This summer, CISA reimagined how to conduct cyber internships during the COVID-19 pandemic, hosting 45 Scholarship For Service (SFS)[i] students to participate in a full-time remote program across the agency. These students represented 30 schools from 23 states with 12 extending onboard throughout the school year. With COVID-19 presenting new obstacles for employees and interns (according to the U.S. Bureau of Labor Statistics, 1 in 4 employees teleworked due to the coronavirus pandemic this summer. [ii]), organizations were faced with the choice to either cancel their summer intern programs or shift to a virtual environment. Ever forward-leaning, CISA utilized Telework Guidance and Resources[iii] and Telework Best Practices[iv] to provide a robust, summer internship program designed to provide interns enrolled in a cybersecurity program with opportunities to sharpen their skills, become acquainted with key cyber initiatives, cultivate social networks, and gain invaluable cyber professional experience. One intern, Elon J Wood an IT Specialist and Strategy Analyst in the CISA Cybersecurity Division’s Strategy, Performance, and Resource Office stated,
“As a Scholarship for Service student doing an MBA, the pandemic struck like lightning. Many of my peers in SFS had internships lined up at various governmental agencies but they were receiving cancelations due to COVID. I was worried that CISA might cancel its Summer programs, as well. But CISA prevailed, and once I on-boarded, I absolutely enjoyed every second and thrived. CISA goes above-and-beyond for its personnel and mission. Although it was conducted in a remote environment, I would give my experience at CISA during my Summer Internship the highest reviews.”
Despite the challenges presented by COVID-19, CISA’s SFS interns enjoyed the experience that they gained from their virtual cyber internships this summer. Claire Casalnova, a Cyber Program Assistant in the Cybersecurity Division’s Host Forensics Section states,
“I didn’t think it was going to be possible to complete a meaningful internship this summer as news of the pandemic and subsequent shutdowns began to break but CISA adjusted their internship program to be completed entirely remotely and I will be forever grateful for this. Although the only way to connect with employees is through video calls and chats, I still made valuable connections both professionally and personally. Not only was I able to make these connections but I also was able to gain practical real-world knowledge and skills while completing various projects to help advance CISA as an organization. I truly value my time here at CISA and am extremely thankful to have had the opportunity to intern here during such unknown times.”
Through a combination of the latest collaborative technology and offering a vigorous program of training events, CISA was able to strengthen our work teams with fresh energy and ideas while acclimating interns with the broader cyber mission. Hosting an average of two events per week, CISA’s summer program allowed students to engage with senior leadership and managers through panel discussions, trainings on cybersecurity roles and responsibilities, career development, resume writing through the Cyber Career Pathways Tool[v], and virtual brown bag sessions. This summer, students even had the chance to participate in a Q&A session with the Director of CISA.
On top of all the professional development, CISA’s virtual program also yielded a range of technical achievements this year. To name just a few, SFS interns:
- helped develop a database to automate the collection and aggregation of attributes;
- supported efforts to automate the collection of forensics from Linux distributions;
- imported PowerShell queries into a .net framework to use in Cobalt Strike where queries can be used to determine whether DCSynch can be executed;
- developed a Python script to help analyze logs, which can then be fed into the script to identify blacklisted IP addresses and generate reporting;
- supported industrial control security efforts through development and application of systematic risk categories across critical infrastructure domains;
- helped develop a tool to assist with the identification and classification of phishing emails and a broader threat emulation framework; and
- leveraged Azure DevOps Server pipelines to ease penetration tester evaluations.
CISA not only has the goal to be an employer of choice for Federal service, but also seeks to be among the top 100 employers for interns. These cadres are integral to our mission and Agency’s success, serving as the primary on-ramp in our entry and early career talent. By providing interns the ability to work remotely this summer, CISA was able to maintain its mission through the contributions of the interns. CISA will continue to build upon this summer’s success by pursuing innovative ways to host cyber internships. The transition to remote work is part of the progressive and adaptive business model that CISA will continue to employ to reach more diverse and larger audiences.
[i] “Start your cybersecurity career with the U.S. Government,” CyberCorps®:Scholarship for Service. Web. September 15,2020. https://www.sfs.opm.gov/
[ii] “Supplemental data measuring the effects of the coronavirus (COVID-19) pandemic on the labor market,” U.S. Bureau of Labor Statistics. Web. September 4, 2020. https://www.bls.gov/cps/effects-of-the-coronavirus-covid-19-pandemic.htm#highlights
[iii] “Telework Guidance and Resources,” Cybersecurity and Infrastructure Security Agency. Web. September 15, 2020, https://www.cisa.gov/telework.
[iv] “Telework Best Practices,” Cybersecurity and Infrastructure Security Agency. Web. September 15, 2020, https://www.cisa.gov/sites/default/files/publications/Telework_Guide_with_NSA_and_DHS_CISA.pdf.
[v] “Cyber Career Pathways Tool,” National Initiative for Cybersecurity Careers and Studies. Web. September 15, 2020. https://niccs.us-cert.gov/workforce-development/cyber-career-pathways