Marc Rogers, director of Purdue’s Cyberforensics Lab and CERIAS Fellow, says the drill will recreate everything from a partial shutdown of electricity across North America to a virtual blackout affecting all of the U-S, Canada, and Mexico. “They will look at how vulnerable (the grid is) or what the weaknesses are, how would these things be identified; could they be identified in time; once they were identified and once there were bad things happening to the grid, how would the grid recover, and how long it would take to recover,” said Rogers.
The BSIMM-V project provides insight into 67 of the most successful software security initiatives in the world and describes how these initiatives evolve, change, and improve over time. The multi-year study is based on in-depth measurement of leading enterprises including Adobe, Aetna, Bank of America, Box, Capital One, Comerica Bank, EMC, Epsilon, F-Secure, Fannie Mae, Fidelity, Goldman Sachs, HSBC, Intel, Intuit, JPMorgan Chase & Co., Lender Processing Services Inc., Marks and Spencer, Mashery, McAfee, McKesson, Microsoft, NetSuite, Neustar, Nokia, Nokia Siemens Networks, PayPal, Pearson Learning Technologies, QUALCOMM, Rackspace, Salesforce, Sallie Mae, SAP, Sony Mobile, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, TomTom, Vanguard, Visa, VMware, Wells Fargo, and Zynga.
Prof. Spafford participated as a panelist on the Privacy & Civil Liberties Oversight Board hearing. The topic was potential reform of the laws that govern NSA domestic surveillance.
Eugene Spafford, one of the first to analyze the Morris Worm, says we haven’t learned from it or other major security breaches since.
Purdue’s Spafford on Building Trust with the Public