Cybersecurity Internship

In the summer of 2024, I participated in a 30-40-hour-a-week internship at the City of Suffolk. It began on June 3rd and lasted until August 15th. During the internship, ODU asked if I would create journals throughout my time interning. They were followed by a final paper explaining my projects and experience with the City of Suffolk. I completed a total of 150 hours which converted to 3 credits towards my degree.

Internship journals:

The Journals represent every 50 hours completed, and what exactly I did during those hours. I reported 3 journals to this class:

JOURNAL 1:

When I first began this internship on June 3rd, 2024, I was extremely ecstatic. This is my
first time participating in something that will reflect my college knowledge and
future career goals. When I first accepted this position, I was informed that I would
gain hands-on experience in vulnerability management, endpoint security, and
incident handling. Within the first two weeks, or my first 50 hours, I can proudly say I
have already learned a few new things in each area. Regarding risk management, I was
allowed access to one of their applications, Tenable, that explained various
vulnerabilities on each city computer, as well as the recommended way to patch the
said vulnerabilities. I learned the importance of how colorful graphs and data tables, is a
vital tool when understanding the differences between the severity, ages, locations, and
types of each device and vulnerability. When seeing everything and using Tenable, I
learned that organizational skills are needed to thrive in this role and career-field.
Especially when dealing with a vast multitude of devices. This week I also learned that
Microsoft defender is a great way to easily manage apps, endpoint devices, incident
handling, and policy enforcement towards websites and IP addresses. During the time
of this internship, I was also enrolled in a summer class, CYSE 200T, which surprisingly
touched on a few main points we discussed here at the internship. One thing that
correlated perfectly was when we discussed the costs and benefits of cybersecurity
programs in businesses. I learned that these programs can be quite costly in a
monetary aspect, as well as time consuming when establishing a good framework and
foundation for the business. I first got to see in real life, the importance of each area of
having a successful framework. One area I saw was of course having an effective IT
team. At the City of Suffolk many of the IT employees work together every day to either
finish personalized help desk tickets or give advice to complete any issues that are
brought to the attention of the team in general. Many of the employees have their own
projects and subsets where they are extremely knowledgeable in, atop of the various IT
experiences they have. These qualities alone, already in my opinion, prove that they
have a strong and amazing IT team. Another benefit I’ve discussed with my supervisor,
was when I was tasked with researching the importance of IPS and IDS, and which
ones were shown in the Gartner Quadrant. In my research, I learned what each of those
things were, what they paired with. I had to understand based off certain budget, and the size of the company, certain devices would instantly need to be ruled out. My
research lasted for the entirety of my second and third week during the internship, since
there was so much to learn and look at. This consisted of watching videos, researching
company websites, comparing models and features, and understanding what policies,
hardware, and software, the City already utilized when determining which devices are
truly compatible. These first two weeks, I learned the skills of teamwork, organization,
problem-solving, communication, researching, and notetaking when looking back at
what I have done these past 50 hours.

JOURNAL 2:

The start of my second 50 hours began on June 11, 2023, and these next two weeks
were extremely thrilling. I was assigned my first ongoing project where I was working
inside of their security applications to protect against phishing schemes and sanction
and unsanctioned apps that come in conflict with the company’s privacy policy. The
Microsoft Defender Cloud apps app and function played a key role when I was
determining which apps should or shouldn’t be sanctioned. When trying to make my
decision I investigated each app’s risk level, and when working on Defender the lower
the number for the risk level, the higher the severity of the app. This score is based off
legality, security, compliance, and their general data. The app’s general data is its
headquarters and data center location, date of founding, its domain, privacy policy, and
terms of service documents. The security category is where it lists what features the
app has, like multi-factor authentication, the remember password feature and
encryption protocols. Compliance is based off the apps ability to meet certain standards
that allow it to be safe. This category features certificates like ISO 27001, and other
framework guidelines like ISO 27018, and GAAP. The legality feature includes
information about data ownership, GDPR standards, data retention policies, and DMCA.
After I investigated each of those factors, I also investigated the usage, and if an app
had a critical risk score, and a low number of users, I deemed it as unsanctioned for my
report. When it came to my assigned project for phishing, I was passed down the entire
email thread where the employees send their emails, they believe were phishing and I
had to determine if they were really phishing emails or not. With this project I
strengthened my decision-making skills, and my attention to details. I used something
called Barracuda to be able to further investigate emails, and see using the senders IP
address, where the emails were being sent. I manage this email account everyday and
check each, to see if any repeat places occur. I learned some keyways to point out
phishing scams with of course small apostrophes, or weird and long emails, and if an
email was sent to multiple users at the same time. I also have been refreshed on how
important it is to never open pdf files, or click certain links, especially if the sender is
suspicious, because malware can be in PDFs and links, compromising computers in
an instance. In my last journal, I didn’t include any of what the process was like
regarding the first day. I had to get a badge made to have access into the department room, as an added security layer, along with creating a pin to enter my work area. These added layers of security show how important restricted access is when dealing with such sensitive information. It shows a perfect way to track who is coming in and out of the work area, and if anything goes down from inside or outside of the department.

