You have reached your limit of free articles this month.

Enjoy unlimited access to SpringfieldNewsSun.com

Starting at just 99¢ for 8 weeks.

GREAT REASONS TO SUBSCRIBE TODAY!

  • IN-DEPTH REPORTING
  • INTERACTIVE STORYTELLING
  • NEW TOPICS & COVERAGE
  • ePAPER
X

You have read of premium articles.

Get unlimited access to all of our breaking news, in-depth coverage and interactive features. Starting at just 99c for 8 weeks.

X

Welcome to SpringfieldNewsSun.com

Your source for Clark and Champaign counties’ hometown news. All readers have free access to a limited number of stories every month.

If you are a News-Sun subscriber, please take a moment to login for unlimited access.

Cyber security requires public, private cooperation


President Barack Obama’s executive order calling for increased information sharing between the federal government and private companies to protect the nation’s critical infrastructure against cyber-attacks is a good first step, despite concerns about government regulation and data privacy, experts said.

The order, an alternative to legislation Obama hoped Congress would pass last year, shows that “business is getting fed up with the fact that we are not moving to deter and block these threats fast enough,” said Bob Butler, chief security officer and senior vice president of IO, a Phoenix-based data center services firm with an office in Miamisburg.

Butler served from 2009 to 2011 as the U.S. Deputy Assistant Secretary of Defense for Cyber and Space Policy, and worked with the White House and Department of Homeland Security to draft the cyber-threat legislation that became the basis for Obama’s executive order. He will be a keynote speaker Wednesday at Technology First’s 10th annual Ohio Information Security Conference at the Sinclair Ponitz Center in Dayton.

“From a business standpoint, we don’t want a heavily regulated environment,” Butler said. “We want to try to create incentives to allow public and private sector partnerships to grow naturally, but to grow with increased momentum. So it’s not just information sharing, but threat sharing and threat mitigation sharing.”

Obama last month assigned the National Institute of Standards and Technologies to develop a framework for voluntary information sharing in an effort to stem possible attacks against the nation’s utilities, traffic control systems and financial centers.

Several days later, cyber forensics firm Mandiant revealed that a Chinese military hacking group has stolen large amounts of data from 115 U.S. organizations and companies since at least 2006.

“Virtually everything is now so interconnected that the vulnerabilities can come from almost any direction,” said Mateen Rizki, chair of Wright State University’s Department of Computer Science and Engineering.

Rizki called Obama’s order a good first step, but said some companies may be reluctant to share information about their networks. “The dissemination of solutions is difficult when you don’t have openness. When you have some framework for cooperation you can start to make headway,” he said.

Organizations can patch and defend against known vulnerabilities, but a lack of awareness allows cyber thieves to exploit those problems, said Scott Campbell, Miami University School of Engineering and Applied Science’s director of technology, and an instructor in computer science.

Campbell said some of the computer systems that control the nation’s power grids, water supplies and telecommunications networks are outdated and potentially vulnerable. Replacing the still-functional systems can be costly, so companies often will install mediation devices such as a modern computer in front of the system to increase security, “without really making the underlying system secure,” he said.

“Critical infrastructure needs to be hardened and you see in the cyber executive order the government’s attempt to try to encourage that,” Butler said.

Major southwest Ohio employers including Wright-Patterson Air Force Base and GE Aviation are well prepared to defend against cyber-attacks, but small companies could be at higher risk, Campbell said. “That’s what concerns me, is how easy large-scale attacks are against these tier-two targets. That just could be so disruptive,” he said.

Butler praised the efforts of the region’s federal and academic institutions to strengthen national cyber security, as well as to educate and inspire young people to pursue careers in the field.

The Air Force Institute of Technology, the Air Force’s post-graduate education and research school at Wright-Patterson Air Force Base, teaches courses in offensive and defense cyber-warfare techniques. AFIT’s Center for Cyberspace Research has been designated by the Air Force as its cyberspace technical center of excellence.

Wright State University’s College of Engineering and Science last fall launched a master’s degree program in cyber security. Rizki said the school is developing articulation agreements with Sinclair and Clark State community colleges, and also discussing a cooperative agreement for training at the Advanced Technical Intelligence Center for Human Capital Development’s secure facility in Beavercreek.

In addition, Wright State’s Institute of Defense Studies and Education offers a number of certificate programs in secure software development and cyber security.

“I think you have a collection of institutions and people that could actually become even a greater force in this area, and reaching next generation, if we can find a way to work together,” Butler said.



Reader Comments ...


Next Up in Business

Ohio adds 15K jobs in February
Ohio adds 15K jobs in February

Ohio employers posted a net gain of 15,200 jobs last month — the second-highest statewide increase in the nation — while the February unemployment rate edged up to 5.1 percent from 5 percent in January, the Ohio Department of Job and Family Services (ODJFS) reported today. The state jobs department also reported a significant revision to...
Easter consumers to spend $2.6B on Peeps and other candy
Easter consumers to spend $2.6B on Peeps and other candy

Americans will spend more than ever before on Easter festivities. Spending for the holiday is expected to reach $18.4 billion, an increase of 6 percent compared to last year’s record $17.3 billion. Consumers will spend an average of $152 per person, an increase of 4 percent from 2016. The data was collected by the National Retail Federation&rsquo...
Wright State Physicians CEO stepping down
Wright State Physicians CEO stepping down

Dr. Alan Marco is stepping down as president and CEO of Wright State Physicians, effective March 31, according to an internal email obtained by the Dayton Daily News. According to the email, Dr. Marco will be replaced as president by Dr. Jerry Yaklic — an obstetrician-gynecologist with Wright State Physicians Obstetrics & Gynecology and chair...
Ohio adds 15K jobs in February
Ohio adds 15K jobs in February

Ohio employers posted a net gain of 15,200 jobs last month — the second-highest statewide increase in the nation — while the February unemployment rate edged up to 5.1 percent from 5 percent in January, the Ohio Department of Job and Family Services (ODJFS) reported today. The state jobs department also reported a significant upward revision...
Dayton innovators: Men search for a medical breakthrough for children
Dayton innovators: Men search for a medical breakthrough for children

Tyson Ross, an electrical engineer at Wright-Patterson Air Force Base, and Casel Burnett, a Miamisburg native who now works as a general manager for Toyota in Kentucky, have been engaged in “a labor of love” since 2008. That labor has resulted in a pair of patents, a new company that doesn’t yet have offices — and the promise...
More Stories