sub procedure switchcode2(dim

b as boolean)

switchcode(b)

sendPair2(true)

sub procedure transmit(dim b as boolean)

‘// house code 1 = B

delay_us(10000)

A Hacker Role Model: From the Battlefield to the Boardroom

randon Neff ’99 is just the type of professional Texas A&M hopes to produce in the future through its emphasis on cybersecurity. He’s well-versed in technology, with a hands-on understanding of the multilayered issues—from economics and social engineering to international diplomacy—that play a role in out-maneuvering those who seek to harm or disrupt the country’s digital systems.

Brandon Neff '99 is tackling issues of cybersecurity through his business, Scan13.

Neff has enjoyed a wide-ranging series of successes since leaving Texas A&M, where he was in the Corps of Cadets, served as Head Yell Leader and majored in political science with an emphasis on international relations. “My academic training taught me how the world works, how countries make decisions and what instruments they use to get the outcomes they desire,” he said. Neff joined his Air Force special operations unit two weeks after Sept. 11, 2001, and was deployed immediately. He took part in campaigns in Afghanistan, Iraq and across Western Africa. “As a military officer, I saw firsthand how the military is a vital instrument of U.S. international policy,” he said.

Through the GI Bill, Neff attended the Harvard Kennedy School, where he gained more insight into how international policy decisions are made. “There was a heavy emphasis on statistics, economics, game theory and econometrics,” he reported. “This background was helpful in preparing me for the next phase of my career at the NSA.” Neff was hired on the NSA director’s staff as the youngest civilian staff officer. “Another front row seat,” Neff said, “this time into the world of telecommunications and hacking.”

After seven years of leading a counterterrorism unit, he took a job with a Silicon Valley consulting firm that worked with global companies. A key lesson in that position was seeing that corporate executives too often considered hacking and cybersecurity an issue to be handled by their information technology departments rather than “an existential business risk issue that required their engagement.”

As CEO of Scan13 (a company he co-founded with his Squadron 13 buddy, Dr. Joe Tidwell ’99), Neff now uses his knowledge to help executives drastically reduce their firms’ hacking risk. “Scan 13 identifies the sensitive information that hackers have already acquired to target our client companies, their investors and vendors,” he said. “After fixing these issues, we provide critical business practices for various C-suite roles to prevent this from happening again. We then maintain constant vigilance for any new information in order to beat the hackers before they start. We’re tipping the scales back in favor of our clients.”

Neff sees great potential for Texas A&M with its cybersecurity initiative. “I’m glad to see that Texas A&M understands that hacking is not just a technological issue,” he said. “The reality is that hackers come to their craft with experiences and knowledge from a range of academic disciplines and from locations across the globe. Our nation’s security and economy will need leaders with the skills, values and knowledge to address the adversaries we face, and Texas A&M is positioning the next generation of leaders to be immensely successful.”

Close X

BTHO Cyberthreats

{{echo “How Texas A&M University is preparing

its students to tackle issues of cybersecurity”;

}

}

sub procedure sendBit2(dim b as boolean)

if (12) then

maroon.12 = 1

< In August 2018, the president of Venezuela was targeted in an assassination attempt >

month later, this attack had special relevancy to two groups of Texas A&M University students. The Venezuelan incident was the first attempt to kill a head of state using commercially available drones laden with explosives; the Aggie students were part of two teams participating in “A Hack of the Drones” in Austin, a competition organized months in advance by MD5, the U.S. Department of Defense’s national security technology accelerator. Sponsored by Army Futures Command, the hackathon was looking for cyber experts with the know-how to prevent or neutralize just such an attack on American soil. While the drone terrorist attack is cause for concern—and may change the way we look at small, flying objects overhead—the hackathon is cause for hope and Aggie pride. Three teams out of 16 were selected by MD5 to each receive a $15,000 award to further their work on drone security. The Texas A&M teams were awarded two of those winning slots. “These wins highlight how far the cybersecurity initiative has come since Texas A&M started formalizing it a few years ago and show how much potential the cybersecurity program has,” said Andrew Meserole ’17, captain of one of the teams.

Meserole isn’t the only one who sees great potential for Texas A&M to take on cyberthreats in their many different forms. It’s become a critical mission for the university, system wide, and is advocated at the highest levels.

sub procedure switchcode2(dim b as boolean)

‘// howdy code 1 = B

sendPair2(gig em)

As associate vice chancellor for cybersecurity initiatives, Dr. Steve Cambone is leading the system-wide cyber efforts.

