Cyber Security

As an institution accredited by the Higher Learning Commission since 1977, OCCC is committed to the long-term success of information security training and education. OCCC is proud to offer the first three CNSS Certifications (CNSS 4011, 4012, and 4013i) to our students. We support many students who are currently employed by State and Federal agencies in the Oklahoma City area and feel that these offerings, and what they represent, are of great value to both current and future employees in both the public and private sectors.

 

1. IA Partnerships

2. IA Student Development

3. IA as Multidisciplinary Subject

4. IA Outreach

5. IA Faculty

6. Practice of IA Encouraged Throughout the Institution


OKLAHOMA CITY COMMUNITY COLLEGE

CAE2Y PROGRAM APPLICATION 

 

1. IA Partnerships: Extending IA beyond the normal boundaries of the College/Institution and bringing current IA practitioners into the IA Center. Provide evidence of partnerships in IA education with 4-year schools, other Community Colleges, Two-Year Technical schools, K-12 schools, Industry Schools, Government Schools, Federal/State Agencies, Business, Industry or Non profit organizations. Evidence must be in the form of an articulation agreement, Memorandum of Agreement, letters of endorsement, etc. between the schools. Articulation Agreements must be specific to IA programs. Partnership(s) may include: Shared curriculum and resources (IA teaching materials provided); shared faculty (faculty on curriculum committee for more than one institution); and reciprocity of credits.   

Overall Point Value: 10 minimum / 20 maximum


a. Shared Curriculum (e.g., IA teaching materials provided to technical schools, universities, community colleges, K-12 schools, etc.)

Point Value: Up to 5 points

As a member of the Cyber Security Education Consortium (CSEC), Oklahoma City Community College (OCCC) works closely with a number of technical, 2 year and 4 year institutions in the area of shared curriculum.

CSEC has established a repository for this type of activity. A link to this repository can be found at http://ociafe.ctln.org/.

The User Name and Password can be found in Section 1a of the CAE2Y Program Application on the application website.


b. Shared Faculty (e.g., Faculty on curriculum development committee for more than one institution)

Point Value: Up to 5 points

The Division of Information Technology works closely with our partners in the Oklahoma Career and Technology Education System. Several IT faculty serve as liaisons to Francis Tuttle Technology Center in Oklahoma City, Moore Norman Technology Center in Norman, and Mid-America Technology Center in Wayne, OK advising faculty and students on articulated courses and programs.

A link explaining this partnership can be found here: /Coop-ed/

An example of a formal agreement between OCCC and the Career Tech Center can be found at this link: 'Cooperative Alliance Agreement-FT'

 

c. Use of distance education technology and techniques to deliver IA courses. (Distance education includes live/delayed broadcasts, videotapes/CDs, lectures, and web-based IA courses.)

Point Value: Up to 5 points

OCCC has chosen the Angel Learning Management System as the online delivery platform for the college. All IA courses taught in our Cyber/Information Security program use this platform.

Three of the five IA courses (CS 2713 - Principles of Information Security, CS 2723 - Secure Electronic Commerce, and CS 2743 - Enterprise Security Management) are offered online or on-campus.

In addition, most of the supporting and general education courses use Angel and many offer an online delivery option.

To review an actual course, go to http://online.occc.edu.

The Username and Password can be found in Section 1c of the CAE2Y Program Application on the application website.

 

d. Evidence the program is providing students with access to IA practitioners (Example: guest lecturers working in IA industry, government, faculty exchange program with industry and/or government, etc.)

Point Value: Up to 5 points

Students are encouraged to join and attend monthly meetings of IA professional organizations such as InfraGard and ISSA - Information Systems Security Association.

Guest speakers are used when appropriate. Last semester Dr. Mark McCoy, Digital Evidence & Cyber Security Program Administrator and Assistant Professor of Criminal Justice for the University of Central Oklahoma Forensic Science Institute, spoke to students in the Cyber Forensics class regarding real world digital forensics examples. He also talked about educational opportunities in digital forensics beyond the two year degree.

In addition, students are encouraged to participate in the annual Oklahoma Cyber Security Seminar sponsored by the State of Oklahoma, Department of Homeland Security, NSF and CSEC. Click the following link to view a copy of agenda: 'Fifth Annual Oklahoma Cyber Security Seminar'.