Some pictures:

JOURNAL 3:

This last 50 hours, I will be spending and documenting my journey began on June 24, 2024, I have to say these two weeks had me feeling a bit bittersweet. I am a little sad since soon I will be leaving my internship position. So far, I have learned so many great things. From Microsoft Defender to Gartner Magic Quadrant, phishing skills, and the use of organizational skills in tenable. This week I was allowed to attend my very first meeting. During this meeting, almost everyone from the team attended to discuss goals and progress happening for the team and COS. Some major points included topics involving, GIS, Enterprise apps, and Infrastructure. During this meeting not only was I able to see how a virtual and in-person IT meeting is held, but I also was able to absorb new cybersecurity vocabulary. Some new abbreviations include NFC: Near-field communications, AMP: Advanced Malware Protection, and LDAP: Lightweight Directory Access Protocol. As well as providing as a refresher to some of the vocabulary I have already learned such as firewalls, frameworks, FTP: File Transfer Protocols, and SSH encryption. I also attended another meeting where it was more cybersecurity focused where we discussed our needs, concerns, improvements, and time frames. I also created an Excel sheet that held domains and IP addresses that were recommended as malicious and risky and imported the sheet into Microsoft Defender.  The new vocabulary I learned allowed me to engage my adaptability skill, because even though when I first had seen or heard the technical words, I was eager to ask questions as well as conduct my own research to discover the meaning of the terms and understand how they are used. The Excel sheet also strengthened my organization and Excel skills. Lastly, this week I spent time with the Assistant Director, Mr. Rob Solak, where we went over the inner workings and uses for Palo Alto. Palo Alto is a firewall system, that helps protect the City of Suffolk’s data. In the manager portal, the users can manage different configurations for NAT connections. As well as many other easy ways to navigate through traffic and understand which websites were blocked and why because of policy settings. Lastly, I also created a form for COS employees, which helped the Yubi key distribution stay on course as the addition of the extra security layer project process was moving along. I still have a few days left, and I am sure I will still be able to ensure more knowledge and experience as the days advance.

More photos:

Final Paper:

After completing the 150 hours, I was tasked with completing a final paper summing up how the internship impacted my personal goals, and me professionally. Noting what I have learned, my likes and dislikes, as well as background on the company.

Internship Final:

Introduction

This summer I was given the opportunity to participate in a cybersecurity internship offered by the City of Suffolk. When I first interviewed for this position, I was extremely nervous simply because it was my first time ever applying for any roles that were along the lines of my future career goals after college. I practiced and prepared the entire night before the interview. I was extremely happy when I received the notification stating that they had selected me from the candidate pool. Before the interview, I had researched a bit about Suffolk before applying as well, just in case any questions arose during the interview process, and I would be able to fully understand who I would be working for. So, when I chose to accept the offer with the City of Suffolk, my focus was to gain experience; here I knew I would be gaining a ton of experience since the position lasted for the entirety of the summer. Secondly, I also decided to do this experience to further my networking skills, such as befriending and make a good impression in this work environment, to gain a mentor or support in the cyber field. Lastly, since I just finished my sophomore year here at ODU, I wanted to make sure the career I selected would be something I genuinely enjoy doing, since I have already invested so much time and effort towards my cybersecurity degree. This internship gives me a real world feel of how life will be when I begin my career and a brief period of experience that gives me a taste to see if this is truly for me or not. I have to say since I have started, I have been enjoying my time here, and can positively say I believe this career field will be for me. When I was younger, I have always had this dying passion to help people and at least since I have been here, I have seen how many people the team here has helped residents every day. Both in person and over-the-phone tech support. I have also strengthened my technical skills in areas such as excel, knowledge in security keys, IDS/IPS, firewalls, frameworks, phishing schemes, malicious IP addresses and URLs, as well as other vulnerability management processes. I have also solidified at least three long-term friendships with experienced network specialists, with whom I am able to contact at any time for help or a refresher when I need advice. On an unrelated note, however, cannot be seen as any less important. I was able to expand my closet in business casual clothing that I will be able to wear again later, which I am extremely grateful for, even though my pockets at the time were not. I have to say either way though, I knew this internship would prove to be an impactful expansion in experience, knowledge, and of course, the chance to interact with new intelligent people in the IT and cybersecurity fields. I am forever grateful for my decision to attend.

