An Interview with Daniel E. Geer Jr.
The Inside View
Took place 13 August, 0930-1030 hrs
||An entrepreneur, author, scientist, consultant, teacher, and architect, Dr. Daniel Geer is Chief Information Security Officer at In-Q-Tel and serves as Chief Scientist Emeritus at Verdasys. Previously, Dr. Geer served as CTO of @stake and ran the development arm of MIT's Project Athena,where his staff pioneered Kerberos, the X Window System, and much of what we take for granted in distributed computing. He has co-authored several books on risk management and information security and is past president of the USENIX Association.
|Daniel E. Geer Jr.
Chief Information Security Officer, In-Q-Tel
In this interview with Dan Geer, Chief Information Security Officer for In-Q-Tel, (Moderated by Dr. Barbara Endicott-Popovsky), Dr. Geer discusses the types of threats that exist for the cyber landscape, the realities of responding to those threats, and what must be done to further create an adaptive and resilient cyber infrastructure that is capable of neutralizing said threats. The interview took place, 13 August 2013 at the AIAA AVIATION 2013 Conference.
Watch the Video Here
Or, watch it on AIAA's YouTube channel and leave a comment.
A few outtakes from the Dan Geer Interview:
- "Cybersecurity is a lot like public health. You have to pay attention to the disease, its transmission rates, the vector of the transmission, and the acquired immunities.”
- "What is my definition of security? The one I like at the moment is that ‘the state of security is the absence of immitigable surprise.’ There will always be surprises, but the question is – can you mitigate them?”
- “The top level idea behind security design is that there can be no silent failures. If it fails, you have to know it, and know it right away. Over 80% of data loss is discovered by unrelated third parties, having instantaneous recovery becomes far more important than preventing failures, but it does go back to the idea that there can be no silent failures.”
- “Aviation is safe, I have to admit – I’ve never seen an ad for Delta, or any other airline, that proclaimed ‘Our planes fall out of the sky less frequently than theirs do!’”
- “Safety has to do with being past the event and seeing if you are still there. But remember, the difference between cybersecurity and component failure – say having the tip come off a rotor – is that cybersecurity breaches are 99.44% of the time done on purpose by someone who means ill, it’s not a crack you didn’t see, it is intentional.”
- “Failures (in aviation) that makes front page news is rarely the cause of a single failure, it’s a couple of failures compounding.”