 

Top


 

2. IA Student Development: The program provides development opportunities for students that lead to a two year associate's degree or a certificate in an IA discipline.

Overall Point Value: 14 minimum / 28 maximum

  

a. Evidence of IA degrees/areas of study/track or certificates (For example: List of IA Associates degrees and/or certificates in IA curriculum as listed on the institution's website or catalog, list of all IA program courses with their descriptions). 

Point Value: 5 points

OCCC offers three programs in IA. Clink on the links below to review the program degree plans.

Associate in Science (AS): Computer Science � Cyber/Information Security

Associate in Applied Science (AAS): Computer Science � Cyber/Information Security

Certificate of Mastery: Computer Science � Cyber/Information Security

In addition, with proper planning and advisement, Cyber Security students can also receive the following Certificates of Mastery:

Certificate of Mastery: Computer Science � Computer Systems Support

Certificate of Mastery: Computer Science � Computer Networking Support

Course descriptions for Computer Science courses used in these programs can be found by clicking on the following link:

Computer Science Course Descriptions

 

b. Evidence of Copies of Articulation/Transfer agreements with 4 yr institutions offering a concentration or IA degrees/areas of study/track or certificates.

Point Value: 5 points

A partnership between Oklahoma City Community College and Oklahoma State University Institute of Technology (OSUIT) allows OCCC students to apply up to sixty-four (64) credit hours toward OSUIT's Bachelor of Technology in Information Assurance and Forensics degree.

A copy of the agreement can be found at this link: 'OCCC - OSUIT Partnership'. This agreement is currently undergoing review for formal approval. It is currently used as a guide for students wishing to continue their education at OSUIT.

 

c. Articulation agreements with high schools to facilitate awareness and training for faculty/administration/students.

Point Value: 2 points per school / 6 pts maximum

The Cyber/Information Security program does not currently have formal articulations with area high schools. The Cyber/Information Security program, along with other program from the Division of Information Technology, make regular visits to area schools to promote the values of a degree or certificate of mastery in the information technology field. A partial list of schools visited can be found below:

 

2006-2007

� Westmoore High School, Newcastle High School, Moore High School and Norman High School.

2007-2008

� Bridge Creek High School, Metro Technology Center, Noble High School and Chickasha High School

2008-2009

� Capital Hill High School, Canadian Valley Technology Center and Northwest Classen High School

 

In addition, the Division of Information Technology periodically presents 'IT Career Day' where students from local high schools are invited to visit the campus, listen to presentations regarding the various IT areas taught at OCCC, and experience some hands-on activities related to IT.

A link to a Pioneer Student newspaper announcement of last year's 'IT Career Day' can be found at: 'Pioneer IT Career Day Article'

 

d. Participation in Cyber/IA competitions.

Point Value: 2 points per each / 6 pts maximum

OCCC students do not currently participate in any Cyber/IA competitions. We are, however, looking at the possibility of including a Cyber competition in our annual Oklahoma Electronic Game Expo and Multimedia Conference in 2011.

This event is sponsored by our gaming program and will include a programming competition for the first time this year.

The Cyber/Information Security program is also collaborating with our Game Design Program to create a Cyber Security game as an ongoing class project.  They will debut the Beta version at this year's Game Expo.

 

e. Courses containing "Hands-on" training or Lab training.

Point Value: 2 points per course / 6 pts maximum

The following courses included in the Cyber/Information Security degree and certificate of mastery program contain “hands-on" training and projects:

� CS 1143 - Beginning Programming

� CS 1353 - Introduction to Hardware and Operating Systems

� CS 1413 - IT Technician

� CS 2183 - Linux

� CS 2303 - Networking Technologies

� CS 2443 - SQL Server

� CS 2503 - Network Administration

� CS 2763 - Network Security

� CS 2783 - Cyber Forensics

Course descriptions for Computer Science courses listed above can be found by clicking on the following link:

Computer Science Course Descriptions

 

Top


 

3. IA as multidisciplinary subject: The academic program demonstrates that IA is treated as a multidisciplinary subject with elements of IA knowledge incorporated into various disciplines.

