Dear Member of the C3E Community,
This year, in preparation for the fall C3E 2014 Workshop, we are holding a one day event on May 13th at The SI Organization in Chantilly, VA. As always, we will use the one-day event to refine the specific questions and possible approaches to be taken at the Fall workshop. Consistent with prior workshops, we intend to focus this year on at least two substantive track areas:
- Security by Default: How can we flip the economics of cyberspace to favor the defenders, and disadvantage the attackers? As long as cybersecurity is something that requires users (individuals and organizations) to proactively take steps to secure their information, systems, and networks, we will continue to have major gaps in adoption of basic security procedures. How can we develop systems, networks, applications, and devices that are secure by default, so that users have to work to “turn off” security features? This is especially important as the “internet of things” grows more broadly. Until we can unwind the foundational problem of security by default, we (collectively, in our interconnected world) will remain vulnerable.
- Data Integrity: Data integrity relates to a broad set of issues affecting many disciplines, not the least of which is cyber security. We would use the C3E one day event to focus in on aspects that the C3E community can effectively inform. For example, (1)We are interested in data integrity as it relates to surprising change, not just routine corruption. How can we characterize changes in data that are deliberate, malicious, or accidental. How can we characterize malicious activities vice normal decay or corruption in data sets? What are “best practices” in identifying data integrity remedies and practices in other disciplines? (2) What are the current challenges concerning “transition to practice” with respect to data integrity? Why have proven techniques claiming to ensure data integrity not been more widely adopted? How can we better encourage the use of these techniques? (3) What are the benefits of knowing the provenance of data? If necessary, can we get feedback to validate the data? There is also the concept of “levels of trust.” Can we place more trust in the integrity of the data from various levels or sources of information providers? Is one source more reliable than another? (4) What correlation is there between computational integrity and data integrity? How do they influence one another?
For the May event, we are in the process of exploring how this year’s track themes could potentially be applied to data sets in the PREDICT Repository. https://www.predict.org
Because of your prior and continuing work in areas central to our C3E efforts, we believe your participation will contribute to our preparation for the 20 October 2014 C3E annual workshop and help to strengthen the community in these areas of interest. As we continue to grow the C3E community, we will also be looking to participants to provide anecdotal evidence on how C3E has been of value to the broader community. For these reasons, we are limiting overall attendance to the 13 May event in order to focus on specific C3E areas in a time-limited setting.
The 13 May event will convene at The SI Organization, Inc's Stonegate 1 auditorium, 15050 Conference Center Drive, Chantilly, VA. , at 8:30am Tuesday morning and will conclude that afternoon by 5pm. To accept our invitation, please RSVP to Lisa.Coote@innovative-analytics.com. Limited support for travel is available if necessary. Please contact firstname.lastname@example.org for further travel instructions. More information will be posted on the website as it becomes available: http://cps-vo.org/group/c3e
We look forward to seeing you in Chantilly, and particularly look forward to your valuable contributions in our efforts to advance the strategic defense of our nation’s cyber infrastructure.