‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌   ‌
Click here to see this online
National Cybersecurity Awareness Month 
National Cybersecurity Awareness Month

October was National Cybersecurity Awareness Month! CIRI celebrated with the Information Trust Institute (ITI) to share the latest research in cybersecurity, and information about how CIRI is developing the tools, processes, and workforce to help keep the nation secure.

Highlights of October included celebrating National Manufacturing Day as well as CIRI’s partnerships with USTRANSCOM, Mt. Hood Community College and Scriyb. The last two partnerships involve using CIRI’s Dashboard Tool to help train the next generation of cybersecurity professionals and help small businesses meet national standards.

Earthquake damage 

Cybersecurity is a concern for all business, which is why the government developed and published the National Institute for Standards and Technologies (NIST) Cyber Security Framework. Unfortunately, meeting the NIST CSF standard is a challenge for most small businesses. Read more

CIRI team 

A new collaboration with Scriyb, an AI-powered training platform for cybersecurity education, is helping to extend the Dashboard to include a full suite of education and training modules and learning management tools to further improve both the process of learning about cybersecurity and workforce development for future employees. Read more

Attended events
 CIRI director Randy Sandone leads a panel on election security
CIRI attends Mobile World Congress

CIRI Executive Director Randy Sandone discussed our five mobile communications projects with attendees at Mobile World Congress last month in Los Angeles. CIRI attended the event – which highlighted intelligent connectivity and next-generation communications - in support of DHS Science and Technology Directorate and DHS’s Cybersecurity and Infrastructure Security Agency (CISA).

 Noah Dormady of Ohio State University

In October, CIRI attended the FEMA Region V RISC meeting in Chicago, where CIRI's Noah Dormady of The Ohio State University presented on the Business Resilience Calculator. The calculator provides information to help business owners and managers to identify the most cost-effective strategies for enhancing the resilience of their businesses in the event of disruptions caused by natural disasters.

FEMA Region V supports the citizens and first responders in six Midwestern states, including Illinois.

 CIRI booth at NDTA
National Defense Transportation Association Fall Meeting

We attended the National Defense Transportation Association (NDTA) U.S. Transportation Command Fall Meeting 2019, to talk with attendees on the tradeshow floor. We also demo'd our technology that helps companies keep their supply chain secure.

The NDTA is a group of government, military, and private sector professionals whose goal is to solve pressing challenges in the fields of logistics, transportation, and passenger travel services.

CIRI-hosted webinars

CIRI has recently hosted two webinars. Christopher Nissen, director of Asymmetric Threat Response & Supply Chain Security at the MITRE Corporation, presented "Supply Chain Security in an Asymmetric Era." The presentation introduced the foundation of a strategy developed by Nissen’s team called “Deliver Uncompromised.”

The second webinar was given by Jana Deisner, associate professor at the School of Information Sciences at the University of Illinois at Urbana-Champaign, who presented "Supporting Practitioners and Analysts in Making Decisions about Data Analytics to Study Humanitarian Assistance and Disaster Relief Operations." As part of this presentation Deisner presented her group's work assessing the impact of choices that analysts and end users of software solutions have to make when collecting and analyzing large-scale text data related to emergency management situations.

Upcoming events

November is National Critical Infrastructure Month! This month, CIRI's social media will focus on the importance of CIRI’s work to improve mobile networks; information, communication and technology of the supply chain, humanitarian assistance and disaster recovery; and the interdependencies of the nation's critical infrastructure.

CIRI will be attending the following events in the coming months, we hope to see you there!

  • Maritime Risk Symposium, November 13-15, Throggs Neck, NY
  • NIST NICE Conference, November 18-20, Phoenix, AZ
  • Consumer Electronics Show, January 7-10, Las Vegas, NV
  • RSA Conference, February 24-28, San Francisco, CA
New CIRI projects

Empirical Security Analysis of the Wireless Emergency Alerts System
PI: Sangtae Ha, Boulder Colorado
This project proposes a study that includes an empirical evaluation of the commercial mobile alert service (CMAS)/ Wireless Emergency Alerts (WEA) LTE physical layer attacks and possible defenses through the collaboration with commercial mobile carriers and government stakeholders. Specifically this work will replicate the vulnerabilities of CMAS/WEA, work to understand CMAS/WEA threats, evaluate a real-world attack response, and address discovered vulnerabilities. After those tasks have been completed the group will also explore mitigation solutions for found CMAS/WEA vulnerabilities.

Characterizing End-to-End Risk of the Telecommunications Supply Chain
PI: Iris Tien, Georgia Tech
Telecommunications infrastructure in the U.S. is rapidly changing, resulting in the introduction of new physical assets and operational procedures to the provision of telecommunications services. Varying elements of the supply chain pose risks in the ability to provide telecommunications services. It is critical to be able to identify vulnerabilities in the system to be able to assess and manage risks in addition to forming recommendations to mitigate and reduce risk. This project will comprehensively characterize end-to-end risk of the telecommunications supply chain.

Protecting the Nation’s 911 System from Cyber Threats Present and Future
PI: Karthik Balasubramanian, Karthik Consulting, LLC
Cyberattacks against the nation’s legacy 9-1-1 system have begun, Telephone Denial-Of-Service attacks have already occurred. The Department of Homeland Security recognizes the Emergency Services Sector, and specifically the 9-1-1 Public Safety Answering Points as part of the nation’s critical functions of its Critical Infrastructure, and one that is to be protected. This work seeks to develop guidance, approaches, and best practices that can assist large and small Emergency Communication Centers operations in strategizing and architecting their networks and organizations to address the highest risk areas.

Safety and Security in Remote Bridge Operations
PI: Randy Sandone, University of Illinois at Urbana Champaign
There is a growing request to convert drawbridge operations from onsite to remote operations over a cyber-physical control network. This must be done in a way that prioritizes safety and security. This research project will provide standards and guidelines that the United States Coast Guard can use to develop policy and regulations for remote bridge operations and will deliver an accessible, intuitive tool that can be used by remote bridge owners and operators to implement and maintain conformance to those policies and regulations.