Skip to content

My GWU Discussion – Part 3 – What to do About Cybersecurity

This is my third (and thankfully to most readers, last) post about a class at I gave at George Washington University earlier this year. The professor, Dr. Robert McCreight, invites me to be a guest lecturer on cyber-security from time to time. I posted a copy of my slides in the previous two posts and do so again here:

George Washington University Slides on Cyber-Security

In the last post I returned as I often do to the question “How to be secure when each component of your solution is itself insecure?”. I find that most practitioners, and in particular their management, are in denial on this issue. While my first suggested step which is to practice security hygiene is useful it does not help against a determined attacker.

While I am not sure if anything short of not connecting to anyone will work all the time, two possible approaches seem promising.

My GWU Discussion – Part 3 – What to do About Cybersecurity

My Guest Lecture at George Washington University on Cybersecurity

Every year or so I am lucky to be invited by Dr. Robert McCreight who teaches a graduate class on National Security and Technology to be a guest lecturer on Cybersecurity.

Since the classes I teach at the University of Maryland and Syracuse University are on-line distance learning, it is always a treat for me to have actual live students in the same classroom as I am to interact with. This year the exchange of information was really great, Dr. McCreight has a wonderful class. For all of these activities, I deal with what I call the “avoidance of appearing like an idiot in front of people syndrome”, which forces me to at least to scan and keep up with the literature before the class is held.

While I am one of those people who learn best by doing, being able to talk to and/or discuss with bright students is still very helpful and fun to do.

I have posted my presentation below and during the next few weeks hope to write a few columns based on the later slides, of course I have still not written my last two posts I promised on cloud computing, as as usual what I plan to do with this blog and what actually happens continues to diverge.

My Guest Lecture at George Washington University on Cybersecurity

My Slides from the University of Maryland University College 2010 Annual Cybersecurity and Homeland Defense Symposium

Last month I was the keynote speaker at the University of Maryland University College 2010 Annual Cybersecurity and Homeland Defense Symposium and Job Fair, http://www.umuc.edu/securitystudies/cybersymposium_agenda.shtml.

A few people asked me to post my presentation, but I have found that my current job as the COO at Powertek Corporation has caused me to miss many of my self-imposed deadlines for doing many things, including updating my blog.My Slides from the University of Maryland University College 2010 Annual Cybersecurity and Homeland Defense Symposium

Webinar on Cybersecurity: Building Secure Federal Systems

I was pleased to be asked to be part of a webinar sponsored by Government Executive this Thursday at 2:00pm EST and even happier when Pat Howard, the CISO from the Nuclear Regulatory Commission accepted an invitation to join me.

The webinar, moderated by Adam Ross, the Managing Editor from the SANS Institute, will focus on some of the challenges faced in creating secure Federal Systems. With the growing movement for speed-to-market and the movement to the cloud, and associated buzz words, and with the increased publicity about cyber-attacks, how we should best deal with such issues is becoming a still greater issue.Webinar on Cybersecurity: Building Secure Federal Systems

SCADA Conference Presentation

  • by

I am one of two representatives from CSC speaking at a SCADA Conference on Tuesday.

My focus, as usual, will be on the strategic reasons behind the movement to SCADA. Oops, perhaps I should back up. SCADA is an abbreviation for Supervisory Control and Data Acquisition. It usually is used as a catch-all term dealing with computer controlled equipment or machinery (or plants or smart grids or, well you get the idea).

Many of these systems were controlled individually by locally provised systems and thus security, while relevant, wasn’t the most critical factor when designing such solutions. Now that many of these systems are managed over the Internet and an increasing percentage of what most would consider our/US economic critical infrastructure touches these systems, cyber issue have become a very hot topic.

So my presentation will focus on why this is happening and also touch a bit on some of the issues the Government is facing in this space. The second presenter from CSC is an industry expert in the utility, chemical and natural resource market and will provide some more detailed oversight and advice.SCADA Conference Presentation