Abdulmohsin Al Omran and The Family Office

Transcription

1 Presented by: Syracuse University Syracuse University s College of Engineering and Computer Science The Maxwell School of Citizenship and Public Affairs at Syracuse University The Institute for National Security and Counterterrorism Abdulmohsin Al Omran and The Family Office Monday, 16 December, 2013 In partnership with King Fahd University of Petroleum and Minerals Dammam, Saudi Arabia Wednesday, 18 December, 2013 Ritz Carlton Jumeriah Beach Dubai, UAE Event Synopsis: Securing the Cybersphere will spotlight recent and emerging research, strategies and best practices in systems assurance and mobile and web security from an academic point of view combined with industry and government presenters. The event will cover new ground for cybersecurity needs and resources as faculty present their research with unique experience such as the JPMC (corporate) partnership and the AFRL (government) partnership. Invited guests will discover uncommon hidden risks present in commercial systems and be prepared to request the utmost in cyber protection from their current data suppliers. Proven insights, methods and cutting-edge research will address: Systems assurance in financial sectors using examples from SU s partnership with JPMC Key principles for design and implementation of cybersecurity on mobile platforms Assurance and security modules for critical data transfers Malware analysis for prevention and defense of data attacks Addressing issues of cyber law and policy to design and prove systems assurance Syracuse University faculty researchers are particularly active in application areas in which there is a need for high confidence that a system behaves correctly and securely. Examples of systems of this kind include defense and national security operations, medical record systems, banking and financial institutions, and critical infrastructure. Symposium guests will have an opportunity to access the expertise of SU s faculty by presenting challenges and concerns unique to their industry or organization for problem-solving consideration by academic and industry experts. Invited Guests: Invitations are available for a limited number of guests in anticipation of a maximum of 100 attendees at the event.

2 Proposed Schedule Dammam, Saudi Arabia Hosted by the and with the support of King Fahd University of Petroleum and Minerals Sunday, December 15 Monday, December 16 (Symposium) 8 9 a.m. Breakfast/Networking/Registration (75 guests) 9 10 a.m. Plenary Session (75 guests) Site visit to KFUPM Visit with faculty & tour campus a.m. Case Studies and Applications (75 guests) 11 a.m. Site visit to ARAMCO Noon Visit with faculty & tour campus 12 1 p.m. Lunch (75 guests) 1 2 p.m. Keynote speaker: Dean Jim Steinberg Room Setup: Round Tables 2 3 p.m. 3 4 p.m. KFUPM/SU Faculty Roundtable Track 1 One Session (Assurance) (30-40 guests) Room Setup: Classroom Track 2 One Session (Mobile Security & Cyber (30-40 guests) Room setup: Classroom 4 5 p.m. Tour of the SU delegation to leave for airport by 4 p.m. at the latest Evening KFUPM & SU Dinner (50 guests) Keynote speaker: KFUPM Delegate For invited guests, select alumni and participants associated with the Symposium.

3 Proposed Schedule Dubai, UAE Tuesday, December 17 Wednesday, December 18 (Symposium) 8 9 a.m. Breakfast/Networking/Registration (150 guests) 9 10 a.m. Plenary Session (150 guests) Academic Visitation and Site Visits a.m. Case Studies and Applications (150 guests) 11 a.m. Corporate Relations Meetings Upon Request Noon 12 1 p.m. Lunch (150 guests) 1 2 p.m. Room Setup: Round Tables 2 3 p.m. 3 4 p.m. Keynote speaker Honored Guest (to be announced) Track 1 Two Sessions (Assurance & Cyber (40-60 guests) Room Setup: Classroom Track 2 Two Sessions (Mobile Security & Cyber (40-60 guests) Room setup: Classroom 4 5 p.m. Closing Reception ( guests) Room Setup: Flexible High Tables & Standing? Evening VIP Dinner ( guests) Keynote speaker: Dean Jim Steinberg For invited guests, select alumni and participants associated with the Symposium.

