Darrah_Armstrong
My Cybersecurity Internship
International Child Art Foundation
Quick Facts
The International Child Art Foundation encourages children’s creative growth by offering artistic opportunities that inspire and empower.
It fosters global awareness and empathy through exchanges between children from diverse backgrounds.
ICAF promotes art as a tool to address global issues like peace, environmental sustainability, and social justice.
By nurturing creativity, the foundation helps children communicate ideas and contribute to a more compassionate and harmonious world.

International Child Art Foundation
About the Nonprofit
The International Child Art Foundation supports and inspires children globally by providing platforms for artistic expression and meaningful cultural exchange.
Its programs focus on enhancing children’s cognitive, emotional, and social development through the power of art as a universal language. By breaking down cultural barriers, ICAF encourages creativity, critical thinking, and cultural appreciation among youth.
The foundation’s activities foster personal growth and global understanding, helping children develop essential skills while celebrating diversity. Through art, ICAF empowers the next generation to connect, communicate, and contribute to a more inclusive and compassionate world.

International Child Art Foundation
Community Involvement
The International Child Art Foundation’s faculty includes skilled artists, educators, and child development experts passionate about nurturing creativity in youth. They provide personalized instruction across disciplines like visual arts, music, dance, and theater, emphasizing self-expression and cultural diversity.
ICAF collaborates with schools, museums, cultural institutions, and nonprofits worldwide, as well as international organizations focused on child development, human rights, and education.
These partnerships enable the foundation to expand its reach, offering children access to exhibitions, mentorship, workshops, and global art experiences that promote cultural exchange, diversity, and peace through the power of the arts.

International Child Art Foundation
Current Vulnerabilities
Given the International Child Art Foundation’s global reach and use of online platforms, cybersecurity is a critical focus. ICAF employs encrypted, secure systems for registration, virtual classes, and events to protect personal information.
Strict data privacy policies comply with international regulations, and digital consent forms ensure parental approval for children’s participation. Staff and volunteers receive ongoing cybersecurity training to recognize threats.
The foundation also uses monitoring and reporting systems to maintain a safe virtual environment, quickly addressing any security concerns. These measures safeguard children, families, and staff in ICAF’s digital programs and communications.

My Security Presentation
During the Cybersecurity & Defense Internship, I worked with Beth Cerrone and Jamie Kreider to learn the basics of cybersecurity and explore its practical applications.
Throughout the week, I worked with a nonprofit to develop cybersecurity solutions to protect against various cyber threats. I worked with my team to analyze the threats to the organization and then developed a comprehensive solution.
At the conclusion of this internship, our team pitched the final proposal to the Leadership Initiatives Grant Committee, earning a microgrant to support the implementation of our proposal.

My Security Proposal
Throughout the program, we worked closely with the International Child Art Foundation to gain a clear understanding of their goals. These meetings provided valuable insights into critical gaps within their cybersecurity system and the potential risk they pose to the operation of their business.
The most pressing issue facing International Child Art Foundation is its reliance on static, weak passwords and the absence of a disaster recovery plan, which leaves critical systems and data unprotected in the event of a breach, which significantly undermines the organization’s ability to defend against, respond to, and recover from cyber incidents, putting both operational continuity and sensitive information at serious risk.
To address this issue, we developed a comprehensive security proposal that included a SWOT analysis of the International Child Art Foundation’s current situation. Drawing on international cybersecurity standards, I proposed using the free, open-source password manager KeePassXC, which securely stores and organizes complex passwords for all business accounts. This tool will ensure regular password updates and eliminate risky practices like handwritten credentials. Our second solution addressed the public exposure of website code on GitHub, which poses a major impersonation risk. Anyone could copy the public code and host a fake version of the organization’s website on a similar domain. To fix this, we advised the team to set the GitHub repository to private—a simple yet crucial step to protect the integrity and trustworthiness of the organization’s digital presence. Lastly, we proposed creating a full inventory of all devices connected to the office WiFi. This inventory will allow the organization to quickly identify and secure vulnerable endpoints in the event of a breach, and will serve as a foundational step toward building a more effective incident response plan. These low-cost, high-impact solutions will strengthen the organization’s cybersecurity posture and help prevent future data compromises.
Internship Highlights

I was given the unique opportunity to take exclusive tours of multiple government and security sites to speak directly with security professionals. During these tours, I was able to witness firsthand how cybersecurity operates at the national and international level.
I was able to visit the United States’ Security Innovation Lab. Throughout this visit, I was able to learn firsthand from government officials regarding how the government funds and establishes cyber-intelligence and cyber-counterintelligence technology.
We also toured the Homeland Security Investigations' (HSI) Technical Operations Center. During this visit, we learned how the government uses technology to track major crimes including wire-fraud, human trafficking, child exploitation, and more.

In order to apply the skills I learned throughout the internship, I worked directly with a nonprofit based in the Washington D.C. area to discuss their company's cybersecurity needs.
After three meetings where I walked through the organization model, protected information, and staff training of the nonprofit, I worked with my team to create a staff training protocol and threat analysis for my partner.
At the end of the internship, I advocated for, and received funding for, my nonprofit partner to implement the cybersecurity training protocols so they can best protect their client information and continue to develop with a reduced fear of cyber attacks and cybersecurity threats.

To learn more about the world of cybersecurity, I was given the unique opportunity to speak directly with cybersecurity experts from multiple organizations and backgrounds.
I worked directly with one of the leading consultants in Cyber Threat Management, and a lead Cyber Consultant from Ernst & Young, Phuong Nguyen, to learn about common threat assessment and cybersecurity counterintelligence. I also heard from the Director of Government Compliance for KPMG, Lisa Mathews, and the lead SME for the FutureG Initiative for the Department of Defense, Dr. Dan Massey.
Throughout the internship, I also heard presentations from and spoke with representatives from the Department of Defense, Department of Homeland Security, and the National Security Agency. To learn the physical side of cybersecurity, we also had the unique opportunity to meet with globally recognized penetration testers and network threat assessors.

In order to put the skills we learned to the test, I had the unique opportunity to work with cybersecurity software typically used in graduate-level instructional courses. This provided me with a hands-on environment to develop and apply a wide range of cybersecurity skills.
I began with network cybersecurity, completing labs focused on network security and Linux to gain a deeper understanding of how networks communicate and where vulnerabilities may arise. This experience highlighted the ways in which cybersecurity threats can disrupt or compromise these communications, reinforcing the importance of proactive defense measures.
Building on these Linux skills, I participated in capture-the-flag coding competitions and explored virtual rooms designed to simulate real-world cybersecurity challenges. These activities tested both my technical abilities and problem-solving skills, allowing me to apply classroom concepts in practical, scenario-based settings.