Experts Matter. Find Yours.
Connect for media, speaking, professional opportunities & more.
Cyber threats have become one of the leading issues for corporations, governments, and public institutions across America. With ransomware attacks, hackers, and other nefarious threats, the issue is becoming a daily occurrence and leading news story. Rensselaer Polytechnic Institute’s James Hendler, director of the Future of Computing Institute, Tetherless World Professor of Computer, Web, and Cognitive Sciences, and director of the RPI-IBM Artificial Intelligence Research Collaboration, weighs in on what we should all know about cybersecurity. Overview Think about cybersecurity the way you think about home security – the more valuables you have, the more security you need. A normal user needs the equivalent of a lock on the door, which most of our computers provide out of the box. However, a user with a fair amount of personal information, who keeps financial records or runs a small business, probably wants a firewall or other additional protection. We used to tell people to protect their computers with firewalls, malware detectors, and the like, but now it is much more important to protect your web access, be wary of external sites, and keep your passwords secure and not easily guessed. Use of a password manager program can be really helpful for people who use a lot of different accounts. Threats The biggest threat facing individuals is identity theft caused by someone getting into an account that you don’t control. Most malware or password stealing comes via a phishing attack (a fake email that convinces you to click a bad link), so if you see an offer that looks too good to be true, don’t believe it. Never give out a password or personal information without confirming that it is legitimate. We also recommend not using major accounts (like Google, Facebook, etc.) to log in to new apps where you aren’t completely sure of the reliability – you’re safer if you use a separate password. It’s also worth noting that these kinds of attacks are now happening on cell phones – if you get a text saying your Amazon, Netflix, or other services have been shut off, be very careful. These companies almost never send out such messages, and if they do, they come via email, not text. For businesses, ransomware is becoming an increasing challenge. Frequent backups and dual authentication are absolute musts for small businesses. Large businesses, and especially those with cyber-physical connections such as a manufacturing device, must have someone on the team who understands internet technology. Outside audits done annually, at least, are also highly recommended. The biggest danger in cybersecurity is that people, especially in businesses, think that the software industry will fix things and that they don’t have to worry. That’s like expecting auto manufacturers to stop car theft, or the government to prevent all crime – these organizations certainly need to help, but they cannot be perfect. So while there definitely needs to be a role for manufacturers and government, people need to understand that the threats are now coming from social interactions such as phishing, or serious criminal enterprises such as ransomware attackers, and not just maladjusted teenagers. They must be ready to pay for some security if they have things on their network that need protection. The Cloud Cloud-based services are a major boon to cybersecurity for individuals and small businesses if, and only if, people protect their access. If a breach is reported to you by a company, don’t ignore it, change your password, and, whenever possible, use dual authentication. The cloud companies can afford to spend more on security than you can and thus your information stored in these services tends to be quite secure. However, people need to be careful in using the cloud. Just as you may trust a bank with your money, you want to be sure not to be robbed on your way there. Future Computing Systems and Cybersecurity New technologies, such as artificial intelligence (AI), are arising all the time in today’s fast-moving cyber world. As these technologies arise, they can create new opportunities for cybersecurity, but can also create new challenges. Cybercrime will never disappear, and each new capability comes with a price. Increased education and awareness of emerging computing technologies (blockchain, quantum, etc.) are important not just for the expert, but also for the general public. It is important to stay informed and pay attention to what is being reported. Just as buying a new appliance can be a great advantage at home (I love my new air-fryer), you also have to be sure to be using it appropriately (used wrong, it can cause fires). Looking to learn more or connect with an expert for your questions and coverage? James Hendler is the director of the Rensselaer Future of Computing Institute, Tetherless World Professor of Computer, Web, and Cognitive Sciences, and director of the RPI-IBM Artificial Intelligence Research Collaboration. Hendler has authored over 400 books, technical papers, and articles in the areas of Semantic Web, artificial intelligence, cybersecurity, and high-performance processing. Hendler is available to speak with media - simply click on his icon now to arrange an interview today.