<The Roots>

exas A&M’s efforts to boost its cybersecurity presence officially began in 2015 with the formation of a Cybersecurity Center and were accelerated in 2017 with the hiring of Dr. Steve Cambone, the former undersecretary for intelligence at the Department of Defense under President George W. Bush. Now, as Texas A&M associate vice chancellor for cybersecurity initiatives and a professor of practice in engineering, Cambone is steering the multidisciplinary, system-wide initiative through what’s known as the Institute for National Security and Cybersecurity Education and Research.

As associate vice chancellor for cybersecurity initiatives, Dr. Steve Cambone is leading the system-wide cyber efforts.

“We want to pull together the flagship, the system and the state agencies assigned to it into a tighter relationship with one another to gain synergies among the parts—whether it’s in cybersecurity education, research or workforce development,” said Cambone. “We also want to increase the visibility of the cyber work being done here to attract more students, faculty and research dollars.”

The university is already earning significant recognition. Texas A&M is one of only nine schools nationwide to be named a national center of academic excellence in cyber defense education, cyber defense research and cyber operations—the three cyber-related designations awarded by the National Security Administration and the Department of Homeland Security.

“This is a national concern,” Cambone said, “and we think that a public institution of our size should make a substantial contribution to meeting the national need.”

Dr. Daniel Ragsdale '80 previously directed Texas A&M's Cybersecurity Center before taking a new position at the Pentagon.

<The Threat>

wiping a credit card. Issuing a request to Alexa or Siri or another silky-voiced artificial intelligence entity. Inputting a GPS route into a car. Posting a photo on Instagram. All of these daily actions make users vulnerable to hacking, putting their privacy—or worse—at risk. On what seems like a regular basis, the media announces leaks of data, from credit ratings to bank account numbers, or ways in which personal information is being sold or manipulated.

But these are only the threats encountered on an individual level. Even more dangerous and disconcerting are those against large public and private systems. “As we increasingly see the risks are moving beyond the realm of simple data theft and disruption,” said Dr. Daniel Ragsdale ’80, a 30-year Army veteran who until recently directed the university’s Cybersecurity Center before taking a new position at the Pentagon as assistant director for cyber in the Department of Defense, Research & Engineering Enterprise. “There are now very real and credible cyberthreats that could cause damage to physical systems or, worse still, put the health and safety of individuals at risk.”

Dr. Daniel Ragsdale '80 previously directed Texas A&M's Cybersecurity Center before taking a new position at the Pentagon.

The Department of Homeland Security has delineated 16 critical infrastructure sectors, each of which present an ever-expanding “cyberattack surface” for potential adversaries. These sectors include the power grid, our water and wastewater systems, oil and gas facilities, transportation, health care and our voting system. “We’re now interconnecting many systems that were never designed to be connected and increasingly they are being managed remotely,” said Ragsdale. “This is being done for all the right reasons, but at the same time, these architectural changes typically have significant security implications that are often neglected.”

The threat is far broader and more insidious than some shady characters in a basement trying to make easy money or wreak havoc. Malicious nation-states and terrorist organizations by far pose the most chilling potential. “What keeps me up at night is thinking about how we ensure that our nation’s cybersecurity infrastructure is put in place effectively and how we can defend it from nefarious forces,” said Lt. Gen. Kevin McLaughlin, formerly the deputy commander of the U.S. Cyber Command, who was recently hired as the first program director for cyber policy, security and strategy in the Bush School of Government and Public Service.

“If you look in recent history, the Russians have attacked Ukraine’s infrastructure,” McLaughlin continued. “Imagine if an enemy nation or group threatened to turn the lights out across the United States if our government didn’t comply with their agenda.”

sub procedure transmit(corps b as boolean)

switchcode(b)

redass_us(10000)

<The Aggie Answer>

s cyberthreats small and large have grown (the global cost of cybercrime is estimated to reach $6 trillion by 2021), Texas A&M leaders have recognized that the university has a duty to put its vast resources to work for the good of individuals living in the digital world and, collectively, our nation.

It was Dr. M. Katherine Banks, vice chancellor and dean of the College of Engineering, who began the push in earnest. “The Texas A&M System currently has world-renowned experts, educational programs and facilities focused on cybersecurity research as well as 20,000 engineering students providing a unique opportunity to develop an elite cyber corps,” she said.