Company Info & Environment

As mentioned earlier, I am completing a summer 2024 cybersecurity internship with the City of Suffolk. According to the City of Suffolk website, this organization was formed in 1974, while the city itself was established in 1742. The emblem shown all over the city and Suffolk employees is very iconic and projects a distinct meaning. The emblem depicts a tractor, a helmet, fish and fishing, gears, and peanuts of course to symbolize agriculture, and its importance, recreational activities, industrial advancements, and military history. The City Council and Manager organize this government organization. The council is made up of eight elected officials, while there is only one City Manager. After attending my orientation, I quickly learned that the City of Suffolk, employed over 1200 employees. Which make up over fifteen departments that all help ensure the city is running smoothly. There are also a few City Officials who cannot go unnoticed, such as the Treasurer, Clerk of the Circuit Court, Commonwealth’s Attorney, Commissioner of the Revenue, and the Sheriff’s Department. These officials also take some responsibilities away from the city manager. Unfortunately, during my internship, I was unable to meet with all these amazing people, since they are located all over the city. I did, however, get to get a real feel for one of the departments, which was the IT department of course. Since this is where I spent most of my time, I will say this is a team that is always eager and happy to help any city team member or local in need. Mostly the entire team interacts with each other and can rely on each other to get their job done or assist with the completion of a task. Some things the IT department and cyber team do for the city includes, providing addresses, land mapping, phishing monitoring, server and network maintenance, app usage surveillance, helpdesk ticket responding, protective measures, and framework maintenance to ensure safety, policy creation, and revisions, work orders calling for repairs, imaging, and in-person, or on-site traveling to ensure troubleshooting success. While that is an extensive list of duties they complete throughout the week, that still is not everything they do. On my first day, I never knew I would be able to experience and witness such greatness from a team, who also know how to have real fun. The onboarding process entailed one onboarding day, reading over the policy, meeting the supervisors, badge creation, a small tour, and the setup of my cubicle, followed by an orientation with the parks and rec department. The orientation was with the Recreation and Special Programs Supervisor, Jason Pittman, where I was able to meet another ODU student completing an internship with the City of Suffolk’s Parks and Recreation department. Here we were told about the departments, as mentioned before, along with, intern expectations, code of conduct paperwork, key moments of the City of Suffolk’s history, policy acknowledgments, benefits, as well as the discussion of the City’s mission overall. My initial feelings during these two experiences, was extremely excited and welcomed, because everyone I spoke with was accommodating and urgent when addressing any needs, questions, and concerns, I may have run into, especially when receiving my cubicle, which as the cherry on top, exceeded my expectations for the internship overall. After getting settled in, I will say the team can get extremely busy however my supervisor Joshua Cox, was very attentive. He always found ways to allow me to help, as well as listen to any opinions, questions, or feedback I would share. It was quite easy to become comfortable when talking about things I did not know or understand because the supervisors and team members were always eager to share and teach me. The area was exceptionally clean as well, which as someone with a lot of restaurant experience, makes me incredibly happy. I will say my overall first impressions of the team, supervisors, and environment would have to be a 10/10 from what I have seen, with their welcoming nature, drive, and eagerness to help not only me but other employees and some locals.

