Research agencies aren’t taking ownership of cybersecurity resear...
Research agencies aren’t taking ownership of cybersecurity research within their areas of speciality, board member Fred Schneider, Cornell University computer science professor, told federal Chief Technology Officer Aneesh Chopra, during a meeting of NIST’s Information Security and Privacy Advisory…
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
Board. Chopra disagreed with his assessment, at least amongst top-level officials, but said he would consider the feedback. Schneider said he sees two types of cybersecurity issues -- fairly “vanilla” issues that any researcher can look at and application-specific issues that require some knowledge of a speciality. In the power grid, for example, knowledge of the mechanics of electricity enables one to cause a lot of damage, yet “virtually no one” in the cybersecurity research world understands how it works, Schneider said. But agencies like the Department of Energy and the National Institutes of Health “categorically deny” their responsibility to fund discipline-specific cybersecurity research, he said. They believe DHS will take care of it, he said. Chopra said he disagrees. He cited his service on the Health IT Standards Committee, which is recommending embedding security standards in the definition of meaningful use. Language in the notice of funding for the smart grid also makes clear that security will be part of the discussion, he said. In addition, he said, he’s meeting with Energy Secretary Steven Chu today and cybersecurity will be one of the topics.