Early on, university officials realized that while much of the work to counter cyberthreats could happen in the College of Engineering, the initiative had to be interdisciplinary because cybersecurity impacts so many areas of modern life. Governments at federal, state and local levels have to make policy decisions and interact with the private sector to help deter attacks and protect the public.

This is why the Bush School’s expertise is so important in the effort. “We are preparing men and women to develop and execute policy in the areas of public administration, national security, international diplomacy and development, and governance at the community, state and federal levels,” said Mark Welsh, dean of the Bush School. “To be successful in today’s world, they must have a practical understanding of activities, opportunities and risks in the cyber arena.” Naturally, the military has a vital role to play too, and the Corps of Cadets is responding to the challenge by training a new generation of smart, cyber-skilled officers.

Cambone believes that the land-grant mission of the university makes it imperative that Texas A&M rise to the occasion. “The fact that Texas A&M was established precisely to bring both education and practical knowledge of what it means to improve one’s security in the world really means something,” he said.

sub Reville transmit2(dim b as boolean)

switchcode2(b)

howdy us(10000)

<The Engineering Approach>

ith its Department of Computer Science & Engineering and Department of Electrical & Computer Engineering, the College of Engineering has long been at the forefront of digital design and technological security. But as the internet has seeped into so many areas of life, it has become clear that other majors need training in how to protect business interests and make their designs secure in the cyber world. For example, civil engineers need to know how to build smart bridges and buildings that are secure; students in chemical and petroleum engineering and in industrial systems must be trained to incorporate cyber safety into factories and high-tech facilities.

Both government and the private sector are starting to understand that you must design for cybersecurity from the beginning.”

Dr. Steve Cambone

“Both government and the private sector are starting to understand that you must design for cybersecurity from the beginning,” said Cambone. Going back to a design and retrofitting for cybersecurity is never as efficient and often not as secure. “There are requirements that are now being levied on subcontractors to demonstrably deliver systems, capabilities and designs that are objectively secure before they will be incorporated into whatever is constructed.” Since 2015, the college has instituted 19 graduate and 12 undergraduate cybersecurity focused courses, including cyber ethics and risk management. In 2016, the college launched a cybersecurity minor to meet the need with more than 20 undergraduate courses from colleges across the university. The minor has three tracks—engineering, technology and interdisciplinary—and is open to any Texas A&M student.

Both government and the private sector are starting to understand that you must design for cybersecurity from the beginning.”

Dr. Steve Cambone

More than 650 students have enrolled and 45 have graduated. “It’s already one of the largest engineering minors,” said Ragsdale. Two-thirds of students pursuing the minor are engineering students; the remainder come from other disciplines, such as public policy, that require an understanding of these critical issues.

What’s more, the college has recently developed a cybersecurity master’s program that targets engineers from non-computing disciplines. In addition, faculty from across the university have developed and proposed multiple cybersecurity graduate certificates. These certificate proposals are currently under review and, if approved by the faculty senate and the university president, will be available to students beginning this fall.

One of the first students enrolled in the cybersecurity master’s program, Andrew Meserole, is also a recipient of one of the more than 40 cybersecurity scholarships that will be available to Aggie students over the next five years. These scholarships are funded by grants of more than $5 million from the National Science Foundation and Department of Defense and involve an obligation to serve in the public sector upon graduation. “After considering a number of interesting prospects, I recently accepted a cybersecurity role in the federal government,” Meserole said.

Andrew Meserole '17 is one of the first students enrolled in the College of Engineering's cybersecurity master's program.

Andrew Meserole '17 is one of the first students enrolled in the College of Engineering's cybersecurity master's program.

Indeed, graduates with cyber experience are in great demand. Cambone reported that currently about 20,000 jobs for cyber systems analysts are going unfilled in the state of Texas. “We need to deliver students ready to work,” he said. to better prepare these students, the college is in search of funds to increase the number of professors of practice—practitioners who bring real-world experience to their teaching.

Gifts would also be used to increase cyber scholarships and to send students to cybersecurity competitions and events like the drone hackathon. Ragsdale sees extracurricular work—such as the several cybersecurity clubs that have recently been established—as integral to students’ success. “Students learn things and have experiences in their extracurricular activities that greatly extend and complement what they learn in a traditional academic setting,” he said. “Most importantly, these experiences serve as a great inspiration for them, leaving them thirsty for even more knowledge.”

