Navigating Cybersecurity and Public Policy Six Key Issues

In this emerging era of truly pervasive computing, cybersecurity is a hot public policy topic. Numerous policy proposals have been advanced to address emerging cyber threats directed at governments and private businesses and vulnerabilities affecting consumer data and individual privacy. These policy proposals have far-reaching implications for the economy, innovation, Internet governance, supply chains for information and communications technologies, and global security. Herb Lin of the National Research Council will discuss the findings of a recent National Research Council report on cybersecurity and the 6 key things to know about cybersecurity as it intersects with public policy. The report, At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues, identifies leading technical and nontechnical approaches to enhancing cybersecurity that are important for making informed public policy choices. It provides an overview of the cybersecurity policy agenda of the past two decades, the growing cybersecurity threat spectrum, and the anatomy of vulnerabilities and adversarial activities in cyberspace. It concludes that tradeoffs are inevitable and need to be accepted within political and policymaking processes.

How can we better understand and implement public policies to fight cybersecurity threats while preserving innovation, cutting-edge security research, civil liberties, and individual privacy? Join us for this overview and engaging discussion of important technical, legal, and policy issues.

Duration: 30 minutes, including 10 minutes of audience Q&A

Presenter: Herbert Lin, Chief Scientist, Computer Science and Telecommunications Board, National Research Council, National Academies

Herbert Lin is Chief Scientist at the Computer Science and Telecommunications Board, National Research Council of the National Academies, where he has been study director of major projects on public policy and information technology. His projects also have included a number of studies related to cybersecurity: At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues (2014); Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options (2010); Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities (2009); Toward a Safer and More Secure Cyberspace (2007); Engaging Privacy and Information Technology in a Digital Age (2007); Realizing the Potential of C4I: Fundamental Challenges (1999); and Cryptography's Role in Securing the Information Society (1996). Prior to his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his Ph.D. in physics from MIT.

Moderator: Jeremy Epstein, Lead Program Officer, National Science Foundation Secure and Trustworthy Cyberspace (SaTC) program; ACM Senior Member; ACM U.S. Public Policy Council

Jeremy Epstein is Lead Program Officer for the National Science Foundation Secure and Trustworthy Cyberspace (SaTC) program, NSF's flagship cybersecurity research program. Jeremy is on loan from SRI International, where his research areas are voting system security and software assurance. He is the Chair of the Voting Committee within the ACM U.S. Public Policy Council ( usacm.acm.org). He's also Associate Editor in Chief of IEEE Security & Privacy magazine ( www.computer.org/security), and founder of the Scholarships for Women Studying Information Security ( www.swsis.org).

View the Power Point Presentation