SEI Seeks Responses to ODNI-Sponsored Online Cyber Intelligence Survey
Pittsburgh, Pa., August 9, 2018—The Emerging Technology Center at the Software Engineering Institute (SEI) at Carnegie Mellon University today issued a call for U.S.-owned organizations to participate in a cyber intelligence tradecraft survey. The survey is part of a cyber intelligence study the SEI is conducting on behalf of the Office of the Director of National Intelligence (ODNI).
Cyber intelligence—acquiring and analyzing information about cyber capabilities, intentions, and activities to enhance decision making—is a rapidly changing field.
“As an intellectual discipline, cyber intelligence is still in its relative infancy, which makes it especially important to identify and share best practices,” said Jim Richberg, ODNI’s national intelligence manager for cyber. “The insight we gain from this study will improve our ability to produce and share actionable cyber intelligence in both government and the private sector.”
The study, which the SEI will complete in 2019, will describe how organizations across the federal government, industry, and academia conduct cyber intelligence activities, identifying common challenges and best practices.
The online survey extends the reach of qualitative, in-person interviews the SEI is conducting as part of the study, which began in December 2017.
“Over the course of our interviews with organizations, we’ve noticed several trends and themes, which we’ve used to develop a survey,” said Jared Ettinger of the SEI’s cyber intelligence team. “With the online survey, we have a chance to increase the scale of our research. For example, we’ll be able to understand the use of certain tools and processes across sectors.”
The Cyber Intelligence Tradecraft Survey requires approximately 15 minutes to complete and asks questions based in five key areas:
environmental context (factors that shape an organization’s cyber intelligence effort)
data gathering (how an organization collects information)
functional analysis (the technical “what” and “how” of cyber intelligence)
strategic analysis (the “who” and “why” of cyber intelligence)
decision-maker reporting and feedback (how a cyber intelligence team interacts with leadership)
The SEI will issue a report based on the study in early 2019.
The SEI team is still accepting organizations for in-person interviews and specifically invites organizations from the manufacturing, healthcare, food and agriculture, and water sectors to apply. Interview participants receive a private comparative analysis of their own cyber intelligence efforts as well as access to overall study results prior to public release.
To complete the survey, visit https://www.surveymonkey.com/r/SEI_CITP. For more information about the study, see https://www.sei.cmu.edu/about/organization/etc/citp.cfm. Organizations wishing to participate in an in-person interview should contact the SEI at email@example.com.
CERT Division Announces Data Science in Cybersecurity Symposium
Pittsburgh, Pa., July 27, 2018—The Software Engineering Institute CERT Division today announced the 2nd annual CERT Data Science in Cybersecurity Symposium, a free one-day symposium to be held in Arlington, Va., on August 29. Registration is now open.
Modern computer networks generate incredible amounts of data, but making sense of this data is simultaneously a critically important task and a near-impossible exercise requiring advanced software and highly trained personnel.
Data science focuses on creating techniques that uncover hidden patterns in enormous data sets and developing tools that enable this discovery in any dataset and in any environment. Over the past few years, significant advances were made in both techniques and tools, enabling even the most subtle of patterns to be identified using modern computing power.
The 2018 CERT Data Science in Cybersecurity Symposium focuses on metadata and will examine the deep insights to be gleaned from what appears to be highly limited data and the relationship between cybersecurity data and privacy and how to manage that risk.
Speakers at the symposium will include
Lujo Bauer, associate professor, Carnegie Mellon University Institute for Software Research
Ari Gesher, morning keynote speaker, founding director of software engineering at Kairos Aerospace
Bob Rudis, chief security data scientist, Rapid7
Shawn Riley, chief data officer and CISO, Darklight Cybersecurity (invited)
Eliezer Kanal, technical manager, science of cybersecurity, SEI CERT Division
Doug Sicker, department head and professor, Engineering and Public Policy, Carnegie Mellon University
Mark Perlin, CSO and CEO, Cybergenetics
Lisa Gumbs, assistant general counsel for operations (ret.), Defense Intelligence Agency
April Galyardt, machine learning research scientist, SEI CERT Division
The event is free to attend, but space is limited, and registration is required to reserve a seat.
For more information about the CERT Data Science in Cybersecurity Symposium and to register, visit https://data-science-symposium.eventbrite.com.
FloCon 2019 Call for Participation Now Open
July 24, 2018—The Call for Participation for FloCon 2019 is now open. The 2019 edition will focus on applying analytics to any large-scale dataset (not just network flow data) to enhance security. Everyone interested in data-driven security is invited to submit abstracts for this conference. We are particularly interested in new, innovative ways to use big data to address thorny security problems.
