Tenpas: Cybersecurity is our focus for today. October happens to be Cybersecurity Awareness Month, so why not learn more about the Cybersecurity Specialist program? We have Wendy Diem, Information Technology instructor, joining us today. Hello, welcome to the show. 

Diem: Good morning. Thank you for having me. 

Tenpas: Good morning. I am always curious about how someone finds themselves connected and teaching at Fox Valley Tech. So, tell us a little about your career and journey at Fox Valley Tech. 

Diem: Sure, it is always a journey. Fox Valley Tech is great at hiring people who have done things in their field for a while. I started in desktop support in the paper industry, and then I moved to what I would call network administration and management at a construction company. I was an adjunct at first, they always seem to test you out to see if they like how, you handle things, since 2011, and I was hired full-time in January of 2016. So, I have been at the college for almost eight years. I started in the programs that I was comfortable teaching in and the jobs I had before. Cyber came out at that time if I would want to put it that way. We had a grant through the federal government to start a program with a very long name that I honestly did not write down and do not want to repeat. We have changed it to Cyber Security Specialist because of the way the industry has become. 

Tenpas: Interesting, so tell us now, today what you are doing, what your role is within the IT program. 

Diem: Cyber is such a wide topic much like IT, my passion is networking. That is where I tie back my cyber conversations with students, Joe Wetzel, my colleague, is much more app dev and we argue a lot. I use his name a lot, I was asking him if his ears are ringing because we come at these problems very differently because of the way we think and our history. I started teaching on the network side, and then there were opportunities to teach more in the Cybersecurity program. It has been interesting to watch that grow in the last eight years, just from even technologies that we can offer in the classroom versus what is published in books, what is taught at a baseline level and what is offered by the federal government. We use a lot of what I would call templates or frameworks from the NIST, which is federally driven.  

Tenpas: I think a lot of times when we are talking about programs at Fox Valley Tech, our community might be thinking, well, how does this connect to me? How does this relate to me? My brain is going well, hey, if you use a computer, if you are using a phone, IT and cybersecurity affect you. Would you agree with that or what do you think? 

Diem: Well, what I think is great about the college is you can take a class there to learn how to use an iPad. I mean, vast knowledge sets, if you are looking to enhance your knowledge in Excel or Word, we offer all these types of things without being program focused. So, cybersecurity is certainly focused. Our students come from a variety of backgrounds of their interests and what they want to help solve. I try in the classroom to gain that interest from all those backgrounds. I always say I am not particularly good technically, but I am much better socially. I do not know if either side is true, but my students seem to attach to that because we focus so much on your technical skill and knowledge, which is very important, but is not the only checkbox when you are going to work somewhere.  

Tenpas: Let us dig into the program a little bit. It is Cybersecurity Month, so that is a little bit of why we are focused on this today. The Cyber Security Specialist program is what we are going to highlight. It is an associate degree program, let us talk about it. Walk me through the curriculum, and maybe some of the classes that are associated with this program. 

Diem: It is important to understand too. If you are considering coming back to college or coming to college out of high school, is that in the first year, we give you such a foundation of computing knowledge, period. I always tell students that it is so you can change your mind if you want to. If you are super excited about cyber, you know that from the beginning. You are still going to take what I would call the foundational level the first year. Then as we transition into the third and fourth semester, your second year, we focus much more on what our advisory committee highlights as challenges that they are having and what an associate degree student would come to help them with. A lot of that is dashboard-type activity, alerts that are being thrown and things that are odd anomalies. Whether that is a problem or not is a different conversation, but those would be those entry-level jobs. 

Tenpas: I feel like the curriculum must be evolving always, because of the types of danger that are out there, and that cybersecurity world, I am sure is always evolving. 

Diem: It is very cutting-edge, but it is also the same story we have been telling for 20 years. You know, I chuckle, some of the students are like, you are kidding, we are still talking about passwords. Yes, we are. We are still talking about passwords. We are talking about changing the default names of things, whether that is your wireless network at home or your wireless ID name. Some of those basics are still true, and they are published now because it has been a recommendation or best practice for such a long time. Python is big, that is a course we teach. I teach a class called Security Monitoring Operations and we had one called Incident Response, but then we've dovetailed that into the capstone, where students walk through a problem with an organization, and the process of identifying what happened, what you might do and what you might mitigate. I am walking around your question a bit because it keeps changing. The technologies, we try to be very versatile wherever you go to work. In the Security Monitoring Operations class, my students do a big project at the end where they try to find an SIEM tool that works best for the company that they are protecting, and different names pop up every time with the same challenges and same concerns. 

Tenpas: Interesting. So, change your password. It is an oldie but a goodie. 

Diem: I finally got a password manager because it is impossible to keep thinking of new, different things. And now with AI, they know you better than you know yourself. So, your cycle of ten passwords is very predictable. So that is still very much a conversation. 

Tenpas: Interesting. I know you mentioned the name change and I do have a question about that here because the Computer Security Program recently went through that name change from Information Security System Specialist to Cyber Security Specialist. There is significance in this, why the name change, and how does it represent the industry today? 

Diem: That is a great question because it does highlight the names and how specific they are. You can go to Google, Google them and you will get a couple of definitions. Information security, I think goes back to my first job. It was we protected the data at our house, right in our home corporate office. We supported and protected things in the building. We made sure information was consistent and available in all those good things. The cyber part twists it, and not that we are not still doing that, but now we are doing it from the outside concerns. So very specifically internet challenges as data now moves in the cloud and is not at the home base or in your corporate office, we have more challenges to who can get it, who is looking at it, moving it and backing it up. Those to me are very significant differences between what we are looking at and what we are teaching. 

