Dr, Gregory White speaking on behalf of ISAO, UTSA’s nationally recognized cybersecurity intelligence organization : http://cias.utsa.edu/isao-so.html
A three-part interview with UTSA’s Cybersecurity Institute Director Dr. Gregory White
As the Texas-Israel Chamber of Commerce strives to commence and strengthen economic ties between both “Lone-Star States,” our organization also seeks to inform and educate fellow Texans of the areas of economic overlap between Texas and Israel through our newsletters. One particular area of economic overlap between both states is that of cybersecurity. In this 3 part newsletter series, we were given the privilege of interviewing a cybersecurity expert from the nationally renowned Center for Infrastructure Assurance and Security (CIAS) at University of Texas in San Antonio (UTSA).
Dr. Gregory White is the director of UTSA’s CIAS where he also serves as a professor in the Computer Science Department. Dr. White as a scholar in computer science has also written many academic articles and conference papers on the subject of computer security. Dr. White was kind enough to correspond with the Texas-Israel Chamber of Commerce via email to answer some questions that we had regarding the state of Texas and U.S. cybersecurity capabilities.
This tri-part interview series begins with Dr. White interview will be divided into 3 main areas that were covered in the interview beginning with why San Antonio is a national leader in cybersecurity, and what are the common cyber threats faced by the average computer user and our government.
Topic: San Antonio Emerging as Cybersecurity, USA
Q1: What do you believe are factors/qualities that the city possesses that make the city of San Antonio conducive to being a national leader in cyber security?
Dr. White: The reason San Antonio is such a hub of cybersecurity is actually quite by accident. In 1985 the Air Force moved its computer security office from Alabama to San Antonio, Kelly Air Force Base, where it’s communications and emanations security offices were located. This combined all three electronic disciplines (along with electronic warfare which was also located in San Antonio). This occurred, as you can tell by the date of the move, at a key point in the history of computing. The mid-80’s was when we saw the growth of the PC and this was immediately followed by the growth of this thing called the Internet. This completely changed the landscape of computer security but most security professionals were not ready for this shift, they were used to security from a mainframe perspective which often focused on protection of the hardware since this was the high-value item.
In the 80’s the high-value item started shifting from the hardware to the data itself. What happened in the Air Force was that they brought in a group of young individuals who had no pre-conceived notion of what computer security meant but knew about was going on from a technology standpoint and they dove in and changed the way the Air Force was doing business. This focused on the operational aspects of computer security and the fact that incident detection and response was a critical element. Items such as intrusion detection systems and organizational CERTs were championed by the Air Force in San Antonio. Later, as individuals retired or separated from the Air Force, they often stayed in the local area and worked for DoD contractors who had established offices to support the Air Force, or at time formed their own cyber security companies. This was the start of why San Antonio became this hub of security. Later still (1999-2000) these businesses and government contractors went to local educational institutions and pushed them to establish security programs at local colleges and universities to establish a pipeline of workers for the security jobs in San Antonio.
Today, what we see is as a result of these early days and the growth as a result of the move of the Air Force’s cyber security office at a key point in the history of computing. Add to this the low cost of living in San Antonio and other factors that make San Antonio attractive to individuals, especially those leaving the military, and you can get a feel for why San Antonio is a hotbed of security expertise.
Topic: Common Cyber Threats:
Q2: What do you believe are the greatest cyber threats that face the average computer user today?
Dr. White: The average computer user implies individuals who are not necessarily familiar with security. The greatest threats they face are themselves. Shooting themselves in the foot because they don’t follow standard “cyber hygiene” practices. Things like clicking on links and going to web sites they shouldn’t, connecting to public wifi networks without utilizing crypto, picking poor passwords and writing them down, and opening suspicious email attachments. The average user undoubtedly has been the target of a number of phishing attacks. At home they need to make sure they again follow good security practices and do things like maintain a backup copy of critical files and encrypt their home wifi.
Q2a. Despite the fact that Americans spend a great proportion of their day on a computer, whether that be during work or during their leisure time on social media, cyber concepts such as "malware," "ransomware," virus, etc. seem to be foreign or at least not fully understood on a practical level. Why do you believe this is the case? Are there any particular terms/concepts that you believe the average computer user should be aware or more knowledgeable of to be more “cyber” intelligent?
Dr. White: You hit two of the most important ones for the average user (ransomware and malware). I might also add phishing to the list as well. Why folks aren’t more aware or concerned probably is because they don’t see where it actually affects them. People are busy. Unless they have had a problem or somebody close to them has had a problem with security, it is just something that doesn’t rise to the top of the list of interests for them.
The problem is that folks have not been raised worrying about security so they don’t. We were raised understanding something about physical security so for the most part we all make sure we lock our houses and cars when we are not present. We need to be teaching our kids as they grow up on the Internet what security they need to consider so by the time they are adults they have a basic understanding of the importance of security and what they can do about it.
Q3. What do you believe are the top three present cyber threats facing our government?
Dr. White: Nation States, Terrorists, Hacktivists. Nation states for obvious reasons. Nations want to be in a position to be able to utilize cyber tools in the event of a conflict between nations and they want to be able to utilize cyber for espionage purposes. Cyber is a great, asymmetric weapon so it is ideal for terrorists (or less capable nations). If you think about what it cost to be a “super power” during the cold war, very few nations had the resources and technology to be part of the group. To be a “cyber super power” however, takes a lot less money and time. Take a look at Iran, for example, and how far and quickly they progressed after STUXNET. Cyber provides an opportunity for Terrorists to have a significant impact on the infrastructures of a nation and can do it without ever having to be physically present in the target nation. Hacktivists are similar, though generally don’t have as a goal the same level of disruption that nations or terrorists might.