Jennifer Kleman

About Jennifer Kleman

This author has not yet filled in any details.
So far Jennifer Kleman has created 34 blog entries.

Strengthening Florida’s Cybersecurity with the Cyber Risk Assessment

Cybersecurity has become a critical priority for organizations across public and private sectors. Recognizing this need, Cyber Florida has developed the Florida Cyber Risk Assessment (FCRA), a no-cost, confidential cybersecurity risk assessment aligned with NIST Cybersecurity Framework (CSF) 2.0. The FCRA is designed to assist critical infrastructure (CI) organizations in identifying and mitigating cybersecurity risks, complying with best practices outlined in the Florida Cyber Act (Statute 282.318), and building resilience against cyber threats.

What is the Florida Cyber Risk Assessment?

The FCRA is a Florida-specific adaptation of the Cyber Security Evaluation Tool (CSET®) developed by Idaho National Lab. It incorporates 106 NIST CSF questions and 48 Ransomware Readiness Assessment (RRA) questions, providing a structured approach for organizations to strengthen their cybersecurity frameworks. Participants can generate customized reports to enhance their cyber defense strategies and align with legal and regulatory requirements.

Addressing Gaps in Florida’s Critical Infrastructure Sectors

Recent FCRA assessments have revealed significant cybersecurity gaps within Florida’s CI sectors:

  • Lack of Response and Recovery Plans: 50% of CI providers lack robust response and recovery plans.
  • Weak Authentication Practices: Half of CI organizations do not use Multi-Factor Authentication (MFA).
  • Inconsistent Partner Audits: While 39% conduct response planning with third-party providers, only 48% regularly audit these partners’ cybersecurity practices.
  • Limited Training Programs: 49% lack formal cybersecurity training programs beyond basic awareness.
  • Unclear Management Responsibilities: Nearly half of providers do not have assigned cyber-management responsibilities, with 49% lacking a Chief Information Security Officer (CISO).
  • Infrequent Incident Response Exercises: Only 48% of organizations conduct biannual incident response tabletop exercises.
  • Undefined Risk Tolerance: Just 53% of CI providers have clearly defined their risk tolerance, highlighting a critical gap in risk management strategies.

Enhancements and Tools to Support Cybersecurity

To address these challenges, Cyber Florida has implemented or is developing several tools and initiatives:

  • Entry and Mid-Level Assessments:
    • A 20-question entry-level assessment evaluates organizations’ protections based on the top 20 areas of concern.
    • A 38-question mid-level assessment measures cybersecurity maturity against CISA Cybersecurity Performance Goals (CPGs).
  • Maturity Modeling: A maturity index based on the Multi-State Information Sharing and Analysis Center (MS-ISAC) template helps organizations benchmark their cybersecurity practices.
  • AI-Driven Resource Mapping Tool: In development, this innovative tool generates summaries from NIST 800-53 for all 106 CSF questions. Users will be able to efficiently create comprehensive cyber plans, including governance, incident response, and recovery plans.
  • Workshops: A series of cybersecurity presentations aimed at raising awareness and educating CI organizations in both the public and private sectors.

New Tools and 2025 Initiatives

Cyber Florida continues to innovate and expand its efforts to enhance cybersecurity across the state. Notable initiatives include:

  • Florida CI Mapping Pilot Project (Cyber-Bulls-I): A first-in-the-nation resource to help CI sectors address cyber risks, meet legal requirements, and build future compliance capacity. This tool provides risk reduction resources tailored to Florida’s sectors, risks, needs, and vulnerabilities.
  • Enterprise Data Management Platform: A forthcoming platform designed to identify grant, research and development, and policy opportunities for Florida’s CI sectors.
  • Visualization and Dashboard Tools: New tools for state leadership to monitor and address cybersecurity challenges effectively.
  • Workforce Development Initiatives: These include a new mapping tool to support small business and defense industry growth.

The Path Forward

With its comprehensive approach and cutting-edge tools, the Florida Cyber Risk Assessment is paving the way for a stronger cybersecurity posture across Florida’s critical infrastructure sectors. Organizations adopting the FCRA’s recommendations and utilizing its resources will be better equipped to protect themselves against evolving cyber threats and ensure compliance with industry standards and legal mandates.

