Menu

Member Kudos: Internet, Network & Security Technologies, Muskegon Area ISD

2015 Education Excellence Award Recipient

DashBoard, Sept. 22, 2015

The 20 recipients of the 2015 MASB/SET SEG Foundation Education Excellence Awards are some of the greatest examples of unique and innovative public school programs in the state of Michigan. Over the next few months, MASB will share the details of each program from their applications, presented in alphabetical order by district. This week we highlight the Internet, Network & Security Technologies program at the Muskegon Area Career Tech Center in the Muskegon Area Intermediate School District.

Description: The MACTC program, Internet, Network & Security Technologies, was the first cybersecurity class in the area. Preceding even the local colleges with offering cybersecurity curriculum and training, high school students were and are still able to earn network security-related certifications. The certifications are industry recognized and have opened many doors for our students. Cybersecurity is the second fastest growing field in the nation. The success of our students in this field has garnered some high-level attention from the outside. For example, we have been contacted by the Pentagon and asked how we run our program. Other programs/schools that are interested in offering security training to their students have also asked us to share our best practices.

Funding/Resources: In a word, it has been the willingness of our administration to allow kids to learn to secure networks by hacking them that has allowed this program to flourish. Trust and the freedom to explore are required in order for students to discover how to stop the exploitation of network vulnerabilities.

Hands-on experience is key, therefore we have a separate LAN in our lab that is used for our security curriculum. We use as much Open Source (free) software as possible. An example is Kali Linux, which includes a suite of security tools.

The program coordinator has been able to attend classes and conferences for the needed training and the school has purchased any needed software and textbooks. The program coordinator sets aside a portion of her teaching budget annually to cover the costs of the industry certifications for our students.

We applied for and met the standards required to host a Pearson VUE testing lab onsite. This allows students to take industry certifications in a secure environment without having to travel at least an hour away. 

Outreach: The students’ learning reaches beyond the technical nuts and bolts of setting up firewalls, access control lists, encrypting, etc. They must practice their communication skills, both orally and written. For example, they must develop security policies and educate users. Policies and end-user training are paramount to securing a network because security lapses occur most often from within an organization. Ongoing training and communicating with users is necessary.

Prior to implementing technical security features, security consultants must meet with upper management and communicate/understand from a business standpoint, which assets are mission critical. Determining which resources to protect and how much to protect them are business decisions. Students are taught that they must be able to communicate at a level appropriate for both end users and upper management. End users must know how to protect data with sound password polices, etc., and upper management must understand what the budget requirements for security will be.

Reading and responding to online weekly articles is required by the students. This allows them to stay up-to-date and aware of daily threats as they develop. Students are taught that they cannot operate in a vacuum. Networking and collaborating with others in the field, both inside and outside the company, are critical. Learning to be resourceful and visiting sites such as CERT.org is not only important for their own knowledge bank, but they are encouraged to give back to the security community should they find a vulnerability that is not yet documented.

Constant changes to technology and the “cat and mouse” aspect of staying ahead of security exploits requires creativity and critical thinking. The attacker needs to know only one way into a network but the security analyst/consultant must know ALL the ways in. The security consultant/analyst must also learn to think like the attacker or have the mind of a hacker. Staying one step ahead requires more than just a working knowledge of the hardware and software involved.

Results: The INST students at the MACTC earn the respected industry-recognized CompTIA Security + certification. They also compete with other students locally, regionally and at the state and national level. They compete as members of Business Professionals of America and enter other cyber securitycontests such as the Cyberaces Competition. The Cyberaces Competition was started by the Homeland Security Department and SANS Institute as a way to draw young people into the field.

Press releases and links to newspaper articles are listed below:

www.shorelinemedia.net/white_lake_beacon/archives/article_3089af54-56b8-562e-bdb7-05bb2f569885.html

www.shorelinemedia.net/white_lake_beacon/news/article_93838a32-89e9-11e4-b140-ffb1e4519be4.html

Additional Information: As the instructor of one of the only cybersecurity programs in the area, the program coordinator has been interviewed by the Federal Bureau of Investigation and Depart of Defense when former students seeking employment/are vetted for high level security clearance. One former student worked directly with the group of Marines who take care of the President’s helicopter, Marine One. He credits his two years in the INST class for setting him apart from the competition early in his career.

Program Coordinator: Susan Rhem-Westhoff, Internet, Network & Security Technologies, swesthof@muskegonisd.org

Read More DashBoard Articles