Defining a new domain
by Jon Kuiperij – May 19, 2022
Cyber security student club born from a culture of camaraderie
Being a student in Sheridan’s Honours Bachelor of Information Sciences (Cyber Security) degree has never been a solitary experience, dating back to the early years of the program when co-ordinator Dr. Victor Ralevich and professor Dr. Dragana Martinovic organized road trips to Pittsburgh and hosted dinner parties at the married couple’s home.
“We’d attend computer competitions at Carnegie Mellon University, then take the students to see art galleries or even Google’s offices in Pittsburgh,” Martinovic recalls. “And each year, we’d invite graduates to a potluck dinner in our garden to celebrate. We were just so proud of them, and we were so passionate about seeing them and the program succeed.”
Students also spent countless hours together in the computer lab of Sheridan’s Centre for Animation and Emerging Technologies (SCAET) building, often working into the wee hours of the morning. “We were teaching ourselves outside of class time because A) it was super interesting to be learning all of this cool stuff, and B) we had to pass. There was a lot of material to cover, and it was all very complex,” explains Joel Bowers, a member of the first graduating cohort in 2007. “It was a tight-knit group,” adds classmate Joshua McDougall. “We fed off each other a lot, and we were in it together.”
“On top of keeping everyone up to date, I wanted to provide students with a low-pressure proving ground where they could make a presentation or talk about something that interested them. We were there to have fun, we were there to learn, and there were no dumb questions.”
– ISSessions co-founder Andrew Turnsek
Professor Nick Johnston (second from left) speaks with students (from left) Andrew Turnsek, Lovell Smith and Kyle Pacheco during ISSessions’ first Capture The Flag competition in 2013.
It may have been a lot of work, but it was also a lot of fun. So much fun, in fact, that when Andrew Turnsek was set to graduate in 2013, he didn’t want to leave. Looking to remain involved with the program, Turnsek teamed with professor Nick Johnston — who had just started to open his classes with a brief rundown of current events — to create a club that would discuss industry trends and cyber security issues outside of class. “On top of keeping everyone up to date, I wanted to provide students with a low-pressure proving ground where they could make a presentation or talk about something that interested them,” Turnsek says. “We were there to have fun, we were there to learn, and there were no dumb questions.”
Much like Sheridan's cyber security program — the first undergraduate degree of its kind in Canada — the club might have been a little ahead of its time. There were seven members in its first year of existence, and some of the earliest meetings saw just a couple of students in attendance. Nevertheless, Johnston and Turnsek weren’t discouraged enough to pull the plug, with support from Ralevich who participated in every meeting and often shared details of academic conferences he’d recently been to. “We knew it wouldn’t catch on if we just skipped weeks when attendance was low,” says Johnston. “Eventually, we handed complete control to the students — and that’s when things really took off.”
Took off is an understatement. Today, Sheridan’s Information Security Sessions club (ISSessions) has more than 700 members in its Discord channel, ranging from Sheridan students and alumni to employers and even students from other institutions. Johnston remains involved, but only in an advisory capacity that satisfies the requirement for all academic clubs to have a faculty representative. The ISSessions executive consists entirely of students, including elected positions of president, treasurer and community manager, and the president transitions to a vice-president role each year to ensure constant transfer of knowledge.
Meetings, which take place biweekly during the academic year and once a month during the summer, have stayed true to their roots by leading off with a rundown and discussion of the latest cyber security news. However, they now also regularly feature guest presentations from people working in the industry — often alumni who embrace the opportunity to stay connected to the program and give back to the club — who share their own personal journeys, discuss a topical issue or even offer job-hunting advice.
“Our professors can only provide so much information about a certain topic. We don’t try to fill in the gaps; rather, we try to bring in other aspects that weren’t covered in class that people might benefit from.”
– 2021-22 ISSessions president Nashad Hakim
Club members also gain valuable hands-on experience through ISSessions’ organization of the annual Sheridan CTF (Capture The Flag) competition, which features a variety of cyber security skills challenges and workshops. The 2021 event drew more than 200 students from a dozen Ontario colleges and universities to compete in categories such as network traffic analysis, cryptography, forensics, data analysis, system administration, threat hunting, steganography, web application security, trivia, reverse engineering and programming.
“Our professors can only provide so much information about a certain topic. We don’t try to fill in the gaps; rather, we try to bring in other aspects that weren’t covered in class that people might benefit from,” says 2021-22 ISSessions president Nashad Hakim, a University of Toronto forensics and chemistry graduate who was attracted to Sheridan’s cyber security degree after the insurance company he was working for suffered a data breach. Adds past president Kurt Kosubek, who worked as a cyber threat hunter for Bell during his co-op term at Sheridan, “Information security is a rabbit hole that involves all aspects of technology, so the content options are for our club are essentially infinite. I distinctly remember attending my first club meeting and discovering how so many things are deeply intertwined with information security. It was an eye-opening experience."
But how do professors feel about their students teaching themselves so much outside of class? “Initially, I was a bit hesitant when I saw them learning about something I was going to teach them eventually. But then I thought, ‘Why would I stifle what they want to learn about?’” Johnston says. “I do caution them a lot about burnout. But while we as educators can give our students the foundational knowledge that enables them to be experts in the field, once they leave school, the continuing education that is required in their careers is on them. Learning that lesson now is critical.”
Benefits of membership in ISSessions extend beyond the club’s educational and social values. “Mentioning your involvement with our club during a job interview indicates you’re pretty interested in what you’re studying, and it’s very valuable for networking,” notes Hakim. “The cyber security space is a small world, and a lot of people in our servers are the same people you’ll end up meeting with when you start looking for jobs.”
“The content options for our club are essentially infinite. I distinctly remember attending my first club meeting and discovering how so many things are deeply intertwined with information security.”
– ISSessions past president Kurt Kosubek
You’ll still find Turnsek lingering in those servers as well, happily engaging with students nearly a decade after co-founding the club. “It doesn’t really surprise me that ISSessions has grown so exponentially, but I’m so happy that it has maintained that community aspect and is still keeping people abreast of the latest news,” he says. “That’s really what Nick and I set out to do — keep people informed and give them a place to talk about things that they care about. As long as it remains that way, I’m happy.”