Pre-Conference Tutorial
Emerging Cybersecurity Policy for Emerging Technologies
Thursday, September 19, 2024, 2:00pm
Washington College of Law
American University, Washington, D.C.
Description
There has been a rapid growth in emerging technologies in the past few years, like Artificial Intelligence, Interconnected Devices, and Quantum Computing. With increasing network connectivity, concerns about cybersecurity and privacy issues in these areas have also been on the rise. This has led to a renewed focus in these areas from policy makers. To ensure that any subsequent policy interventions are effective, we need to identify key opportunities and challenges in these domains. Hence, this tutorial aims to bring together a diverse group of experts that includes members from industry, standards organizations, government, and academia to discuss some of the open problems, upcoming policy issues and challenges from emerging technology.
See the slides for this tutorial here.
*Additional resources referenced in this tutorial can be found at the bottom of this page.
Agenda at-a-Glance for the tutorial:
2:00-2:05 pm Opening Remarks by Marcela Gomez, Chair, TPRC
2:05-2:30 pm Opening Keynote: NIST and Emerging Tech
Cherilyn Pascoe, Director, NCCoE, NIST
Introduced by Sudhanshu Kairab, Comcast
2:30-3:10 pm Panel 1: Routing Security
Instructor: Tony Tauber, Comcast
Panelists: Kathryn Condello, Lumen, Bob Cannon, NTIA, Rikin Thakker, NCTA
3:10-3:15 pm Short Break
3:15-3:30 pm Lightning Talk: Post-Quantum Cryptography
Instructor: Savanah Courtney, CISA
3:30- 3:45 pm Afternoon Keynote: IoT CyberTrust Mark
Speaker: Commissioner Geoffrey Starks, FCC
Introduced by: Lisa Fowlkes, Comcast
3:45-3:55 pm Short Break
3:55 -4:35 pm Panel 2: IoT Security
Instructor: Mike Bergman, CTA
Panelists: Katrina Megas, NIST, Brian Scriber, CableLabs, Jean Camp, Indiana University
4:35 -4:40pm Short Break
4:40 - 4:55pm Lightning Talk: The Engineer Who Cried Quantum
Instructor: Vaibhav Garg, Comcast
4:45-5:20pm Closing Keynote: Closing Keynote: Outlook from the Office of National Cyber Director
Speaker: Harry Wingo, Deputy National Cyber Director, White House
Introduced by: Rudy Brioché, Comcast
5:20-5:30pm Closing Remarks, Jayati Dev, Comcast
Lightning Talks
Stuff off Search
On behalf of CISA’s cybersecurity division, Ms. Courtney will be briefing on current vulnerability conditions of the Comms sector according to CISA Cyber Hygiene vulnerability scan data and other industry data sources. Internet-facing vulnerabilities paired with threats targeting communications infrastructure paint the risk posture of the sector, especially in the context of nation-state actors looking to preposition themselves in the midst of geopolitical conflict. The talk will give a brief overview of CISA’s priorities in securing the nation’s critical infrastructure and the role that communications entities have to support the effort toward resilience.
The Engineer Who Cried Quantum
Migration to quantum resistant cryptography may be one of the biggest technological transitions faced by the modern Internet infrastructure. Previous transitions, such as those from IPv4 to IPv6 or from SHA1 to SHA2, offer some insights; yet this new migration is different both qualitatively and quantitatively. Qualitatively, these PQC algorithms are fundamentally different from classical algorithms and thus may require redesign of core components of the Internet. Quantitatively, this transition will require upgrades across a range of infrastructure capabilities. This talk will present a quick overview of the various challenges inherent in this transition and the investments being made by to address them.
Panels
Routing Security
This panel will highlight opportunities in improving routing security through discussion of existing frameworks, challenges, and the road ahead.
IoT Security
This panel will discuss the development of the FCC CyberTrust Mark for IoT device security – and community efforts in the area to create technical specifications for certification in both security and privacy.
Additional resources:
MANRS: https://manrs.org/
Stuff Off Search: https://www.cisa.gov/resources-tools/resources/stuff-search
Global Labelling Efforts: Cybersecurity Labelling Scheme (CLS) (csa.gov.sg), Germany - Labeling and Marking Requirements | Privacy Shield, EU Cyber Resilience Act | Shaping Europe’s digital future (europa.eu),
FCC IoT Labeling Program: https://www.fcc.gov/document/fcc-adopts-rules-iot-cybersecurity-labeling-program/starks-statement
NIST IR 8425: https://csrc.nist.gov/pubs/ir/8425/final
CTA Cyber Labeling: https://www.cta.tech/Resources/Standards/Cyber-Labeling
Comparing the Use and Usefulness of 4 IoT Labels: https://dl.acm.org/doi/10.1145/3613904.3642951
CSCC PQC Report: https://www.comms-scc.org/2023/07/31/the-engineer-who-cried-quantum/
ONCD Back to the Building Blocks Report: https://www.whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf
DARPA TRACTOR: https://www.darpa.mil/program/translating-all-c-to-rust