Part of the Pell Center's Cyber Leadership project, the Rhode Island Corporate Cybersecurity Initiative supports senior business leaders and decision makers who can affect change and make Rhode Island's corporate community more secure and resilient to cyber incidents.
By bringing together senior leaders from the defense industry, financial services, technology, health care, energy and telecommunication, the initiative:
- Addresses the most critical cybersecurity challenges facing the private sector
- Encourages cybersecurity awareness and training
- Promotes best practices, business continuity and resiliency planning
- Develops approaches to share cyber threat information and assure legal and regulatory compliance
The Rhode Island Corporate Cybersecurity Initiative takes advantage of New England's outstanding academic, industrial and research resources to develop the next generation of cyber-strategic leaders, who understand the technical, ethical, legal and compliance issues regarding cybersecurity and take responsibility for the development of effective security policies, procedure and protocols to protect their organizations and the nation's private infrastructure.
For more information, or to register for an upcoming event, contact Francesca Spidalieri, Pell Center fellow for cyber leadership.
The event brought together internationally renowned experts and cybersecurity practitioners to discuss numerous key cyber-operation concepts, including the legal implications of active defense, cyber-countermeasures vis-a-vis the Tallinn Manual, and how "privatized cyber counter strikes" may influence the future of cyber deterrence.
The panel included:
- Joe Provost, CEO of SYNCSTATE, a cyber threat security and intelligence analysis company
- Robert Clark, distinguished professor of law at the U.S. Naval Academy's Center for Cyber Security Studies
- Col. James Bitzes, staff judge advocate for the U.S. Cyber Command
- Michael Schmitt, director of the Stockton Center for the Study of International Law at the U.S. Naval War College and main author of the "Tallinn Manual on the International Law Applicable to Cyber Warfare"
- Karl Wadensten, president of VIBCO, a prominent R.I. manufacturer
The five distinguished panelists explored the timely and controversial issues of commercial hacking and the lack of clearly-defined laws - whether domestic or international - to deter, punish, and/or pursue foreign hackers.
The invitation-only roundtable discussion brought together key players in the state to review current gaps in Rhode Island's Data Security and Breach Notification Law, compare the R.I. law with those of other states, and propose methods to strengthen the existing law. The distinguished group of policy makers, state representatives, business leaders and law enforcement officials present at the workshop agreed that an update to the current R.I. notification of breach law is both necessary and urgent in order to raise the cost of data breaches, to better protect customers' personal information, and to provide companies with incentive to implement better security practices. A list of their recommendations to strengthen the existing law will be published in an upcoming policy memo.
The first R.I. Corporate Cybersecurity Tabletop Exercise was a cross-industry, discussion-based exercise that provided private sector leaders the opportunity to raise their awareness and develop an understanding of the most pressing cyber threats to their organizations' networks and sensitive information.
More than 30 industry leaders participated in the exercise demonstrating their commitment to cybersecurity and desire to build upon existing informal relationships to improve the overall security posture of the RI private sector.
Melissa Hathaway, president of Hathaway Global Strategies and a senior adviser at Harvard University's Belfer Center for Science and International Affairs, gave a public lecture titled "Strategic Advantage: Why You Should Care About Cybersecurity."
The After-Action Report Workshop discussed lessons learned from the Corporate Cybersecurity Tabletop Exercise and further steps companies may take to better protect their organizations from cyber threats and vulnerabilities. The workshop built upon the exercise by outlining major strengths and areas of improvement, discussing how organizations currently handle situations similar to the ones simulated in the exercise, and identifying any related best practices.
The comprehensive After Action Report includes the findings and observations of this exercise and offers actionable recommendations to help organizations prioritize their cybersecurity improvement plans and cultivate information-sharing and cooperation activities.
The seminar introduced participants to the current tactics, techniques, and procedures that malicious actors are deploying against network infrastructure worldwide. Ken Bell, senior cyber intelligence analyst at Raytheon and adjunct fellow at the Pell Center, examined the emerging trends and threats related to cybersecurity for 2014 and discussed proactive measures to help organizations, regardless of their size/industry, better protect their proprietary information and assets from those emerging threats.
The workshop focused on the often missing link in cybersecurity - plain English communication between IT people and executives, whose responsibility is to protect company assets and reputation. Subject matter experts April Lorenzen and Nat Kopcyk from Dissect Cyber led the workshop and various group exercises and activities on some of the most pressing cybersecurity topics. Participants came away with a better idea of how to infuse a stronger culture of security, proof and transparency into the protection of their organizations' sensitive information and digital assets.
The panel discussion explored how Rhode Island organizations charged with providing the state and nation’s financial, energy, health care and other critical systems could use the National Cybersecurity Framework to better protect their information and physical assets from cyber attacks. The panel included Adam Sedgewick, National Institute of Standards and Technology senior information technology policy adviser; Michael Leking, the Department of Homeland Security’s cybersecurity adviser for the Northeast region; and Jamia McDonald, executive director of the state’s Emergency Management Agency. The three distinguished panelists discussed the specifics of the framework and other national and state initiatives to support its implementation. In addition, Sen. Sheldon Whitehouse (D-RI) and Rep. James Langevin (D-RI) delivered keynote speeches and acknowledged the commitment of R.I. leaders to strengthen the state’s cybersecurity posture and of institutions, like the Pell Center, that provide an excellent forum for regional efforts in this field.