FloCon 2019 will take place January 7-10, 2019 in New Orleans, Louisiana. FloCon provides a forum for exploring large-scale, next-generation data analytics in support of security operations. FloCon is geared toward operational analysts, tool developers, researchers, security professionals, and others interested in applying cutting-edge techniques to analyze and visualize large datasets for protection and defense of networked systems.
To learn more and to submit abstracts for presentations, posters, and demonstrations, visit https://resources.sei.cmu.edu/news-events/events/flocon/cfp.cfm.
To learn more about FloCon, visit
Ipek Ozkaya Named IEEE Software Editor-in-Chief
The IEEE Computer Society has named Ipek Ozkaya, a principal researcher in the SEI’s Software Solutions Division, the next Editor-in-Chief of IEEE Software, a leading bimonthly peer-reviewed journal published by the IEEE Computer Society.
Ozkaya will assume editorial duties in January 2019. Her term will run through December 2021. As editor-in-chief, Ozkaya plans to focus on publishing results that provide practical guidance and help for both established and newcomer software developers and architects.
Ozkaya notes that experienced practitioners face the challenge of staying relevant in a dynamic environment where knowledge-consumption models continually evolve from centralized and controlled to open and collaborative. Also, in government and elsewhere, newcomers to the workforce often lack the skills to make effective use of the complex software-based systems with which they must interact. For all practitioners, Ozkaya plans to work toward the transition of practical research through easily consumable means.
Ozkaya noted that she welcomes the opportunity to work closely with others in the diverse, global, technology-savvy IEEE Software community.
Metcalf Named Co-Editor of New ACM Journal
July 10, 2018—The SEI’s Leigh Metcalf has been named co-editor-in-chief of Digital Threats: Research and Practice (DTRAP), a journal of the Association for Computing Machinery. DTRAP is a peer-reviewed journal that targets the prevention, identification, mitigation, and elimination of digital threats. The journal seeks to promote the foundational development of scientific rigor in digital security by bridging the gap between academic research and industry practice.
DTRAP is the brainchild of Metcalf, who recognized a need for such a publication in the field. “I realized that in cybersecurity there was a distinct lack of communication between researchers and practitioners,” said Metcalf. “I thought a journal would be a good first step to fixing this lack of communication. I also felt this was a perfect publication for the CERT Division to stand up, because we operate at the nexus of research and practice.” Metcalf will share editorial duties with Arun Lakhotia, a professor in the School of Computing and Informatics at the University of Louisiana at Lafayette.
Elaborating on the working gap between researchers and practitioners, Metcalf noted, “It’s a long-standing problem and has many causes, but to do a good job and make a real impact in the field, they have to work together. Good research in this field is informed by real-world problems, and researchers should communicate with those who work on the front line. I think solving this problem involves communication, and we want the journal to facilitate that.”
Metcalf also noted that scientific rigor has been lacking in the area of cybersecurity research, and she hopes DTRAP can help remedy that situation. “It’s actually a well-known problem,” she said. “The NSA offers an award for best scientific paper on security, but no one has created a journal that says ‘Here is where science in cybersecurity is done.’”
Metcalf has been a member of the SEI CERT Division technical staff for eight years. She currently serves as a senior network security research analyst specializing in cybersecurity. Prior to joining the SEI, Metcalf spent more than 10 years in industry working as a systems engineer and architect. She has presented at numerous conferences, including NANOG, MA3WG, FloCon, and the Joint Mathematics Meeting, and she is also the primary author of the book Cybersecurity and Applied Mathematics. Metcalf earned her Ph.D. from Auburn University in mathematics.
DTRAP plans to launch in early 2019 and is currently seeking contributors. To learn more about DTRAP, visit https://dtrap.acm.org/index.cfm.
Leigh Metcalf, PhD, a senior network security research analyst in the CERT Division, has been named co-editor-in-chief of Digital Threats: Research and Practice (DTRAP), a new journal of the Association for Computing Machinery (ACM).
Leigh spearheaded the establishment of this peer-reviewed journal because she recognized a gap in communication between cybersecurity researchers and practitioners. Leigh sees DTRAP as an ideal publication for the CERT Division to stand up, like the SEI overall, it operates at the nexus of research and practice.
DTRAP targets the prevention, identification, mitigation, and elimination of digital threats. The journal seeks to promote the foundational development of scientific rigor in digital security by bridging the gap between academic research and industry practice.
Leigh will share editorial duties with Arun Lakhotia, a professor in the School of Computing and Informatics at University of Louisiana at Lafayette.
DTRAP plans to launch early 2019 and is presently seeking contributors. To learn more about DTRAP, visit https://dtrap.acm.org/index.cfm.