Andrew Yang, Ph.D. Associate Professor of CS, CIS, IT Cyber Security Institute

1. Tackling the Challenges of Securing the Cyber Space - An academia perspective Andrew Yang, Ph.D. Associate Professor of CS, CIS, IT Cyber Security Institute

2. Cyber security challenges • What can the academia do to help? • The UHCL Cyber Security Institute • Challenges faced by the academia • Discussions (Q&A) UHCL-CSI

3. Challenges of Cyber Security convenience/functionalities/usability vs security - Users want useful and/or fun technology http://threelittlepigsbar-b-q.com “The user's going to pick dancing pigs over security every time.” — Bruce Schneier UHCL-CSI

4. Challenges of Cyber Security The Internet has become the primary computing platform. Standalone apps  Web-based  Cloud computing • Q: What are your most frequently used computer applications these days? • Gaming ? • Search engines ? • Emailing, Texting • Facebook, LinkedIn, Twitter, … • Amazon, eBay, … • Word processors • Wikipedia, Google maps, … • Google Docs, SkyDrive, Google Drive, Evernote, … • Web browsers (HTTP) UHCL-CSI

5. Challenges of Cyber Security • Astronomical data growth • Facebook processes more than 500 TB of data daily (8/22/2012: http://news.cnet.com/) • Q: How much data are on the Internet? • The big four online storage & service companies (Google, Microsoft, Amazon, and Facebook) have got 1,200 petabytes (or 1.2 million terabytes) http://sciencefocus.com/qa/how-many-terabytes-data-are-internet http://www.space.com/19580-astronomy-mystery-nova-star-explosion.html UHCL-CSI

6. Challenges of Cyber Security • Rich data types • HTML, XHTML, XML, • MP3, MP4, … • MPEG4, AVI, WMV, … • JPEG, GIF, BMP, … • JavaScripts, Java Applets, … • Encrypted data (SSL, IPSec, …) UHCL-CSI

7. Challenges of BIG Data • Data science: extracting meaning from data and creating data products • Business intelligence (BI) • Data scientists • Threat detection ? • Q: How do you discover unknown threats? • Q: Forecasting of threats? http://en.wikipedia.org/wiki/Data_science UHCL-CSI

8. Challenges of Cyber Security Evolving technologies New technology may bring new vulnerabilities! Evolving tactics by attackers UHCL-CSI

9. BYOD or not BYOD ? • a 5/2012 study: http://www.zdnet.com/ UHCL-CSI

10. Challenges of Cyber Security Ineffective sharing of threats and mitigation info • National Information Exchange Model (NIEM) • an XML schema for data exchange among federal, state and local governments • more widespread adoption across federal agencies • The DoD has adopted the NIEM. (Oct., 2012) • Source: http://www.fiercegovernmentit.com UHCL-CSI

11. Presidential Directive & EO • Feb. 12, 2013 • The Presidential Policy Directive on Critical Infrastructure Security and Resilience • President’s executive order • making the protection of America’s information and data assets a priority • information sharing among public and private partners • By mid June, DHS, working with the U.S. attorney general and the director of National Intelligence, will create a roadmap that will help with the timely production and release of unclassified cyber threat reports, including those aimed at specific industrial sectors. (http://www.securityinfowatch.com/) UHCL-CSI

12. Challenges of Cyber Security • Insufficient cyber security workers • A zero-unemployment job market? Alan Paller SANS (2011) https://files.sans.org/ UHCL-CSI

13. Challenges of Cyber Security • SANS Four Quadrants of Security Skills (2011) UHCL-CSI

14. Challenges of Cyber Security • SANS Four Quadrants of Security Skills UHCL-CSI

15. Cyber security challenges • What can the academia do to help? • The UHCL Cyber Security Institute • Challenges faced by the academia • Discussions (Q&A) UHCL-CSI

16. The academia can help … • Fill the gap between the demand and the supply of talents • Cyber security certificate programs • Degree programs • Research and development on ‘cyber science’ • Knowledge dissemination • Forums, seminars, web portals • Cultivate the next generation of cyber workers/warriors • Summer camps, competitions, … UHCL-CSI

17. The Texas Cybersecurity Education and Economic Development Council (TCEEDC)

18. Cyber security challenges • What can the academia do to help? • The UHCL Cyber Security Institute • Challenges faced by the academia • Discussions (Q&A) UHCL-CSI

19. Cyber Security Collaboration Model Strategy: Accelerate Bay Area Houston’s cyber security industry by leveraging the synergy created through the collaborative efforts of the community, academia, local and state government, DoD, Federal protection agencies, and regional business sectors. UHCL CSI

20. UHCL CSI

21. UHCL CSI

22. The Cyber Security Collaboration Forum (4/4/2013, Gilruth Center) UHCL-CSI

23. UHCL-CSI

24. Cyber security challenges • What can the academia do to help? • The UHCL Cyber Security Institute • Challenges faced by the academia • Discussions (Q&A) UHCL-CSI

25. Challenges faced by Academia • Q: Why aren’t there more cyber security courses and programs in colleges and universities? • Saturated CS and IT curricula • Insufficient cyber security specialists • Administration’s support • Lack of funding … • Labs • Faculty development, hiring • Program development UHCL-CSI

26. Conclusion • Securing the cyber space presents major challenges. • Effectively facing the challenges require not only innovations, but also collaborations among all communities (government, military, intelligence, legal, law enforcement, industries, academia, and the general public). • Colleges and universities play a central part in the solution (workforce development, R&D, services). • A non-profit research and education institute situated in a university can become an integrating and sharing platform for cyber security solutions. UHCL-CSI

27. Cyber Security Institute http://www.uhcl.edu/CyberSecurityInstitute Contact:Dr. T. Andrew Yang yang@uhcl.edu

28. Discussions (Q&A) UHCL-CSI