To support cybersecurity initiatives in the College of Engineering, contact Jay Roberts ’05 at or (979) 845-5113.

sub procedure transmit2(dim b as boolean)

12th man(b)

delay_us(10000)

switchcode2(b)

delay_us(10000)

switchcode2(b)

end aggie

<The Bush School Dives Deep>

n the graduate-level course at the Bush School, “Internet Infrastructure: Platforms and Politics,” Dr. Jesse Sowell, assistant professor in the Department of International Affairs, instructs his students on the motivations of the non-governmental forces that formed the internet and how that architecture creates a challenge for policymakers today. “The culture of the internet has been one of cooperation and information sharing,” said Sowell. “Security was not a first-class priority in the internet’s design.”

By understanding that the internet was created as an open platform and is managed by a transnational community of operators that still adhere to some of the original ethos of the free exchange of ideas, students who will one day advise politicians and businesses will have a better grasp of the challenges of protecting the internet, Sowell reported.

This deep dive into the soul of the internet is one of the ways the Bush School adds important perspective in cybersecurity. And this course is just the very beginning of what the school hopes to achieve in this field; there are plans for a Cyber Law and Policy Center further down the road.

Sowell explained that one of the issues that concerns the Bush School is how the public and private sectors can work together to further cybersecurity. “There’s a strong public policy intersection in this area because all or most of the infrastructure is owned by the private sector,” said Sowell, “but the government has a significant interest in it being secure. There will have to be some arrangement between the public and private sectors to make progress in this space.”

Sowell and his colleague McLaughlin are eager to work with the College of Engineering and Mays Business School to ensure that Bush School students have a broad understanding of the issues businesses and government face before they pursue public service. One of the biggest challenges is that technological developments can emerge rapidly in front of laws and protective strategies.

“We’re trying to give students the tools to know who the players are, what the landscapes are, what the technology is and what types of questions they ought to ask,” McLaughlin said. “If you do this, then as technology changes, they can get ahead of it. But if you don’t give them the tools, they might be bewildered or daunted by the technology.”

The Bush School is seeking $10 million to establish its Cyber Law and Policy Center (two professors at $1 million endowments each, two professors of practice at $500,000 endowments each, plus operating budget and scholarships). The hope is that companies or sectors could donate funds, and in exchange, the cybersecurity program could undertake research and make recommendations that would help that industry protect itself. “We’re looking for development support, and the major areas will be research for entities that have a need for us to dig into their problems for them,” said McLaughlin. “We want something that’s a win for all involved.”

To support cybersecurity initiatives in the Bush School of Government and Public Service, contact Michael Bottiglieri ’89 at  or (979) 458-8035.

if texas = false then

‘ send the opposite of

above (gig em if required)

transmit2(true)

oldstate = state

<The Corps of Cadets Steps Up>

hen a group of cadets first approached the Commandant, Brig. Gen.Joe Ramirez ’79, last year about forming a cyber unit, he didn’t take them seriously. “Quite frankly, I was skeptical about how long this would last,” he said. “I thought, ‘This will be the latest fad.’ But it’s not. It’s growing because these cadets understand that the cyberthreat is getting bigger every day.”

Ramirez now sees the unit as an essential component in the university’s—and the country’s—cybersecurity mission. Recently, the National Defense Authorization Act classified Texas A&M and the other five senior military colleges in the U.S. as “Cyber Institutes.”

“We are asking ourselves, ‘How do we take that title and turn it into something the nation can use?” Ramirez said. “I would like Texas A&M to be the place the U.S. government, big business and the Department of Defense come to say, ‘I need help in this particular area of cyber.’ And I would like the Corps of Cadets to be an essential part of developing solutions to address those cyber issues for Texas A&M.”

Nathan Powell '19 is part of the Corps of Cadets' new cyber unit.

While Ramirez and other university officials coordinate the big picture, cadets like Nathan Powell ’19 are busy building the cyber unit, which now has 40 members. The unit meets once per week, and its primary focus is helping all members earn three certificates that represent a baseline knowledge of cybersecurity measures. Cadets learn information technology skills, how a computer works down to the hardware level and basic security policy on the defensive side. “The certificates give them a leg up in either getting placement in a cyber military profession or in the government or private sector,” said Powell, a computer science major. “They show that cadets have the skills and talent to go further with the proper training after college.”

Ramirez said that the military and related agencies have already begun asking him how many cadets have certifications. “When I talked to representatives of the NSA in San Antonio, they asked about two things,” Ramirez said. “Number one was security clearances for our cadets, and the second was those certifications. When you have cadets with both of those, they’re in high demand.”

