During my third 50 hours as an Intern at GFT, I have had the opportunity to tour
UMBC’s center for research in Emergent Manufacturing, develop and analyze tables
with cybersecurity data, and learn in depth about the government’s cybersecurity
standards and how they are different for OT and IT.
I had the opportunity to travel to Baltimore where I got to meet many people I
have worked with remotely in person. Being able to see and interact with these
professionals in a real-world setting was great practice for professional interaction in a
real-world setting. It also gave me the chance to sit down and have lunch with them and
interact with them outside the professional environment. By doing so I was able to build
connections that I would have a much harder time building over a screen.
While I was in Baltimore, I got to go to UMBC’s center for research and emergent
manufacturing. At this facility, they had multiple models that used AI from a robot dog to
a real-life OT facility simulation. The people there showed and exhibited what a cyber
attack on an OT facility looks like and then showed some groundbreaking technology to
help secure the OT platform that was under attack. The one that stood out the most to
me was called an ATZ, which was an AI driven device to protect all the endpoints on an OT system. Seeing the complexity of it and having an expert answer my questions
regarding the device was incredible for my understanding of cybersecurity in OT.
By using the research I have been doing over the past couple of weeks, I was
able to make a spreadsheet of various OT platforms and their roles and capabilities.
This spreadsheet will be used to analyze the ways that our client uses the software and
how we can advise them to use it so that they can get the most out of each one of the
software platforms. Then I had to present it to the entire team on the project. I was
expected to know the utilization of these software platforms and how this sheet I created
will help us in our research. Even though I was nervous, the presentation went great,
and I even received compliments from the entire team, including the director of the
safety and security sector of GFT. Now I get to take the critiques they had for it and
apply it to the spreadsheet to fine tune it and put the professional touches on it
recommended.
One large part of my third 50 hours with GFT was going over the cybersecurity
standards from the government and seeing how they differ between OT and IT. I met
with the CISO of GFT and got to learn about how GFT’s cybersecurity team operates
and what it is like for them being in compliance with government standards. She then
introduced me to an analyst in GFT who I have scheduled a meeting with to potentially
shadow at some point over the summer.
Overall, the third 50 hours with GFT went very well. I can confidently say I have
settled in and am really enjoying the experience and opportunities that are coming with
the internship. Everybody has been incredibly professional and helpful. If I ever need a
favor or more work to do, they swiftly contact me to get a game plan in place. Over the next 50 hours with GFT I will get to visit another SCADA system and take on new
projects.