Cyber Florida remains committed to fostering a secure, resilient, and innovative cyber environment for Florida. For more information or to participate in the FCRA, visit https://cyberflorida.org/cip/ today.

2025-01-17T12:42:18-05:00January 17, 2025|

Teacher Spotlight: Lorraine Grice

Lorraine Grice

Teacher: Lorraine Grice

School: Orange County Technical College

County: Orange

Meet Lorraine Grice, one of the exceptional teachers at Orange County Technical College! With over 35 years of dedicated service in Orange County Public Schools, Lorraine continues to defy burnout by embracing the ever-changing world of Information Technology with enthusiasm and curiosity.

Her journey began with the familiar clatter of a Royal Manual Typewriter, evolving into a dynamic career teaching Enterprise Desktop and Mobile Support Technology to high school students. Lorraine’s passion for technology and education is truly inspiring. She thrives on the challenge of equipping students with the critical cyber knowledge they need for the future.

Join us in celebrating Lorraine’s remarkable contributions and her unwavering commitment to lifelong learning and student success!

Would you like to be featured in our Teacher Spotlight? To nominate yourself or another deserving teacher, complete the interest form below!

2024-12-20T09:48:35-05:00December 20, 2024|

Ernie Ferraresso Appointed to FL Cybersecurity Advisory Council

Cyber Florida Director Ernie Ferraresso

December 9, 2024—Tampa, Fla—Cyber Florida at USF is proud to announce Governor Ron DeSantis’ appointment of Director Ernie Ferraresso to the Florida Cybersecurity Advisory Council. This appointment highlights the state’s unwavering commitment to enhancing cyber defense and safeguarding critical infrastructure.

Ferraresso, a distinguished veteran of the United States Marine Corps, brings a wealth of experience and leadership to the council. As Cyber Florida’s director, he spearheads efforts to advance the state’s cybersecurity initiatives through education, outreach, research, and workforce development. Ferraresso also serves as a Senior Fellow at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security, contributing to national strategies for securing vital systems against cyber threats.

“I am honored to join the Florida Cybersecurity Advisory Council and support the state’s mission to strengthen its defenses against evolving cyber threats,” said Ferraresso. “Cyber Florida’s commitment to collaboration and innovation aligns seamlessly with the council’s goals, and I look forward to contributing to a safer and more secure Florida.”

Ferraresso earned his bachelor’s degree from Barry University and has dedicated his career to addressing the challenges of cybersecurity and critical infrastructure protection. His expertise will help guide the council in shaping policies and strategies to bolster Florida’s cyber resilience.

The Florida Cybersecurity Advisory Council plays a pivotal role in providing guidance to protect the state’s critical systems and infrastructure, ensuring Florida remains at the forefront of cybersecurity preparedness.

Ferraresso is available for interviews through December 18, 2024. Please make arrangements through Cyber Outreach Manager Jennifer Kleman at [email protected]. For more information about Cyber Florida and its mission to advance cybersecurity in the state, visit https://cyberflorida.org/.

ABOUT CYBER FLORIDA AT USF

The Florida Center for Cybersecurity at the University of South Florida, commonly referred to as Cyber Florida at USF, was established by the Florida Legislature in 2014. Its mission is to position Florida as a national leader in cybersecurity through comprehensive education, cutting-edge research, and extensive outreach. Cyber Florida leads various initiatives to inspire and educate both current and future cybersecurity professionals, advance applied research, and enhance cybersecurity awareness and safety of individuals and organizations.

2024-12-10T09:28:11-05:00December 10, 2024|

phaseZERO: Innovation Incubator Announced

phaseZERO

Cyber Florida at USF Announces phaseZERO: Innovation Incubator to Boost Cybersecurity Innovation in Florida

December 2, 2024—Tampa, Fla—Cyber Florida at USF is proud to announce the launch of phaseZERO: Innovation Incubator, an innovative seed fund initiative designed to support Florida-based researchers and emerging entrepreneurs in transforming cutting-edge cybersecurity ideas into thriving businesses. With a focus on commercializing cybersecurity innovations, strengthening critical infrastructure, and creating new opportunities, phaseZERO aims to establish Florida as a national leader in cybersecurity entrepreneurship.

