"This is so cool!" -Student

MISSION

Cool Careers in Cybersecurity for Girls educates, inspires, and provides girls with the information, skills and resources necessary to navigate the professional pipeline in the vast field of Cybersecurity.

VISION

Our vision is put into action through programs and a focus on cyber stewardship, activities to make a safer and more secure society, by delivering high-quality, innovative activities that inspire girls to pursue careers in cybersecurity.

WHAT

The Annual Cool Careers in Cybersecurity for Girls Workshop allows girls to:

  • meet  and hear from female professionals in the field
  • explore several cybersecurity related hands-on activities
  • learn more about careers in cybersecurity and other STEM related options

At the event a Cyber Crime Scenario is presented to the girls. The attendees are broken up in to small Cyber Security Investigative (CSI) teams of 8-10 and rotate around different “cyber tables” to gather clues to solve the cyber crime. Each table has a different activity led by a women professional in the field. The girls use the first part of each rotation to gather a clue, and the remainder of the time is used to learn more about the career and how each representative entered the field. Girls find out more about the education skills needed, likes and dislikes and salary range.  Activities have included: cryptographyassembling a computersteganographypenetration testing  and cell phone forensics.

Due to the large volume of requests for content, activities and training from educators and parents, Cool Careers in Cybersecurity for Girls expanded to offer after school and summer programs.

WHY CYBERSECURITY

The Director of National Intelligence (DNI) testified before Congress, stating: “The growing connectivity between information systems, the Internet, and other infrastructures creates opportunities for attackers to disrupt telecommunications, electrical power, energy pipelines, refineries, financial networks, and other critical infrastructures. The Intelligence Community assesses that a number of nations already have the technical capability to conduct such attacks.”

The globally-interconnected digital information and communications infrastructure known as “cyberspace” underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety, and national security. Cybersecurity risks pose some of the most serious economic and national security challenges of the 21st Century.

These challenges are captured in U.S. Bureau of Labor Statistics (BLS) employment projections. Overall, the BLS estimates total U.S. employment to increase by 10 percent from 2008 to 2018. However, cyber related jobs are expected to grow at significantly higher rates.  The need for network systems and data communications analysts is expected to grow by 53.4%, and the need for computer software engineers is expected to grow by 34% over the same time period.  The BLS attributes this growth to the increased need for workers with information security skills. Overall, the BLS estimates computer and mathematical science occupations will grow by 22.2%.  This parallels similar data for almost all STEM fields. Clearly, the available workforce is not growing with the demand.

Despite the gains of the last twenty years in the representation of women in STEM fields, their numbers still lag behind their male counterparts. Researchers have found that until third grade an equal number of boys and girls show interest and feel confident in learning science and technology. However, these numbers continuously decrease for girls throughout middle school and into high school. Various explanations for the significant decrease in girls’ interest in science and technology through their school years have been posed. Cool Careers in CyberSecurity for Girls draws on research that that indicates recruiting and retaining girls to the science and technology fields should include targeted programs to educate women and minorities about STEM career choices. Many women and minorities have had limited exposure to computing in grade school and high school, especially if they come from lower-income households and communities. A National Research Council report indicates that general Information and Technology Fluency skills and concepts are also needed by all citizens if they are to be competitive in the modern world. Curricula should provide early exposure to real-world examples of the content of interest connected to careers. Enrichment programs should emphasize team projects and diverse real-world examples of technology applied in content areas. Curricular material that addresses major societal and/or environmental problems has been shown to attract women to the discipline. Mentoring and role models in the career choices has also shown success in recruitment and retention.

Cool Careers in Cybersecurity for Girls provides students with the information and skills necessary to navigate the professional pipeline in the vast fields of Cybersecurity, as well as, other science, technology, engineering, and mathematics (STEM) fields. Content presents a cyber crime scenario, and the elite all girl teams use a variety of clues to solve it, while also learning about cyberethics, safety and security, and the plethora of career options in cybersecurity.

Building on success, C34G is now offered in schools, libraries, and community-based organizations across the country.

What we Have Achieved

  • Since inception, we have served over 7500 middle school girls through our Cool Careers in Cyber Security for Girls Workshops.
  • We’ve been featured in publications and media such as CTV, NBC News, and the Baltimore Sun.
  • We've grown from a single yearly program with 40 attendees to a nationwide series of conferences serving over 1500 girls annually.

History

Dr. Davina Pruitt-Mentle is the founder of the Cool Careers in Cybersecurity Workshop. The first workshops, titled Cool Careers for Girls with Technology, were held in 2001 in partnership with the College of Education at the University of Maryland and Prince George's County Parks and Recreation. The workshops served as an extension to the Young Scholars Program held during the summer; encouraging students to pursue STEM courses in high school and careers in fields that use technology. 