Can you be hacked while using your mobile device? In a word, yes — here’s how to protect your data
October is Cybersecurity Awareness Month and being aware of all your devices is as important as ever before. Most people are online every day, which opens themselves up to a threat of being hacked. Whether it be a mobile device, laptop, or personal computer, everyone needs to have cyber awareness. Steven Weldon, director of the Cyber Institute at Augusta University’s School of Computer and Cyber Sciences said many straightforward things that can be done to protect devices, such as having lock screens, making sure operating systems are up to date and simply recognizing how, when and where devices are being used. “Smart phones today are probably the most capable computing device that we have and we have it on us all the time,” said Weldon. “The data that can be extracted from these devices can be put together to build a pattern of life on us: where we go, what we do and when we do it. All of this data is potentially at risk if we’re not being careful about who gets access to our smart phones. That’s a great reason to lock the screen and require at least a password or pin to unlock the phone.” Gokila Dorai, PhD, assistant professor in the School of Computer and Cyber Sciences, suggests using biometrics to enhance security. “I would strongly recommend for women, young adults even teenagers, if it’s possible for you to have biometrics as a way to unlock your device, then go for that. These unique ways of unlocking a device would add a layer of protection,” said Dorai. Dorai is one of the growing experts in the field of mobile forensics and her research projects are federally funded. In addition, several SCCS faculty are mentoring undergraduate and graduate students working on cutting edge research related to mobile device security and digital forensics. She also suggested adding a two-factor authentication or multi-factor authentication to add an extra layer of security. When out in the public, it’s easy to connect a mobile device to an unprotected Wi-Fi network. Doing so could open up sites you visit to a hacker. Weldon suggests people should be careful of what apps are used when on public Wi-Fi, since they may expose a lot of personally identifiable information. His suggestion is to use a virtual private network to help protect data that’s being transmitted and received. “We should recognize the data on our smart phones and protect them accordingly,” added Weldon. “Recognizing the value and sensitivity of the data on our smart phones can guide us in how we protect these devices. We may not think as much about the security and privacy of our smart phones as we do about our laptops and desktops. When we think about everything we use our smartphones for, how ubiquitous they are in our lives, we come to realize just how central they are to today’s lifestyle in the digital age.” It’s tough to identify when a mobile device has been hijacked, so both Weldon and Dorai suggest paying close attention to any unusual behavior, even small things such as a battery draining faster than usual. Both are indicators you may need to take corrective actions. Dorai added the government can do more to protect a person’s privacy. “With the introduction of more and more Internet of Things devices in the market, with several different manufacturers, there’s a lot of user data that’s actually getting exchanged. These days, the most valuable thing in the world is data. So stricter measures are required,” she said. She indicated it needs to be a collaborative effort between industry, academia, government, and practitioners to come together and work on ideas to strengthen security. “Yes we want security. We are willing to put up with a little bit of friction for additional security. We want it easy and we generally want it free,” said Weldon. “We don’t read licensing agreements, but we would generally be willing to take certain actions, make certain tradeoffs, to be more secure.” One other major concern are apps in general. While Google Play Store and Apple routinely remove some apps that may be out of date or have security vulnerabilities, they may still be running on a user’s device. “Mobile applications may also hide from you in plain sight in the sense the app icons may not be showing up on the screen, but still they are running in the background,” added Dorai. In essence, the device user is the first line of defense. Taking all the necessary steps to prevent a third party from getting your information is of the utmost importance in the digital age. “I believe a big part of it this discussion is about user awareness. We want that free app but that app is asking for a lot of permissions. There’s an old saying in cybersecurity: if you are not paying for the product, you are the product. There’s also another saying: if it’s smart, it’s vulnerable,” said Weldon. Are you a reporter covering Cybersecurity Awareness Month? If so - then let us help with your stories. Steven Weldon is the Director of Cyber Institute at the School of Computer and Cyber Sciences at Augusta University and is an expert in the areas of cellular and mobile technology, ethics in computer science, scripting and scripting and automation. Gokila Dorai is an Assistant Professor in the School of Computer and Cyber Sciences at Augusta University and is an expert in the areas is mobile/IoT forensics research. Both experts are available for interviews - simply click on either icon to arrange a time today.
What big data tells us – in health care, cybersecurity, sustainability and elections
Every day sees more data created around the world than every day before, with a staggering 64 billion terabytes amassed in 2020 alone. Big data leaves large organizations wondering how to manage their share and individuals concerned about how to be heard. And both groups fret about information overload, privacy and security. NJIT’s David Bader is adept at discussing these issues as a nationally recognized data scientist who seeks new ways for companies to analyze massive data streams that arrive in real-time. He’s also a pioneer of Linux supercomputing who’s developing software to bring the power of supercomputers to regular people. Additionally, as director of NJIT's Institute for Data Science, Bader seeks powerful solutions to myriad global challenges. As he explains: “We personalized health and medicine. We look at cyber security applications. We look at urban sustainability. We even look at things like, how do we ensure trustworthy elections?” To interview him, simply click on the button below.
