Spafford, a computer science professor at Purdue, sees issues that often aren’t discussed in cloud computing conversations. “Too often, organizations [are] told that moving things to the cloud will be safer and cheaper, and cheaper as we know is always what tends to dominate these conversations and lead to new vulnerabilities,” Spafford says.
(CNN) The Pentagon’s claims in a new report that China is trying to extract sensitive information from U.S. government computers has put cyber security issues back in the media spotlight. But how serious is the threat to U.S. interests? How can America respond? And what other issues should be attracting policymakers’ attention? Cyber security expert Eugene Spafford, a professor of computer sciences at Purdue University and former member of the President’s Information Technology Advisory Committee, will be taking questions from GPS readers.
April 23, 2013 - EPIC has announced the 2013 members of the EPIC Advisory Board. They are Michael Froomkin, Distinguished Professor of Law at the University of Miami School of Law; Sheila Kaplan, student privacy advocate and founder of Education New York; Eugene Spafford, a/k/a/ “Spaf,” professor of Computer Science at Purdue University; and Tim Wu, professor at Columbia Law School and author of “The Master Switch.” The EPIC Advisory Board is a distinguished group of experts in law, technology, and public policy. Joining the EPIC Board of Directors in 2013 are current Advisory Board members David Farber, Joi Ito, and Jeff Jonas. For more information.
The rush to find qualified IT security professionals to meet current cyber-threats could jeopardize IT systems’ security in the not-too-distant future, say two leading IT security experts, Eugene Spafford and Ron Ross.
(Forbes) Last month Heckman, a researcher for the non-profit IT research corporation MITRE, gave a talk with fellow MITRE researcher Frank Stech at Purdue’s Center for Education and Research in Information Assurance and Security and described a cyber war game scenario MITRE played out internally in which she and Stech tried an unorthodox defensive strategy: Instead of trying to purge a Red Team of hackers from a Blue Team’s network they were defending, Heckman and Stech let the attackers linger inside, watched them, and fed them confusing misinformation. The result: despite the Blue Team’s network being deeply compromised by the Red Team’s hackers, Blue managed to trick Red into making the wrong moves and losing the game.
The 14th Annual Information Security Symposium is underway.