COLLEGE PARK, Md. – What if cybersecurity were addressed as a public health concern, with strict protocols required comparable to childhood vaccinations? Is it ethically and technically feasible for local governments and corporations to launch preemptive cyberattacks against hackers? Just how safe are those "trusted certificates" we rely upon almost daily for online banking and other important web-based transactions?
These topics, and more, are up for discussion at a major cybersecurity symposium to be held next month at the University of Maryland. The two-day event, May 14 and 15 at the College Park campus, features keynote speakers from academia, the private sector and the federal government. These experts will offer forward-looking—and possibly provocative—views on the policies, technology and human behaviors needed to combat the ever-evolving threats posed by hackers and cyberthieves.
"These are thought-provoking topics that we fully expect to stimulate interesting dialogue among our symposium participants," says Michael Hicks, director of the Maryland Cybersecurity Center (MC2), which is coordinating the annual event.
Research faculty from MC2, part of the University of Maryland Institute for Advanced Computer Studies, will also be on hand for a series of tutorials and workshops. They will discuss the latest developments and technology related to privacy in social media, security forensics, protocols for secure cloud computation and communication, supply chain security, reverse engineering and program analysis, and more.
"Anyone wanting to understand the latest trends and solutions in cybersecurity—students, business leaders, policymakers and scientists—will benefit from these sessions," says Eric Chapman, associate director of MC2.
Several corporate partners of MC2, including Tenable Network Security, Northrop Grumman, Lockheed Martin, SAIC and Google, are sponsoring the event.
Keynote speakers are:
- Fred Schneider, the Samuel B. Eckert Professor of Computer Science at Cornell University, who will discuss how past policies for enhancing cybersecurity—prevention, risk management and deterrence through accountability—have all proven ineffective, and that a new doctrine inspired by those used for public health should be considered.
- Kathleen Fisher, a program manager at the Defense Advanced Research Projects Agency (DARPA), who will discuss the need to develop better "high-assurance" systems in critical areas like hospitals and military applications, where hackers' intrusions can have devastating consequences.
- Randy Sabett, J.D., of counsel at ZwillGen PLLC, who will discuss the current controversy over an "active" cyberdefense—preemptive strikes against hackers—that is an increasingly considered option outside of classified government agencies.
- Steven Bellovin, chief technologist for the Federal Trade Commission, who will discuss what he considers to be serious security flaws in a critical infrastructure used to protect web users—trusted certificate authorities—and how their being compromised can have a cascading effect on other online security.
For more information or to register, go to www.cyber.umd.edu/events/symposium.
