Carnegie Mellon Institute for Survivable Systems Cyber Summit -- Synopsis

Computerworld - Editor's note: The Carnegie Mellon Institute for Survivable Systems (CMISS) held a Cyber Summit July 24-25 at the university's Pittsburgh campus. The following is the institute's executive summary of the summit.



CMISS Director Rich Pethia, who also serves as manager of the Networked Systems Survivability (NSS) Program at the Software Engineering Institute, set the tone on the first day of the summit by discussing the escalation in cyberattacks. He also discussed the increased sophistication of the attacks and the growing amount of damage they cause. Pethia said that the primary goal of information technology staffs must be to improve the survivability and security of information infrastructures. He acknowledged that there's a growing awareness about today's information assurance problems, but said we need to prepare ourselves for the problems of tomorrow.

Tom Longstaff, manager of the Survivable Network Technology team in the NSS Program at the Software Engineering Institute, reinforced the need to prepare for the future by projecting what technology could look like in 25 years. Using examples of what technology was like 50 years ago, Longstaff painted a picture of the rapid acceleration of change and showed that the steps we take will determine our future. The bright side of the vision shows a world in which technology is working and enhancing life. However, the dark side shows a world in which technological interdependence can trigger multiple failures, problems can't be easily identified or repaired and the public has a lost of trust and growing fear of technology. Longstaff said that to increase the odds of a brighter future, there needs to be a collaboration among academia, industry, the military and government.

Sen. Rick Santorum (R-Pa.) told the audience that he and his colleagues are concerned about security and have designated a new subcommittee to deal with the issue. Santorum argued that to deal with the changes in technology we must promote a broad-based plan to disseminate tools, identify gaps in research, train and educate future information security professionals and prepare for the future by predicting potential threats.

The rest of the day was devoted to panel discussions in four areas: academia, industry, government and military. For each panel, representatives from various organizations discussed their views about the future of technology.



Academic Panel

Members of the academic panel focused on the long-range view and stressed the need to focus on both systems and education. They said that in the future, technology will continue to change rapidly, and the problem of security will expand beyond the Internet because of private