Cybersecurity Research Consortium: New Tech on the Way

The sensor research is looking at ways to place sensors in a network “so you don’t slow it down, you don’t generate too many false alarms, and you don’t have to spend too much on sensors,” added Eugene Spafford, a computer science professor at Purdue.

Threat of Military Retaliation for Cyber Attacks may be More Bluster than Brawn

Three problems face anyone trying to justify retaliation for a cyber attack: where did it come from, who did it and what response is appropriate, explained Eugene H. Spafford, a computer science professor at Purdue University in West Lafayette, IN, and director of the school’s Center for Education and Research in Information Assurance and Security.

Northrop Grumman and Academia Cite Progress in Tackling Nation’s Most Pressing Cybersecurity Threats

WASHINGTON, June 1, 2011 (GLOBE NEWSWIRE) — Northrop Grumman Corporation (NYSE:NOC) and three of the nation’s leading cybersecurity research universities, Carnegie Mellon University, The Massachusetts Institute of Technology (MIT) and Purdue University, announced today the progress they have made in developing solutions for pressing cybersecurity threats during a briefing at the National Press Club.

There’s No Data Sheriff on the Wild Web (NY Times)

Eugene Spafford, a security expert and professor at Purdue University, told a House subcommittee last week that computer security experts had been aware for months that the PlayStation’s Web servers were outdated and that the company’s network lacked sufficient security — which he said Sony must have also known. But Professor Spafford does not see any new legislation in the near future that would force companies to take security more seriously. “Over the last five years there have been several bills that have been introduced through committees but never made it all the way through Congress,” he said in an interview. “Companies tend to fight the bills, saying it would be too expensive or onerous to implement better security.”

Spafford comments on RSA breach

Eugene Spafford tells Federal News Radio that, typically, it’s impossible to tell how long a breach has been going on.

Spafford comments on AT&T iPad hacking

“Having email addresses by itself is not much of a threat: people give them out all the time, and spammers can and do guess them easily,” said Eugene Spafford, executive director of the Center for Education and Research in Information Assurance and Security at Purdue University.

“It is more an issue if you can pair addresses with places of employment, such as government agencies,” he added. “Then it becomes possible to collect further information, and perhaps get a toehold into Google, Bing or other information sources.”

2 Winona State Students Are Suspected of Involvement in Large-Scale Cybercrimes

U.S. Government, Businesses Are Poorly Prepared for Cyber Attacks, Experts Say at AAAS

Spafford said academic specialists have been warning for more than 25 years about vulnerabilities in computer systems that can lead to identify theft, credit card fraud and other security intrusions.

Battling Cyber Threats

Computer security experts say the United States faces a radical shortage of highly skilled cybersecurity professionals who can prevent and combat cyber attacks. One federal official has estimated that there are only 1000 cybersecurity experts in the United States who have the deep technical knowledge required to safeguard national security; tens of thousands are needed, he believes.

Information Assurance Education 2011: A Year of Promise

Professor Spafford discusses the state of information assurance education in a podcast available on GovInfoSecurity.com.