The Center for Education and Research in Information Assurance and Security (CERIAS)
The Center for Education and Research inInformation Assurance and Security (CERIAS)
President Obama issued an executive order Friday that establishes an Insider Threat Task Force to prevent potentially damaging and embarrassing exposure of government secrets, such those made public by WikiLeaks.
Eugene Spafford, executive director of Purdue University’s Center for Education and Research in Information Assurance and Security, said the president’s action was long overdue. “Why haven’t they been doing this already?” asked Spafford, who has testified before Congress on IT security matters. “This is at least 10 years too late, if not 20.”
A focus on securing legacy IT architectures rather than on developing secure technology has created an untrustworthy environment that eventually will drive users offline, said Purdue University professor Eugene Spafford.
Lawmakers frequently introduce cybersecurity bills in Congress, but usually they fade away and never become law, despite the apparent need for them by high-profile breaches that seem to occur week after week. Eugene Spafford, executive director of Purdue University’s Center for Education and Research in Information Assurance and Security, sees Congress’ committee structure as a deterrent in getting cybersecurity legislation passed. Various committees in both houses claim jurisdiction over different aspects of IT security, and intra-house squabbling can cause a bill to get lost on its way to becoming law.
Watson Co-Authors Facebook Security Guide
Keith Watson, a Research Engineer with CERIAS, recently co-authored a new publication about Facebook security.
“A Guide to Facebook Security” (PDF) is a free, 20-page pamphlet geared primarily toward teens, their parents, and teachers. Co-written with fellow security expert Linda McCarthy and teacher/editor Denise Weldon-Siviy, it is available to view and download from Facebook.
WEST LAFAYETTE, Ind. - Two Purdue University faculty members have received Army Research Laboratory Director’s Challenge Coin awards from the U.S. Department of Defense for developing technologies credited with saving lives on the battlefield. The researchers are Edward J. Delp, CERIAS Fellow and the Charles William Harrison Distinguished Professor of Electrical and Computer Engineering and Professor of Biomedical Engineering, and William J. Chappell, an associate professor of electrical and computer engineering.
Eugene Spafford thinks America needs the cybersecurity equivalent of an agriculture extension service to help educate citizens on IT security.
Eugene H. Spafford, a computer security professor at Purdue University, was not convinced that the arrests last week would serve as a deterrent. Rather, he said, it could prompt others to be more careful in the future and even prompt retaliatory strikes. “A whole bunch of people were angry, they didn’t really think about whether it was legal or not. It never entered their minds,” Professor Spafford said. “This was kind of the equivalent of a spontaneous street protest, where they may have been throwing rocks through windows but never thought that was against the law or hurting anybody.”
“The climate the press has created is that hackers are somehow supernatural and can’t be stopped; everybody falls victim,” says Gene Spafford, a Purdue University computer professor and executive director of its Center for Education and Research in Information Assurance and Security. “So long as the head of IT can say ‘It happens to everybody, even the government and security vendors,’ it will be difficult to blame them for not taking appropriate measures.”
