In the video below, Professor Gene Spafford, Executive Director Emeritus of CERIAS at Perdue, introduces one of the nation’s great digital risk and cybersecurity thinkers, Dr. Ron Ross of NIST, who then provides very important context on what the next generation of cybersecurity and privacy controls need to cover. Ron provides an outstanding overview on the challenges facing us in the emerging world of interconnected systems that we are all seeing unfold before our eyes. More important than that, he provides insights that will be very helpful to solving challenges and reducing digital risk in this new world.
The title of his talk is “Pushing Computers to the Edge: Next Generation Security and Privacy Controls for Systems and IoT Devices.”
Something to listen for: Keep your ears open for new metaphors and analogies. We all know we need new ones. You will find them here (for example, listen for his use of the term “above the waterline”). Also be sure to key to his “n+1 vulnerabilities problem”.
Another thing I loved! He references a defense science board study that I participated on which focused on military resiliency (See: Consider This Defense Science Board Warning Light of The OPM Hack).
The full presentation is at this link and embedded below:
- The 20 Security Controls: Smartly Enhancing Enterprise Security
- In Space, No One Can Hear You Scream
- Balbix: Breach avoidance gets you ahead of the game
- CTOvision Assessment On The Megatrend of Cybersecurity