WHAT I LEARNED AT CODEDAY SAN DIEGO

Yes, learned. There was a whole lot of learning going on this past weekend at the CodeDay San Diego event held at the Ansir Innovation Center. In the words of Tom Paulus, Regional Manager and Lead Evangelist for CodeDay San Diego, “CodeDay is an inspiring event for students, many build skills and all leave with higher confidence.”

I was invited to serve as a judge for this event and arrived with the confidence of age and experience, “I’m the adult, not only will this be fun, it should be easy.” Fun? Yes. Easy? Not even close.

I arrived to a scene I imagined opening a can of worms might look like. The student participants ranged from 7th graders to college age. They were everywhere, talking about everything to everyone.

Future Women CodersThere were all-male, all-female and co-ed teams each assembled randomly. The focus was on skills and trust, not gender.

“I’m here with my sister” said one. When asked, “Where is your sister?” she pointed to a lumpy sleeping bag under a worktable. They had been working on projects all night and had achieved great things. Games were imagined, designed, built and successfully launched. By 7th graders. The same effort and result was true for the App developers, cloud-based start ups and all the other projects.

Best Overall team of Dreamers and DevelopersA cloud-based SaaS start up to foster idea collaboration was inspired by a team of dreamers and developers because “We really didn’t have an idea of what to work on.” They successfully launched their app that connects dreamers and developers to move projects forward. They won the Best Overall award.

Technology Throwback

It was quarter century throwback for me. Ric French, Jeff McBride, Judy Shulman and I attended Windows 1st birthday in Atlanta with Bill Gates. All of us and all of the students had experienced the same wonder, curiosity, problem solving, sleep deprivation, exhilaration and most importantly, courage.

To suspend disbelief, to leap into the unknown is the privilege of the young. What I learned this weekend is that it is alive and well here in San Diego.

Are You Ready to Learn?

I find that whenever I serve in the role of teacher, mentor, coach or judge, I’m often the one who learns the most. As a seasoned professional, no matter what your field of endeavor, I encourage you to seek out opportunities in your community like CodeDay. Yes it was fun and it wasn’t easy to pick winners from the entries. That’s because those who have the courage to leap are all winners.

This blog was written by Jerry Gitchel

Cybersecurity Awareness – Identity Theft (Part 1)

After conducting a public cybersecurity awareness seminar in February, and since my interview in April, the Borrego Sun has been interested in getting additional information and tips for people to stay safer online and protect their personal information. This article is the first in a short series to be published periodically, picking up where the interview left off, and focusing on a widespread problem – Identity Theft. Anyone can become a victim – young or old; in school, working or retired; male or female; any race or nationality – identity thieves do not discriminate! The information presented here is not new and is derived from several publicly available sources, as well as personal experience. The Identity Theft Resource Center (www.idtheftcenter.org) is a nationally recognized organization, based in San Diego, that monitors and reports on U.S. computer breaches resulting in loss of personally identifiable information. They offer free services to people who are victims or think they might be a victim of identity theft, as well as dozens of informational brochures on identity theft prevention and reporting. Another free resource is the Federal Trade Commission, Consumer Protection Division (www.comsumer.ftc.gov). In addition, the three main credit reporting agencies – TransUnion, Experian, and Equifax – all offer information on identity theft prevention and protection.

Before getting started, I’m sure there are some of you reading this and wondering, who is this person, what are his credentials in cybersecurity, and why should I read further? Briefly, my background includes working for the City of San Diego for over 36 years, the first 12+ years in law enforcement as a sworn officer and the following 24+ years working in different capacities related to information technology (IT). I became involved in computer systems before leaving law enforcement, helping with the development of San Diego’s county-wide Automated Regional Justice Information System (ARJIS). During the last half of my career with the city, I had 10 years’ experience in emergency management and preparedness, 13 years’ experience in critical infrastructure protection, and 5 years’ experience in cybersecurity management and cyberterrorism defense. I spent the last 11 years in management positions, and when I retired in late 2011, I had been the city’s IT Operations and Security Manager for the last 5 years. I have worked with the Cyber Squad of the San Diego office of the FBI since 1998, and I have been an active member of the FBI’s national InfraGard public-private alliance for critical infrastructure protection since 2002. From 2010-2012, I was on the steering committee and co-chair of the critical infrastructure workgroup for Securing Our eCity, another public-private non-profit partnership (securingourecity.org) with over 300 members across the San Diego region and nation; whose purpose is public awareness and education of cybersecurity (their mission is “to enable every San Diegan to live, work and play safely in the cyber world”). For the last two years, I have been teaching online courses for the Master’s Program in Cyber Security & Information Assurance at National University.

