Computing Community Consortium Blog

The goal of the Computing Community Consortium (CCC) is to catalyze the computing research community to debate longer range, more audacious research challenges; to build consensus around research visions; to evolve the most promising visions toward clearly defined initiatives; and to work with the funding organizations to move challenges and visions toward funding initiatives. The purpose of this blog is to provide a more immediate, online mechanism for dissemination of visioning concepts and community discussion/debate about them.

CCC@AAAS 2019- Cybersecurity: Transcending Physics, Technology, and Society

March 27th, 2019 / in AAAS, Announcements, policy, research horizons, Research News / by Helen Wright

The Cybersecurity: Transcending Physics, Technology, and Society panel: (from left to right) Zeynep Tufekci, Mark D. Hill, Kevin Fu, and John Masters.

Am I safe sitting at home with my pacemaker? Am I safe shopping online? Am I safe when I am using my web-cam enabled computer?

These are all real concerns brought up by audience members at the Computing Community Consortium (CCC) scientific session at the 2019 American Association for the Advancement of Science (AAAS) Annual Meeting in Washington, DC. This session called Cybersecurity: Transcending Physics, Technology, and Society was moderated by CCC Chair Mark D. Hill (University of Wisconsin-Madison). The speakers were Kevin Fu (University of Michigan), John Masters (Red Hat), and Zeynep Tufekci (University of North Carolina at Chapel Hill).

Kevin Fu started the session by asking the audience what happens if your oven broiler turns on every time your phone rings. Is that a problem? Yes, a big one. So how can we prevent hackers from theatrically doing something like this in the current Internet of Things (IoT) environment that we live in? It is not possible to blindly test all sensors all the time. As Fu explained, computers today are vulnerable to analog cybersecurity threats. If we keep removing the human in the loop, we will have to keep solving more and more security challenges. He was asked by an audience member if there are regulatory frameworks for these issues and said “No, not really. These issues are about 5-10 years out. For defense, medical devices, regulations can work, but IoT is consumer driven, so security gets left out.”

In John Masters’ talk he explained that if you trade performance for security, it will lower the overall performance because of the associated risk. Similar to what Fu was saying, Masters explained that in order for us to prevent future Spectrum and Meltdown issues, we need vendors to care, which is a “challenge for industry to solve.”

Finally, in Zeynep Tufekci’s talk she reiterated the importance of having security being built into all new products, as you never know the access points for finding information out which may be harmful, even out of context. We need everyday devices and everyday computers to be hard to hack. A physical switch is key. We can’t rely on an assumed “off” since that could be hackable. It is critical that in order to protect all people, “every company should be in the business of cybersecurity.”

So, yes, you are safe at home with your pacemaker. As Fu said, “if I was prescribed a pacemaker, I would take it. The risk of not having one is much greater than having one.” Just like with online shopping and using a web-enabled computer, there is risk but if you are smart – for instance, by using Masters’ recommendation that when shopping online you should only use one credit card with a low limit – you will be fine. We are just at a point where industry needs to recognize that security is an important feature that should be considered in all new smart technologies.

For more information see the CCC@AAAS website.

Disclaimer: Posts on this blog report on happenings, opportunities, and issues that arise in the broad computing research community, and do not necessarily reflect the opinion of the CCC or the National Science Foundation.


Related posts:

  1. CCC@AAAS2019 – Socio-technical Cybersecurity: It’s All About People
  2. CCC Council Member Kevin Fu Comments on FDA’s Postmarket Cybersecurity Guidance
  3. CCC @ AAAS 2017- The Technology of the Future
  4. CCC Responds to New York Times Article- Society Needs Computer Science (and Math and Social Sciences) Now More Than Ever
  5. Computing Community Consortium at AAAS 2019
CCC@AAAS 2019- Cybersecurity: Transcending Physics, Technology, and Society

Comments are closed.