news from CyberMaryland
CyberMaryland 2014 wrapped up yesterday with sessions devoted to technology transition, infrastructure security, business development and entrepreneurship, leadership roles for women and veterans in cyber security, cyber insurance and risk mitigation, cyber education and work force development, and, of course, perspectives on the cyber threat.
The conference closed with recognition of Maryland CyberChallenge's High School Division winners. A Perseverance Award was shared by Marshall Academy (Falls Church, Virginia) and Loyola Blakefield Blue Team (Baltimore, Maryland). Each team member received, from the University of Maryland Baltimore County, either a complimentary security certification course (if they're 18 or older) or a complimentary summer development course (if they're under 18). Second place was taken by Harford Technical High School (Bel Air, Maryland). Harford Tech's team members will each receive a $2000 education grant from NSA. And this year's first-place winners were the students in Loyola Blakefield's Gold Team — they'll each receive a $5000 education grant from NSA. Congratulations and well done to them all.
The National Cyber Security Hall of Fame inducted its class of 2014 yesterday evening. NSA and Cybercom chief Admiral Michael Rogers delivered a keynote in which he again called for new forms of partnership across worlds that ordinarily have little to do with one another, but that can share their passion and achieve a sense of common purpose. "You don't," he reminded the gathering, "have to wear a uniform to serve." Cyber, while a matter of paramount importance to national security, is paradoxically a domain that knows no boundaries, and this paradox should summon a new dialogue that moves beyond simplistic and ill-informed dog-whistling about either liberty or security. He concluded with a call for mutual trust on the part of all cyber stakeholders, and reiterated his organizations' commitment to accountability, the rule of law, acknowledgement of mistakes, and a determination never to cut corners.
The five members of the class of 2014 all spoke briefly and gracefully.
Paul Kocher (designer of SSL 3) warned of three challenging trends: coding is faster, devices are proliferating rapidly, and data are assuming dramatically greater value. These give rise to exponentially larger problems, but to larger opportunities as well.
Vint Cerf (co-designer of TCP/IP, who spoke in absentia) — after confessing feelings of unworthiness of the award — counseled all to "think twice when we roam around the Web," and to always remember that our failures in cyberspace place others at risk.
Phillip Zimmermann (creator of PGP email encryption and developer of VOIP encryption protocols) noted that the law firm Venable was a sponsor of the evening's ceremonies, and recalled his own defense (pro bono) by a Venable attorney in the 1990s, when Zimmermann was under threat of indictment for his crypto work. When he asked why the lawyer had taken his case, the answer was, "I believe you should be able to whisper in someone's ear from a thousand miles away," and those words have stayed with him ever since. In the 1990s, Zimmermann reflected, you had to explain yourself if you were using strong crypto. Now you have to explain yourself if you aren't, and that, he said, "is at it should be."
Steven Bellovin (professor of computer science at Columbia University and a major contributor to encryption and network security) described his realization that insecurity arose from increased system complexity, and that security must be understood and approached as a system problem.
Richard Clarke (former US National Coordinator for Security, Infrastructure Protection, and Counter-terrorism, principally responsible for the first National Plan for Cyber Security) said he agreed with the current Chairman of the Joint Chiefs of Staff that the US needs a new strategy for cyberspace. He also urged those present to accept the invitation of Admiral Rogers to help explain the work of NSA, and to foster the dialogue the Admiral called for.