So, now let’s delve into the criminal world of identity theft, one of the most common types of cyber crimes, and learn what precautions you can take to help protect your personal information. If you think you are reasonably safe from identity theft because you don’t use a computer or the Internet to conduct any financial transactions – think again! Even if you don’t conduct online transactions, your information is stored online by retailers, financial and healthcare institutions, whose systems may be attacked. Also remember, people have been impersonating other people for centuries; so, computers and large databases of personal information have just increased a criminal’s ability to perpetrate and hide this crime. Do you know how many different types of identity theft there are? We will discuss one type that relies on the victim having money or high credit limits to make it worthwhile for a criminal, and three types that don’t depend on the victim having any financial resources or require the use of a computer.

The first type, and the one you hear about most in the news, is stolen credit/debit cards or other banking information, where the criminal’s purpose is to take as much money as possible (as either cash or merchandise). The second type, which is not so well published, is criminal identity theft, where someone takes on your identity, often with a fraudulent Driver’s License and Social Security number in your name, they commit a felony, get caught and arrested under your identity; they post bail and leave the area, and now you have an arrest warrant and a criminal record. The third type, which is on the rise, is medical identity theft, where the criminal uses your identity to gain access to medical treatment or medicine. In either case, your personal medical history will be altered to include whatever ‘new’ condition was introduced by the criminal and could cause adverse (potentially fatal) procedures the next time you need medical treatment or prescription medicine. The fourth and last type covered here, is child identity theft, where the criminal takes the Social Security number of a young child and uses it to get a job, take out a loan or get a credit card; often using the child’s name with a different date of birth close to their real age.

There are lots of details for how criminals commit each of these types of identity theft, which we do not have space to cover in this article. One common method to any type of identity theft, which has been used for decades and is still widely used today, is “dumpster diving” – going through people’s trash to find personal information. Unfortunately, criminals will gather personal information from many different sources, until they have enough to create a false identity (in your name). The rest of this article will address some physical protection methods for your personal information, to the extent it is within your control.

One method to see if you might be a victim of identity theft, is to monitor your credit reports (not just your credit score, which is used by lenders for issuing credit/loans). Everyone is entitled to one free credit report per year from each of the three primary credit reporting agencies – Equifax, Experian, and TransUnion. The best place to access your reports for all three agencies, is at https://www.annualcreditreport.com/. You should get a report from just one agency at a time, spread out every four months during the year, so you can review the information without waiting a full year. You should be checking to see if any new credit requests were made that you did not initiate, or if there are any address changes that are not yours, or if credit balances have reached maximum when you haven’t been using the accounts. If you see any discrepancies, immediately notify the credit reporting agency and contact the company that posted the erroneous information (this may be a bank or credit card company). If you think you might be a victim of identity theft, contact your local law enforcement agency (San Diego County Sheriff for Borrego Springs). You can also contact the ITRC for free advice and counseling (888-400-5530, Mon.-Fri., 7:30am-4:30pm).

Physical protection of your personal information is generally a simple task. If something has only your name and address on it, such as an envelope or other mail-related papers, then you can usually just dispose of those in the recycling/trash. However, if something contains your name and any type of account or ID number – including those free credit card applications, and especially your credit card or banking statements, insurance or medical statements, and even a utility bills (water, sewer, gas, electric, cable TV or cell phone) – then you need to use a cross-cut or ‘confetti’ shredder to destroy those documents before they go into the recycling/trash bin. Don’t use a straight-cut shredder, because those documents can be reconstructed fairly easily. For information about ‘pre-screened’ credit offers, including how to stop them, visit http://www.consumer.ftc.gov/articles/0148-prescreened-credit-and-insurance-offers. Another physical security tip – whenever you are using an ATM or logging in to websites on your laptop/tablet or smartphone in a public place, always be aware of your surroundings and who might be watching you (which might be a remote camera mounted nearby, usually overhead). If possible, use one hand to cover the keypad or keyboard while you enter your PIN or password, so it’s not visible from prying eyes. One last tip – if possible, avoid using a debit card at a gas station, use cash (or at least a credit card), because gas stations are prime targets for criminals using illegal card scanners inserted within the gas station’s payment machines.

Protecting your information in cyber space becomes a little more involved and will be covered with some tips and best practices in the next article – Part 2 on the topic of Identity Theft.

This article was written by Alan Watkins