Visit
Events
Give
Cybersecurity Center
CEI’s Cybersecurity Center serves as a central hub for joint cybersecurity information, resources, and coordinated efforts to serve the college and community needs. In 2019, CEI faculty, with assistance from advisory committee members and local industry, started pursuing the joint National Security Agency (NSA) and Department of Homeland Security (DHS) Center of Academic Excellence in Cyber Defense (CAE-CD) designation. This is a nationally recognized program for US Department of Education accredited colleges. In 2021, the Information Assurance and Cybersecurity AAS became a CAE validated Program of Study, and CEI a National Center of Academic Excellence. CEI is poised to be a cornerstone in cybersecurity education for the region. These coordinated efforts include corporate training through WTCE, credit programs through the Cybersecurity and Technology Department, CEI’s IT Services Department, industry members, and collaboration/articulation with Idaho universities and colleges.
Staff
Faculty are recruited from industry subject matter experts, providing students the best instruction possible while meeting CEI’s mission and respective program outcomes.
News and Resources
Information Security
Scanner Resources
National Resources
What are some basic security recommendations?
- Keep multiple forms and generations of backups (i.e. onsite disk, off-site cloud-based storage with file-history or snapshots)
- Keep anti-virus, operating systems (OS), and malware protection current through updates.
- Do not reuse passwords across sites! Carefully consider pros and cons of password vaults. (For more password recommendations, see passwords below.)
- Lock devices and do not leave mobile devices unattended.
- Verify email sources and links for legitimacy
- Be cognizant of security and privacy settings across social media platforms.
Phishing
This is a fraudulent attempt to gather any sensitive information, usually by some form of impersonation. Phishing executed over a variety of mediums, often by email, but also including messaging, and text. Spear phishing is tailored to a specific group or organization. According to KnowBe4, 91% of data breaches start with a successful spear phishing attack. For more information, see KnowBe4
How do I know if an email is phishing?
The IT Services and CEI Helpdesk have setup a phishing email button in email clients allowing users to mark a suspicious email for review. Any phishing tests and trainings will automatically notify if you successfully “caught” the phish.
How do I handle passwords and password security?
Basic principles of cryptography prescribe more degrees of entropy or “randomness” to increase the time an attack takes to carry out (i.e. longer, more complex passwords are stronger). Each additional character in a password exponentially increases the total possible password combinations. We recommend:
- Use long passwords, greater than 12 characters. This can be done using phase-phrases in combination with special characters, upper and lower case, and numbers. See webroot password tips.
- Make passwords complex within reason (i.e. use some special characters and numbers). Passwords written down are inherently insecure.
- Keep passwords memorable to you, but still secure (i.e. don’t use dictionary words alone because of dictionary-based attacks). Create your own long-password or passphrase system.
- Do not use simple dictionary word combinations or easily obtainable public information!
What should I do about viruses and malware?
As indicated above, keep current with OS updates, malware and antivirus, and firewalls. Limit file-sharing, unknown downloads or links, and especially email attachments. We also strongly recommend using non-administrator accounts for daily activities as much as possible. This will do much to prevent system-wide infections.
How can I be safe on the internet and with connections online?
Look for “https://” or the “lock” icon to ensure that communications are encrypted when sending sensitive information. These indicate varying degrees of safety on websites depending on the level of encryption used.
Do I need to be concerned about Mobile Devices and their security?
Banking malware is rising and cybercriminals are targeting mobile platforms. Credentials can be stolen via text/SMS, email, social media, etc. Any data you put “out there” is at risk. We recommend avoiding saving payment information, especially with smaller online vendors. Limit all personally identifiable information (PII) shared online, in any format, as guiding rule for good internet-hygiene.
Technical Advisory Committee
The Cybersecurity and Technology Department’s CTE focus is on preparing students for entry into the workforce upon graduation. It is essential that students in the ITS and CSEC programs receive instruction that enables them to find careers in industry. In order to meet this goal, the joint Technical Advisory Committee (TAC) provides industry feedback, technical skill, recommendations, networking, and additional opportunities to get involved.
The TAC is composed of primary and secondary stakeholders from the local community. Members add industry expertise, focus, resource assistance and opportunities, and serve as program advocates. The TAC meets regularly each semester and is a valuable partnership between education and industry, representing future employers in the local marketplace (e.g. student-employer mock interviews). A variety of small and large local business volunteers participate in the TAC. They represent private and public institutions including local, state, and federal governments. Please contact Don Williams or department faculty for information on getting involved or for other questions.