This week, for the first time since the novel coronavirus pandemic effects changed everything, I will be traveling to a conference in Hunstville, Alabama. Every event, seminar, or conference that has happened since March 2020 was postponed or was converted to a virtual platform. I go to many of these. Some are for legal professionals, where there are always educators and cybersecurity experts in tow as well. Some are aimed at education professionals, and they’re usually peppered with lawyers and techies, which makes sense. Others are focused on the cybersecurity profession, where attorneys and educators tag along in kind.
This week, in ‘Bama, it’s the 12th annual National Cyber Summit. I know there will be information security and privacy players there, as well as educators and lawyers. I know that both because it’s always the case, and because, cheekily, I check all three of those boxes myself. You might find it interesting to learn a little bit about what we complementary, yet hodge-podged, group of thousands of attendees are treated to each year. This is one of many, but it regularly is known to be a top event in the field. It draws government, industry, and academic experts together to try and solve or at least minimize the countless threats to your personal, sensitive, and valuable information and privacy.
The three-pronged focus of the NCS includes education, innovation, and collaboration. You may know already that Huntsville can be an unassuming place until you acknowledge that NASA has a huge presence there—Space Camp, for one, as any parent of a rocket-loving kid knows well. Also Hunstvillians host numerous Department of Defense operations. Homeland Security is there, the National Security Agency, the TVA, the Energy Dept., and more. It’s an ever-growing “fly-over” hub of governmental and technological work, the latter really advancing as of late, egged on a bit by a financially comfortable place to live compared to, for instance, the Bay Area in California. Thus, the braid of education, innovation, and collaboration sensibly weaves throughout the Von Braun Center for a few days.
During those days, some of the activities will have to go unknown. I no longer hold an active, Defense-sponsored security clearance. I am thusly uninvited to some presentations. Oh, to be a fly on those collapsible panel walls! The rest of the agenda is compelling enough though, and I can repeat that the topics will affect you, and will hopefully lead to more security and privacy, while those subjects are as vulnerable as ever as time passes.
There are seven tracks of knowledge, and many of us bound back and forth, cherry-picking from totally interesting agendas among them. First is Advanced Manufacturing/SCADA/Supply Chain. The acronym SCADA is common in this business, and unlikely to have ever crossed your path. It stands for Supervisory Control and Data Acquisition. When coupled to the manufacturing and supply chain business, maybe you can see that SCADA security deals with the computers that take myriad data and information from some process and make it accessible to managers and decision makers. It is incredibly important to secure this environment. Think about what might happen if a dam operation’s SCADA gets hacked and its supervisors began making decisions based on false information. This arena of security harkens to the global news event from 2010 when a computer virus attacked the SCADA systems managing Iran’s nuclear program.
Another line of presentations and events surrounds law enforcement, and deals with digital forensics. Nary is the criminal case beyond traffic violations—and those are implicated, too, to some degree—that does not have some connection with a digital device. First on the list is our mobile smartphones, but that list is lo-o-ong. Modern crime-fighting brings in phones, tablets, vehicle data systems, appliances, laptops and computers. You name it. If it’s connected online somehow, and a crime has been committed with it, near it, or against it, cops are growing their abilities to analyze digital evidence.
The third track is quite niche-y: the Redstone Arsenal Cyber Ecosystem is its subject matter. The Redstone Arsenal is an Alabama facility of the U.S. Army. As far back as World War II the RSA was developing chemical weapons. Then, onto ballistic missiles, then space vehicle launch capabilities. Recently it was named as headquarters for the U.S. Space Command. It’s evolved, as have the attacks trained on it. This topic might not directly affect your online security, but you can certainly see how imperative it is to secure.
Fourth and fifth, two tracks have similar paths. These home in on research efforts, and aim to frame the near-term scholarly work that builds up the country’s cybersecurity education system, not limited to colleges, and the country’s technological abilities. The things that scholars are researching right now in 2021 will be coursework in cybersecurity classrooms of 2024 or later. I’m assuming that the findings from their research are useful. Just like in baseball, not every research paper and study is a “hit.” The technology research happening now will bloom into devices, implants, autonomous spacecraft or who-knows-what in years to come.
The sixth track during the week’s conference is a set-aside for its sponsors, though it still surrounds cybersecurity. Might be a little pitchy, but the intentions, I trust, are subject-matter focused. The final line of subjects is simply known as “Technical,” and here is where, in some cases, you need a Top Secret or higher clearance to gain access.
Could be wrong, but I feel comfortable believing that there are few or none of you reading this that I might encounter there. Perhaps because of that I thought it useful to let you in a little bit on what such a government-industry-education-legal conference on cybersecurity looks like. You are impacted by our work down there. Much of it involves the federal government, so you’re already paying for it.
Ed is a professor of cybersecurity, an attorney, and a trained ethicist. Reach him at edzugeresq@gmail.com.
Gloss