Re: [Ext] [SECURITY] Open/Free Social Engineering Case Study Repository for Higher Ed Institutions

["Leber, Dennis E" <dleber () UTHSC EDU>]

Good stuff, thanks for sharing

[https://uthsc.edu/brand/images/email-signature/shortsig-green-horizontal.png]

Dennis E. Leber
Chief Information Security Officer (CISO), HIPAA Security Officer
The University of Tennessee Health Science Center
The Office of Cybersecurity
877 Madison Ave
Memphis, TN 38103
dleber () uthsc edu<mailto:dleber () uthsc edu>
c: 270.307.1609
https://www.uthsc.edu/its/cybersecurity/

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Brian Kelly
Sent: Wednesday, January 6, 2021 7:51 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [Ext] [SECURITY] Open/Free Social Engineering Case Study Repository for Higher Ed Institutions

Sharing for maximum reach, please share with your networks.
Professor Rege is doing great work that will help our profession today and prepare the next generation of professionals.

Brian

From: "Rege, Aunshul" <rege () temple edu<mailto:rege () temple edu>>
Date: Monday, January 4, 2021 at 11:35 AM
Subject: Open/Free Social Engineering Case Study Repository for Higher Ed Institutions

Greetings and a Happy New Year!

I trust you and your loved ones are doing well.

I am reaching out to you because you belong to the security and/or social engineering (SE) community and, as an 
educator, I need your help.

I am trying to build an open/free SE case study repository that can be used by educators, students, and the wider 
community as part of my new National Science Foundation education grant that starts this year. More information about 
the grant is available at 
https://www.nsf.gov/awardsearch/showAward?AWD_ID=2032292&HistoricalAwards=false<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.nsf.gov%2Fawardsearch%2FshowAward%3FAWD_ID%3D2032292%26HistoricalAwards%3Dfalse&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175138843%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=u18XeToZSwBRtnEuAxf55H8RSM2aSenrgJAZFvRE42Y%3D&reserved=0>

Do you have, or are you aware of, any case studies that can be part of this repository? These case studies can be 
redacted, anonymized, sanitized, etc. and would be hosted on the Cybersecurity in Application, Research and Education 
(CARE) Lab's website 
(https://sites.temple.edu/care/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsites.temple.edu%2Fcare%2F&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175148840%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2Bj97pPDS0105ZsFrxqyx00sG5C4k2RoyHo9pXrhb7bI%3D&reserved=0>).
 Ideally, these case studies would have to be detailed enough to allow for the following (but certainly not limited to):

Developing SE playbooks
Mapping to MITRE ATT&CK framework
Identifying psychological persuasion techniques
Demonstrating decision-making and adaptation
Displaying multiple forms of techniques (ex: vishing, pretexting, etc.)
Highlighting different contexts and sectors

All contributors will be recognized in the repository to ensure that proper credit is given. You can choose to remain 
anonymous, if you prefer.

As you can imagine, teaching SE in higher ed is particularly challenging and (I believe) critical to security 
education. These case studies would serve as a rich resource that could be used by students, educators, and researchers 
across multiple domains.

This repository is the next step in making SE more commonplace in the higher ed cybersecurity curriculum and research. 
Thus far, I have created several ethical and fun hands-on SE course projects 
(https://sites.temple.edu/care/downloads/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsites.temple.edu%2Fcare%2Fdownloads%2F&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175148840%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=SYHuf7cRrT1SkR18PRSJgHT7JcZX1WzuywAz0tHvW94%3D&reserved=0>)
 that can be used easily by educators. To date these projects have been downloaded over 200 times worldwide. I have 
also co-developed a Collegiate SE CTF and training event for undergraduate students with Layer 8 
Conference<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flayer8conference.com%2F&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175158832%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=qzNevhYTCVvNnjnVYRAA2v44kliwoDm5i14s6L2BGLQ%3D&reserved=0>.
 I'm delighted to say that this event was a success, and you can read more about it at 
https://sites.temple.edu/socialengineering/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsites.temple.edu%2Fsocialengineering%2F&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175158832%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=vqFj3pJF3m0n8jC%2FhYaLmS3YQTgL%2FWQkRLLpTlHHW9E%3D&reserved=0>!
 This repository is thus the next step and fills an important void in SE education and research.

Please reach out if you have any questions or concerns. You can email me at rege () temple edu<mailto:rege () temple 
edu> or call me at 215-204-1671. Feel free to forward this email to anyone that you think may be able to contribute.

Thank you so much for your time and consideration. I cannot do this without you, and I welcome any feedback that you 
may have.

Best regards,

Aunshul
-------------------------------
Aunshul Rege, Ph.D. | Associate Professor | Department of Criminal Justice | Temple University
Trusted CI Open Science Cybersecurity Fellow 
2019<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fblog.trustedci.org%2F2019%2F04%2FFellows-2019.html&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175168828%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=mfwHFX0jvFIIoflJ35EkjkQcBYfriPyoeiN0R67%2BBHY%3D&reserved=0>
Phone: 215-204-1671 | Email: rege () temple edu<mailto:rege () temple edu>
Web: 
dr-rege.com<https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdr-rege.com%2F&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175168828%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=AAtIb5ZV5Pllj8XbdsRoz2CMQFiDAcs5FBkgT%2BFhXBI%3D&reserved=0>
 | Twitter: 
@Prof_Rege<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FProf_Rege&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175178824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=5XJY8Ngd1UPqkn6YdFePFrOFZe1jYHDIgG2hU6MRfL8%3D&reserved=0>
Research Website: 
https://sites.temple.edu/care/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsites.temple.edu%2Fcare%2F&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175178824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=dzbXUXevKG60QjDCJsUD%2BHtzM%2Fo4%2FVR9XLN5vMiXIXY%3D&reserved=0>

FIRST INTERCOLLEGIATE SOCIAL ENGINEERING COMPETITION
https://sites.temple.edu/socialengineering/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsites.temple.edu%2Fsocialengineering%2F&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175188819%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=bZt9kgv2l8nJ8B7HN0MSo%2FW9fXuafPTBfL8MM2Ezymg%3D&reserved=0>
@TU_CARE<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FTU_CARE&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175188819%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=AzkFA6Y8%2BgYnEJfLCdHvPHXWFa61bKo84z2SS7Hq1CA%3D&reserved=0>
 
@CollegiateSECTF<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FCollegiateSectf&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175198812%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=XF0aiesieRSNlQr5bApN%2FEaTwBrXxNdkJnXzdxHm7BI%3D&reserved=0>
 #CollegiateSECTF

CURRENT RESEARCH

NSF SaTC: EDU: Educating STEM Students and Teachers about the Relevance of Social Engineering in Cyberattacks and 
Cybersecurity<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.nsf.gov%2Fawardsearch%2FshowAward%3FAWD_ID%3D2032292%26HistoricalAwards%3Dfalse&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175198812%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=wvmdpQDexSf4aBMoKF2n2VryIZFMK3G2g6xPezGm3nQ%3D&reserved=0>

NSF CAREER: Applying a Criminological Framework to Understand Adaptive Adversarial Decision-Making Processes in 
Critical Infrastructure 
Cyberattacks<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.nsf.gov%2Fawardsearch%2FshowAward%3FAWD_ID%3D1453040%26HistoricalAwards%3Dfalse&data=04%7C01%7C%7C36fe23fdf2e545abc62a08d8b0ceb614%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637453749175208805%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=O4%2BPClsODQI%2BXspLd52TE08hgAcO2w0uEA0iTyhw75c%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community