Transcript Slide 1
Speculations on the Future of Cyber Security in 2025 Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security University of Texas at San Antonio November 2009 [email protected] www.profsandhu.com www.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real-World Impact! 1 Two Big Drivers Security can never hold back technology Cyber and physical space are increasingly entangled © Ravi Sandhu World-Leading Research with Real-World Impact! 2 99-1 Principle (Roughly) 99% of the attacks are thwarted by basic hygiene and some luck 1% of the attacks are difficult and expensive, even impossible, to defend or detect © Ravi Sandhu World-Leading Research with Real-World Impact! 3 Crystal Ball: In the Year 2025 PAST, PRESENT Cyber security is a young and immature field The attackers are more innovative than defenders Defenders are mired in FUD (fear, uncertainty and doubt) and fairy tales Attack back is illegal or classified FUTURE Cyber security will become a scientific discipline Cyber security will be application and technology centric Cyber security will never be “solved” but will be “managed” Attack back will be a integral part of cyber security © Ravi Sandhu World-Leading Research with Real-World Impact! 4 Major Trends Security Objectives: Black-and-white to shades of grey Attackers: Innovative beyond belief Defenders: Need new doctrine © Ravi Sandhu World-Leading Research with Real-World Impact! 5 Institute for Cyber Security (ICS) Founded 2001 Dr. George Perry Dean of the College of Science Dr. Robert W. Gracy Vice President for Research Dr. Ravi Sandhu Executive Director and Chief Scientist Dr. Gregory White Director of Infrastructure Assurance and Security Mr. Jeffrey Reich Director of Operations 50+ people: research, exercises, training, tech transfer Research Faculty and Research Scholars (Tenure-track faculty, Nontenure track faculty, postdocs, graduate students, etc.) Research and Professional Staff (Associate/assistant directors, architects, analysts, project leads, technical leads, instructors, intern, etc.) World-Leading Research with Real-World Impact! Administrative and Support Staff (Administrative analyst, administrative associate, program coordinator, network administrator, etc.) Institute for Cyber Security (ICS) Founded 2001 Research Excellence Cloud Computing Security Infrastructure Assurance and Security Malware Mitigation Military Grade Security Secure Information Sharing Social Computing Security Research Laboratories Community Exercises: the real real-world Cyber Defense Competitions: real simulated data FlexCloud: cloud platform FlexFarm: malware honeyfarm Academic Collaborators Include Arizona State, Georgia Tech, Michigan, Penn State, Purdue, Illinois at Urbana-C, Maryland at Baltimore County, North Carolina at Charlotte, Texas A&M, Texas at Dallas, Wisconsin Sponsors Include NSF, AFOSR, ONR, AFRL, DHS World-Leading Research with Real-World Impact!