Workshops‎ > ‎


Cyber Resilience Workshop Series

Workshop on Managing Cyber Risk through Recovery Driven Resilience




Sponsored by:  International Cyber Center, George Mason University, and
Transformation Series, National Defense University

When: February 14 :  0800 to 1230

Where: Lincoln Hall 155,  National Defense University

Directions to NDU and Fort McNair map are at


Technical Points of Contact: 

Dr. Alenka Brown, NDU    [email protected]

Dr. James Keagle, NDU   [email protected]

Dr. Arun Sood, GMU    [email protected]

For Registration Questions:  James Burchill      [email protected]

Keynote Speaker:  General Harry Raduege (Ret)

To Register Click Here

Tuesday, February 14th – Risk and Recovery

0800-0830       Registration and Networking

0830-0840       Welcome

Dr. James Keagle, Distinguished Research Fellow, Center for Technology and National Security Policy, National Defense University

0840-0900       Introduction to Workshop Series and Keynote Speaker

Dr. Arun Sood, Professor & Co-Director, International Cyber Center, George Mason University

0900-0945       Keynote Speaker:

Lt. Gen (Ret.) Radeuge, Chairman, Deloitte Center for Cyber Innovation
Director, Deloitte Services LP,
former Director of the Defense Information Systems Agency

0945-1000       Question and Answer Session

1000-1015       Coffee Break

1015-1115         Requirements and Forms of Resilience

Moderator: Dr. James Keagle, Distinguished Research Fellow, CTNSP
Dr. Shari Pfleeger
, Director of Research, Institute for Information Infrastructure Protection, Dartmouth College
Dean Weber, CTO, CSC
Dr. Sam Liles, Associate Professor, CI&IO, National Defense University

1115-1215         Implementation of Recovery Driven Resilience

Moderator: Dr. Vitalij Garber, former Deputy Undersecretary of Defense for International Programs and Technology
Dr. Tim Gibson, Assistant Director, Cyber Systems, Draper Laboratory
Dr. Peter Fonash,
CTO Cyber Security and Communications, Department of Homeland Security.
Dr.  Arun Sood, Professor, ICC, George Mason University

1215-1230       Closing Remarks

Motivation and Theme

The increasing reliance of government, business and not-for-profit sector on computing infrastructure has provided our adversary with an opportunity to gain advantage by launching organized, targeted, and coordinated attacks.  The attackers have several motivations, including: (1) desire to steal specific intellectual property or personal information; (2) vandalism instinct leading to defacement and reduced availability on the internet. 

The current approaches to cyber security are reactive and rely on our ability to identify the vulnerabilities in our systems and model attacker strategy.  These are difficult tasks.  To illustrate the complexity, we note that Symantec reports encountering 286 million unique variants of malware in 2010.

In this workshop we explore additional mechanisms for increasing the resilience of national cyber assets.  The focus is on delivering service even in the presence of a successful attacker in the system. A resilient system provides critical services even though there is an on-going system breach – the performance is likely to be affected though in most cases the impact is not noticeable by the users. To achieve higher level of resilience, we examine alternative strategies, and expect the addition of a proactive element to the current reactive approach. In this quest we are motivated by analogs in engineering and medicine.  (1) To increase reliability of systems, engineers device strategies to reduce the failure rate and also reduce the time for failure.  Optimal solutions find a balance between the cost of increasing MTTF and the cost of reducing MTTR.  (2) Vaccines have been developed to immunize the population and reduce the risk of spreading disease. But these often require booster shots. The flu vaccine is recommended every year and incorporates protection against 3 most likely flu viruses for the next year.  Although it is not perfect, it reduces the intensity of the infection and speeds recovery.

The IT cost containment strategies have relied on reducing redundancy and adopting standards.  Cloud computing and mobile computing are two examples of this thrust. These strategies have the undesirable consequence of enabling the attacker to successfully use the same attack methodology against a number of targets. We conclude that intrusions are inevitable, and we should focus on adding other protection mechanisms to the cyber security quiver. In this workshop we explore restoration and recovery mechanisms that will enhance the system resilience. 

In future workshops of this series we expect to focus on approaches driven by fault and intrusion tolerance; decoys and deception; intrusion avoidance and malware removal; rapid reconfiguration and diversity; capital and operations costs; policy requirements; human factors and information overload etc.

Workshop Information Pack

Please CLICK HERE to download the information pack.