Internet security threats continue to rise. Comparatively to the growing threats, there are too few security professionals in the field who are qualified to respond effectively. This session explores STEM's success but the importance to include 'Hacking' into the acronym as a means to introduce a wider audience of future potential security practitioners to address the workforce shortage. A combination of use cases, hacking success stories, and lessons learned, we discuss the benefits of introducing younger students to ethical hacking and information security. We will future explore various programs which introduce basic skills through to advanced techniques used in the penetration testing field. Given the future of Internet security's reliance upon a fresh crop of graduating students, the session will describe how breaking the mold of traditional education systems are already embracing STEHM without understanding how to define rubrics. STEM is good, but it's time to Make STEHM Great Again.
David Schwartzberg is a Senior Manager Security & Privacy at MobileIron, a mobile security company, where he specializes in mobile and network security. Utilizing his 6 years accounting experience and combined 22 years InfoTech and InfoSec experience, he speaks regularly with technology executives and professionals to help protect their corporate secrets and stay compliant. In his spare time he co-founded Hak4Kidz, and has blogged for Dark Reading, Naked Security, Barracuda Labs and currently for MobileIron Rethink:Security. He has spoken at conferences such as Black Hat Arsenal, BSides, Converge, DEF CON Packet Hacking Village, DerbyCON, GrrCON, OWASP AppSec, RSA Conference, THOTCON, (ISC)2 Congress and several others. David has earned several certifications in the field of Information Technology and Information Security. If you need to know the list of certifications, that's what Linkedin is for.
Chris Sistrunk is a Senior Consultant at Mandiant, focusing on cybersecurity for industrial control systems (ICS) and critical infrastructure. Prior to joining Mandiant, Sistrunk was a Senior Engineer at Entergy (over 11 years) where he was the Subject Matter Expert (SME) for Transmission & Distribution SCADA systems. Sistrunk helped organize the ICS Village, which was featured at DEF CON 22 and 23. He is a Senior Member of IEEE, member of the DNP Users Group, President of Mississippi Infragard and also is a registered Professional Engineer in Louisiana. He holds a B.S. in electrical engineering and an M.S. in engineering and technology management from Louisiana Tech University. Sistrunk also founded and organizes BSidesJackson, Mississippi's only cybersecurity conference.