOC) will travel onsite for cybersecurity training, education and response, including immersive cyberattack simulations to help organizations improve their incident response efforts.

The IBM X-Force C-TOC provides a gesture-controlled cybersecurity “watch floor,” data center and conference facilities that can accommodate two dozen operators, analysts and incident command center staff.

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world’s broadest security research, development and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide. IBM Security offers a completely flexible deployment model from consultancy, advice from industry experts, advanced technology to managed security services.

For more information, please check www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

Source and photo credits: IBM and Feature Photo Service

A D V E R T I S E M E N T

Visium Technologies Announces The Hiring of VP-Worldwide Sales

FAIRFAX, VA — Visium Technologies announced the appointment of Keith Scott as its Vice President of Sales and Client Success. Mr. Scott, brings with him more than 20 years’ experience at some of the world’s leading technology and cybersecurity enterprises, and will be responsible for all global direct sales and reseller functions. Keith’s responsibilities will encompass sales team leadership, accelerating Visium’s revenue through expanding Visium’s presence in new geographies, development of new channels, and contributing to the company’s marketing and business strategies.

Keith Scott “I’m pleased to have Keith coming aboard and am looking forward to seeing him make an immediate impact on sales and help us achieve significant growth,” said Mark Lucky, CEO of Visium Technologies.

“Keith has led winning sales operations teams for 20 years and he brings a strong track record of building global sales teams that are focused on delivering customer value and maximizing revenue opportunities.”

Mr. Scott brings a broad range of experience to his new position including executive sales and business development roles at both startups and large enterprise organizations, including with AppDynamics, FireEye, CA Technologies, Concord Communications, Getronics and J.G. Van Dyke & Associates. Three of these companies were acquired and two had successful IPOs. Moving quickly, Mr. Scott has already started an initiative to double Visium’s North American sales team by assembling the necessary regional and inside sales infrastructure including technical, channel and additional sales resources that will play an essential role in Visium’s revenue growth.

Keith Scott, (far right), is a U.S. Air Force veteran and Lifetime Member of BDPA. He brings with him more than 20 years’ experience at some of the world’s leading technology and cybersecurity enterprises supporting the Department of Defense and Intelligence Community (DOD/IC). Mr. Scott oversees regional Cyber Programs for National BDPA’s Greater Washington, D.C. Chapter (BDPA-DC). Above, Mr. Scott is participating in CyberEarth17, his region’s inaugural Earth Day Tech Summit with BDPA-DC and In3DC Incubator at Howard University. — Photo credit: Lynn Dunigan, © 2017 bdpatoday

“I’m honored to join the Visium team and help to build on the solid foundation of our context-based TruContextTM platform ensuring the best possible customer experience and enhancing the capabilities of existing cyber tools and technologies. Visium is perfectly positioned to help its clients improve business outcomes with visualizations and analytics. Exciting times!”

Source and top photo: Visium/ACCESSWIRE
Photos: bdpatoday


A D V E R T I S E M E N T

The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for The Big Story newsletter to receive stories like this one in your inbox.

NEW YORK—As America struggles to assess the damage from the devastating SolarWinds cyberattack discovered in December, ProPublica has learned of a promising defense that could shore up the vulnerability the hackers exploited: a system the federal government funded but has never required its vendors to use.

The massive breach, which U.S. intelligence agencies say was “likely Russian in origin,” penetrated the computer systems of critical federal agencies, including the Department of Homeland Security, the Treasury Department, the National Institutes of Health and the Department of Justice, as well as a number of Fortune 500 corporations. The hackers remained undetected, free to forage, for months.

The hackers infiltrated the systems by inserting malware into routine software updates that SolarWinds sent to customers to install on its products, which are used to monitor internal computer networks. Software updates customarily add new features, remove bugs and boost security. But in this instance, the hackers commandeered the process by slipping in malicious code, creating secret portals (called “back doors”) that granted them access to an untold bounty of government and company secrets.

The incursion became the latest — and, it appears, by far the worst — in a string of hacks targeting the software supply chain. Cybersecurity experts have voiced concern for years that existing defenses, which focus on attacks against individual end users, fail to spot malware planted in downloads from trusted software suppliers. Such attacks are especially worrisome because of their ability to rapidly distribute malicious computer code to tens of thousands of unwitting customers.

