Sociotechnical Cybersecurity Workshop 1
Information and Communications Technology (ICT) has taken a central role in modern society. Unfortunately, malicious hackers and cybercrime have become a stubborn and expensive part of the ICT landscape. This has made providing cybersecurity a defining challenge for our era. Many strategic plans and National Academies of Sciences (NAS) studies have been written, and billions of dollars have been spent on the development and deployment of innovative cybersecurity solutions, but our network infrastructure, devices and organizations are increasingly insecure against threats.
Quite recently (in January 2016), the federal government released a new cybersecurity federal R&D strategic plan – this one mandated by Congress – that is novel in that it engages the socio-technical nature of the systems that we are securing. The plan also emphasizes the need for understanding the efficacy of different approaches, albeit empirically, economically, or mathematically. However, in order to make meaningful progress, using a socio-technical approach requires innovation driven by informational and experiential diversity.
A socio-technical approach to cybersecurity recognizes that the science and technology deployed to protect and defend our information and critical infrastructure must consider human, social, organizational, economic and technical factors, as well as the complex interaction among them, in the creation, maintenance, and operation of our systems and infrastructure.
We advocated for an evidence-based sociotechnical cybersecurity approach, integrating the best research evidence with diverse cybersecurity expertise and broadening the consideration of ICT user characteristics. Our intention is that the grand challenges will promote effective and appropriate consideration of the socio-technical factors and sound and effective principles of cybersecurity assessment, evaluation, and intervention. The resulting report will help illuminate the implications for cybersecurity researchers of taking a socio-technical approach identifying human, social, organizational, economic and technical factors that must be considered, techniques for understanding the interactions among them, and positive steps that can be taken to better protect and defend our information and critical infrastructure.
Click here for the call for white papers.
December 12, 2016 (Monday)
|07:15 AM||Breakfast Available | Room 2115 - Hospitality Room|
|08:00 AM||Welcome and Introductions | Room 2111/2112|
|08:30 AM||Discussion: What is a Grand Challenge? | Room 2111/2112|
|09:00 AM||Panel 1: Cybercrime
| Room 2111/2112
|09:45 AM||Notes | Room 2111/2112|
|10:00 AM||Break | Outside of Room 2111/2112|
|10:15 AM||Panel 2: Metrics and Models | Room 2111/2112|
|11:00 AM||Notes | Room 2111/2112|
|11:15 PM||Panel 3: Individuals and Norms
| Room 2111/2112
|12:15 PM||Notes | Room 2111/2112|
|12:30 PM||Working Lunch: Discussion on the last CCC Grand Challege workshop | Room 2115 - Hospitality Room|
|01:00 PM||Working Lunch: Table Discussion | Room 2115 - Hospitality Room|
|01:30 PM||Gather Ideas | Room 2111/2112|
|02:30 PM||Cluster Ideas | Room 2111/2112|
|03:00 PM||Assemble Parallel Breakout Groups | Room 2111/2112|
|03:30 PM||Break | Outside of Room 2111/2112|
|04:00 PM||Parallel Breakouts | Room 2116 and Room 2118|
|05:30 PM||Report Out | Room 2111/2112|
|06:30 PM||Dinner | Chasen Family Room|
December 13, 2016 (Tuesday)
|07:30 AM||Breakfast Available | Room 2115 - Hospitality Room|
|08:30 AM||Recap and New Parallel Breakout Assignments | Room 2111/2112|
|09:30 AM||Parallel Breakouts | Room 2116 and Room 2118|
|10:30 AM||Break | Outside of Room 2111/2112|
|11:00 AM||Report Out | Room 2111/2112|
|11:30 AM||Next Steps | Room 2111/2112|
|12:30 PM||Lunch | Room 2115 - Hospitality Room|
Deanna Caputo, MITRE Corporation
Stephanie Forrest, University of New Mexico
Qing Hu, City University of New York
Brian LaMacchia, Microsoft Research
Oded Nov, New York University
Sasha Romanosky, RAND Corporation
Stefan Savage, University of California, San Diego
Timothy Summers, University of Maryland, College Park
Susan Winter, University of Maryland, College Park
Heng Xu, Pennsylvania State University
With Support From
Lorenzo Alvisi, University of Texas at Austin
Ann Drobnis, CCC
Keith Marzullo, University of Maryland, College Park
The Sociotechnical Cybersecurity Organizing Committee has released a call for white papers in order to both assist us in organizing the workshop and in selecting attendees. We are soliciting white papers of no more than two pages in length that describe and motivate a novel grand challenge in cybersecurity. Authors of informative and well-crafted white papers may be invited to one of the Sociotechnical Cybersecurity workshops.
Please submit your white paper by September 30, 2016. We will accept submissions via email to scsinfo [@] cra.org. Should you have any questions, please contact Ann Drobnis (adrobnis [at] cra.org) or Khari Douglas (kdouglas [at] cra.org). Read the full call for white papers here.