When you ask former United States Director of National Intelligence Mike McConnell what he thinks about the internet and information technology, he summons the words of Richard Danzig.
Danzig, who served as U.S. Secretary of the Navy from 1998 to 2001, once compared the internet to "a diet of poisoned fruit."
"This is delicious for us, it makes us more productive, more effective, improves our standard of living, we can communicate in our business," McConnell said. "But the downside of this wonderful, delicious product is it is poison, because the benefits exist, but it also introduces a level of vulnerability that someone can use that to your detriment."
McConnell shared his thoughts at a recent conference at the University of South Florida presented by the Florida Center for Cybersecurity, which is also known as FC2.
http://youtu.be/j6EqZxSisIY
The state-funded center, which is based at USF, brings together experts from a dozen state schools to help Florida become a national leader in cybersecurity efforts.
Managing Director Sri Sridharan said the need for the center is obvious with every retailer or financial institution that gets hacked and every individual who falls prey to an online scam.
"And we need to increase the awareness in the marketplace and how these things happen, why does it happen, who’s doing it, and what we can do as common citizens and businesses to take the right steps to protect ourselves," Sridharan said.
About 450 people attended the conference, which was titled "Advancing a Holistic Approach to Strategic Cybersecurity." Sridharan believes the key word in that title is "holistic."
"It is not about technology, it’s about psychology, it’s about digital forensics, it’s about cyber-intelligence, it’s about policy, compliance, law, you name it," he said. "And so we wanted to make sure that when we disseminate information and create the awareness of cybersecurity, we cover all aspects of cybersecurity."
McConnell, who served as one of the keynote speakers, shared his concern that the U.S. and other countries are building powerful cyber weapons.
"What I worry about is not so much nation-on-nation because there tend to be built-in deterrents for that, but what happens when some of these cyber weapons which are cheap and portable leak to an extremist group that wants to change the world order," McConnell said.
But McConnell's biggest concern now is “economic espionage.” He pointed to accusations that countries like China are using the web to steal intellectual property from American companies to the tune of around $450 billion a year.
"Nation states are taking intellectual property, research and development, business plans, innovation, and stealing them, and they take them back for competitive advantage, where they can produce a product or engage in a market in a way that is a disadvantage for the United States," he said.
Conference attendees also saw demonstrations of how hackers work.
Brad Trotter is vice president of the USF Whitehatters Computer Security Club — so named because they’re the "good guys" trying to protect the internet.
"We want to have the technical skills in order to do these sort of attacks," Trotter said. "And if we know how to do these sort of attacks, then we can prevent the bad guys from doing it. It’s similar to a situation where the police have to know how a criminal thinks in order to stop a criminal — it’s the same idea."
Marcus Murray of international IT-security provider TrueSec also shared some tips about staying safe online.
"There are a lot of things you can do, but there’s not one silver bullet thing, so it’s like a list of things you need to do, like you need to use good passwords, you should not reuse passwords, you need to have the latest versions of the operating system and the applications, which is hard if you’re a normal user, you should have a local firewall, updated antivirus, all that stuff," Murray said.
Because even with efforts like the Florida Center for Cybersecurity, the internet remains a dangerous place.
"Today, if you want to break into a real bank, it’s really hard because we’ve been defending banks for hundreds of years," Murray said. "But computer systems, the technology is so new, so that there’s vulnerabilities every time."
During the conference, Sridharan announced an additional honor for USF's Cybersecurity education program - which formally began offering Master's degrees only a month beforehand.
Even in that short period of time, USF picked up the designation of a National Center of Academic Excellence in Information Assurance/Cybersecurity from the National Security Agency (NSA) and Department of Homeland Security (DHS).
The NSA recently revised its criteria, making such recognition more difficult to attain. USF became only the second school in the country to be classified for the first time under these new standards.
"That says that we have the right thing that we’re doing at the University here," Sridharan said. "We have the right program, we have the right approach, we have the right strategy, and we have winning strategy because this message has echoed in NSA, DHS, and all the Washington, D.C. folks that we’re going to talk to."