This problem spurred development of a new approach, backed by $2.2 million in federal grants and available for free, aimed at providing end-to-end protection for the entire software supply pipeline. Named in-toto (Latin for “as a whole”), it is the work of a team of academics led by Justin Cappos, an associate computer science and engineering professor at New York University. Cappos, 43, has made securing the software supply chain his life’s work. In 2013, Popular Science named him as one of its “Brilliant Ten” scientists under 40.

Cappos and his colleagues believe that the in-toto system, if widely deployed, could have blocked or minimized the damage from the SolarWinds attack. But that didn’t happen: The federal government has taken no steps to require its software vendors, such as SolarWinds, to adopt it. Indeed, no government agency has even inquired about it, according to Cappos.

“In security, you almost never go from making something possible to impossible,” Cappos told ProPublica, during two video interviews from Shanghai, where he is teaching. “You go from making it easy to making it hard. We would have made it much harder for the [SolarWinds] attackers, and most likely would have stopped the attack.” Although the SolarWinds breach was a “really sneaky” approach, Cappos said, “in-toto definitely can protect against this. It’s very possible to catch it.”

In-toto’s system has supporters among experts in the government and corporations. When ProPublica asked Robert Beverly, who oversees in-toto’s federal grant as a program director at the National Science Foundation, whether using in-toto could have saved the government from the hack, he replied, “Absolutely. There seems to be some strong evidence that had some of the, or all of the, in-toto technologies been in place, this would have been mitigated to some extent.” Beverly, whose NSF responsibilities include “cybersecurity innovation for cyberinfrastructure” and who is on leave from his post as a computer science professor at the Naval Postgraduate School, added that it’s impossible to know for sure what impact in-toto would have had, and that the system remains at an early stage of adoption. “Unfortunately,” said Beverly, “it often takes some of these kinds of events to convince people to use these kinds of technologies.”

Some companies have embraced in-toto, and others, like Microsoft, have expressed interest. “I am a big fan of in-toto,” Kay Williams, head of Microsoft’s initiatives in open source and supply-chain security, said in an email to ProPublica. A second Microsoft program manager, Ralph Squillace, praised in-toto in a recent NYU press release for applying “precisely to the problems of supply chain confidence the community expects distributed applications to have in the real world.” (After Williams’ initial response, Microsoft declined to comment further.)

One senator blasted the government’s failure to use a system it paid for. “The U.S. government invested millions of dollars in developing technology that can protect against this threat, and while several large technology companies have already adopted it, they are the exception,” said Sen. Ron Wyden, D-Ore., a member of the Senate Intelligence Committee. “The government can speed up industry adoption of this best practice by requiring every government contractor to implement the best available technology to protect their supply chains.”

The in-toto system requires software vendors to map out their process for assembling computer code that will be sent to customers, and it records what’s done at each step along the way. It then verifies electronically that no hacker has inserted something in between steps. Immediately before installation, a pre-installed tool automatically runs a final check to make sure that what the customer received matches the final product the software vendor generated for delivery, confirming that it wasn’t tampered with in transit.

Cappos and a team of colleagues have worked to develop the in-toto approach for years. It’s been up and running since 2018. The project received a three-year grant from the National Science Foundation that year, aimed at promoting “widespread practical use” of in-toto. (Later in 2018, President Donald Trump signed the Federal Acquisition Supply Chain Security Act, aimed at protecting government secrets from software supply-chain threats.)

In-toto could block and reveal countless cyberattacks that currently go undetected, according to Cappos, whose team includes Santiago Torres-Arias, an assistant electrical and computer engineering professor at Purdue University, and Reza Curtmola, co-director of the New Jersey Institute of Technology’s Cybersecurity Research Center. In an August 2019 paper and presentation to the USENIX computer conference, titled “in-toto: Providing farm-to-table guarantees for bits and bytes,” Cappos’ team reported studying 30 major supply-chain breaches dating back to 2010. In-toto, they concluded, would have prevented between 83% and 100% of those attacks.

“It’s available to everyone for free, paid for by the government, and should be used by everyone,” said Cappos. “People may still be able to break in and try to hack around it. But this is a necessary first step and will catch a ton of these things.” The slow pace of adoption is “really disappointing,” Cappos added. “In the long game, we’ll win. I just don’t know that we want to go through the pain that it’ll take for everyone to wise up.”

