New York, NY – New York Institute of Technology (NYIT) hosted its first Cyber Security Conference on Sept. 15, 2010, at the NYIT Auditorium on Broadway in New York City. Information technology experts and government officials explored vulnerabilities, privacy issues, and widespread security breaches within government and business systems to an enlightened crowd of professionals from the banking, finance, media, legal, medical, and technology sectors in the tri-state area.

Hosted by NYIT's School of Engineering and Computing Sciences, Dean Nada Anid, Ph.D. welcomed attendees and introduced the conference as a "forum on the latest developments in cyber security convening top experts on the most pervasive and rather dangerous invention of our time-the Internet."

NYIT President Edward Guiliano, Ph.D., explained the need for leaders in academia, security, and government agencies to collaboratively combat cyber security attacks on a global scale. "Logic has enabled the wonders of computer networks and the Internet, and is now a threatening explosive able to bring down the electrical grid, shut down ATMs, paralyze Wall Street, steal identities, and hamstring military forces," he said. "Developed nations are more vulnerable to these attacks than less developed nations. Now, for the first time in history, low-tech is a battlefield advantage."

Special agents from the FBI Cyber Squad in the New York Field Office, discussed the insidious cyber-attacks challenging financial institutions, governments, and organizations, including scareware, spyware, the Zeus botnet attack, and international schemes to recruit students to carry out security breaches in America.

The conference featured keynote addresses by NYIT alumnus Dr. Eric Cole (M.S. '94), an industry-recognized security expert who is the CTO of the Americas for McAfee, a member of President Obama's Commission on Cyber Security, and is actively involved with the SANS Technology Institute (STI), and the "father of the firewall" Bill Cheswick, from AT&T Research, who was recently recognized as one of the top 100 influential IT people in the world and is known for his book Firewalls and Internet Security: Repelling the Wily Hacker.

Cole's morning address, "Future Trends in Network Security," discussed how malicious code and attacks are increasing in intensity and in the amount of damage they cause users. He said, "today, we are dealing with cyber cancer. Years ago, cyber-attacks were more like the common cold. Now, if you wait for visible signs, then it is too late. If you're not seeing them, then you're not looking at the right spots." Cole continued to emphasize the need to combat security breaches by identifying the behavioral patterns of users, and not just simply purchasing software that resolves obvious problems.

Later in the conference, Cheswick led the afternoon keynote presentation, "Rethinking Passwords," identifying the cryptic rules and policies of password creation and maintenance used by several high-profile organizations, including Dartmouth, Intel, AT&T, and the Department of Homeland Security. He addressed common attacks on password systems, including keystroke loggers, phishing attacks, and password database compromise. He proposed the "non-moronic password rule-choosing a password that a friend or family member cannot guess in five tries and others cannot guess what it is when you are typing." Cheswick suggests using three levels of passwords, choosing the most complicated passwords for instances that would cause major problems if abused, such as one's bank account. The other two levels are for instances that cause inconvenience, such as e-commerce passwords, and unimportant passwords, such as those used for newspaper subscriptions.

Other presentations included "Open Source Standards and Security/Coordinated Security: A New Paradigm" by Steve Hanna, distinguished engineer at Juniper Networks. He discussed Network Access Control (NAC) systems and new open standards necessary to enable systems sharing by addressing complex attacks and reducing costs. Gerald Mannarino, New York Power Authority, spoke about the importance of identifying cyber assets and standards, including policy implementation, information classification, and rights management. Patent attorney with Dilworth & Barrese, LLP and NYIT alumnus Steven Rubin (B.S.'94) presented "Protecting and Securing IP and Computing Inventions," focusing on several types of intellectual property protection available and more specifically on patents and the ways of distinguishing legal protection for machine-based algorithms that aid mental processes compared with protection for mental processes. Lastly, Dr. Paul Stirpe, co-founder of Letse, LLC and former NYIT faculty, explained the "cloud" in his presentation, "Cloud Computing and Virtualization." Stirpe discussed the industry benefits, security aspects, and best practices of cloud computing, which provides third-party, utility-based computing capabilities and extensively leverages virtualization technologies.

Stirpe then moderated a lively panel discussion, "Current R&D in Cyber Security" with Dr. Carrie Gates, vice president for research at CA Labs; Dr. Kenneth C. Brancik, Northrop Grumman Information Systems (NGIS), director of the Cyber Security Architecture and Enterprise Risk Management (ERM) at The Advanced Technology Group (ATG); and David B. Dewey, IBM Software Group, Tivoli Manager, Advanced Technology. The panel explored the security challenges of CEOs, models for leaders to make educated decisions in their security efforts, the effects of malware, and privacy issues related to social media, as well as various issues raised by audience members.

New York City Council Member Gale Brewer and Deputy State Director Brian Simon, on behalf of U.S. Senator Kirsten Gillibrand (D-NY), explained the way their offices are combating cyber security and other technological initiatives on local, national, and international scales.

Conference sponsors included L-3 Communications, CA Technologies, VCORE Solutions, LLC, Mass Mutual Financial Group, Trusted Computing Group, Long Island Forum for Technology (LIFT), New York Technology Council, New York Power Authority (NYPA), NY InfraGard Inc., Association of Information Technology Professionals (AITP), Long Island Metro Business Action (LIMBA), Institute of Electrical and Electronics Engineers (IEEE), Long Island Software and Technology Network (LISTnet), and Manhattan Chamber of Commerce.

For more information about NYIT's Cyber Security Conference, visit www.nyit.edu/cybersecurity.

---

About NYIT

New York Institute of Technology (NYIT) offers 90 degree programs, including undergraduate, graduate, and professional degrees, in more than 50 fields of study, including architecture and design; arts and sciences; education; engineering and computing sciences; health professions; management; and osteopathic medicine. A non-profit independent, private institution of higher education, NYIT has 15,000 students attending campuses on Long Island and Manhattan, online, and at its global campuses. NYIT sponsors 11 NCAA Division II programs and one Division I team.

Led by President Edward Guiliano, NYIT is guided by its mission to provide career-oriented professional education, offer access to opportunity to all qualified students, and support applications-oriented research that benefits the larger world. To date, 85,000 graduates have received degrees from NYIT. For more information, visit nyit.edu.

Briana Samuels
Communications Specialist
516.686.1354