Cyber Dialogue & Related Events

Cybersecurity Speakers

The Disconnect between Cyber Policy and Technology

With Dr. Kamal Jabbour, Senior Scientist for Information Assurance, Information Directorate, Air Force Research Laboratory (Rome, NY)

Syracuse Law | Nov. 28, 2016

kamal_jabbour-112816Dr. Kamal Jabbour spoke at Syracuse Law on Nov. 28, 2016, about the disconnect between cyber policy and technology in the US. Cyber policy, says Jabbour, is out of step with techniques that could actually ensure the integrity and security of computer information. Policy, he says, remains stuck on out-dated security concepts—such as protecting physical objects (computers, processors), scanning thousands of lines of code for malware, and socially engineering “dumb users”—rather than on assurance techniques that look at computer instructions as mathematical equations, the way Alan Turing and others did when inventing the concept of computer code. When considered as equations, computer instructions can be encrypted, quantized, ephemeral, or custom-made—thus foiling the would-be attacker. Cybersecurity policymakers ideally should have 35 hours of higher level mathematics training before tackling national policy, Jabbour says, but given that that is a difficult requirement to seek, policymakers, lawyers, and computer engineers must work more closely together on security, integrity, and assurance techniques that actually work.


Cyber Dialogue Speaker Series

Promise & Risk: National Security & Digital Infrastructure (2011)

Syracuse University | March 10-April 21, 2011

Cyberspace presents both immense promise and grave risk. The same technology that provides new opportunities for economic growth and for the free exchange of ideas worldwide also enables new threats. According to the White House, the status quo is no longer acceptable, and the national dialogue on cybersecurity must begin today. Syracuse University joins this dialogue, holding a four-part series of luncheon discussions co-sponsored by the Institute for National Security and Counterterrorism (INSCT) and the Center for Information and Systems Assurance and Trust (CISAT).

The Bit Stops Here: Accountability Mechanisms in Cyber Space
With Shiu-Kai Chin, Meredith Professor, LC Smith College of Engineering and Computer Science, Syracuse University and Lisa Dolak, Angela S. Cooney Professor of Law, SU College of Law

If your personal information or digital identity is stolen, who is responsible?  What measures should be taken to protect electronic data and what standard of care is due?  What claims are reasonable?  How might the federal government reshape the liability environment to incentivize security practices without inadvertently punishing security providers for lapses beyond their control?  What technology helps- public key infrastructure (PKI), partner key management (PKM), and/or auditing programs embedded in software and firmware?

National Strategy for Trusted Identities in Cyberspace: Securing the Internet or Attacking Civil Liberties?
With Macy Cronkrite and Jeffrey Keesom, US Department of Homeland Security Career Development Fellows

The National Strategy for Trusted Identities in Cyberspace (NS-TIC) is a White House Initiative through the US Department of Commerce to improve Internet security through the development of a federated identity management system to issue secure identity credentials to Internet users. The White House says that the system is primarily designed to make e-commerce transactions more secure and less susceptible to fraud. It could also be used to make it easier for law enforcement to identify the individuals or entities responsible for cyber attacks. While the White House insists that the system will be voluntary, opponents say that the system will abuse civil liberties, erode privacy, and will lead to the end of anonymity on the Internet.

Anonymity in Cyberspace: Promoter of Democracy or Shield for Criminals?
 With William Snyder, Visiting Assistant Professor of Law, SU College of Law and Kevin Du, Associate Professor, LC Smith College of Engineering and Computer Science

What is it about the structure of the Internet that makes it possible for people to speak and act there anonymously? Could that be changed, so that criminals, libelers, and terrorists cannot act with impunity? Does our constitutional protection of free speech extend to anonymous free speech on the Internet? What is the correct balance between anonymity that promotes political dissent and the free exchange of ideas and anonymity that promotes irresponsible and dangerous behavior? The White House recommends that Americans should get a digital credential capable of both authenticating their identity for secure transactions like banking and to provide anonymity for blog posts. Can one digital tool do both? How should that work, and why does our government think it is a good idea?

Internet Governance: Who’s in Charge?
With Brian White, Director, The Chertoff Group and Former Counselor to the Deputy Secretary, US Department of Homeland Security

From cyberwar to an “internet” kill switch, the cyber landscape is rapidly changing. And, while the U.S. Government is poised to address many of these issues through legislation, the issue of cybersecurity requires a global dialogue. In this session, Mr. White will attempt to discuss the legal,policy, and technological issues that confront international policy-makers and corporations in the cybersecurity dialogue.


Cyber Roundtable: Recommendations for the National Strategy for Trusted Identities in Cyberspace

Syracuse University | Sept. 3, 2010

In September 2010, INSCT and the Center for Information and Systems Assurance and Trust (CISAT), both headquartered at Syracuse University, held a roundtable discussion of the Obama Administration’s recently published National Strategy for Trusted Identities in Cyberspace. The event brought together legal and technical experts, experts in management and public communications, and officials from JPMorgan Chase and Co.