One of in-toto’s earliest adopters, starting in 2018, was Datadog, a SolarWinds competitor that provides monitoring software for internet cloud applications. Now a publicly traded company with 2020 revenues of nearly $600 million, its customers include Nasdaq, Whole Foods and Samsung. Datadog uses in-toto to protect the security of its software updates. In an NYU press release, Datadog staff security engineer Trishank Kuppusamy, who worked on the program’s design and implementation, said that what distinguishes in-toto is that it “has been designed against a very strong threat model that includes nation-state attackers.” (Datadog did not reply to ProPublica’s requests for comment.)

The General Services Administration, which provides access to software for federal government agencies, still lists SolarWinds products available for purchase. But it said in a statement that “compromised versions” of SolarWinds programs identified by DHS are no longer available.

SolarWinds itself declined to weigh in on whether its hack could have been prevented. “We are not going to speculate on in-toto and its capabilities,” a spokesman said in an emailed statement. “We are focused on protecting our customers, hardening our security and collaborating with the industry to understand the attack and prevent similar attacks in the future.”

Previously little known to the general public, SolarWinds is a public company based in Austin, Texas, with projected 2020 revenues of just over $1 billion. It boasts of providing software to 320,000 customers in 199 countries, including 499 of the Fortune 500 companies. In a recent SEC filing, the company said its flagship Orion products, the vehicle for the cyberattack, provide about 45% of its revenues. A SolarWinds slogan: “We make IT look easy.”

After the hack was discovered, SolarWinds’ stock plunged, and it is now facing shareholder lawsuits. The company has shifted aggressively into damage-control mode, hiring CrowdStrike, a top cybersecurity firm; elite Washington lobbyists; a crisis-communications advisor; and the newly formed consulting team of Christopher Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (who was famously fired for contradicting Trump’s claims of mass voting fraud) and Alex Stamos, former security chief at Facebook.

News of what’s now known as the SolarWinds attack first came on Dec. 8. That’s when FireEye, perhaps the nation’s preeminent hack-hunter, announced that it had itself fallen victim to a “highly sophisticated state-sponsored adversary” that had broken into its servers and stolen its “Red Team tools,” which FireEye uses to try to hack into the computer networks of its clients as a test of their cyber-defenses. FireEye soon discovered the attackers had gained access through corrupted updates to the SolarWinds Orion network-monitoring software that it used.

On the evening of Dec. 13, CISA issued an emergency directive, identifying SolarWinds as ground zero for the hack and alerting federal agencies using Orion products to disconnect them immediately. Over the following weeks, investigators discovered that SolarWinds had been targeted back in early September 2019, when hackers started testing their ability to inject code into its software updates. After remaining undetected for months, they inserted malware in new updates between February and June 2020. SolarWinds estimated these infected updates affected “fewer than 18,000 of its customers.”

Precisely what the hackers saw, and stole, has yet to be determined and is under investigation. But the full impact of the breach is becoming clearer, as we now know it touches several tech companies, including Microsoft. The software giant has also labored to limit the damage by helping seize an internet domain in the U.S. that the hackers used to siphon data from some SolarWinds customers.

Stamos told the Financial Times, in an interview after being hired to help SolarWinds, that he believed the attackers had embedded hidden code that would continue to give them access to companies and government agencies for years. He compared the situation to Belgian and French farmers going out into their fields where two world wars were fought and discovering an “iron harvest” of unexploded ordnance each spring.

Dmitri Alperovitch, who co-founded CrowdStrike (the cybersecurity firm SolarWinds has hired to investigate the hack) before leaving last year to start a nonprofit policy group, said he thinks that, in theory, the in-toto system could work. But he warned that software is so complex, with many products and companies in the supply chain, that no one defense is a panacea. Still, he agrees that in-toto could provide protection, and said “it’s always a good thing to have more protection for supply chains.”

Russian intelligence services have clearly identified supply-chain attacks “as a much better way to get in,” offering “a much bigger set of targets,” Alperovitch said. “This is an indictment of the entire cybersecurity industry, as well as the intelligence community, that they were able to orchestrate such a broad, sweeping attack right under our noses.”

