Israel is involved in cyber technology for more than 40 years. We celebrate today the 20th anniversary of the first national level organisation that had the mission of cyber securing Israel’s Critical Infrastructure (CIP). The talk will describe the main steps and lessons learned in Israel concerning the buildup of the right eco-system one needs for effective cyber resiliency.
Prof. Isaac Ben-Israel graduated from Tel Aviv University with degrees in mathematics, physics and philosophy, earning his PhD in 1988. A retired major-general in the Israel Air Force, Prof. Ben-Israel has served as Director of Defence R&D Directorate of the Ministry of Defense. He is a recipient of the Israel Defense Award (twice). He was a member of Knesset from 2007 to 2009. Currently he is the Chairman of the Israeli Space Agency and Head of the Blavatnik Interdisciplinary Cyber Research Center and the Yuval Ne’eman workshop for Science, Technology and Security at Tel Aviv University. In 2010 he was appointed by Israel PM to lead a task force that submitted to the Government a plan which made Israel a major player in Cyber Security. In 2018 he was appointed again by the PM to lead the next revolution in Israel: Secured Artificial Intelligence.
The talk discusses the threat landscape of Machine Learning-based systems and proposes a security methodology supporting the definition of key security properties of ML assets, the identification of threats to them as well as the selection, test and verification of security controls. Our discussion is based on STRIDE, a widely used approach to threat modeling originally developed by Microsoft. We extend STRIDE to provide guidance in selecting the security controls needed to alleviate the identified threats. The talk also discusses the idea of using Distributed Ledger Technology as a security control framework for alleviating the severity of threats to ML models.
Ernesto Damiani is Full Professor at Università degli Studi di Milano, Director of Center for Cyber Physical Systems (C2PS) within the Khalifa University, leader of the Big Data area at Etisalat British Telecom Innovation Center, and President of the Consortium of Italian Computer Science Universities (CINI). He is also part of the ENISA Ad-Hoc Working Group on Artificial Intelligence Cybersecurity, where he serves as Rapporteur.
According to DBLP (January 2021), Ernesto Damiani has authored 137 journal papers, 336 refereed articles in proceedings of international conferences, and published 57 books and chapters as an author or editor. According to Google Scholar, Ernesto’s work has been cited more than 18,200 times and his h-index is 57; 291 of his papers have at least 10 citations. On Scopus he has 616 documents and more than 7,100 total citations by more than 5,600 documents. His Scopus h-index is 36. With 542 publications listed on DBLP, he is considered among the most prolific European computer scientists.
His areas of interest include cyber-physical systems, Big Data Analytics, Edge/Cloud security and performance, Artificial Intelligence, and Machine Learning. Ernesto Damiani has pioneered model-driven data analytics. Ernesto has been a recipient of the Stephen Yau Award from the Service Society, of the Outstanding contributions Award from IFIP TC2, of the Chester-Sall Award from IEEE IES, and of a doctorate honoris causa from INSA – Lyon (France) for his contribution to Big Data teaching and research.
The diversity of cyber security threats and safeguards demands a corresponding diversity in the knowledge and skills required to deliver protection and resilience. However, when looking at the landscape, there are myriad reference frameworks, all of which tend to divide up the subject space in rather different ways in terms of their recognition of, and attention towards, different underlying topics (as well as their overall balance in coverage of technical and non-technical aspects of the space). This can have a resulting impact upon the way that cyber security is understood and approached in practice, with practitioners potentially viewing it through the lens that they are familiar and comfortable with and omitting important elements as a result.
This talk will examine the need to recognise the holistic nature of cyber security and ensure that we have the knowledge and skills to support it in practice. This affects the provision of academic qualifications and professional certifications, and the skill base that organisations must seek to support in practice within their cyber security function. The discussion will highlight challenges at several levels, ranging from the widely recognised skills shortage through to the more subtle issues around how to understand the breadth of the topic and recognise the indicators that denote appropriately skilled practitioners to help us.
