“We used to say that every company is a technology company. Now, every employee has to be a security professional.” –Elena Kvochko, chief information officer, Group Security Division at Barclay’s Bank, and a speaker at NYIT’s Annual Cybersecurity Conference.
For the eighth year, experts from government agencies, universities, and private industry gathered at NYIT to discuss the latest topics in cybersecurity. This year’s discussion panels looked at everything from the vulnerability of smart cities and your mobile identity to figuring out how to secure private data in the health and finance sectors to educating the next generation of cybersecurity talent. Above all, speakers encouraged audience members to protect their cyber identities—whether as part of their jobs or in their daily lives.
During the panel on health and financial data, Kathy Hughes, vice president and chief information security officer at Northwell Health, reinforced the need for individual vigilance in this age of cybercrime. “Every employee is also a member of the security team,” she said.
The increasing use of mobile devices by individuals and cloud-based services by organizations was also discussed. By 2020, people across the globe will be using 3–4 internet devices each (as opposed to 1–2 today). Already, many of the internet-connected devices in use are extremely vulnerable to attacks. With the convenience of interconnectivity comes insecurity, and according to several speakers, any endpoint user is a possible “weak link.” At the panel “How Vulnerable are Smart Cities? Securing the Internet of Things and Critical Infrastructure,” Richard Jacobs, assistant special agent in charge, Cyber Branch at New York Federal Bureau of Investigation, advised businesses to train their employees to maintain security. Later, Susanne Wetzel, the conference’s afternoon plenary speaker and program director at the National Science Foundation (NSF), said,“[Our] overwhelming reliance on this complex cyberspace has exposed its fragility and vulnerabilities.” According to Wetzel, the NSF, like NYIT, is looking for “new ways to design, build, and operate cyber systems; protect existing infrastructure; and motivate and educate individuals about cybersecurity.”
From left: Assistant Professor Jonathan Voris and Dean Nada Anid with panelists Tariq Habib, Amy Batallones, Richard Jacobs, and Cordell Schachter.
In the afternoon session Protecting the Mobile Identity from Cyber Theft, panelist Chris Drake, chief technology officer at iconectiv, spoke about the need to protect our mobile phone numbers from criminals who hijack numbers in order to impersonate the owner and steal personal data. Kiran Balagani, Ph.D., associate professor at NYIT School of Engineering and Computing Sciences, explained that as the industry moves to using biometrics (fingerprints, facial recognition, etc.) and away from passwords to authenticate a user, technology is needed that recognize users accurately and economically without draining a device's battery life. He is working on this type of technology with colleagues at NYIT and the College of William and Mary.
Another way to protect data is by ensuring that law enforcement agencies and businesses that have had data breaches work together. “Cybersecurity is a team sport,” said Peter Bloniarz, the morning session’s plenary speaker and executive director and senior policy advisor at New York State Cyber Security Advisory Board.
Education is also a key component in the first line of defense. “You don’t necessarily have to have deep technical skills in order to work in cybersecurity,” explained Heather Ricciuto, global academic outreach leader at IBM Security, at the panel “Strengthening the Cybersecurity Talent Pipeline: Educating the Ethical Hackers of the Future.” She added, “Regardless of the skills we bring, all of us have to work together to close the cybersecurity gap.”
Conferences like the one at NYIT remain great resources for educators and cyber professionals. “[We can learn about] new ideas, new tools, new approaches, and new research to take back to our classrooms and labs and to educate and build the talent the world needs,” said Nada Anid, Ph.D., dean of the School of Engineering and Computing Sciences.
For more information, visit nyit.edu/cybersecurity.