Work Responsibilities Throughout the Internship

Throughout the two months I spent at my internship, I was tasked with many different assignments. During my first week I spent time getting access to certain systems which allowed me to for a better understanding of what the cyber specialist team does. Some applications I worked with were Barracuda, Microsoft Defender, Outlook, Teams, and Excel. I was giving the entire phishing email thread for the City of Suffolk. With this it was my job to manage this continuously throughout my time there. When completing this task every day this is where I utilized Barracuda, to help identify the senders IP addresses as well as other online tools to discover where these emails were coming from. I was also tasked with overseeing the app usage the employees used and determining whether the app or website was truly safe depending on several factors. I used Microsoft Defender to help when trying to make decisions. One factor would include its risk level score, which was the lower the score number the riskier on a value system from one to ten. Some other factors that played a key role in determining whether an app must be sanctioned or unsanctioned, was its data center and headquarters location (US only), the security features, its usage amount, and the legal factors. Next, I also had to research and give my opinion on firewalls, how they worked with IPS/IDS systems, and which one was better. I learned about the Gartner Magic Quadrant, which assisted with understanding which IDS/ IPS systems were best. This was important because whichever system I selected as best would significantly improve their framework in protection and security response layers. I created a Word document to easily compare each brand’s product, I focused on IPS systems because I determined that those were the most beneficial when compared to IDS systems. However, some offered options with IDS and IPS integrated as a Next-Gen firewall. I also was allowed to attend team meetings to understand how they went and why the research I was doing was important. After taking some notes after one meeting to provide an added security layer, I was tasked with researching the importance of multi-factor authentication and whether it was able to be mandated in an office space. After this, I was tasked with creating a Word document for employees to fill out for the distribution of security keys, this allowed the City of Suffolk to keep a record of who and what security keys have been given out and to. I was also learning about endpoint security and Microsoft Defender helped pinpoint which systems were on the network and which ones were not, which helped ensure an effortless process of adding devices, as well as noticing which devices showed the most risks. Lastly, one of the last projects I had to do every week or so, was to add known websites and IP addresses that were found as malicious. I utilized Excel and Microsoft Defender during this process as well because Defender easily would set up a block when any device on the network tried to reach one of these sites or received messages from the IP addresses. The Excel sheet I created was easily able to be imported into Defender, so after it was created it will forever be used by the City of Suffolk. I would use teams to easily send messages to my supervisor and colleague when having a question or finished projects when an email thread was not needed.

Skills Utilized Throughout the Internship

The internship gave me an opening to understand how prepared I am for my future career in the Cybersecurity field. Some skills I already had but were strengthened were beneficial during the internship were problem-solving, base-level vocabulary knowledge, attention-to-detail, research skills, and basic knowledge in using Word and Teams. These skills I learned from my school years and previous work experience. This helped when I needed to complete projects and understand the language used in the meetings. Some new skills I learned were Excel skills, vulnerability assessment, risk management, and quick adaptability. Although some of the skills listed above play a part in vulnerability assessment and risk management, I can confidently say I can incorporate the apps, new vocabulary, data, and network infrastructure since now I have firsthand experience with it. The adaptability skill was acquired because sometimes my supervisor would need something done quickly or inform me about a meeting the day of and I would have to be ready for anything in those moments. I believe all these skills will be crucial in the future and the field because with cybersecurity and threats forever changing these skills will help me stay prepared and ready for anything. I now have a deeper understanding of the importance of a strong security framework as well as data records when it comes to cybersecurity because one attack on a device that might not be configured with the network properly could lead to extreme damage and data leaks.

ODU Curriculum Relations

Since I took a few classes during my freshman and sophomore years relating to cybersecurity, I was able to have some cybersecurity background that helped me land the internship and understand certain things that were crucial to the City of Suffolk. Some classes such as CYSE 462, CYSE 300, CYSE 406, and CYSE 200T, which I took this summer. CYSE 462, Cybersecurity Fundamentals, and CYSE 300, Introduction to Cybersecurity helped me understand what cybersecurity was, and what it consists of. This class helped me with terminology discussed in meetings as well as understanding what happens when a security system is in place, this played a huge role when I spent time discussing what a specific security system did and its interface with the Assistant Director Rob Solak. CYSE 406, Cyber Law helped me understand the importance of ethics and laws that impact many cyber decisions. This was beneficial when understanding which apps to sanction and unsanction, as well as understanding the policy rules created by the cybersecurity team at the City of Suffolk. However, CYSE 200T, Cybersecurity-Technol-Society was extremely beneficial. This class was going on during the helpful internship because this class talked about the importance of policies, a good cybersecurity framework, as well as the importance of cybersecurity systems used throughout the world. I was able to discuss a Scada with the IT GIS team understanding the importance of mapping when thinking of cybersecurity. It also played a factor in understanding the importance of such a large team of network specialists, my research on IDS/IPS devices, as well as understanding some things I did not know in the research articles I read for the City of Suffolk. One thing I did touch base on was network configurations during the internship, and I haven’t learned much about incorporating the ability to create them during school.

