Cybersecurity is a team sport.
National Security Agency cybersecurity expert Tamela Dukes hit home that point during her keynote address at the University’s Cybersecurity Conference Oct. 5 at the Joe Crowley Student Union.
A cybersecurity threat happens every 39 seconds, Dukes, who works for the NSA Cybersecurity Directorate, told the crowd of about 200 members of industry, academia and government. Everyone, Dukes said, is part of the cybersecurity team, and must know their positions as well as the offensive and defensive plays.
“NSA (director) Gen. Paul Nakasone says cybersecurity is national security,” Dukes said. “NSA Cybersecurity Directorate uses the sports team analogy to emphasize the importance of collaboration to defeat the adversaries.”
The event, organized by the University’s Cybersecurity Center and its director, Computer Science & Engineering Professor Shamik Sengupta, is designed to bring industry, government and academia together to tackle cybersecurity issues. The conference is in its fourth year and included an industry showcase with such Cybersecurity Center partners as the Nevada Air National Guard and inLumon, a Reno-based technology company. Student cybersecurity project posters were displayed and a Capture-the-Flag cybersecurity contest designed by students Ignacio Astaburuaga and Lloyd Gonzales ran throughout the day.
University President Brian Sandoval gave the welcoming address, acknowledging the importance of cybersecurity in modern life and contemplating the conference theme: Edges of Cybersecurity, from Machine Learning to Quantum.
“This theme is timely, forward-thinking and relevant to our future,” Sandoval said, adding that cybersecurity has implications for economic development in Nevada.
Sandoval was introduced by Engineering Dean Erick Jones, who noted that cyber-protected information and communication technology is one of the College of Engineering’s research pillars.
“We are very excited to have this conference, to take what we do in the lab and make this country more secure,” Jones said.
Know your position, defensive strategies
In her keynote address, Dukes offered best practices for businesses and organizations to protect information. She also shared recent NSA efforts to secure information on a national level.
Annual employee security training, implementing software updates and patches, and utilizing free and open-source security systems are some of the baseline cybersecurity efforts organizations can take, Dukes said. Reporting cybersecurity incidents to such agencies such as the Cybersecurity & Infrastructure Security Agency (CISA), a part of the U.S. Department of Homeland Security, is important. NSA collaborates with CISA and other federal agencies to run offense — to continue with the sports analogy — by studying those breaches and providing information, tools and infrastructure to meet the latest threats. On Oct. 4, the NSA and CISA released a report on multi-factor identification and single sign-on challenges. Last week, the NSA announced the creation of a new AI Security Center to oversee the development and integration of artificial intelligence capabilities within U.S. national security systems.
The cybersecurity game is ongoing and will change as technology advances.
Dukes recalled her childhood watching the 1960s-era cartoon “The Jetsons,” about a space-age family.
“As a kid watching this, I was amazed at their technology,” Dukes said, remembering how the cartoon characters could communicate with each other via hand-held devices. “Sixty years later, we have a lot of things that were on that show.”
Technology has advanced, enhancing and enriching our lives but also leaving us vulnerable to bad actors. And that, Dukes said, is the cybersecurity paradox.
“We will always have cyber-challenges,” she said. “But we can achieve more working together as we take on cybersecurity as a team sport."