Modeled after the Small Business Administration’s SBIR/STTR Phase I programs, phaseZERO addresses critical gaps in seed funding and provides expert mentorship, complementing existing statewide efforts like the Florida High-Tech Corridor, I-Corps, and local incubators and accelerators.

“This program is about removing barriers for innovators,” said Dr. Manish Agrawal, Cyber Florida at USF academic director at Cyber Florida and USF professor. “By providing funding and mentorship without taking equity, we’re enabling Florida’s entrepreneurs to focus on what matters most: building solutions that strengthen our cybersecurity resilience.”

Program Highlights

For this round of funding, phaseZERO will award up to $60,000 each to up to four emerging Florida companies (not to exceed $240,000 total) selected through a rigorous, three-stage evaluation process:

  • Stage 1: Applicants submit a completed application and a brief business plan for technical and business evaluation by a Cyber Florida Entrepreneur-in-Residence (EIR).
  • Stage 2: Selected applicants pitch their plans to an evaluation panel during a virtual event.
  • Stage 3: The evaluation panel selects awardees who receive funding in installments while working with an EIR to establish their business, secure further funding, and prepare for operations.

Funded companies gain access to Cyber Florida’s expansive network of state innovation ecosystem partners, including universities, accelerators, and industry leaders.

Timeline

  • Application Launch: December 2, 2024
  • Application Deadline: January 3, 2025
  • Pitch Event Invitations: January 10, 2025
  • Pitch Event: January 24, 2025

Through phaseZERO, Cyber Florida continues its mission to foster research partnerships, attract cybersecurity companies to Florida, and enable the creation of new ventures.

For more information about phaseZERO, application details, and how to get involved, visit cyberflorida.org/phasezero.

ABOUT CYBER FLORIDA AT USF
The Florida Center for Cybersecurity at the University of South Florida, commonly referred to as Cyber Florida at USF, was established by the Florida Legislature in 2014. Its mission is to position Florida as a national leader in cybersecurity through comprehensive education, cutting-edge research, and extensive outreach. Cyber Florida leads various initiatives to inspire and educate both current and future cybersecurity professionals, advance applied research, and enhance cybersecurity awareness and safety of individuals and organizations.

2024-12-02T13:37:28-05:00December 2, 2024|

Teacher Spotlight: Amber Jones

Amber Jones

Teacher: Amber Jones

School: Port St. Joe High School

County: Gulf

Amber Jones is an outstanding teacher in Gulf County, Florida. Amber is a dynamic force in cybersecurity education at Port St. Joe High School with 15 years of experience. As the technology teacher for grades 8 through 12, she brings innovation to life through her courses in digital information technology, gaming, and yearbook. Beyond the classroom, she leads as the eSports coach for both junior high and high school, inspires as the girls weightlifting coach, and guides as the senior class sponsor.

Amber’s impressive academic journey includes a degree in business information technology from Troy University and a master’s degree in educational leadership from Grand Canyon University. At home, she is a devoted mother to two wonderful daughters. Her husband plays a pivotal role at Port St. Joe High School as the athletic director and head coach for football, girls weightlifting, and softball.

Next year, Amber plans to bring her students to CyberLaunch 2025 to show off their skills and compete for some really cool prizes! We are so grateful for Amber’s contributions to both the students in Florida and the field of cybersecurity education!

Would you like to be featured in our Teacher Spotlight? To nominate yourself or another deserving teacher, complete the interest form below!

2024-11-26T12:37:11-05:00November 26, 2024|

Cyber Florida at USF’s SOCAP Builds Cyber Talent Pipeline

Cyber Florida at USF SOCAP

Cyber Florida at USF’s Security Operations and Cybersecurity Apprenticeship Program (SOCAP) employs up to 10 students each semester, with opportunities for students to remain in the program for multiple terms. Through this innovative program, SOCAP interns gain hands-on experience addressing real cybersecurity issues for various clients, effectively extending the capabilities of client IT teams.

