April 24, 2006
Halligan 111


Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness.

This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for "cyber self-defense."

Bio: Eugene H. Spafford is a Professor of Computer Sciences, and a Professor of Electrical and Computer Engineering at Purdue University. He is also the Executive Director of CERIAS. In addition to his activities at Purdue as an administrator, educator and researcher, Spaf (as he is widely known) is also the chair of the ACM's US Public Policy Committee and a member of the CRA Board of Directors. He was a member of the most recent incarnation of the President's Information Technology Advisory Committee (PITAC). Spaf serves as an advisor to several major corporations and national agencies. When time permits, he conducts research with his students on issues of security engineering, cyber forensics, and information systems policy.