Aston University cyber expert to appear at FinTech event in Birmingham
'FinTech Secured – Next Generation' will showcase the work of leading stakeholders in the research and development of financial technology (FinTech) and security Professor Vladlena Benson will offer insight on illicit money flows and trends in Financial Security Registrations are now open for the event on 7 June 2022 at The Compound, Birmingham. The director of the Cyber Security Innovation (CSI) Centre at Aston University is set to appear at a networking event around financial technology (FinTech). Following the success of their first flagship event of 2022 ‘Secure by Design, Advanced Manufacturing’, Midlands Cyber will launch 'FinTech Secured – Next Generation' on the 7 June 2022. The event will be the first face to face event after the pandemic in Birmingham, bringing together thought leaders and service applications specialists for an evening of industry networking. Professor Vladlena Benson, who also serves on the EU’s Agency for Cybersecurity (ENISA) task force defining the Cybersecurity Skills Framework at the European level, will be joined by contacts from within the cryptocurrency sector and offer insight on illicit money flows and trends in financial security. The event will also showcase the work of leading stakeholders in the research and development of FinTech and financial security. FinTech’s academic innovators, CEOs and company founders, entrepreneurs, contractors, investors and policymakers are encouraged to register now to discuss, participate, network and put their questions to our panel of industry experts. Professor Vladlena Benson, an industry-recognised expert in cybersecurity risk management and director of CSI Centre at Aston Business School, said: “Financial services are core to the UK economy and continue to be a common target for cyber criminals. Challenges to the insurance sector and cyber crime prosecution when crypto assets are involved are emerging and at the CSI we are working to provide forensic and data integrity solutions which help secure the FinTech sector.” User of contactless Europay, Mastercard, and Visa (EMV) may be interested in the insights of Tom Chothia, reader in cyber security at the University of Birmingham, on how the vulnerabilities of Apple Pay and Visa could enable hackers to ’Take £1000 from a locked iPhone’. Registrations are now open to join the cluster at 18:00 hrs on the 7 June 2022 at The Compound, Birmingham.
As data breaches soar, how will security evolve?
Awareness of data breaches is growing but not nearly at the pace of the problem itself. Indeed, the total number of data compromises jumped 68% in 2021 to an all-time high, impacting more than 293 million people, according to the Identity Theft Resource Center. Also, as more people work from home and embrace Internet of Things devices, individuals can be as vulnerable to hacks and phishing as big corporations and governments, perhaps more so, given that the top three breached data attributes in 2021 were name, social security number and date of birth, the center reported. Bringing a multifaceted perspective to data security challenges is NJIT’s Kurt Rohloff, an academic researcher and entrepreneur who conducts research for the federal government. Rohloff, director of NJIT’s Cybersecurity Research Center, is co-founder and chief technology officer of Duality Technologies, a startup offering data security through homomorphic encryption. His government work includes projects for the Defense Advanced Research Projects Agency of the U.S. Department of Defense and the National Security Agency. Questions that Rohloff can answer include: How has data security evolved? Which tactics fail and why? What’s the economic impact of data breaches? What’s the future of data security? To reach Kurt, simply click on the button below.