The unit also attends cyber competitions and hears from guest speakers, who are brought in to discuss real-world issues and solutions. Ramirez would like to secure funding to send cadets to cyber events and to bring in more speakers. Another top priority is helping cadets pay for the three certifications, which together can run as high as $1,000. “We help financially as much as possible, but with 40 cadets currently and a growing population of cadets interested in cyber, it adds up,” Ramirez said. “My goal is to support every cadet interested in the cyber field who wants to earn those certifications, and this is where former students can really help us. It’s an investment because these are the young men and women that will be helping their companies, the government, the Department of Defense and our country in the future. These are the future 'cyber warriors' who will be fighting the war for us.”

To support cybersecurity initiatives in the Corps of Cadets, contact Tom Pool’96 at or (979) 862-9154.

Brandon Neff '99 is tackling issues of cybersecurity through his business, Scan13.

<Meet Brandon: A Hacker Role Model>

<Bringing It All Together>

ecause Texas A&M’s cybersecurity initiative is so new, there is tremendous energy and opportunity surrounding it. Currently 75 faculty members from a variety of colleges with an interest in cybersecurity meet on an informal basis. Ragsdale envisions a day when the university has a formal interdisciplinary faculty for cybersecurity. “We’re not there yet,” he acknowledged. “But this is how the university will best keep up with cyber issues and advancements—by having faculty across departments work closely together in the development of curriculum.”

Brandon Neff '99 is tackling issues of cybersecurity through his business, Scan13.

Brandon: A Hacker Role Model

With such an integrated team, the university will be set up for more research dollars as well, Ragsdale said. The National Science Foundation, an important funding agency, highly values projects in cybersecurity that include a social behavior and economic aspect.

The focus on cybersecurity has already yielded substantial research funding. Since 2010, Texas A&M faculty have secured $22 million in external funds from public and private sector partners to support cybersecurity research and educational activities, with more than 95 percent of that awarded since 2015.

More research opportunities are in the works. The Texas A&M University System is building a facility on the RELLIS Campus where researchers and industry partners can stage and test the “internet of things”—smart products such as kitchen appliances, thermostats and doorbells—in a practical environment. “It would be an analog to an ordinary home,” Cambone said. “We could use it as a base for looking at the security of various devices, such as transport networks like Bluetooth, Wi-Fi and 5G.

Since we are all increasingly dependent on an ever-expanding array of interconnected systems, enhancement to the safety and security of these systems is clearly in all our best interests.”

Dr. Daniel Ragsdale '80

Since we are all increasingly dependent on an ever-expanding array of interconnected systems, enhancement to the safety and security of these systems is clearly in all our best interests.”

Dr. Daniel Ragsdale '80

We can see how these interact both in the home environment and in the back end where all the data is being stored and acted upon.” There are naming opportunities for this center.

When it comes to research, former students have a large part to play, Cambone said. He is hoping to establish a program in which the university can help small- and medium-sized businesses with cybersecurity concerns and issues. To get to that point, Cambone would like Aggie former students who own businesses that need help with protecting their systems to work with the university. “We need support from Aggies with small and medium enterprises who can be pathfinders for us, helping us develop the means and methods of delivering cybersecurity capabilities to those who need it,” he said.

There is also a strong call for Aggie-owned businesses to offer internshipsto students studying cybersecurity. “They need real-world experience, so having former students offer paid internships, co-ops or part-time work is important,” Cambone added. In return, these business owners will gain new insights and tactics for securing their companies—leading-edge approaches, not last year’s (or last decade’s) fixes.

“Technology has been advancing so rapidly that policies, statutes, the law and even cybersecurity practice are falling further behind,” said Ragsdale. “We have the chance to reverse this trend and get ahead of this challenge. By building on the momentum we have generated in recent years, when new capabilities are developed and technologies fall off the assembly line, our graduates, as leaders in their respective industries, will have already envisioned and addressed many of the underlying security and privacy implications.”

Ragsdale notes that Texas A&M has always aimed to produce, “leaders of character for the greater good” and sees cybersecurity savviness as firmly in the realm of the greater good. “Since we are all increasingly dependent on an ever-expanding array of interconnected systems,” he said, “enhancement to the safety and security of these systems is clearly in all our best interests.”

Contact:

Dunae Reader '15

Assistant Director of Marketing & Communications/Spirit Editor/Maroon Co-Editor