What if a cyber attack wiped out your bank account, stole all of your medical files or shut down your local power grid? Who keeps us safe? Who will keep us safe in the future?
Representatives from the military, private sector and academia came together last week to address these questions for the 2017 Florida International Summit, “Cyber Strategy in a Globally Connected World.” The summit, hosted this year by USF World, is the signature annual event of the Florida Network for Global Studies (FNGS), an educational consortium consisting of FIU, FSU, UCF, UF, UNF and USF.
USF Vice President of USF World Dr. Roger Brindley welcomed attendees before showing opening remarks from USF President Dr. Judy Genshaft via a video message. Afterwards, he introduced USF Provost and Executive Vice President Dr. Ralph Wilcox, who thanked presenters and recognized esteemed guests. All welcoming and opening remarks underscored the importance of partnership in addressing complex issues, and highlighted the work of FNGS in helping leverage each university’s unique set of resources to contribute to these meaningful events.
After an introduction by Dr. Ted Reynolds, UCF Visiting Lecturer on Intelligence and Terrorism and Senior Research Fellow in Terrorism Studies, Brigadier General Ryan P. Heritage delivered the morning keynote. Heritage is the Deputy Director of Future Operations for the U.S. Cyber Command, or Cybercom for short. He jumped right into the topic of cybersecurity by giving a brief overview of his background, Cybercom’s structure and the challenges he felt the U.S. cybersecurity sector is facing. He stated that “we need a workforce as dynamic as the environment in which they work,” after stressing the volatile nature of the cyber environment. Heritage also emphasized the importance of normalization of that environment, creating cyber “rules of the road,” since so few currently exist.
Reynolds moderated the first panel, which addressed cybersecurity and policy within critical infrastructure. The panel featured Mark Clancy, who works extensively in technology risk management within the financial sector, most recently with the Depository Trust & Clearing Corporation as managing director of Technology Risk Management; Hafid Elabdellaoui, Managing Director of Cybersecurity & IT Compliance for Duke Energy; and George Grachis, Senior Security Compliance Consultant for Maxis360, an auditing company that evaluates risks to cybersecurity for various companies. The panelists described the nature of cyber threats in their industries, how they operate and what actions could strengthen cybersecurity. All three agreed that “cyber is a team sport,” that starts with responsible players.
For the financial sector, Clancy emphasized the need to increase the cost of conducting cyber attacks. One attack method can be replicated a on a hundred different targets with the click of a button. Currently, he said, defending or recovering from such attacks is ten times more expensive than performing them. Elabdellaoui explained that in the energy sector, sharing information about attacks is one way to balance that asymmetry. He stressed the importance of establishing strong relationships with government and industry partners before cyber attacks happen. Grachis outlined cyber breach risks in the healthcare industry, including personnel files, patient records and even medical devices like insulin pumps and pacemakers. Increasing employee awareness, he said, and avoiding basic threats like clicking links from unknown email senders, can increase the number of conscientious “cybercitizens.” A hot topic for both the keynote speaker and the panelists was the issue of organized cyber attacks from state actors. “Let’s just say, you can see Russia from your router,” Clancy joked as he left the podium, to which Heritage gave a wry chuckle.
The second panel focused on workforce development, and was led by Sri Sridharan, Director of the Florida Center for Cybersecurity. The panel addressed the topic of the incredible shortage of cybersecurity personnel in the coming years. “A 1.5 million person shortage is expected by 2020,” Sridharan explained. The panel featured Dr. Eman El-Sheikh, Director of the Center for Cybersecurity and Professor of Computer Science at the University of West Florida; Admiral Mike McConnell, Senior Executive Advisor of Booz Allen Hamilton, and former Director of National Intelligence; and Mike Russo, Director of Information Security and Privacy for Florida State University, and former Chief Information Security Officer for the State of Florida. These individuals, because of their backgrounds, not only represented local, state and national perspectives on workforce development, but also perspectives on academic, governmental and private-sector workforce trends.
All panelists agreed that a shortage would not be “fixed” with government policy alone, because of the slow speed of the bureaucratic process. McConnell gave two examples. Educators, he said, “cannot agree on what a degree in cybersecurity looks like,” and that “the government does not have a plan to fill these jobs.” Russo voiced his belief the private sector will be the solution to the shortage. El-Sheikh offered some solutions such as internships and co-ops to increase cybersecurity graduates’ real-world experience. She stressed that educational institutions should view cybersecurity as multidisciplinary to increase new participants beyond computer science majors. A question from the audience about high school students participating in boot camps and obtaining certifications before entering university met with resounding enthusiasm from the panelists.
Before concluding the conference, Dr. Kiki Caruson, USF Assistant Vice President for Research, Innovation and Global Affairs, provided a summary of key takeaways. All presenters stressed the importance of cultivating a culture of cyber awareness. She noted the role of education, the need to start early and echoed the resounding lesson from all presenters about personal cybersecurity best practices: When it comes to emails, “don’t click the link!”
The summit was hosted by USF World in partnership with FNGS, UCF Global Perspectives, the Florida Center for Cybersecurity and the Global Connections Foundation.