Overall Point Value: 10 minimum / 15 maximum

 

a. Evidence that IA is taught as modules in existing non-IA courses and that non-technical/non-IA students are being introduced to IA (For example: Non-technical/non-IA students are being introduced to IA concepts; e.g. business courses teaching Information Security modules, health courses � HIPAA regulations)

Point Value: 5 points

Our CS 1103 � Introduction to Computers and Applications contains a section on Information Security. This course is primarily taken by non-IT majors and is a General Education class.

IA courses have been incorporated in non-IA degrees in the Computer Science Department. The following degrees contain one or more IA courses:

Certificate of Mastery: Computer Science � Computer Systems Support

� CS 2713 � Principles of Information Security

Certificate of Mastery: Computer Science � Computer Systems Support

� CS 2713 � Principles of Information Security

� CS 2763 � Network Security

Certificate of Mastery: Computer Science � Web Design Certificate

� CS 2723 � Secure Electronic Commerce

Certificate of Mastery: Computer Science � Web Development Certificate

� CS 2723 � Secure Electronic Commerce

Associate in Applied Science: Computer Science � Computer Systems Support

� CS 2713 � Principles of Information Security

� CS 2763 � Network Security

Associate in Applied Science: Computer Science � Web Design and Development

� CS 2723 � Secure Electronic Commerce

Course descriptions for Computer Science courses listed above can be found by clicking on the following link:

Computer Science Course Descriptions

In addition, many IT and non-IT majors, as well as non-degree seeking students, take the IA classes as electives or to improve their job skills.

 

b. Evidence IA programs (certificate and/or degree programs) require non-technical courses of study; e.g. ethics, policy, and business.

Point Value: 5 points

All Associate in Applied Science (A.A.S.) graduates are required to complete 18 hours of General Education courses. The courses for the AAS in Computer Science: Cyber/Information Security can be found at Associate in Applied Science (AAS): Computer Science � Cyber/Information Security.

In addition, the Associate in Science (A.S.) in Computer Science: Cyber/Information Security degree contains 45 hours of General Education courses. A list of these courses can be found at Associate in Science (AS): Computer Science � Cyber/Information Security.

Certificates of Mastery programs do not contain General Education courses.

 

c. Availability of non-credit/credit professional development courses in IA (e.g. First responders, K-12 teachers)

Point Value: 5 points

The State of Oklahoma has a 3 tiered system for higher education consisting of 4 year colleges and universities, 2 year community colleges and a career and technology education system.

Information on Oklahoma City Community College's cooperation education alliance with the career and technology centers can be found at: /Coop-ed/. This program provides both credit and non-credit professional development opportunities to many different professions. Through OCCC's partnership in CSEC, the college has articulated the acceptance of completion of IA courses at various career technology centers for acceptance for college credit. Information on the Oklahoma Department of Career and Technology can be found at: http://www.okcareertech.org/.

In addition, OCCC's Professional Development Institute Division offers non-credit classes in Cyber Security to businesses and other institutions. The following links provide information on the Professional Development Institute Division and their course offerings:

OCCC Professional Development Institute

Course Offerings

 

Top


 

4. IA Outreach: The academic program must demonstrate a strong collaboration with business, industry, government, and the local community.

Overall Point Value: 4 minimum / 10 maximum

a. Evidence provided in the form of a Strategic Plan and/or general IA Awareness Program description (example: flyers, letters from sponsors, etc), and/or workshop accomplishments. (For example: sponsorship of workshops for K-12, senior citizen groups, community colleges, technical schools, state homeland security, first responders, industry, etc.)

Point Value: Up to 10 points

The Cyber/Information Security program staff, along with other college organizations, has used many different ways to reach out to the general public to increase IA awareness. Below are some examples:

� Presentations to Little Axe High School students (Thank You Letter)

� Presentation to Southern Nazarene University Business Students (Email, Flyer)

� Brown Bag Lunch Seminars (Pioneer Newspaper Article)

� Oklahoma Cyber Terrorism Seminar (Seminar Agenda, Presentation)

� Mentoring HS Student Science Fair Project (Email Request, Student Email, Presentation)

� Pioneer Student Newspaper Security Articles (Pioneer Articles)

In addition to the activities above, Cyber/Information Security Faculty are active in the local chapters of professional organizations, such as InfoGard and ISSA.

