May 6–7, 2010
Inside Cyber Warfare: Mapping the Cyber Underworld by Jeffrey Carr
Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet by Joseph Menn
• Ideas vs. bits
• Insider threats
• Assessing risk(s)
• Vulnerabilities and defense
• Tracking and tracing
• Trust and provenance
• Anomaly detection
• Reactive vs. preemptive cyberdefense
• Cyberwar and cyberterrorism
What changes in strategies, tactics, and processes can we put in place to forestall intrusions into our networks and infrastructures? Can we provide and receive earlier warnings and alerts to mitigate damage from malware and other fraudulent schemes? How can we better analyze and learn from attacks that were successful?
It goes without saying that the Internet (and by extension, our IT infrastructure) is a target for cyberattacks. It is also the conduit by which such attacks are carried out. Every enhancement creates a new vulnerability. Its complexity keeps many of those vulnerabilities from being found, let alone corrected. It has also become a stage for control and rebellion.
Insider threats and the human dimension of cybersecurity cannot be underestimated. To minimize threats, will we need to breach the privacy of those who operate and maintain our networks? Could better tools and monitoring help us distinguish between human and machine error?
Prevalent “communities of interest” on the Internet are not always benign. Clever (and even some not-so-clever) uses of our networked infrastructure can easily spread vandalism and propaganda against enterprises and sovereign states. Should we employ a reactive cyberdefense, or a preemptive one? Will expending more financial and human capital make us safer? How can we best defend ourselves, given our limited resources? Can we distinguish systemic risks from risk at the individual and enterprise levels?
Once we suspect an attack, how will we define it as such, and how will we identify its source? We’ll need a list of acceptable responses, and we’ll need to recognize our adversaries’ motivations and capabilities. Can we mitigate our cyberinsecurity by developing prediction-based tools and upgrading our digital-forensic toolkit? Understanding the potential threats to our cyberworld will give us the agility to protect our data assets.
Dr. John Adams, Emeritus Professor of Geography, University College London
Dr. Joel Brenner, Senior Counsel, National Security Agency
Mr. Jeffrey Carr, Chief Executive Officer, GreyLogic
Dr. Marc Dacier, Senior Director, Symantec Research Labs, Europe and U.S.
Dr. Craig Gentry, Research Staff Member, Cryptography Group, IBM T.J. Watson Research Center
Mr. James Gosler, Fellow, Sandia National Laboratory
Dr. Chris Hankin, Director, Institute for Security Science and Technology, Imperial College
General (Ret.) Michael Hayden, Former Director, National Security Agency and Former Director, Central Intelligence Agency
Mr. Mikko Hypponen, Chief Research Officer, F-Secure
Mr. Matthew Joyce, Co-Founder, Agora Link
Dr. Yousef Khalidi, Distinguished Engineer, Windows Azure, Microsoft
Mr. Daniel Kimmage, Senior Fellow, Homeland Security Policy Institute
Dr. Herbert Lin, Chief Scientist, Computer Science and Telecommunications Board, National Research Council of the National Academies
Dr. Joe Markowitz, Former Director, Intelligence Community Open Source Program Office, Central Intelligence Agency
Ambassador John Negroponte, Former Director of National Intelligence
Dr. Andrew Odlyzko, Professor, School of Mathematics, University of Minnesota
Dr. Marisa Randazzo, President, Threat Assessment Resources International
Mr. Antonio Rucci, Program Director, Collection Management & Cyber Initiatives, Global Security Directorate, Oak Ridge National Laboratory
Dr. Doug Solomon, Chief Technology Officer, IDEO
Dr. John Zic, Principal Research Scientist, CSIRO ICT Centre