Cybersecurity: Behavioral and Economic Perspectives
Sponsored by the Computer Science department and the Stanford Cyber Initiative
Once viewed as a merely technical problem, cybersecurity is a complex issue incorporating aspects of economics and human psychology. The social, economic, and behavioral aspects of cyberspace are at the core of what makes it the complex, adaptive system that it is. This seminar series brings together a diverse set of experts from academia and industry, all sharing recent research in topics ranging from usable security, underground economies, human factors, quantitative models of cyber risk.
Mondays 4:30-5:30pm in Y2E2 105
Join the mailing list here for news and reminders about upcoming seminars!
Predictability in Cyber Systems
Cyber Security is a rapidly evolving domain, where new actors, exploits, and impacts regularly appear. As a result, practitioners often have the perception that modeling cyber security attacks or human failures associated with hacking incidents is difficult because the data are so volatile. Actually, a wide range of cyber related phenomenon are surprisingly consistent, and readily able to be modeled using standard statistical techniques. This talk will present several datasets that show smooth trends in cyber security, which is good news for CISOs, cyber insurers, and researchers.
Turning the Tables on Cyber Criminals - Combatting BEC with Active Defense
With a 2,370% increase in business email compromise (BEC) attacks in the last two years, cyber criminals are increasing the cadence, sophistication and success of attacks with little risk of being brought to justice. This talk will cover the methods used by the criminals and how their attempts can be identified and blocked. The focus on the presentation will be on a recent initiative to infiltrate criminal organizations, including insights gained from the massive quantities of data obtained by doing this.
|1/29||Bruce Schneier||Harvard||Security in a Hyper-Connected Society|
From Blacklisting to AI – New Approach to Preventing Social Engineering
Social engineering is an increasing threat on businesses, costing over $5B in stolen funds over the last 3 years. We will discuss the tactics used by cyber criminals, and the methods traditionally employed by security systems to stop them, mainly blacklisting. We will explain why blacklisting is largely ineffective in today’s landscape, and offer a revolutionary approach based on anomaly detection to identify social engineering attacks in real-time.
Lior Gavish is VP of Engineering, Email Security at Barracuda Networks, where he builds the company’s next generation email security and fraud detection solutions. Lior was previously VP of Engineering and co-founder of Sookasa, a cloud storage security startup (acquired by Barracuda). Prior to that, Lior led startup engineering teams building machine learning, web and mobile technologies. Lior holds a BSc and MSc in Computer Science from Tel-Aviv University, and an MBA from Stanford University.
|2/12||Joe Bonneau||NYU||The post-Snowden era has seen a surge of interest in end-to-end encrypted communications as a technical safeguard against mass surveillance. This talk will discuss both technical research on encrypted communication tools, specifically the CONIKS protocol for distributing keys, as well as a insights from the largest user study on perceptions of messaging tools.|
|2/26||Adrienne Porter Felt||TBD|