Top 25 Tech Stories from 2020

Select here for dynamic Air Force careers in Cyber and Tech

WASHINGTON ―The wait is finally over for the very end of 2020. The latest lists from Industry of top stories in tech, cyber, and STEM likely will loom much larger in the fog of 2021. Topping the charts for 2020 during National BDPA’s 45th Anniversary year were stories directly and indirectly related to COVID-19Big TechCybersecurity, and Social Unrest amidst a wider and much deeper ‘Digital Chasm‘ connecting underserved communities with their respective populations during a pandemic.

The Top 25

Most of the top 25 stories highlighted below for 2020 previously were shared with Industry, communities of color, traditionally marginalized communities, and underserved communities inside or on the covers of weekly and monthly publications. 

25. Earth Day Tech Summit: BDPA and UDC Earth Day Summits go virtual due to COVID-19. [April 2020 edition of bdpatoday]

24. Digital Divide: 51,000 laptops with Internet services were provided to students in Detroit, MI. [bdpatoday.com]

23U.S. Naval Academy: Midshipman First Class Sydney Barber becomes the first Black female to lead Brigade of Midshipmen. Upon graduation in May of 2021, MIDN Barber will receive her commission as an officer in the United States Marine Corps. [bdpatoday 11.14.20 ICYMI edition]

22. Zoom: In order to meet exponential growth and unprecedented demand, Oracle is selected as a cloud infrastructure provider for Zoom meetings. [bdpatoday 05.02.20 ICYMI edition]

21. U.S. Navy: LTJG Madeline G. Swegle becomes the U.S. Navy’s first Black female Tactical Air (TACAIR) jet pilot. [July 2020 edition of bdpatoday]

20. NIST: The National Institute of Standards and Technology’s (NIST) Privacy Framework Version 1.0 was released to help organizations identify and manage privacy risk for building innovative products and services while protecting individuals’ privacy. [ bdpatoday 01.18.20 ICYMI edition]

19. Digital Divide: T-Mobile launches Project 10-Million. [bdpatoday 10.03.20 ICYMI edition]

18. COVID-19: Apple and Google partner on contact-tracing technology. [bdpatoday.com]

17. Tesla: Headquarters and Gigafactory moves are heading to Austin, TX. [bdpatoday.com]

16. HPC: Lewis Hamilton wins 7th FIA Formula One championship powered by edge-to-core analytics with high-performance computing (HPC) from HPE. [bdpatoday 11.28.20 ICYMI edition]

15. COBOL: Federal, State, and Local governments call for more COBOL programmers to assist staff with stimulus, relief, and unemployment checks. [bdpatoday 04.04.20 ICYMI edition]

14. Exascale Day!: October 18th is Exascale Day. HPE, JEF, and BDPA welcomed “10 to the 18th power” or “10^18” during Exascale Day Weekend launching a series of supercomputer, HPC, and artificial intelligence (Ai) webinars. [October 2020 edition of bdpatoday]

13. Digital Divide: Best Buy Foundation awards a community grant to BDPA’s Tablets For Teensprogram and regional initiatives. [bdpatoday.com]

12. BDPA2020: National BDPA’s 45th Anniversary, Annual Technology Conference, Diversity Career Fair, I.T. Showcase, Mobile App Showcase, and the annual National High School Computer Competition (HSCC) collectively go 100-percent virtual for the first time in the Association’s history. #BDPA2020 was successfully delivered across all mobile platforms. [August 2020 Special Edition of bdpatoday

11. USASMDC: The University of Alabama in Huntsville (UAH) and BDPA Huntsville launch a new Cyber Workforce initiative with the U.S. Army’s Space and Missile Defense Command (USASMDC.) [bdpatoday 10.31.20 ICYMI edition]

10. Digital Divide: Microsoft awards $15 million in Community Skills Grants, an investment over three years to fifty (50) Black- and African American-led nonprofits that are working to increase skill development and economic opportunities. The H.O.P.E. Project DMV in partnership with National BDPA’s Greater Washington, D.C. Chapter (bdpadc.org) are one of Microsoft’s grant recipients for 2020. [bdpatoday.com]

9. AFRL: In fiscal year 2021 (FY21), the U.S. Air Force Research Laboratory’s (AFRL) Small Business Technology Transfer (STTR) program seeks to ink new and innovative deals with emerging small businesses and HBCU mission partners to meet or exceed the Department of the Air Force’s (DAF) priorities. [bdpatoday May 2020 edition] 

