FBI Hopes Hard Drive Will Shine Light on Conn. Shooter’s Motive

Sypris Announces Opening of Research and Development Center

TAMPA, Fla.—(BUSINESS WIRE)— Sypris Electronics, LLC, a leading provider of information assurance and cyber solutions, announced today that it has opened a new research center to focus on advancements in cyber security and information assurance. The facility is strategically located in the Purdue Research Park in West Lafayette, Indiana to leverage the Company’s partnership with Purdue University’s Center for Education and Research in Information Assurance and Security (CERIAS).

Privacy, Battery Life Cost Of Free Apps, Experts Say

Gene Spafford, the director of the Center for Education and Research in Information Assurance and Security, said social media has improved communications and convenience, but that people must be vigilant about what they share online and through mobile devices. “We should realize it’s going to large audience, going into storage we don’t know about, government agencies, and other people may be tracking,” he said.

No Wikipedia? What if the Internet went down?

It is possible that hackers, terrorists, accidents or even sunspots could take down the Internet and cause areas to become cut off and unreachable, said Spafford, one of the foremost experts on computer security.

Why Law Enforcement Can’t Stop Hackers

The threat that criminal hackers pose to corporate and government information systems has spiked in the past five years, according to the FBI, and shows no signs of abating. The worst part: Law enforcement is virtually powerless in cracking down on cybercrime. CIO.com investigates the challenges law enforcement officials face in investigating and prosecuting hackers.

Two CERIAS Faculty Receive Honors

Cybersecurity Requires a Multifaceted Approach

Eugene Spafford, a professor at Purdue University and founder and executive director of the Center for Education and Research in Information Assurance and Security, said the real problem is the belief that flawed systems can be secured retroactively, either by add-ons or by compelling users to act in ways they are not used to.

Even if agencies have policies to provide training, they are often too specific or too ambiguous, he said. For example, take the “don’t open any suspicious e-mails” approach. What exactly constitutes a suspicious e-mail message? Many of the social engineering attacks occurring today are designed to not look suspicious, Spafford said.

“The approach that’s currently been taken is sort of the equivalent of telling employees, ‘when you come to work, don’t open any square blue boxes.’ But then someone sends in square red boxes, and they all get taken,” he said.

The federal government’s efforts to transition to cloud-based services and technologies could also mean more security problems, he suggested. Following trends or big pushes to save money often mean that security issues fall lower on the priority ladder.

“That’s partly why we have vulnerable systems today, because the idea was, ‘we’ll buy whatever is the cheapest thing on the market’ to save money rather than actually thinking through building a strong, secure infrastructure,” Spafford said.

Spafford to Give Keynote Address at Anti-Phishing Conference

Some of the security industry’s biggest minds will gather Nov. 7-9 at San Diego for a conference dripping with acronyms, computer jargon and geek-speak. The conference is the jamboree of APWG — Anti-Phishing Working Group to those not initiated into the mysteries of cybercrime terminology. A keynote address by Eugene H. Spafford, professor of computer sciences at Purdue University, will review new technologies and systems being used to protect Internet works and data resources.

Security Research Engineer’s Guide Urges Facebook Users to be Cautious

Purdue Difference Maker: Professor David Ebert

As director of VACCINE, a Department of Homeland Security Center of Excellence, David Ebert’s goal is to help our nation’s 2.3 million extended homeland security personnel, including first-responders, perform their jobs more effectively by turning mass amounts of data into manageable information.