The first in a series of Cool Careers in Cyber Security for Girls Workshops was held at the University of Maryland in 2005. The workshop included a similar format as the earlier workshops but highlighted specific job titles often associated within cybersecurity. The workshop provided participants with a full day of speakers, hands-on activities and campus site visits.The workshop provided participants with a full day of speakers, hands-on activities and campus site visits. 30 middle school girls had the opportunity to learn from women from companies and agencies throughout the state about what it takes to be a true success in the field. Attention was given to issues for women from underrepresented groups.

Through a National Science Foundation (NSF) grant (No. 1204533) the National CyberWatch Center K12 Division continues to offer small presentations and career briefs for individual schools/school districts, in addition to hosting an Annual Cool Careers in CyberSecurity Workshop for Girls Workshop. At the Signature Event Workshops, a Cyber Crime Scenario is presented to the girls. The attendees are broken up in to small Cyber Security Investigative (CSI) teams of 10 and rotate around different “cyber tables” to gather clues to solve the cyber crime. Each table has a different activity led by a women professional in the field. The girls use the first part of each rotation to gather a clue, and the remainder of the time is used to learn more about the career and how each representative entered the field. Girls find out more about the education skills needed, likes and dislikes and salary range.  Activities have included: cryptography, assembling a computer, steganography, penetration testing  and cell phone forensics.

Feedback

  • "This is a must do activity. Our school looks forward to bringing our girls each fall." – Teacher
  • "Very cool. Never knew all the areas I could go into."  – Student
  • "VERY interesting. So cool." – Student
  • "Being able to ask questions with the ladies presenting was really nice. We asked them all sorts of stuff. And I loved the activities."  – Student
  • “I never knew Cybersecurity could be so much fun! There are so many different options for careers that I never knew. This program shared so much."
  • “Each year we look forward to the Cool Careers event. Girls talk about it for months after the program. We now host after school programs, which is great, except we now have waiting lists.”   – Teacher
  • “If I major in one of these, I have something to fall back on,” - Student who had planned on pursuing a career in music, but is now thinking of majoring in a math or science field so she can work for the National Security Agency.
  • Thank you again for such a wonderful experience today!  Our girls had a GREAT time!  One of our ESOL students came back from the trip and spoke to her entire class for about 10 minutes about all the things she learned.  Truly amazing! - Teacher

Cyber Security Need

Envision the following two scenarios.  It’s a regular day in your middle school. The students have filed into the computer lab and have logged in. One computer doesn’t seem to be connecting to the network, so the technology instructor works to re-establish the network connection.  Meanwhile, a few students in the back of the room use a proxy server to check their social networking site and email. One student clicks on an attachment marked “Go Ravens” which is actually a Trojan. It pops up a pornographic website on his computer, and sends a similar message to every person in his contact list.  Just then, the technology coordinator walks in to help with the network, sees the website, and tells the student to take off his headset and shut the monitor. “Not again” she thinks.  Meanwhile, the principal comes in to request an updated list of software installed on the school computers as the district has detected too many copies of a language learning program installed at the school.  With only one technology teacher and one technology coordinator to help resolve the technology problems at the school, how will she manage to keep the school computers running, secure and virus free, software compliant, while also having to deal with the parent who is calling because her child received a text with a sexually explicit picture of another student at the school?

You’ve just sat down at your terminal at the Cyber Command.  You look over your monitors showing status of various networks you are monitoring.  All green.  You check the main servers, and they show a process running you don’t recognize.  It has connected to one of the DoD email servers and is transferring data outside the network.  You shutdown the outgoing traffic, and lock down the server so it can’t contaminate another server.  You track its origin and it seems to have come from an outside server originating in a foreign country.  I guess it looks like another interesting day.  You sigh, alert your supervisor and settle down to tracking the source, and minimizing the damage from another hacker trying to penetrate the U.S. DoD infrastructure.

While the above cases may seem extreme, both are typical in the day and life of personnel in the field of information assurance (IA). These scenarios present the reader with a potential conundrum related to both general citizenship awareness about cyberethics, safety and security and the growing need for a trained workforce in the IA, information systems and digital forensics field; often referred to as CyberSecurity. Unfortunately, few students know about the field and in many cases educators, parents, and career counselors are not informed of the career tracks available, requirements for and even what the jobs entail. For this proposal, we will refer to the various fields in this workforce area as CyberSecurity.