Working Paper

Discussants

  • William C. Banks, Moderator, Director, INSCT
  • Shiu-Kai Chin, Professor, SU Department of Electrical Engineering and Computer Science and Director, Center for Information and Systems Assurance and Trust (CISAT)
  • Kevin Du, Associate Professor, L.C. Smith College of Engineering and Computer Science, Syracuse University
  • Lisa A. Dolak, Professor of Law, SU College of Law; Associate Director of the Center on Property, Citizenship, and Social Entrepreneurism; and Associate Director, Institute for the Study of the Judiciary, Politics and the Media
  • Randy Elder, Senior Associate Dean, Whitman School of Management, Syracuse University
  • David M. Rubin, Professor and Former Dean, Newhouse School of Public Communications, Syracuse University
  • William Snyder, Visiting Assistant Professor, SU College of Law
  • Jeffrey M. Stanton, Associate Dean for Research and Doctoral Programs and Associate Professor, School of Information Studies, Syracuse University

Background

In simplest terms, the use of strong identification by all actors on the Internet would make the cyber realm sufficiently trusted for commercial activities and make it far more difficult for criminals and terrorists to operate with impunity.  At the same time, it would far more than simply risk chilling free speech; in many countries the government could use the identification data to literally kill dissent.

Read More

This conflict was displayed when US Secretary of State Hillary R. Clinton stated:

[O]nline organizing has been a critical tool for advancing democracy and enabling citizens to protest suspicious election results … The freedom to connect to these technologies can help transform societies …  The United States is committed to devoting the diplomatic, economic, and technological resources necessary to advance these freedoms … [T]he State Department is already working in more than 40 countries to help individuals silenced by oppressive governments. We are making this issue a priority at the United Nations as well, and we’re including internet freedom as a component in the first resolution we introduced after returning to the United Nations Human Rights Council.  We are also supporting the development of new tools that enable citizens to exercise their rights of free expression by circumventing politically motivated censorship.

Yet, in the same speech, she explained:

[W]e must also grapple with the issue of anonymous speech. Those who use the internet to recruit terrorists or distribute stolen intellectual property cannot divorce their online actions from their real world identities.

Clearly, both providing strong identification and limiting a company or government’s ability to demand that an Internet user provide that identification will require massive government effort, regulation and policing in the cyber realm.  Is that possible?  Is it wise?  If so, how best to do it?

The Obama Administration has released a draft National Strategy for Trusted Identities in Cyberspace (NS-TIC), to be finalized in the fall of 2010.  The Administration requests public input.  The Institute for National Security and Counterterrorism and  Center for Information and Systems Assurance and Trust (CISAT) will host a roundtable to assess the strategy and offer recommendations for specific parts of the strategy.


InfraGard Conference on Cyber Security (2010)

Syracuse University | Sept. 24, 2010

A joint conference of the Albany, Buffalo, and Rochester InfraGard Member Alliances. The three alliances are part of the InfraGard National Members Alliance, which provides a trusted forum for exchanging knowledge, experience, and information to help protect our nation’s infrastructure from both physical and cyber threats. The goal of this conference is to build partnerships with the private sector, academia, law enforcement, and Upstate New York InfraGard Member Alliances and to educate attendees on current tools, technologies, and trends in computer forensic investigations.

Partners

Infragard has partnered with INSCT, the Center for Advance Systems and Engineering at Syracuse University, and SRC, Inc. to bring together leaders, policymakers ,and academics engaging in various aspects of cybersecurity.

Agenda

Read More

9:00 a.m.     Welcome

9:30 a.m.     Cyber Security Policy and Practice

Al Stenson, DHS, Protective Security Advisor
“The National Infrastructure Protection Plan”

Greg Metzler, Principal Security Engineer and Cyber Intelligence Analyst, SRC, Inc.
“Crime: The Next Driver of Internet Innovation”

10:45 a.m.     Cyber Security Policy and Practice, Continued

William Snyder, Syracuse University College of Law, Visiting Professor
“When a Hacker’s Rights to Your Computer Exceed Your Own: The Wiretap Act and Computer Trespassers”

Daniel Alfin, FBI Special Agent
“Cyber Crime: Computer Intrusions, Pedophiles, Drugs, and Gangs”

Sgt. Tony Martino, Utica Police Department and Adjunct Professor Utica College
“Emerging Trends and Cyber Exploits”

12:15 p.m.     Lunch

1:15 p.m.     Keynote

Thad Odderstol, National Cyber Security Division, US Department of Homeland Security
“DHS Cyber Security: Strategic & Operational Initiatives”

2:00 p.m.     Break

2:15 p.m.     Forensic Investigations: Tools, Technologies and Trends

Yalkin Demirkaya, Cyber Forensic Investigator, Cyberdiligence
“Investigating Insider Abuse of IT Resources”

James Gagliano, FBI SSRA
“Cyber Investigations of Gang Activity”

4:00 p.m.     Wrap-Up & Adjourn

 

Share this!