8. Cryptocurrency: Bitcoin’s latest rise in 2020. For the first time in its history, Bitcoin reached $20,000. According to CNBC, the world’s most-valuable virtual currency traded 5.6% higher on Wednesday, December 16, 2020, to a new price of around $20,600, taking its year-to-date gains north of 180%! [bdpatoday.com]

7. SpaceX: The launch of two NASA astronauts aboard the Crew Dragon spacecraft to the International Space Station (ISS) marked the first private spaceflight company to send a crewed spacecraft into space. [bdpatoday June 2020 edition] 

6. SolarWinds: Government agencies ‘hacked’ again ― stories from Federal, State, and Local agencies are still unfolding as we venture deeper into 2021. [bdpatoday.com]

5. Wall Street: Nasdaq advances “diversity” as stocks in 2020 across most major indices reached record highs. Nasdaq soon may adopt new listing rules related to board diversity and disclosures. [bdpatoday.com]

4. White House: As the daughter of two immigrants from Jamaica and India, Vice President-Elect Kamala Harris’ historic election breaks several barriers. “All eyes are on Georgia” as the next President of the Senate awaits Georgia’s runoff election results to determine control of the U.S. Senate. [bdpatoday November 2020 edition] 

3. Big Tech vs. Uncle Sam: On October 6, 2020, bdpatoday.com featured a story about the House Judiciary Committee’s Antitrust Subcommittee’s release of findings of its more than 16-month long investigation into the state of competition in the digital economy, especially the challenges presented by the dominance of Apple, Amazon, Google, and Facebook and their business practices. On October 20, 2020, bdpatoday.com shared a story from the Department of Justice (DOJ.) DOJ — along with eleven state Attorneys General — filed a civil antitrust lawsuit in the U.S. District Court for the District of Columbia to stop Google from unlawfully maintaining monopolies through anticompetitive and exclusionary practices in the search and search advertising markets and to remedy the competitive harms. In 2021 and the foreseeable future, “Big Tech” will have its day in Congress and the Courts from at least two branches of government. In the pipeline will be renewed battles over Section 230 of the Communications Act of 1934 (at 47 U.S.C. § 230). “Section 230” provides immunity for content providers and website publishers from third-party content. [bdpatoday.com]

2. COVID-19: “All Hands On Deck” for scientists, engineers, physicians, logisticians, STEM technicians, and I.T. professionals. “Digital divides” and “heath desert” challenges across the globe in underserved communities are hampering vaccine distributions as 2020 fades away. [bdpatoday December 2020 edition]

Number 1. Digital Divide and Social Unrest: Black Data Matters, Black Tech Matters, Black Consumers Matter, all lives matter, every student ― #BDPAfuture ― really matters. Founded by Earl A. Pace, Jr. in Philadelphia, PA as Black Data Processing Associates, BDPA was established in 1975 to promote and share awareness across traditionally underserved or marginalized communities of new “Data Processing” careers with related technical job openings in “Computer Science” fields. Today, BDPA’s mission has not waivered.

The pandemic of 2020 coupled with civil unrest across several U.S. cities revealed widening ‘digital chasms’ with news deserts, health deserts, and food deserts in every corner of America leading up to our top stories for 2020. Systemic racism, cultural biases, social discord, oppression from deep within our society’s soul, and gerrymandered redlining transgressions still are shrewdly perpetuated today through outdated laws, discriminatory policies, algorithmic bias, obsolete technology, and dilapidated infrastructures. To this end, our lead success stories feature BDPA, its ICT Industry partners, major corporations, and local BDPA Chapter mission-partners making impact investments to help eliminate “deserts” within digitally divided communities as millions of students, teachers, and parents where forced home; many with little or no access to high speed Internet services. [bdpatoday.com]

In Memoriam

Last October, National BDPA celebrated the life of Vivian C. Wilson, the first women elected to the Association’s chief executive role of National BDPA President.

BDPA Nation also said goodbyes in 2020 to iconic Black Panther star Chadwick Boseman; Dr. George Robert Carruthers, an inventor, physicist, engineer and space scientist; Roderick “Rod” Wesley Flakes, former President, BDPA (Boston) Mass MetroWest Chapter and engineer at Digital Equipment Corporation (DEC); U.S. Supreme Court Justice Ruth Bader Ginsburg; one of NASA’s “Hidden Figures” Katherine Johnson; U.S. Representative John LewisNorman Shakespeare, former Vice President of Strategic Planning, BDPA (Boston) Mass MetroWest Chapter; model and restaurateur Barbara “B” Smith; and Charles “Chuck” Yeager, World War II ace fighter pilot and U.S. Air Force quintessential test pilot.

