Part of the Pell Center's Cyber Leadership project, the Rhode Island Corporate Cybersecurity Initiative supports senior business leaders and decision makers who can affect change and make Rhode Island's corporate community more secure and resilient to cyber incidents.
By bringing together senior leaders from the defense industry, financial services, technology, health care, energy and telecommunication, the initiative:
- Addresses the most critical cybersecurity challenges facing the private sector
- Encourages cybersecurity awareness and training
- Promotes best practices, business continuity and resiliency planning
- Develops approaches to share cyber threat information and assure legal and regulatory compliance
The Rhode Island Corporate Cybersecurity Initiative takes advantage of New England's outstanding academic, industrial and research resources to develop the next generation of cyber-strategic leaders, who understand the technical, ethical, legal and compliance issues regarding cybersecurity and take responsibility for the development of effective security policies, procedure and protocols to protect their organizations and the nation's private infrastructure.
For more information, or to register for an upcoming event, contact Francesca Spidalieri, Pell Center fellow for cyber leadership.
Tuesday, May 20
8:30-9 a.m. networking breakfast
9-11 a.m. panel discussion
"Hacking back" techniques - designed to raise the cost of cyber intrusions for adversaries and mitigate the harm of cyber attacks to the victims' systems - are becoming increasingly appealing to companies that wish to identify and expose hackers, and potentially cripple the operations of cyber attackers. Companies employing these techniques, however, need to consider potential legal exposure and ethical issues, and be mindful that these activities may incite hackers frustrated with such countermeasures to hit even harder.
This panel discussion will review current international and U.S. laws, articles and reports from and their relationship to conducting cyber counter strikes against identified adversaries. The U.S. laws and articles often do not contain language and definitions regarding the use of a counter strike or fail to completely address the potential of active defense in cyberspace. In addition, these same laws exacerbate private companies' ability to actively defend their intellectual property and business interests online with offensive actions. This panel will explore key offensive cyber operation concepts, domestic and international law implications of active defense, and the Tallinn Manual research in relation to countermeasures. The overall objective is to encourage further analysis of the concept of 'privatized cyber counter strike' in order to fully understand how this online activity may influence the future of offensive cyber attack deterrence.
- Joe Provost, CEO of Syncstate
- Karl Wadensten, president of VIBCO
- Michael Schmitt, chairman of the international law department at the U.S. Naval War College, and main author of the “Tallinn Manual on the International Law Applicable to Cyber Warfare” (NATO Cooperative Cyber Defence Centre of Excellence)
- Col. James Bitzes, staff judge advocate of the U.S. Cyber Command
- Robert Clark, distinguished professor of law for the U.S. Naval Academy's Center for Cyber Security Studies
The first R.I. Corporate Cybersecurity Tabletop Exercise was a cross-industry, discussion-based exercise that provided private sector leaders the opportunity to raise their awareness and develop an understanding of the most pressing cyber threats to their organizations' networks and sensitive information.
More than 30 industry leaders participated in the exercise demonstrating their commitment to cybersecurity and desire to build upon existing informal relationships to improve the overall security posture of the RI private sector.
Melissa Hathaway, president of Hathaway Global Strategies and a senior adviser at Harvard University's Belfer Center for Science and International Affairs, gave a public lecture titled "Strategic Advantage: Why You Should Care About Cybersecurity."
The After-Action Report Workshop discussed lessons learned from the Corporate Cybersecurity Tabletop Exercise and further steps companies may take to better protect their organizations from cyber threats and vulnerabilities. The workshop built upon the exercise by outlining major strengths and areas of improvement, discussing how organizations currently handle situations similar to the ones simulated in the exercise, and identifying any related best practices.
The comprehensive After Action Report includes the findings and observations of this exercise and offers actionable recommendations to help organizations prioritize their cybersecurity improvement plans and cultivate information-sharing and cooperation activities.
The seminar introduced participants to the current tactics, techniques, and procedures that malicious actors are deploying against network infrastructure worldwide. Ken Bell, senior cyber intelligence analyst at Raytheon and adjunct fellow at the Pell Center, examined the emerging trends and threats related to cybersecurity for 2014 and discussed proactive measures to help organizations, regardless of their size/industry, better protect their proprietary information and assets from those emerging threats.
The workshop focused on the often missing link in cybersecurity - plain English communication between IT people and executives, whose responsibility is to protect company assets and reputation. Subject matter experts April Lorenzen and Nat Kopcyk from Dissect Cyber led the workshop and various group exercises and activities on some of the most pressing cybersecurity topics. Participants came away with a better idea of how to infuse a stronger culture of security, proof and transparency into the protection of their organizations' sensitive information and digital assets.
The panel discussion explored how Rhode Island organizations charged with providing the state and nation’s financial, energy, health care and other critical systems could use the National Cybersecurity Framework to better protect their information and physical assets from cyber attacks. The panel included Adam Sedgewick, National Institute of Standards and Technology senior information technology policy adviser; Michael Leking, the Department of Homeland Security’s cybersecurity adviser for the Northeast region; and Jamia McDonald, executive director of the state’s Emergency Management Agency. The three distinguished panelists discussed the specifics of the framework and other national and state initiatives to support its implementation. In addition, Sen. Sheldon Whitehouse (D-RI) and Rep. James Langevin (D-RI) delivered keynote speeches and acknowledged the commitment of R.I. leaders to strengthen the state’s cybersecurity posture and of institutions, like the Pell Center, that provide an excellent forum for regional efforts in this field.