Tenpas: All right. We are talking with Wendy Diem, Information Technologies instructor with Fox Valley Tech. We will pause here, but we will come back and talk more about what kind of student is best suited for this program as we highlight cybersecurity awareness here on WHBH.  

Tenpas: Welcome back. It is our Focus on Careers with Fox Valley Technical College. We have Wendy Diem with the Information Technologies program, joining us here today and I have a question about the DMZ. I understand this is one of your very cool hands-on learning tools. Can you tell us what DMZ is, what your students are doing with DMZ and what it means to do ethical hacking? 

Diem: Sure, a lot of buzzwords in that statement. DMZ means the same thing it does for the military, a demilitarized zone.  

Tenpas: I was wondering that.  

Diem: What is cool about it in technology? The best way to explain it is a highway. You have your lanes of traffic; this is an opportunity for students to play with ethical things that could harm the college right in a lane that does not interrupt what is happening to normal business. So that is the importance of it physically on campus, but we do not think of it in lanes. The traffic goes to the internet and does not interrupt what is happening on campus. So, what other name would I call it? I have a note here, the Student Command Center is what we would like to call it. 

Tenpas: That is cool. 

Diem: It is very cool. It is just a great opportunity for students to test. I didn't use the words I wanted to when we were talking about the name change, I think we went from a very strict blue team approach, which is internal and protective, I'm providing support for the red team is more the other side, what you would consider a hacker trying to break something or come from the outside in. Our name change encompasses that purple team, which we are seeing more of where it is both. 

Diem: As a technician, you need to understand both sides of it, how to protect it, and what is coming at you. The DMCA allows us to see how it is done, so it is not just giving a name of the concern we have, but this is how it is being done and what we should do to stop it. Which, if you do not mind, I segue to something that the students are involved in this semester that I am very excited about.  

Tenpas: Please do.  

Diem: The National Cyber League is NCL, do not Google it. Norwegian Cruise Line will pop up, but the NCL for National Cyber League is a national competition that high schools and colleges can participate in, that provides them with the tools that are happening at the DMZ also. It is the same sort of hacking challenge where you are decrypting things or looking through log files of something that went wrong, and you are trying to identify what it is. I always bring it up to students if it is a concern or not. Sometimes things are causing a lot of noise and traffic on your network, but is it a concern or not? And that is always the question we are trying to answer. 

Tenpas: I love this because to understand the mind of a hacker, you might need to have the mind of a hacker yourself. So, like you said, kind of purple. Understanding both sides of the coin here really helps students become the best they can be in this industry. What other kinds of skill sets might a student need? 

Diem: Well, and that's where the interest to date, in my opinion, is the students that want to be on those penetration teams, those pen testers on the other side, the folks that are maybe really great at analysis or reporting don't see their role in that. It is important for them to see what that hacker has produced and how they would report it to management, for requests for more equipment or more help or more services, those types of things. 

Tenpas: This career also really fits into the STEM industry, and I know we talk about it a lot on this program, the need for more women in this industry. What are you seeing? Is it a male-dominated field? Are you seeing more women stepping up and finding their purpose in this type of industry? 

Diem: I am glad you asked it and hate that you asked it because it is very much an opinion question. I joined late 90s, and I would like to say the departments I worked in were 50/50, but many more business analysts, I would say women were in those roles. In Networking, it is almost unheard of. The fact that we have two female instructors at the college for networking is very rare. What I am seeing in the classroom, is still very male-dominated. I do not know why that is. I had a colleague of mine who is a data cruncher try to give me some answers about whether it is changing. Do we see more women coming into the field? What am I seeing in the classroom? His data tells me, yes, that it is going up, but we are still around 25%, and that by 2025, they are hoping to see 35%. What I am seeing in the classroom is still one, two, or three females that are in the classroom. My hope is what I said before if you do not feel super technical. I was at Kimberly High School yesterday talking about careers, and I was trying to give them a hook of why they would come. I think if you are curious, if you find it interesting, maybe you are not super technical or a programmer, which I am not. A lot of the fun things that happen at middle school and high school are very program focused. I would not like that. I would have never picked this job based on that. That is just the way my mind works, right? If we can think of more networking things that are fun again, you might then segue into cyber because so much of cyber is back on both of those topics, to be honest. So, if you love programming, you still can be in cyber. It is just a different aspect that you would be working through things or reporting back. 

Tenpas: Interesting. It seems that the jobs are out there. The jobs are available when it comes to this career field. 

Diem: They are. You are back to your question about who would be interested in this program. It is fun to be this far in my career at this point and ask people questions about their career path and how they have gotten here. They are all very wavy. They tried something they did not like and then they tried something else. Solving problems and I know many careers are solving problems, but sometimes if people want to help people, they think of the healthcare field, which is no doubt. But if you hate blood, in IT you can help people too. You can help people all the time. 

Tenpas: We will leave it there. I have really learned a lot here. Thank you so much, Wendy, for your insight and your knowledge in this area. Thanks for being part of Focus on Careers. 

Diem: Thanks so much for having me. 

Tenpas: Absolutely. If you want more information, go to fvtc.edu/cybersecurity.