Up Next

2021 has arrived! In May 2021, bdpatoday (ISSN 1946-1429) launches its 15th year to proudly serve more I.T. technicians and cybersecurity professionals, new HBCU Chapters, new student members, and new consumers in every industry. To add your team’s success stories in tech, cyber, and STEM along with new campaigns or press releases, contact our team directly at: info@bdpatoday.org – or – press@bdpadc.org.

₵ode on¢e. $ell Many!  bdpatoday.com

Select here for bdpatoday Archives

______________________

Key words: #5G #Ai #AirForce #AFRL #Army #BDPA #bdpatoday #BigTech #Bitcoin #COBOL #cryptocurrency #cyber #DigitalDivide #diversity #DOD #DOJ #Gigafactory #hackers #HBCU #HPC #HSCC #Huntsville #ICT #innovation #MarineCorps #Navy #Nasdaq #SBIR #SEC #Section230 #SMDC #SpaceForce #STEM #STTR #supercomputer #tech #technology #USASMDC #WallStreet

U.S. Senate confirms new Air Force Chief of Staff with a unanimous historic vote

Select here for exciting civilian careers in tech and cyber

WASHINGTON―General Charles Q. Brown, Jr. will become the first black service member to lead an American military branch after lawmakers on Tuesday voted to make him the Air Force’s 22nd chief of staff.  He currently is serving as the Commander, Pacific Air Forces; Air Component Commander, U.S. Indo-Pacific Command; and Executive Director, Pacific Air Combat Operations Staff, Joint Base Pearl Harbor-Hickam, Hawaii. PACAF is responsible for Air Force activities spread over half the globe in a command that supports more than 46,000 Airmen serving principally in Japan, Korea, Hawaii, Alaska and Guam.

General Brown was commissioned in 1984 as a distinguished graduate of the ROTC program at Texas Tech University. He has served in a variety of positions at the squadron and wing levels, including an assignment to the U.S. Air Force Weapons School as an F-16 Fighting Falcon Instructor. His notable staff tours include Aide-de-Camp to the Chief of Staff of the Air Force; Director, Secretary of the Air Force and Chief of Staff Executive Action Group; and Deputy Director, Operations Directorate, U.S. Central Command. He also served as a National Defense Fellow at the Institute for Defense Analyses, Alexandria, Virginia.

General Brown has commanded a fighter squadron, the U.S. Air Force Weapons School, two fighter wings and U.S. Air Forces Central Command. Prior to his current assignment, he served as the Deputy Commander, U.S. Central Command.

General Brown is a command pilot with more than 2,900 flying hours, including 130 combat hours. He is a distinguished graduate of Air Command and Staff College and a 1984 graduate of Texas Tech University, with a Bachelor of Science degree in Civil Engineering.

― Source and photo: United States Air Force

A D V E R T I S E M E N T

From “Grants-to-Contracts”, discover new research and development (R&D) contract opportunities and Small Business Technology Transfer (STTR) programs for your firm and your school during BDPA2020’s special Air Force Research Lab HBCU Collider track.

Select here, register today for BDPA2020.

Free and Low Cost Online Cybersecurity Learning Content — Get Started Now

Data Science Opportunities
ADVERTISEMENT

GAITHERSBURG, MD — During this unusual time in our lives, many of us find we want to improve our knowledge, skills or even prepare for new career opportunities. If you are interested in cybersecurity careers, need to change careers or close technical gaps in your current resume, there are numerous online education providers to choose from. Many online courses are available from your local community college, four-year universities, even the prestigious Centers of Academic Excellence (CAE) programs – please review all options.

nist-logo2

The National Initiative for Cybersecurity Education (NICE) is a partnership between government, academia, and the private sector focused supporting the country’s ability to address current and future cybersecurity education and workforce challenges through standards and best practices. The following links from NICE’s site are not endorsements, but list free and low-cost online educational content on topics such as information technology and cybersecurity. Some, not all, may contribute towards professional learning objectives or lead to industry certifications and online degrees. Please note that their site will continue to be updated as new information is gathered and edited for clarity and accuracy for your family, school, or business.