Aston University expert to talk on gender diversity and inclusion at major cyber security event
The Ethnic Minority in Cyber (EMiC) network's flagship event is supported by the Department for Digital, Culture, Media and Sport Attendees will hear from inspirational speakers looking at current and future initiatives to increase diversity in the cyber sector Dr Anitha Chinnaswamy from Aston University will be presenting a talk on gender diversity and inclusion in cyber. An Aston University expert and founding group member of Ethnic Minority in Cyber (EMiC) is set to present a talk at a major cybersecurity event on 28 April 2022. The EMiC network's flagship symposium is supported by the Department for Digital, Culture, Media and Sport and will take place at Edgbaston Park Hotel in Birmingham. Attendees will hear from inspirational speakers looking at current and future initiatives aimed around increasing diversity in the cyber sector and will also be able to provide feedback into the initiative and policies going forward. The symposium will consist of a keynote speech, invited talks, panel sessions and round table workshops. Dr Anitha Chinnaswamy from the Cyber Security Innovation (CSI) Centre at Aston Business School will present a talk on gender diversity and inclusion in cyber and the outreach work of the Centre with schools to increase representation. Simon Hepburn, CEO UK, Cyber Security Council is the keynote speaker. The EMiC network, of which Aston University is a founding member, is a pilot network for Black, Asian and Ethnic Minority cyber academia, professionals and businesses, with the long-term aim of significantly improving representation across the cyber sector. Dr Anitha Chinnaswamy, lecturer in cyber security management at the CSI Centre at Aston Business School, says: “I am looking forward to speaking at such an important event about an ever-important topic in cyber. “While there is a growing cyber security skills gap and high shortage in the UK cyber sector, a recent survey found that only 17 per cent of cyber professionals are from ethnic minority backgrounds across all cyber roles. “The cyber sector remains relatively nondiverse in terms of gender. Just 16 per cent of the workforce across these firms is female, compared to 28 per cent in other UK digital sectors. “Those filling senior roles, typically with six or more years of experience, are particularly nondiverse across a range of characteristics including gender, ethnicity, disability and neurodiversity. “For example, just three per cent of senior roles are filled by women.” Aston University’s CSI centre, led by Professor Vladlena Benson, is the only female-led cyber security centre in the Midlands region and serves on the UK Cyber Security Council (UKCSC), alongside Simon Hepburn its CEO, to promote professionalism standards in cybersecurity. Professor Benson, director of the CSI Centre at Aston Business School, said: “Aston University CSI is actively involved in shaping diversity policy, such as with the launch of the NCS22 strategy in Birmingham and enabling the Cyber Explorer programme as a first schools’ engagement for girls from diverse backgrounds. “As ambassadors we are passionate about working towards closing the gender gap. This will help pave the way for a future of gender diversity, and hopefully other types of diversity, in the cyber security field. “Our work with female students in a highly diverse Midlands’ landscape highlights the challenges that are yet to overcome with the levelling up agenda.” To find out more about the event please visit the site here.
EY Government and Public Sector Cyber Security team and the Cyber Security Innovation (CSI) Centre at Aston University won £180,000 in funding from the Department for Digital, Culture, Media and Sport Experts will work with the UK Government to find appropriate opportunities for investment in cyber security The research will map blind spots within the UK’s regional security innovation systems. Cyber security experts at Aston University will work with the Government to support its national cyber security strategy by mapping blind spots in the UK’s regional cyber security systems. The Cyber Security Innovation (CSI) Centre at Aston University will work with EY Cyber Security Consulting on the £180,000 project for the Department for Digital, Culture, Media and Sport (DCMS) to research and map the UK cyber security ecosystem. The project will consider the current environment, conditions and interventions that exist to influence or affect companies providing cyber security products, services or solutions to support and contribute to the development and growth of cyber security businesses in the UK. The aims of this research are to provide the DCMS with robust evidence of a region-by-region picture of where public, private, academic and industry support mechanisms are in place and to identify service and geographical gaps in their provision. It comes after the CSI Centre helped launch the UK government’s National Cyber Strategy 2022 in Birmingham at a special event last December, for which Aston University professor of cybersecurity management, Vladlena Benson, was an instrumental member of the organising committee. The current project will enable the strategy implementation to support the UK Government’s ambition to grow innovation and academic research in cyber. Dr Anitha Chinnaswamy, lecturer in cyber security management at the CSI Centre at Aston Business School, says: “From the datasets collected that includes different cyber security businesses, incubators, accelerators, clusters, academic centres of excellence and other different mechanisms from across the UK, analysis will be conducted to provide a region-by-region basis of practices involved. “The mapping of the cyber security landscape will also enable the enhancement of skills and diversity across the cyber security sector. “The diversity in cyber security market lags other digital sectors, with the cyber workforce consisting of only 15% females, 16% ethnic minority backgrounds and 9% neurodivergent. The results of this project will be an important contribution for the government to foster the growth of a sustainable, innovative, and internationally competitive cyber and information security sector.”