How Did the Internship Fulfill My Goals

This internship fulfilled my first goal of gaining experience because during my time here I learned so many things I did not know much about. Such as more techniques on recognizing phishing schemes, research benefits, IDS/IPS systems, meeting procedures, tools utilized by specialists, and Magic Gartner. My networking goal was fulfilled because I was able to interact with the police force, the IT team, and the fire department who all received an impressionable first greeting from me. I also was able to connect with a few employees on a personal level making the experience even more special. The last goal I mentioned was being able to ensure this career choice was for me, and I have to say with this internship, Being able to work with city government was pretty nice, and I was able to learn the differences between working with state government, and the differences based on conversations with the team. I also got to experience a new part of cybersecurity that I had no idea about because my focus was digital forensics. However, I enjoy vulnerability management, endpoint security, and risk management, after participating in this experience.

The Most Motivating Aspects

The most motivating aspect had to be getting to learn and be hands-on with the company. I loved coming in every day and having the ability to truly learn something new. One other thing that motivated me was the team the City of Suffolk has some amazing employees and once you get to know them, they can be quite amazing, informative, and helpful.

The Most Discouraging Aspects

I did not have any discouraging aspects, aside from moments when I knew my skill level was not advanced enough to help with issues the City of Suffolk team ran into. Some things I was not allowed access to which meant I was unable to help on things that I felt would have allowed for more experienced gain. Other than that, I did not have any things that made me discouraged.

The Most Challenging Aspects

The most challenging thing for me at first was opening up to an unfamiliar environment in people. I had a tough time at first, accepting this moment was real and I did not know if I was prepared. However, once I was accustomed to going in and chatting with the team, I realized the hardest thing was overcoming me and my fears.

Recommendations For Future Interns

I recommend that any future interns for the City of Suffolk, to relax. One of the things I suffered most from was anxiety, which was not needed. The supervisor will take the time to help and explain things, they may not understand. I also would like to express, to make the most of it and talk with the team, they love helping when they can, and sometimes they even bring in snacks for everyone. Also get some business attire clothing because it will look more professional, especially when other department employees come in for tech support. Lastly, here their opinion is valued, so do not be afraid to speak up. Especially with the supervisor, if they want to learn something or express their feelings on certain things, it is a safe space.

Ending Take Away

As this internship ends, I can honestly say I have learned a great deal. I have strengthened and learned new skills I had not imagined I would learn this summer. The people I have connected with, the confidence I have built, along with the professionalism I have acquired. Without this internship, I would have truly missed something great, as well as fun. I love that they value their interns and have allowed me to have an opinion even when I never realized it mattered so much. The experience I have had here will continue with me well beyond ODU. Not only will the skills I have acquired help when assisting my class peers, allowing for credit towards my degree, understanding and giving me the courage to create relationships and conversations with my professors, as well as experience when finding a job after college, the ability to have a larger cyber-related vocabulary, and friends who can help me later in the world of cybersecurity and IT. I had a blast during this experience and if I had the chance, I would do it all again.

I wanted to include videos of when I went on an IT ride along to watch in-the-field work. I visited multiple fire stations, and the police department during this trip to address network issues. The fire department was having an issue with the network system on their Toughbooks, and if we didn’t address this with urgency it would be hard for the firefighters to respond to any 911 alerts effectively. On the other had the police department was having issues connecting their body cams to the internet via an ethernet cord. This was an important task to fix because without the body cams connecting to the network, the data wouldn’t be able to be transferred properly. I was able to ride in one of the City of Suffolk IT vans and it was pretty cool, and I also learned the procedure of how the city vehicles get gas, and maintenance checks.