The Director of National Intelligence (DNI) testified before Congress, stating: “The growing connectivity between information systems, the Internet, and other infrastructures creates opportunities for attackers to disrupt telecommunications, electrical power, energy pipelines, refineries, financial networks, and other critical infrastructures. The Intelligence Community assesses that a number of nations already have the technical capability to conduct such attacks” [1, p. 39].The globally-interconnected digital information and communications infrastructure known as “cyberspace” underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety, and national security.
CyberSecurity risks pose some of the most serious economic and national security challenges of the 21st Century. These challenges are captured in U.S. Bureau of Labor Statistics (BLS) employment projections. Overall, the BLS estimates total U.S. employment to increase by 10 percent from 2008 to 2018. However, cyber related jobs are expected to grow at significantly higher rates.  The need for network systems and data communications analysts is expected to grow by 53.4%, and the need for computer software engineers is expected to grow by 34% over the same time period.  The BLS attributes this growth to the increased need for workers with information security skills. Overall, the BLS estimates computer and mathematical science occupations will grow by 22.2%.  This parallels similar data for almost all STEM fields [2]. Clearly, the available workforce is not growing with the demand.

The 2005 Base Realignment and Closure (BRAC) effort will result in over 45,000 new federal and private sector jobs in Maryland (directly impacting the two partnering school districts). Most of these will involve high-technology. Of these, there is an estimated in-migration of 5,717 military, civilian, and embedded contractor positions to Fort Meade and an estimated 400 to Andrews Air Force Base (AAFB). In addition, over the next 5 years, an estimated 1,500 new positions per year are projected to be created by the National Security Agency (NSA), Fort Meade’s primary tenant [3]. (Furthermore, 10,000 new positions are anticipated at Fort Meade through Extended Use Lease and 2,000 in Department of Defense growth over the next 5-7 years. Less than 12% of the new positions created by the growth at Ft. Meade are military. The gap between supply and demand in STEM and particularly in the growing CyberSecurity field is both a local and a nationwide problem.

At the same time, there has been an exponential growth in cybercrimes reported to the FBI since 2000. In 2000, 16,383 were reported; in 2008, 275,284 crimes were reported. The most frequent crime was credit/debit card fraud however intrusion, spam, and child pornography were also frequently reported. Commercially, losses attributed to computer security issues averaged more than $230K per organization in 2008 [4] with over 60% of the losses being attributed to non-malicious actions by insiders. The FBI, CERT, and (ISC)2 prioritize education and awareness before technical interventions in protecting users and infrastructure.

Indeed, increasing public awareness about cybersecurity and increasing the U.S. technologically advanced workforce are two priorities spelled out in the President’s 60 Day Cyberspace Policy Review (2009) [5]. As referenced in the report, the U.S. should initiate a K-12 cybersecurity education program for digital safety, ethics, and security; expand university curricula; and set the conditions to create a competent workforce for the digital age [6]. To achieve these goals, the report suggests: 1) initiation of a national public awareness and education campaign to promote cybersecurity risk awareness for all citizens; 2) changes in the educational system that will help enhance the understanding of cybersecurity and allow the U.S. to retain and expand upon its scientific, engineering, and market leadership in information technology; and 3) development of educational opportunities and strategies that will expand and train the workforce to protect the Nation’s competitive advantage, including attracting and retaining cybersecurity expertise in the Federal government [5].The report goes on to state, “The Federal government, with the participation of all departments and agencies, should expand support for key education programs and research and development to ensure the Nation’s continued ability to compete in the information age economy. Existing programs should be evaluated and possibly expanded, and other activities could serve as models for additional programs” [5, p.14].

References

[1] Cyberspace Policy Review (2009). Assuring a Trusted and Resilient Information and Communications Infrastructure. http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf

[2] Additionally, a study in 2008 by the National Science Foundation found that the number of graduates with science and engineering degrees, at the bachelor's level or higher, increased by an average rate of 1.5 percent a year from 1980 to 2005. But the average employment growth for such jobs each year over the same period was 4.2 percent.

[3] Maryland Subcabinet for Base Realignment and Closure. (2007).  State of Maryland BRAC Action Plan Report. 

[4] Richardson, R. (2008). 2008 CSI computer crime & security survey: The latest results from the longest-running project of its kind, Computer Security Institute.  

[5] Cyberspace Policy Review (2009). Assuring a Trusted and Resilient Information and Communications Infrastructure. http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf

[6] Pruitt-Mentle, D. (2008) National Cyberethics, Cybersafety, CyberSecurity Baseline Study. http://staysafeonline.mediaroom.com/index.php?s=67&item=44.