Steven Furnell is Professor of Cyber Security at the University of Nottingham in the UK. He is also an Adjunct Professor with Edith Cowan University in Western Australia and an Honorary Professor with Nelson Mandela University in South Africa. His research interests include usability of security and privacy, security management and culture, and technologies for user authentication and intrusion detection. He has authored over 340 papers in refereed international journals and conference proceedings, as well as books including Cybercrime: Vandalizing the Information Society and Computer Insecurity: Risking the System. Prof. Furnell is the current Chair of Technical Committee 11 (security and privacy) within the International Federation for Information Processing, and a member of related working groups on security management, security education, and human aspects of security. He is also a board member of the Chartered Institute of Information Security and chairs the academic partnership committee. He has also been involved in a variety of studies conducted for the UK’s Department for Digital, Culture, Media & Sport, including annual analysis of the cyber security skills in the labour market.
AI and Resilience, especially if applied at tactical age, have one thing in common: they require integration of evidence-based data to provide confident and trustworthy decision recommendations. Confidence and Trust arises from multiple interactions, where predictable and desirable behavior is reinforced over time. Providing commanders and decision makers with some understanding of AI operations can support predictability, but forcing AI to explain itself risks constraining AI capabilities to only those reconcilable with human cognition. We argue that complex systems should be designed with features that build trust by bringing decision-analytic perspectives and formal tools into AI and resilience. Actionable and Interpretable AI (AI2) will incorporate explicit quantifications and visualizations of user confidence in AI recommendations. In doing so, it will allow examining and testing of AI system predictions to establish a basis for trust in the systems’ decision making and ensure broad benefits from deploying and advancing its computational capabilities.
AI and advanced data analytics can be used in many applications. The COVID-19 pandemic clearly shows the lack of resilience in supply chains and the impact that disruptions may have on a global network scale as individual supply chain connections and nodes fail. This cascading failure underscores the need for the network analysis and advanced resilience analytics we find lacking in the existing supply chain literature. As an example, I will provide a comprehensive approach to network resilience quantification encompassing the supply chain in the context of other social and physical networks. The connection to systemic threats, such as disease pandemics, will be specifically discussed as well as AI and other analytics relevant to finding resilient solutions.
Dr. Igor Linkov is Senior Science and Technology Manager with the US Army Engineer Research and Development Center (ERDC), and Adjunct Professor with Carnegie Mellon University. He is responsible for ERDC’s project portfolio in the areas of crises management and resilience. Dr. Linkov has managed multiple risk and resilience assessments and management projects in many application domains, including transportation, energy, supply chain, homeland security and defense, cybersecurity, and critical infrastructure. He developed methods and tools for measuring resilience in interconnected network and applied these tools to transportation networks, energy and cyber systems, supply chains and currently to manage response and recovery following COVID pandemic. His project portfolio includes assessment of sustainability and resilience of complex infrastructure affected by climate change. He was part of several Interagency Committees and Working Groups tasked with developing resilience metrics and resilience management approaches, including the US Army Corps of Engineers Resilience Roadmap, Secretary of Deference Strategic Environmental Research and Development Program, and Cyber Resilience Technical Committee. Dr. Linkov is a member of Transportation Research Board’s “Transportation, Sustainability and Resilience” committee and Chaired sub-committee on Supply Chain Resilience. Dr. Linkov has organized more than thirty national and international conferences and continuing education workshops, including more than 10 major events ion resilience. He has published widely on environmental policy, climate change, and risk and resilience analysis, including twenty five books and over 400 peer-reviewed papers and book chapters in top journals, like Nature, Nature Nanotechnology, Nature Climate Change, among others. Dr. Linkov is Elected Fellow with the American Association for the Advancement of Science (AAAS) and Society for Risk Analysis and received multiple awards for his scientific achievements from the Army and other organizations. Dr. Linkov has a B.S. and M.Sc. in Physics and Mathematics (Polytechnic Institute) and a Ph.D. in Environmental, Occupational and Radiation Health (University of Pittsburgh). He completed his postdoctoral training in Risk Assessment at Harvard University. He served as the US Embassy Science Fellow at the US Mission to OECD in 2017.