Name and Hyperlink to your Materials*Description**
CompTIAFree online training for CompTIA IT Fundamentals and other resources.
CLARK Center Plan CFree cybersecurity curriculum that is primarily video-based or provide online assignments that can be easily integrated into a virtual learning environments.
Culture of CybersecurityFree, downloadable kids activities to help your family learn basic cybersecurity concepts and defense strategies.
CybraryFree information technology and cybersecurity training portal.
EC-CouncilFree resources for the information security community in the form of webinars, blogs, online video training, and much more.
ElasticFree on-demand Elastic Stack, observability, and security courses.
Federal Virtual Training Environment (FedVTE)Free online cybersecurity training for federal, state, local, tribal, and territorial government employees, federal contractors, and US military veterans.
FortinetFree access to the FortiGate Essentials Training Course and Network Security Expert courses 1 and 2.
IBM (hosted by Coursera)Free (7-day trial) suite of courses on IT Fundamentals for Cybersecurity Specialization.
IBM Security Learning AcademyFree technical training for IBM Security products.
(ISC)2 Webinars and CoursesFree technical webinars and courses to earn Continuing Professional Education (CPEs).
(ISC)2 Utilizing Big DataFree course for (ISC)2 members (low cost for non-members) that provides an overview of Big Data components, architectures and applications.
NICCS Education and Training CatalogDatabase of free and for pay, online and in person courses.
Open P-TECHFree digital learning on the tech skills of tomorrow.
PluralsightFree access to 7,000+ expert-led video courses and more during the month of April.
SANSFree cybersecurity community resources and programs.
SANS Cyber Aces OnlineFree online course that teaches the core concepts needed to assess and protect information security systems.
TestOut’s 2020 K12 GrantFree TestOut courses for K12 teachers. Application process required.
UdemyHeavily discounted online courses for various certifications.

*Materials are related to coding, product training, certification preparation or general IT and cybersecurity skills development, and teacher training and curriculum.
**Some of these materials may only be free or low cost (less than $100) for a limited time.

Cyber Keyboard

For more information on how to add additional information or to correct an error, please email NICE.
   →  nice.nist@nist.gov.

Source:
NICE Program Office
nist.nice@nist.gov
(301) 975-5048
100 Bureau Dr.
Gaithersburg, MD 20899

National BDPA and local BDPA Chapters have broadened outreach to Historically Black Colleges and Universities and Minority Serving Institutions (HBCU/MSI) to include establishing BDPA chapters with HBCU/MSIs, CAE schools, and community colleges already certified by the National Security Agency (NSA) and the Department of Homeland Security (DHS) in research (CAE-R), cyber defense (CAE-CD), or cyber operations (CAE-CO).

=====

BDPA-DC/HOPE Project Tech Partnership initiative is to assist HBCU students and graduates with earning CompTIA technical certifications.  In addition to assisting with technical certification HOPE Project will assist HBCU grads with career coaching and access to our employer network. 

The program is open to any HBCU STEM Major or recent HBCU Stem Graduate.  We anticipate awarding 40 scholarships in 2021.  Candidates can select from any one of the three CompTIA certifications, A+, Network+ or Security+ • Apply now and before January 7th, 2022 with your latest resume by visiting: https://www.hopeprojectonline.com/hbcu

=====

To launch a new BDPA Chapter on campus, email: info@bdpa.org  today and partner with us during #BDPACon22 in Atlanta, GA August 18-20, 2022.  Visit BDPA.org to discover more . . .

memphis-bdpa-students

Start-Ups. Small Businesses. HBCU/MIs.
Take flight from “Grants-to-Contracts!” The United States Air Force plans to grow its venture investment substantially this year. To that end, Air Force, in partnership with National BDPA is providing step by step technology transfer workshops for start-ups, small businesses, and research institutions during this year’s Air Force STTR HBCU Virtual Collider.

Blacks in Cybersecurity host Winter Summit 2020

ARLINGTON, VA — Building upon 2019’s inaugural year, this year’s convening of Blacks in Cybersecurity (BIC) Winter Summit 2020 at Marymount University provided an excellent venue with workshops for very diverse audiences and small business owners exploring DevSecOps, information security, and new cybersecurity challenges.