4 Symposium Presentation Themes and Presenters (tentative pending development by faculty and presenters) Time Session Title Topic Presenter 9 10 a.m. Plenary Session Securing the Cybersphere The state of cybersecurity issues for emerging economies o Tentative schedule of keynote speakers: Dean Jim Steinberg Dean Laura Steinberg Bill Banks, Director Institute for National Security and Counterterrosim Jeff Saltz, JPMC KFUPM Delegates (Dammam Only) Tentative: Local dignitary addressing the critical nature of cybersecurity specific to either Saudi Arabia or the GCC region a.m. Case Study/ Critical Financial Infrastructure 11 a.m. 12 p.m. Case Study/ Assured Command & Control 2 3 p.m. Track One/ Session One: Industry Responses to Regulatory Cybersecurity Challenges Cybersecurity for Financial Company Operations (SU-JPMC partnership) Can Isik Mission Assurance in Cyberspace Shiu-Kai Chin Regulatory Challenges to Cyber Security Presented by Bill Banks, Director, Institute for National Security and Counterterrorism (INSCT) This session presents the overall framework for the JPMC-SU Collaboration (a public/private model), and examples of JPMC's applied research projects on which SU faculty have worked on, over the past five years. Mission assurance is the assurance of the correctness, integrity, security, and availability of critical capabilities necessary to complete a mission successfully. National security depends on the integrity of command and control for military systems, the power grid, and financial systems. We present projects whose objectives include equipping engineers and computer scientists with the theory, methods, and tools necessary for formal specification and verification of mission-essential functions in cyberspace. Most critical infrastructure is privately owned and remains vulnerable to even catastrophic cyber attacks. Private firms tend to underinvest in cyber defense for a variety of reasons, and many are incapable of effectively protecting their networks. Governments have traditionally treated cyber security as a national security problem or a criminal law problem, applying the laws of war to justify countermeasures, or domestic criminal laws to prosecute perpetrators, when they can be found. Neither approach provides adequate protection for privately held critical infrastructure. Instead, industry should partner with CI firms (supported by government regulation, if necessary). The industry/ci firm partners should engage in monitoring and surveillance, develop programs to harden vulnerable targets and build resilient and recoverable systems. The new relationships will require unprecedented levels of trust and information sharing between industry, CI firms, and government.

5 3 4 p.m. Track One/ Session Two: Systems Assurance Assuring Security and Integrity Shiu-Kai Chin The so-called Internet of Things (IoT), where physical object have embedded intelligence and are networked, is growing daily. Within this context, command and control over critical infrastructure, such as financial networks, must be assured to have integrity and security. The purpose of this workshop is to give an overview of a rigorous set of methods and tools that address the assurance of command and control of mission-critical systems. 2 3 p.m. Track Two/ Session One: Mobile Security 3 4 p.m. Track Two/ Session Two: Industry Responses to Regulatory Cybersecurity Challenges Security considerations for smartphones Kevin Du Regulatory Challenges to Cyber Security Presented by Bill Banks, Director, Institute for National Security and Counterterrorism (INSCT) As more and more business and people are depending on smartphones and other mobile devices, the security of such a platform becomes very important. In this presentation, we will discuss the emerging risks faced by these platforms, and then give an overview of what the industry and academia are working on in dealing with these risks. We will also provide a brief overview of our own research projects, which are sponsored by NSF and Google. Most critical infrastructure is privately owned and remains vulnerable to even catastrophic cyber attacks. Private firms tend to underinvest in cyber defense for a variety of reasons, and many are incapable of effectively protecting their networks. Governments have traditionally treated cyber security as a national security problem or a criminal law problem, applying the laws of war to justify countermeasures, or domestic criminal laws to prosecute perpetrators, when they can be found. Neither approach provides adequate protection for privately held critical infrastructure. Instead, industry should partner with CI firms (supported by government regulation, if necessary). The industry/ci firm partners should engage in monitoring and surveillance, develop programs to harden vulnerable targets and build resilient and recoverable systems. The new relationships will require unprecedented levels of trust and information sharing between industry, CI firms, and government.