Aston University appoints new Vice-Chancellor
Aston University is delighted to announce that Professor Aleks Subic has been appointed as its next Vice-Chancellor and Chief Executive. He succeeds Professor Alec Cameron, who stepped down after five years in December 2021. He will take up the post in August 2022, until which time Saskia Loer Hansen will continue in her role as Interim Vice-Chancellor. Dame Yve Buckland, Pro-Chancellor of Aston University, said “I am absolutely delighted at Professor Aleks Subic’s appointment. He joins the University at an exciting time and his wide experience of leadership across both academia and industry makes him a perfect fit for Aston University’s needs and ambitions.” Professor Subic said “I feel privileged at being given the opportunity to lead Aston University at this time. The University is renowned for its commitment to graduate employability, translational research and its engagement with business. “I look forward to continuing the momentum built up by Professor Alec Cameron and Saskia Loer Hansen, and I am ambitious to see Aston University continue to build on its reputation for high quality teaching, research and business engagement locally, nationally and internationally.” Saskia Loer Hansen, Interim Vice-Chancellor of Aston University, said “I should like to congratulate Professor Subic warmly on his appointment. His credentials as a leader, both in industry and in higher education, equip him for guiding Aston University to even greater success. “I am sure he will work rigorously to build on our achievements, promote the University worldwide and further strengthen our reputation as a leading university for business and enterprise.” Professor Subic is currently the Deputy Vice-Chancellor (STEM) and Vice President (Digital Innovation) at RMIT University, where he is responsible for leading the STEM College and Digital Innovation portfolio in Australia and globally. Prior to this appointment he was the Deputy Vice-Chancellor (Research & Enterprise) at Swinburne University of Technology, responsible for research, graduate studies, engagement and partnerships, advancement, innovation, enterprise, and commercialisation, leading the research transformation of the university towards top 2% in the world. Before that, he was the Executive Dean of Engineering at RMIT University, one of the largest engineering faculties in Australia, ranked in top 1% in the world and renowned for industry-partnered education and research. Concurrent with his academic appointments, Professor Subic has held notable appointments on the Australian Prime Minister's Industry 4.0 Taskforce and the Australian Advanced Manufacturing Council Leaders Group (Australian Industry Group). Previously he was the Director and Deputy Chair of the Australian Association of Aviation and Aerospace Industries, Director of Oceania Cybersecurity Centre Governing Board, Director of the Society of Automotive Engineers Australasia Board, Director of National Imaging Facility Governing Board, Director of Australian Housing and Urban Research Institute Governing Board, and Director of the Victorian Centre for New Energy Technologies Governing Board. He has served on a number of national and international research committees and expert panels, including as Chair of the European Research Council Expert Panel for Physical Sciences and Engineering, Technology Group of the Global Federation of Competitiveness Councils, Forbes Technology Council, Defence Materials Technology Centre, Editor and Associate Editor of international scholarly journals.
Kelley expert: Olympics could be targeted by hacktivists, others seeking to embarrass Beijing
Scott Shackelford, associate professor of business law and ethics at Kelley, IU Cybersecurity Risk Management Program chair and director of the Ostrom Workshop Program on Cybersecurity and Internet Governance, said the high-profile diplomatic breach leading up to the games — including the boycott led by the United States – “means that the games could be targeted by hacktivists and other groups seeking to embarrass or otherwise harass Beijing.” Scott Shackelford “There are always issues associated with the Olympics given that they are a target-rich environment for criminals seeking to target athletes and spectators alike,” Shackelford said. “Beijing’s harsh data localization, cybersecurity, and cyber sovereignty laws also raises human rights concerns for athletes and reporters attending the games.” He also noted that ironically while the Olympic games generally often coincide with a peaceful break from ongoing geopolitical tensions, this might not last long. “Witness the Russian invasion of Crimea three days after the 2014 Sochi games concluded,” he said. Shackelford can be reached at sjshacke@indiana.edu.
State-sponsored computational propaganda is a potential threat during the 2022 Winter Olympics
Sagar Samtani, assistant professor and Grant Thornton Scholar, whose research centers on AI for cybersecurity and cyber threat intelligence, is particularly watching two major cybersecurity issues during the 2022 Winter Olympics in Beijing Feb. 4-20. “The Olympics are an international, global event. As such, there are often political undertones and agendas that may drive how countries present themselves. Disinformation, misinformation, and computational propaganda that are state-sponsored or provided by individual threat actors could pose a significant threat,” Samtani said. Samtani noted that this will be biggest Olympics for streaming services. For example, NBC Universal will present Winter Olympics record of over 2,800 hours of coverage. But this move away from network reliance on broadcast channels could present a tantalizing target for hackers. “The Olympics are a widely covered, highly publicized TV event. In recent years, streaming services have grown in popularity, while conventional satellite and cable services have declined. As such, the concerns around denial-of-service attacks against prevailing streaming services as it pertains to viewing the Olympics is a very real concern,” he said. Samtani can be reached at ssamtani@iu.edu