Home
Story
Cybersecurity for executives (including deans and small business owners).
Cybersecurity for executives (including deans and small business owners).
The Dean of the Whiting School of Engineering opens the conference. Larry Canner
By The CyberWire Staff
Sep 22, 2017

Cybersecurity for executives (including deans and small business owners).

This week's conference at the Johns Hopkins University covered ground of interest to business leaders, especially with respect to the implications cyber risk has for their legal and contracting activities. The executives for whom the conference was organized were expansively and quite properly defined to include not just the denizens of a Fortune 500 C-suite, but small business owners, partners in medical and accounting practices, college deans, and so on.

In his opening remarks, Anton Dahbura, Director of the Information Security Institute at the Johns Hopkins University's Whiting School of Engineering, reviewed his "Unlucky Top 13" list, an inventory of recent security horror-shows. He thinks these incidents (the Equifax breach being the one that's arrived with most éclat) may have induced the public to pay attention, and may finally be moving people away from what Dahbura called "the gazelle mentality," that is, the comforting thought that if you stay close to the herd, you'll be OK. (You won't.)

Other speakers discussed the opportunity costs sound security inevitably imposes on organizations. One new addition to the faculty at the Johns Hopkins School of Advanced International Studies, Thomas Rid (who'd just arrived from his previous appointment in London) offered an overview of the attribution challenge. Historically informed, Rid's account argued that attribution is as much art as science. A panel of legal experts offered advice for businesses. (One highlight: Whiteford Taylor Preston's Howard Feldman reminded everyone of the importance of contracts, and that you may be bound by contracts you hadn't realized were contracts at all. "Your privacy policy, on your website, is a contract.")

And Bob Olsen, CEO of event sponsor COMPASS Cyber Security, closed with some effective analogies security professionals can use to communicate with the business leaders they support.

Detailed coverage of the discussions may be found in the other articles on this conference.