BIC understands these programs are vital for emerging information and communications technology (ICT) industries to promote and support broader engagements across underserved and under-represented communities. This year’s highlights included distinguished professionals from industry and academia complimenting BIC’s Blue Team and Capture The Flag (CTF) workshops (shown below).

Blacks In Cybersecurity, is a Cybersecurity Conference Series all encompassing professional networking and development for minorities in cybersecurity fields. BIC promotes the advancement, knowledge, and cybersecurity education across STEM communities.

According to their leadership team, Blacks In Cybersecurity is attending or participating in Black Hat USA, DEF CON 28, BDPACon20, and hosting their BIC Fall Summit 2020 later this year.

For upcoming engagements, visit → https://www.blacksincyberconf.com/ 

— Sources: Blacks In Cybersecurity, LLC and BDPAdc.org
photos ©  2020 bdpatoday

A D V E R T I S E M E N T
Register now for BDPACon20 • August 20-22, 2020 • Atlanta, Georgia

BDPA Memphis Welcomes new Computer Science Graduates to Industry

New Cyber and STEM civilian careers with the Department of the Air Force

MEMPHIS, TN — BDPA Memphis Student Members graduated this week with Computer Science Degrees from the University of Memphis. Other BDPA Student Members not only graduated with Computer Science Degrees, some graduated from CodeCrew Code School and Tech901.

memphis-bdpa-bdpacon18

According to BDPA Memphis, for students considering a future in IT, or want to learn more about technology, BDPA can help develop technical skills, make introductions to role models, and open doors to new tech internships or that first IT career opportunity.

bdpatoday | December 2019

For start-ups and entrepreneurs who provide IT-related services and products, a BDPA membership is an invaluable asset. BDPA introduces businesses to individuals with purchasing power. Interact with potential business partners, investors, and certified employees.

In 2018, nine students from National BDPA’s Memphis Chapter qualified to attend #BDPACon18, the annual BDPA National Technology Conference and Career Expo in New Orleans, LA.

Two mobile apps were presented at the conference: Microball Gaming (by Bryce Ellis), a three-in-one video game with augmented reality and real time multiplayer, and Edesia (by Kareem Dasilva), an app that finds nearby food trucks in real time.  Bryce won second place in the app competition, receiving a $2500 scholarship.

Three BDPA students won other scholarships (Jada Thomas, Monsanto Scholarship, $2500; Brandon Ellis, Oracle Scholarship, $2500; Cody Seymour, Oracle Scholarship, $2500), and three students participated in judging the High School Computer Coding Competition.  High school participant Milton Turner placed second in the Information Technology Showcase for his presentation on the risks of having a “smart city.”

BDPA Memphis’ advisor, CodeCrew Executive Director Meka Egwuekwe, was awarded the Individual Pace Setter Award for his leadership in developing STEM education in Memphis.

— Source and photos: BDPA Memphis

ADVERTISEMENT

BDPA Huntsville | 2020 Regional Conference

Energy sector braces for ‘Black Swan’ Cyber Attacks and Power Grid outages

Select here to review exciting civilian careers available today in the Department of the Air Force.

WASHINGTON — The North American Electric Reliability (NERC) hosted GridEx V this week. The annual Grid Security Exercise (GridEx) is an opportunity for utilities to demonstrate how they would respond to and recover from simulated coordinated cyber and physical security threats and incidents, strengthen their crisis communications relationships, and provide input for lessons learned. This exercise is conducted every two years.

According to NERC, over 6,500 participants representing more than 425 government and energy sector organizations in the United States, Canada and Mexico took part in the two-day exercise.

GridEx V was designed for distributed play, coordinated locally by a designated asset owner and operator lead planner. An executive tabletop exercise (TTX) occurred concurrently with senior industry and government leaders. Due to the sensitive nature of scenario discussions, this exercise program was not open to the general public nor the media.

These geographically-distributed exercises are designed to execute the electricity industry’s crisis response to simulated coordinated cyber and physical security threats and incidents, to strengthen utilities’ crisis response functions, and to provide input for lessons learned.

Sources: NERC and Security Week

 


A D V E R T I S E M E N T
Exhibitors. Panelists. Speakers. Sponsors. Mission Partners.  To engage, email: events@bdpadc.org
#CyberEarth2020: Select here to support local Smart City teams.
%d bloggers like this: