TOPICS INCLUDE:
• Ideas vs. bits
• Insider threats
• Assessing risk(s)
• Vulnerabilities and defense
• Tracking and tracing
• Trust and provenance
• Anomaly detection
• Reactive vs. preemptive cyberdefense
• Cyberwar and cyberterrorism
CONFERENCE OVERVIEW
The Internet has been a great enabler; some say it has also sown the seeds of its own destruction. It’s likely that all our IT environments are vulnerable, and some are seriously compromised. But novel and unconventional ways are emerging to keep our networks safe. Questions are numerous and crucial. How do we operate effectively and efficiently in compromised environments? What are our acceptable levels and types of insecurity?
What changes in strategies, tactics, and processes can we put in place to forestall intrusions into our networks and infrastructures? Can we provide and receive earlier warnings and alerts to mitigate damage from malware and other fraudulent schemes? How can we better analyze and learn from attacks that were successful?
It goes without saying that the Internet (and by extension, our IT infrastructure) is a target for cyberattacks. It is also the conduit by which such attacks are carried out. Every enhancement creates a new vulnerability. Its complexity keeps many of those vulnerabilities from being found, let alone corrected. It has also become a stage for control and rebellion.
Insider threats and the human dimension of cybersecurity cannot be underestimated. To minimize threats, will we need to breach the privacy of those who operate and maintain our networks? Could better tools and monitoring help us distinguish between human and machine error?
Prevalent “communities of interest” on the Internet are not always benign. Clever (and even some not-so-clever) uses of our networked infrastructure can easily spread vandalism and propaganda against enterprises and sovereign states. Should we employ a reactive cyberdefense, or a preemptive one? Will expending more financial and human capital make us safer? How can we best defend ourselves, given our limited resources? Can we distinguish systemic risks from risk at the individual and enterprise levels?
Once we suspect an attack, how will we define it as such, and how will we identify its source? We’ll need a list of acceptable responses, and we’ll need to recognize our adversaries’ motivations and capabilities. Can we mitigate our cyberinsecurity by developing prediction-based tools and upgrading our digital-forensic toolkit? Understanding the potential threats to our cyberworld will give us the agility to protect our data assets.