Managed by Ryan Irving and Duy Dao, SOCAP gives students valuable exposure to the day-to-day operations of a security operations center. Leveraging tools like Microsoft Defender, Crowdstrike, Stamus Networks, MS-ISAC Albert, Recorded Future, Magnet Forensics, Belkasoft Forensics, Volexity, and more, Irving assigns work tickets—real security alerts or issues—that need investigation. Each day, students select or are assigned tickets from the system, allowing them to work on current cybersecurity tasks and engage in practical problem-solving.

The University of South Florida (USF) Information Technology (IT) Department is among the clients benefiting significantly from SOCAP’s services. “The SOCAP partnership with USF IT is fantastic,” says Irving. “Students aren’t just performing real cybersecurity tasks; they’re actively improving the security of the university’s IT infrastructure while honing their skills in a real-world environment.”

In addition to ticket-based troubleshooting, SOCAP students take on proactive threat-hunting roles, scouring resources to detect potential indicators of compromise and preparing threat advisories for Cyber Florida’s threat room page on its website.

SOCAP students like Alessandro Lovadina, Erika Delvalle, and Ben Price bring diverse skills and interests, creating a collaborative team environment.

Lovadina is passionate about coding projects, like building web applications. “With AI, cybersecurity is crucial; all students should learn the basics of cybersecurity,” he notes.

Delvalle finds excitement in threat-hunting tickets. “It never gets boring,” she says. “You’re always learning something new.”

Price enjoys challenging issues that expand his research skills and expertise. “It’s fulfilling; it’s important,” he says.

SOCAP students have the freedom to conduct their own research and troubleshoot using open-source information and reliable online resources. The program’s hybrid format allows students to work both in-office and remotely, providing a dynamic environment that complements their class schedules. This flexibility gives SOCAP interns a comprehensive view of security operations and invaluable career experience.

Irving also incorporates regular training exercises in collaboration with the USF IT team. “Monthly simulated events allow students and staff to practice incident response skills together,” he says. “We invite USF IT to join these sessions, so that we can learn and improve our response capabilities as a team.”

Dennis Guillette, Director and Security Architect of USF IT, expressed his appreciation for SOCAP students’ contributions to the university’s cybersecurity efforts. “I would like to extend my deepest gratitude to the SOCAP students for their outstanding hard work and dedication. Their impressive technical knowledge and exceptional troubleshooting skills have been invaluable to our security posture. Their commitment to excellence and ability to tackle complex security challenges have significantly strengthened us. Thank you for setting a high standard of professionalism and expertise.”

Cyber Florida’s SOCAP internship program at USF continues to be a valuable resource for students and the university alike, advancing cybersecurity skills and bolstering the state’s defenses. It serves as a model for other schools.

2024-11-22T10:05:03-05:00November 22, 2024|

Teacher Spotlight: Tina Vieira

Tina Vieira

Teacher: Tina Vieira

School: Nature Coast Technical High School

County: Hernando

With 19 years of dedicated experience in Hernando County Schools, Tina Vieira has made a remarkable impact on education. Throughout her career, Tina has taught multiple subjects, served as a district writing coach and ESOL compliance specialist, and helped develop new computer science standards in collaboration with the Department of Education.

Driven by her commitment to technology education, Tina transitioned to computer science and now leads a range of technology courses at Nature Coast Technical High School. Her influence goes beyond the classroom, as she also trains educators across Florida, helping shape the future of computer science education statewide.

Tina’s passion for empowering students shines through in her words: “Seeing kids learn skills that are not only in high demand but will also set them up for a successful future is incredibly rewarding for me.” Her dedication to fostering student growth and success is evident in her students’ involvement in cyber competitions.

Beyond her professional achievements, Tina enjoys spending time on the water with her family.

Her commitment to cybersecurity education and student success is truly commendable. Thank you, Tina, for your invaluable contributions!

Would you like to be featured in our Teacher Spotlight? To nominate yourself or another deserving teacher, complete the interest form below!

2024-10-25T14:38:49-04:00October 25, 2024|