Live blog: Cybenko wows Ottawa boffins with QuERIES

This report follows the live blog of the TIM event, ‘Cyber Security Metrics and Simulation’

The full transcript can be found archived here.


Prof. Cybenko on left.

At a time when attacks on government departments and businesses are on the rise, Canadian technology leaders are looking for innovative ways to defend themselves against the next generation of cyber crime. They gathered on Thursday night to hear a globally recognised expert on the subject present his ideas.

“We have to show more deliberative progress than we have in the last 10 years,” said George Cybenko, Dorothy and Walter Gramm Professor of Engineering at Dartmouth College in the U.S. He believes current approaches to the problem are not keeping up with the fast-moving hacker threat. Defensive strategies are not working, so instead IT should be more accurately predicting the probability of attacks before they happen, Cybenko said.

Cybenko presented his cutting-edge research into security metrics at Carleton University on Oct. 8. Put simply, metrics allow IT experts to measure the effectiveness of the defences that protect banks, retailers and government.

According to Cybenko, it’s our love for new features in software and computing products that increase the risk of attack. As consumers, we want more from our mobile devices, laptops and cloud services to help us do our work and manage our private lives, but this often introduces new vulnerabilities.

The network security company Symantec Corp. defines computer vulnerability as a flaw in software or a system that makes it open to attack.

These types of attacks are known as exploits, and are often used by hackers to gain access to computer systems and steal data, or install software for surveillance purposes.

To help counter this, Cybenko and colleagues Lawrence Carin and Jeff Hughes developed a method they call QuERIES, Quantitative Evaluation of Risk for Investment Efficient Strategies, almost six years ago. Cybenko has applied the method at the U.S. Defense Department and other high profile customers.

QuERIES can help IT professionals and their managers with decisions on how much to spend and what strategies are needed to defend Canadian businesses, government and the public.

Cybenko’s lecture is the latest in the Technology Innovation Management (TIM) series, part of the master’s program of the same name at Carleton University.

Steven Muegge of Carleton’s TIM program was at the event. He explained that the aim of the lecture series was to introduce new research to Canadian entrepreneurs, bureaucrats and technology leaders.

Among the attendees were economic development officers from the City of Ottawa, cyber security experts, and members of Ottawa’s start-up community.

“It’s a melting pot of different interests here tonight,” said Muegge.


%d bloggers like this: