Shared Risk and Shared Responsibility
Every year, American companies conduct trillions of dollars worth of business online, and individual consumers use the Internet to pay bills, manage their investments, connect socially, and purchase everything from pet foods to prescription drugs.
Such convenience does not come without serious risks to our individual identity and our collective safety. As our use of the Internet for personal, corporate, government, and military business grows, so too does the sophistication of those who attack it.
Thousands of cyber attacks are launched daily around the globe by people attempting to capture and use or sell critical information. Attackers can threaten our national security, steal years of experimental research data, gain access to the power grid, or tamper with our financial markets.
The National Academy of Engineering has identified the establishment of a secure cyberspace as one of the grand challenges of the 21st century, and President Obama has recognized cybersecurity as one of the most serious economic and national security challenges we face as a nation.
And it is one that we are not adequately prepared to meet. As a nation, we have to strengthen public-private-academic partnerships if we’re to find technology solutions that ensure U.S. security and prosperity.
We need to invest in the cutting-edge research and development necessary for the innovation and discovery to meet the digital challenges of our time. And we must promote cybersecurity awareness and digital literacy, from our classrooms to our boardrooms.
In 2014, the Cybersecurity Initiative was established at the University of Delaware to work toward those goals in collaboration with some of the best universities across the country. Our advisory board brings together top experts from academia, government, industry, and the military, and the initiative builds on existing partnerships with government labs and the financial services industry.
Many people may ask, “Why Delaware?”Yes, we’re the second-smallest state in the nation geographically, and our population is under a million.
But tiny Delaware is also the corporate capital of America, with more than a million companies incorporated in the state. More than half ofthe Fortune 500 companies are headquartered in Delaware, and theDelaware Court of Chancery is widely recognized as the nation’s preeminent forum for the resolution of corporate disputes.
In addition, the state is ideally positioned midway between the nation’s financial hub, New York City, and its government and military capital, Washington, D.C.
With the Cybersecurity Initiative as a hub, we have begun to address a problem that costs billions of dollars a year.
How are we doing it?
The initiative has three pillars: education, training and research.
The cybersecurity workforce of 2015 is woefully inadequate –estimates indicate that there are only about 1,000 qualified workers for some 30,000 job openings. To create a pipeline of graduates skilled in the latest theories and tools required to address cybersecurity problems, we have established an undergraduate minor as well as a graduate program in cybersecurity. These programs build on our existing expertise in electrical and computer engineering, computer and information sciences, and corporate law and policy.
It is also critical that we reach America’s existing workforce and give everyone from entry-level workers to executives and board members the tools and training to protect themselves from attacks. Our entire workforce is operating in a globally connected world, and we need to be smart about how we conduct our lives electronically. Knowledge of cybersecurity isn’t just for people who are interested in science and engineering – it’s a life skill.
Finally, our experts are working to stay one step ahead of hackers, thieves and cyber terrorists by conducting research focused on developing solutions to advancing threats.
Cybersecurity affects all of America’s 17 industrial sectors, including energy, transportation, health care, communications, and food production, and all of these sectors are interconnected. But corporations are often reluctant or unable to share their cybersecurity measures and policies. Universities are in a better position to conduct unbiased research.
UD is also working with the State to provide Delaware’s small businesses with the capability to manage this growing threat.
Providing effective solutions to problems of cybersecurity requires more than just technology. We need to create policies that balance freedom with safety and security. To attack the problem at its root, we also must understand what motivates cybercriminals. Therefore, our approach is “ecumenical,” bringing together experts with different backgrounds, fields of study, and skill sets, so that we can provide comprehensive solutions.
As President Obama said at the White House Summit on Cybersecurity and Consumer Protection earlier this year, “Our connectivity brings extraordinary benefits to our daily lives, but it also brings risks.”
We as a nation have to be prepared to mitigate those risks so that we can continue to benefit from this extraordinary connectivity.
Cybersecurity is everyone’s responsibility – from individuals managing their finances to experts managing our nation’s electrical grid. We often think about cybersecurity in terms of financial breaches, but one of the gravest risks is to our nation’s critical infrastructure. And we need to remember that everything is connected, so there can be adramatic domino effect, with an attack to one sector having devastating repercussions in another.
The threat is here. It is not a question of “if” but “when.” At the University of Delaware Cybersecurity Initiative, we are working on all fronts to counter that threat. I95