Miami University Cyber Security Club

Last night was incredible! Thank you so much to the Women in Cyber panelists who came to Miami University College of Engineering and Computing to share your insights and experiences with our students. Our guest panelists were: Michelle Gabberly (Abercrombie & Fitch Security Engineer), Roxanne Carr (Synchrony Financial SVP - Application Security), Tessa D'Souza (Cryptic Vector Cyber Engineer), Cyan Perez (Procter & Gamble Security Engineer), Margaret Schwab (Fifth Third Bank VP, Product Leader - IS Identity & Access Management), and Sarah Frisbie (Altafiber Director of Network Engineering.) Thank you so much to each of you for bringing your invaluable expertise and perspectives last night to CEC. This event was entirely student-run and student-organized. Created through a collaboration between Miami University's chapter of Society of Women Engineers and the Miami University Cyber Security Club - and the leadership of CEC students Frederick Levins and Megan Walston - this event provided an unparalleled networking and learning opportunity for all. Thank you, Frederick and Megan, for leading the effort to bring this phenomenal group of female cyber experts to campus.

Coming tomorrow, MUCSC and Miami University Society of Women Engineers are hosting an amazing panel of cybersecurity experts! We are proud to have representation from industry leading companies joining us to speak about their experiences in cyber. Join us to hear from Margaret Schwab, Cyan Perez, Tessa D'Souza, Roxanne Carr, Michelle Baggerly, and Sarah Frisbie! Huge thank you to our panelists for taking the time to join us! WHEN: Wednesday, Nov. 6th | 6:30 - 8 PM WHERE: Benton 102

Huge thank you to Miami University's CISO John Virden for speaking to our club last night! John went over a standard formula for quantifying risk, Risk = Threat x Vulnerability x Impact. He gave us examples of this formula in action and then transitioned into how Miami's Information Security Office is structured and what their daily roles look like. Finally, he ended his speech with incident response workflow and examples! We are very grateful to learn from an experienced industry leader. Thank you John!

MUCSC x Miami University Society of Women Engineers We are thrilled to announce that MUCSC and SWE are hosting a Women in Cybersecurity panel discussion! On Wednesday, November 6th, panelists from Abercrombie & Fitch Co., Procter & Gamble, altafiber, Fifth Third Bank, Synchrony, and Cryptic Vector will be joining us to discuss their professional experience and tips for breaking into the industry, followed by Q&A. This is an amazing opportunity to network with and learn from seasoned professionals! Stay tuned for more information leading up to the event! WHEN: Wednesday, Nov. 6th | 6:30 - 8 PM WHERE: Benton (BEN) 102

This week in MUCSC, Blake R. is hosting a Web-Application Penetration Testing workshop. Businesses with strong cybersecurity postures often test their applications for vulnerabilities on a regular interval. Doing so enables their security teams to find vulnerabilities, and patch them, before a threat actor can exploit those vulnerabilities, causing an incident. In this week's workshop, Blake will teach us the basics of web-app testing, leveraging his Red Team experience over the last three summers. After his presentation, we will practice our offensive security skills through a CTF challenge that Blake designed! WHEN: Wednesday, Oct. 23rd | 6:30-7:30PM WHERE: McVey (DSB) 126

You wouldn't share your credit card information over text messaging or store it as the background of your phone. In cybersecurity, the same standards should be followed. Data at rest and in transit should always be encrypted. Tomorrow, MUCSC is hosting a cryptography workshop focused on password hashing and email encryption. Following the presentation, we will have password hashing workshops to practice encrypting/decrypting asymmetric keys! Cryptography is the backbone of secure online communication, maintaining confidentiality and integrity of data. Additionally, it can mitigate cyber attacks by safeguarding sensitive information from unauthorized access. We hope to see you there! WHEN: Wednesday, 10/15 | 6:30 - 7:30PM WHERE: McVey (DSB) 126/128

Threat actors love to sing about vulnerabilities that they've exploited. But much more silently, organizations are constantly patching vulnerabilities to avoid an incident. Tomorrow, Alec Byrd will be running a workshop about network exploitation and mitigation techniques. He will teach us network reconnaissance techniques, used in offensive security to find open vulnerabilities, transitioning then into the defensive side with how these vulnerabilities are documented and patched! This workshop will have something for all skill levels, we hope to see you there! WHEN: Wednesday, 10/9 | 6:30-7:30PM WHERE: McVey (DSB) 126/128

🚨Breach Alert🚨... just kidding. In MUCSC, we understand the value using OSINT/OPSEC as tools for cybersecurity threat mitigation. This week, Frederick Levins will be hosting a workshop highlighting why OSINT/OPSEC are important. Further, he will walk us through a case study demonstration of OSINT being leveraged to gather threat intelligence, transitioning into how OPSEC can be used to harden systems against potential vulnerabilities. We hope to see you all there! WHEN: Wednesday, 10/2 from 6:30-7:30PM WHERE: McVey (DSB) 126/128

Industry Speaker Success! MUCSC would like to thank Deral Heiland for presenting an IoT workshop to us last night! Deral performed a live firmware exploitation of a camera device, the same workshop he presented at DefCon this year. He shared his vast knowledge of penetration testing with our members, a truly fascinating experience! Be sure to keep an eye out for our next industry speaker, you won’t want to miss these!

MUCSC SPEAKER SERIES PRESENTS: Deral Heiland | Principal Security Researcher (IoT) at Rapid7 Deral has over 30 years of experience working in Information Systems and Network Security, spending the last 10 years at Rapid7 working on security assessments and penetration testing. Most recently, he has researched IoT security and penetration testing. Everyday, businesses are using IoT capability to automate business processes. Doing so provides business with efficiency that is crucial to be competitive. There are inherit risks with connecting multiple systems, however, which Deral will discuss with MUCSC tomorrow. We encourage anyone interested in cybersecurity to capitalize on this opportunity to learn from an industry leader! WHEN: 6:30-7:30PM | September, 24th WHERE: McVey (DSB) 126/128