Alyssa_Nguyen
Alyssa Nguyen
My Cybersecurity Internship
The National Reentry Network
Quick Facts
The National Reentry Network empowers returning citizens to successfully reintegrate into society after incarceration.
They promote stability, self-sufficiency, and community connection by providing mentorship, resources, and advocacy.
Their mission inspires individuals to overcome barriers, reclaim their lives, and build a future full of opportunity.
Through these efforts, they help participants become confident, engaged, and productive members of their communities.
Their programs foster lasting change, encouraging lifelong growth, leadership, and a commitment to strengthening families and neighborhoods.
The National Reentry Network
About the Nonprofit
The National Reentry Network is a nonprofit organization dedicated to supporting returning citizens as they transition back into society after incarceration. Their mission focuses on empowering individuals by providing resources, mentorship, and advocacy that foster stability, personal growth, and self-sufficiency.
Through programs that combine guidance, community engagement, and skill-building, the organization helps participants overcome barriers and realize their full potential.
By promoting restorative justice and strengthening community ties, The National Reentry Network creates meaningful opportunities that inspire resilience, leadership, and lasting positive change in the lives of those they serve. Their work builds stronger futures for individuals and communities through connection, support, and empowerment.
The National Reentry Network
Community Involvement
The National Reentry Network benefits from a dedicated team of highly trained professionals, including reentry specialists, case managers, advocates, and community organizers.
These staff members work closely with participants to provide guidance, resources, and support throughout the reentry process. They offer mentorship and skill development, helping individuals build resilience, self-sufficiency, and leadership as they transition back into society.
The organization collaborates with nonprofit groups, local government agencies, and community partners such as the DC Department of Employment Services, the Public Defender Service for the District of Columbia, and returning citizen advocacy coalitions. These partnerships strengthen programming, expand resources, and foster lasting community connections that empower returning citizens to thrive.
The National Reentry Network
Current Vulnerabilities
The National Reentry Network faces important cybersecurity concerns, particularly regarding the protection of sensitive personal data from returning citizens. Since the organization collects information such as identification records, employment history, and housing details, it is crucial to securely store and transmit data to prevent unauthorized access or breaches.
Like many nonprofits, they must remain vigilant against data breaches that could compromise personal information and harm the trust of those they serve. Additionally, the organization is at risk of phishing attacks and email fraud targeting staff, volunteers, and partners.
Regular training on recognizing phishing attempts and implementing strong email security measures helps reduce these threats and protect their community’s information. Ongoing investment in advanced cybersecurity tools and protocols is essential to maintaining trust and safeguarding the organization’s digital infrastructure.
My Security Presentation
During the Cybersecurity & Defense Internship, I worked with Beth Cerrone and Jamie Kreider to learn the basics of cybersecurity and explore its practical applications.
Throughout the week, I worked with a nonprofit to develop cybersecurity solutions to protect against various cyber threats. I worked with my team to analyze the threats to the organization and then developed a comprehensive solution.
At the conclusion of this internship, our team pitched the final proposal to the Leadership Initiatives Grant Committee, earning a microgrant to support the implementation of our proposal.
My Security Proposal
Throughout the program, we worked closely with The National Reentry Network to gain a clear understanding of their goals. These meetings provided valuable insights into critical gaps within their cybersecurity system and the potential risk they pose to the operation of their business.
The most pressing issue facing The National Reentry Network is the lack of mandatory two-factor authentication and the use of shared usernames and passwords on all company laptops, which significantly undermines the security of their accounts and devices. Additionally, relying on GoDaddy—a platform that has experienced multiple hacks—exposes the organization to increased risks of data breaches and unauthorized access.
To address this issue, we developed a comprehensive security proposal that included a SWOT analysis of the National Reentry Network’s current situation. Drawing on international cybersecurity standards, I proposed migrating the company’s website to Amazon Web Services (AWS) to enhance security, reliability, and scalability. We recommended hosting the site on Amazon EC2 instances, with Amazon RDS managing database storage, Amazon S3 handling backups and static assets, and Amazon Route 53 providing secure domain name resolution. We also proposed implementing Amazon Route 53 and AWS Web Application Firewall (WAF) as critical security layers. Route 53 would ensure secure DNS management, global traffic routing, and protection against spoofing, while AWS WAF would block malicious attacks like SQL injection and denial-of-service attempts in real time, preserving website performance. Together, these tools would build a robust cybersecurity framework protecting sensitive client and donor data both at rest and in transit. We want to significantly reduce cybersecurity risks, protect sensitive data from unauthorized access, ensure regulatory compliance, and enhance stakeholder confidence in the organization’s commitment to data privacy and security.
Internship Highlights
I was given the unique opportunity to take exclusive tours of multiple government and security sites to speak directly with security professionals. During these tours, I was able to witness firsthand how cybersecurity operates at the national and international level.
I was able to visit the United States’ Security Innovation Lab. Throughout this visit, I was able to learn firsthand from government officials regarding how the government funds and establishes cyber-intelligence and cyber-counterintelligence technology.
We also toured the Homeland Security Investigations' (HSI) Technical Operations Center. During this visit, we learned how the government uses technology to track major crimes including wire-fraud, human trafficking, child exploitation, and more.
In order to apply the skills I learned throughout the internship, I worked directly with a nonprofit based in the Washington D.C. area to discuss their company's cybersecurity needs.
After three meetings where I walked through the organization model, protected information, and staff training of the nonprofit, I worked with my team to create a staff training protocol and threat analysis for my partner.
At the end of the internship, I advocated for, and received funding for, my nonprofit partner to implement the cybersecurity training protocols so they can best protect their client information and continue to develop with a reduced fear of cyber attacks and cybersecurity threats.
To learn more about the world of cybersecurity, I was given the unique opportunity to speak directly with cybersecurity experts from multiple organizations and backgrounds.
I worked directly with one of the leading consultants in Cyber Threat Management, and a lead Cyber Consultant from Ernst & Young, Phuong Nguyen, to learn about common threat assessment and cybersecurity counterintelligence. I also heard from the Director of Government Compliance for KPMG, Lisa Mathews, and the lead SME for the FutureG Initiative for the Department of Defense, Dr. Dan Massey.
Throughout the internship, I also heard presentations from and spoke with representatives from the Department of Defense, Department of Homeland Security, and the National Security Agency. To learn the physical side of cybersecurity, we also had the unique opportunity to meet with globally recognized penetration testers and network threat assessors.
In order to put the skills we learned to the test, I had the unique opportunity to work with cybersecurity software typically used in graduate-level instructional courses. This provided me with a hands-on environment to develop and apply a wide range of cybersecurity skills.
I began with network cybersecurity, completing labs focused on network security and Linux to gain a deeper understanding of how networks communicate and where vulnerabilities may arise. This experience highlighted the ways in which cybersecurity threats can disrupt or compromise these communications, reinforcing the importance of proactive defense measures.
Building on these Linux skills, I participated in capture-the-flag coding competitions and explored virtual rooms designed to simulate real-world cybersecurity challenges. These activities tested both my technical abilities and problem-solving skills, allowing me to apply classroom concepts in practical, scenario-based settings.