 

Top


 

5. IA Faculty: Faculty assigned specifically to teach and/or develop IA courses/curricula/modules.

Overall Point Value: 11 minimum / 20 maximum

 

a. Identify by name faculty member with overall responsibility for the 1A instructional program. Provide evidence, i.e. verification letter and/or job description.

Point Value: 5 points (required)

Albert C. Heitkamper is the professor with overall responsibility for the Cyber/Information Security Program in Computer Science. He has been with the program from its inception and started the program while serving as Dean of the Division of Information Technology. When the opportunity presented itself he chose to return to school to complete a second Masters degree at the University of Tulsa so that he could return to the classroom and educate students in the area of Information Assurance.

Please click the following link for his job description:

Professor of Computer Science/Cyber Security

 

The job description above does not contain the duties and responsibilities of the position since this position has not been advertised since the college switched to an automated hiring process.  A list of duties and responsibilities contained in a previous job description for this position can be found at the following link:

Computer Science/Cyber Security Faculty & Cyber Security Program Director Job Description

 

b. Identify by name additional IA faculty members teaching IA courses within the

department that sponsors IA programs.

Point Value: 1 pt per name / up to 5 maximum

 

� Tim Green, Professor of Computer Science

� Dr. Haining Chen, Professor of Computer Science

� Haifeng Ji, Professor of Computer Science

� Roy Nielsen, Adjunct Professor of Computer Science

 

c. Provide evidence in the form of curriculum vitae supporting the faculty member's qualifications to teach IA. At least one IA faculty member will be expected to be professionally certified with at least one of the IA certifications listed under DOD Directive 8570, such as CISSP, CPP, CISA, CISM, GIAC, etc. or a minimum of 9 hrs of graduate coursework and/or appropriate experience in a related field could be considered in lieu of a professional certification.
Note: Can be same individual as 5a.

CISSP: Certified Information System Security Professional
CPP: Certified Protection Professional
CISA: Certified Information Systems Auditor
CISM: Certified Information System Security Manager
GIAC: Global Information Assurance Certification

 Point Value: 5 points (required)

 

Albert C. Heitkamper, CISSP

Dr. Haining Chen

Haifeng Ji

Roy Nielsen

Tim Green

   

Top


 

6. Practice of IA encouraged throughout the Institution: The academic program demonstrates how the institution encourages the practice of IA, not merely that IA is taught.

Overall Point Value: 7 minimum / 20 maximum

 

a. Provide a link to the institution IA security plan and/or policies

Point Value: Up to 5 points

Oklahoma City Community College is currently reviewing policies in the area of Information Assurance. Policy 3058 - Network Acceptable Use Policy is the primary policy addressing the area of Information Assurance at the user level. A copy of the policy can be found at the following link:

Policy 3058 - Network Acceptable Use Policy

The college is also formulating a new password policy.  The policy is currently in draft form and is not available for internal or public release.  A link to the draft along with the password can be found in Section 6a of the CAE2Y Program Application on the application website.

 

b. Institution designated Information System Security Officer or equivalent. Provide name, position and job description for person or persons responsible for information security.

Point Value: 5 points

Mr. David Anderson, Director of IT Infrastructure, performs the function of Information System Security Officer at Oklahoma City Community College.

Please click the following link for his job description:

Director of IT Infrastructure

 

c. Provide evidence of the implementation of the institution IA security plan to encourage IA awareness throughout the campus. (Example: Students and faculty/staff are required to take computer based training or on-line tutorials; a security banner statement present on institution computers; security related help screens are available; institution-wide seminars are held on the importance of IA, etc- 2pts awarded per item)

Point Value: 2 minimum / 10 maximum

Oklahoma City Community College understands the importance of a sound IA security plan and uses several avenues to increase security awareness. The following links provide just a few examples of these channels:

� Wi-Fi Access Security Banner (Banner)

� Network Policy Agreement (Webpage)

� Datatel Banner Screen (Local)

� Pioneer Student Newspaper Security Article (Article)

� WOW Employee Training Sessions (Announcement, Presentation)

 

In addition, OCCC is a member of the Oklahoma City Educational Television Consortium Inc.(OKC-ETC) and offers a program called "Around Campus" several times a week on a public access cable channel.  The Cyber/Information Security Program and related IA topics have been presented on several occasions.  These programs are also broadcast regularly on large screen televisions located throughout the campus.  Links to IA related broadcasts can be provided on request.

 

 

Top