ACT 2015 Blurb | Science of Security Virtual Organization

ACT 2015 Blurb

ACT Workshop 2015

The Special Cyber Operations Research and Engineering (SCORE) Subcommittee sponsored the 2015 Adoption of Cybersecurity Technology (ACT) workshop at the Sandia National Laboratories in Albuquerque, New Mexico from 3-5 March 2015. In order to illuminate systemic barriers to adoption of security measures while potentially mitigating specific threats, the workshop focused specifically on countering the phishing threat and its aftermath.

ACT 2015 Workshop - 90 Day Spins

Participants of the ACT Workshop 2015 developed action plans that are to be implemented via 90 day spins. Participants took ownership of the solutions put forward during the workshop, and have briefed the Adoption of Cybersecurity Technology Organizing Committee every 90 days on the status of their implementation. The spin reports address successes, challenges, and the specific steps taken to overcome roadblocks to the realization of the adoption of cybersecurity technologies by specific government entities.

Approximately half of the 50 participants from the March workshop met at Johns Hopkins University Applied Physics Lab on 18 June to report on progress during the first 90 days, Spin 1. In addition to outbriefs on the status of implementing each of the 4 use case technologies, Mary Theofanos of NIST briefed attendees on “The Human Behavior Side of the Adoption of Cybersecurity Technology.” Another 25 ACT 1 participants met at the Department of Homeland Security, Science and Technology Headquarters on 16 September to address progress during the second 90 days, Spin 2. The attendees at Spin 2 came from NSA, DHS, Sandia, NIST, OSTP, Florida Institute of Technology, the University of Buffalo, and Iconix. The meeting was held at DHS S&T since it had been identified as a potential locations for implementing use case solutions, and the discussions that took place during the Spin meeting provided an opportunity to move such plans forward. During a working lunch, Gregg Piermarini, D/CIO for DHS S&T and an ACT workshop participant, presented a briefing on “Issues Facing Decision-Makers in Adoption of Cybersecurity Technology”. Twenty ACT participants attended Spin 3 which was held at the Harris Institute for Assured Information at the Florida Institute of Technology on 9 December. In addition to meetings among the use case participants and outbriefs on their progress, the Damage Containment group presented a demo on the status of their implementation. Also, Arun Vishwanath of SUNY Buffalo gave a talk entitled “Design-related Problems in Securing Cyberspace” and Karin Butler of Sandia National Labs briefed on the implementation of Enhanced Mitigation Experience Toolkit (EMET) at Sandia. Spin 4 will be held on 8 March 2016 immediately prior to ACT 2 (9-10 March) at Sandia National Labs.

Future Spins

Spin 4 will be held in conjunction with ACT2016 March 8-10, 2016 at Sandia National Laboratories, Albuquerque,NM.