https://r1.ieee.org/njcoast/CISCSP-message/

CONFERENCE CHAIR’S MESSAGE

We at the IEEE New Jersey Coast Section welcome you to our first Conference on Information Security/Cyber Security and Privacy. We have a whole day full of invigorating presentations by keynote speakers, invited speakers and Industrial representatives who will provide cutting edge information on the subject. The speakers are selected based on their contribution to the areas in information security and cyber security that have become the challenge of the 21^st century.

Information Security and Cyber Security and Privacy Challenges:

The proliferation and use of mobile devices at home and enterprise has brought challenges that were not seen a decade ago. Mobile devices are here and are continuously being used at home and at work through the Bring Your Own Device (BYOD) policies adopted by enterprises. What kind of privacy regulations you can impose on persons bringing mobile devices to the workplace and using the enterprise wireless facility for communication? Does the enterprise have the right to gather personal data? How do you compartmentalize and secure private data and enterprise data?

With the advent of cloud computing, enterprises, small, medium and large, are storing large amounts of data in the cloud. What is the level of security that is currently provided by the cloud providers? Where is your data stored and in which country? How do you ensure privacy of the consumer data? While the cloud providers have security up to the network level of OSI, is it the responsibility of enterprises to ensure end to end security?

Now, we are battling how to secure our computer infrastructures against hackers with an ever-changing profile. Hackers were attacking these systems initially for fun, but now they bring down systems for money, obtain Government private data, and execute Industrial espionage. Even some states are promoting these activities that need to be blocked in ways that were never thought of a decade ago. We are seeing a continual change in the terrorist activities and we need to now secure our infrastructure using defense-in-depth and making sure that all hardware /software /firmware are robust and follow regulations. With the use of third party global service providers, the security and privacy challenges have exponentially increased in the last decade. Information Security and Cyber Security are multi-faceted in the sense that not only the infrastructure needs to be secure, but also there is a human element in the use of technology, particularly highlighted by the Snowden case.

How strong authentication, multifactor authentication needs to be in place? How do the wide use of social websites such as Facebook, Twitter and other websites create new challenges in security? How do regulations and deception need to be addressed? Whether the company is large, medium size or small, all of them need security policies.

Forensics has become a forefront technology with the kind of security attacks that we see today and how law enforcers could use it to charge perpetrators. How much information do we need to store to capture these perpetrators? Is it the complete history of transactions or only particular related events?

In summary, Information Security is an ever-changing field that all persons, whether they are security professionals, or simple users of computers, or mobile devices, need to be aware of. They should know about how to use the devices and the security protections.

I wish to thank our Industrial sponsors without whom this conference would not have been possible. Thanks are also due to all volunteers, staff of IEEE OC who have helped make this conference possible. Last but not the least, thanks are due to all of you attendees to make this a successful conference by interacting with Industrial sponsors and professional colleagues. Enjoy your day at the conference.

Dr. Amruthur Narasimhan