Cybersecurity Entrepreneurship in a Modern, Connected World
Bringing together cybersecurity ideas, problems, and challenges with entrepreneurial
opportunities to grow the cyber economy of New Mexico.
Goals for the Workshop
Provide a forum where students, faculty, and other entrepreneurs can learn about technical
and related market opportunities in the cybersecurity space. This may involve everything
from learning how to develop conceptual frameworks to evaluation of well-formed startup
ideas.
Connect NMT students, faculty, and staff with the cyber community for the purposes
of access to knowledge and ideas regarding cybersecurity entrepreneurship once the
Workshop is over.
Demonstrate that the NMT CoE in Cybersecurity will be a clearinghouse where entrepreneurs
can be connected with potential opportunities in this area.
This workshop is jointly sponsored by the Cybersecurity Center of Excellence and the
Office for Innovation Commercialization.
Keynote Information: Eric Cornelius, Chief Product Office of Blackberry | Cylance
As Chief Technology Officer, Eric Cornelius drives innovation at Cylance. Previously
Eric served as Chief Product Officer, VP of Innovation, Director of Critical Infrastructure/ICS
and Technical Director of Incident Response/Critical Infrastructure at Cylance. Eric
brings this wealth of knowledge and long history as a security practitioner, consultant,
trusted advisor and product builder to his work in elevating our product development
initiatives, and to leading our product management and corporate development teams.
View Greg Otto's CyberScoop interview with Eric discussing the cyber threat landscape for industrial control
systems given the integration of information technology and operational technology. This interview was done when he was Vice President of Innovation for Cylance.
Key takeaways from the keynote: There was lively discussion with participants from
industry, academia, government, and most importantly entrepreneurs. Part of the lively
discussion was in response to our Eric saying, tongue in cheek, that the first thing
you do to start a successful business is "leave New Mexico". This was referring to
venture capital being most available in California. He discussed what is needed for
a successful business, which is access to capital and access to talent. He also talked
about what is needed for individual success, which is access to bandwidth and access
to an airport. In essence he says that the State needs to provide good airports and
more importantly high-speed Internet access for us to be able to grow successful cybersecurity
businesses in New Mexico. At the Cybersecurity Center of Excellence we are working
on a variety of models to help entrepreneurs begin and operate cybersecurity companies
in New Mexico, as well as ways to help other companies be resilient to cyber attacks.
The keynote presentation will be uploaded October 4th.
September 27, 2019
Final Agenda
Time
Session
11:00 - 11:30 am
Check-in, Pick up Box Lunches
Third Floor, Fidel Center, New Mexico Tech, Socorro, NM
11:30 - 12:00 pm
Welcome Dr. Lorie M. Liebrock, Director of Cybersecurity Centers
Introductory Remarks Dr. Stephen Wells, NMT President
12:15 - 1:00 pm
Keynote Address Eric Cornelius, Chief Product Officer, Blackberry | Cylance
Breakout Sessions: Green/Smart Grid/Cities; IoT/Wearables; Mobile Privacy and Security Issues Assessing and Defining Markets Cyber Tech Competition
3:45 - 4:00 pm
Networking Break
4:00 - 4:15 pm
Announcement of Winners & Awards
4:15 - 4:45 pm
Concluding Keynote: Darryl Ackley & Dr. Peter Anselmo
4:45 - 5:00 pm
Closing Remarks Dr. Lorie M. Liebrock & Dr. Peter Anselmo
Additional details regarding breakouts are provided below.
Breakout Sessions
Connecting technical issues and potential markets for solutions to those issues is
the main focus of the Workshop Breakout Sessions. Interactive sessions managed by
session chairs will engage participants with expert panelists in each of 3 focused
topic areas. Possible topic areas are listed below.
Each topic area will be structured around technical issues with regard to privacy
and security, while defining and developing customers in the cybersecurity market
for compelling technical solutions. These discussions will be followed by a table-based
competition within each topic area focused on development of designs for technical
solutions and an associated preliminary marketing strategy.
Internet of Things & Wearables
Any network-attached, everyday object that has embedded computing and sensors – from
your smart TV to your nanny-cam is part of the Internet of Things. These are connected
to the Internet (and each other) and provide a means of analyzing and monetizing information
collected on an ongoing basis. An overview of security issues with regard to these
sensors, including hardware (such as 5G hardware) and associated privacy implications
will be the focus of the first part of this session.
The second part of the session will integrate the technical summary with market considerations
such as:
What will people pay to ensure some degree of privacy in an IoT world?
Are software-based companies the only route to business here? Are there hardware-based
opportunities for privacy protection? Are there opportunities for companies that are
concerned with education and encouraging appropriate human behavior?
Are there alternatives to IoT that can provide consumers with a balanced rationale
for having all their appliances, devices, etc. connected, while maintaining privacy
and security?
Devices such as fitness trackers have already been used to discover the location of
supposedly secret army bases around the world. With medical implants, near- health
information is being collected – and may be required by entities like insurance companies
in the future. With the advent of products such as the brain-interface proposed for
testing by Neuralink, there could be no such thing as privacy in the future. The loss
of privacy will be presented as a small price to pay for early intervention in health
events, advertising targeted to specific behavior patterns and tastes, and other similar
data-driven user feedback.
In this completely-connected world, privacy may be a thing of the past. Maybe? It
is possible to conceive of privacy as a commodity in a world like this? Market opportunities
to be discussed in this session include:
What is the value of privacy?
What sorts of products (data-monitoring, selectivity regarding data-collection from
users, authenticity assurance, and others) will be monetized in the context of future
mobile devices?
Are there other monetizable alternatives in this general space?
Session Chair: Darryl Ackley
Panelists: William Kwan, James Wernicke, and Ron Tafoya
The notions of smart and green grids are compatible because “smart” implies “efficient”.
Smart cities have many IoT features that enable both micro-efficiencies (home thermostat
control, for example) and macro-efficiencies (smarter timing of traffic lights, other
traffic-pattern-management issues) that have many of the security and privacy issues
associated with the IoT. Smart cities have additional security and privacy concerns
beyond IoT as they are comprised of an intentional unified system in which the city
gathers, analyzes, and controls (presumably) the information about the unified system.
The first part of this session will explore these issues, and then the second part
of the session will be concerned with discussion of how a private startup can enter
the realm of smart/green grids/cities in what will be a regulated commercial world.
Hacking of laptops, tablets, smartphones and other widely-used mobile devices is an
ongoing problem that will become more prevalent as hackers and their technologies
become smarter. False information disguised as authentic information (or some other
form of social engineering) is typically the first step in the attack process, followed
by more technical means. This session will be devoted to an exploration of future
security and privacy issues in this sector.
Major categories of current private-sector solutions to this problem will be discussed,
and the viability of current technology solutions for both current and anticipated
future problems will be discussed. Strategies for development of new companies will
also be considered, including (generally):
Can hardware improve security and if not how can software overcome running on insecure
hardware?
Go it alone or try to partner if you have a better solution to a current problem?
How to monetize your company if you put your solution into the public domain?
How to approach the idea of developing one or more solutions to emerging security
and privacy issues for mobile devices?
Each breakout will follow this basic structure, but will be focused on its specific
topic.
Please volunteer for a leadership position that best fits your interest and expertise.
The workshop organizers will select panelists, session chairs, and judge two weeks
before the workshop. All volunteers will be notified within three days of the decisions,
in case of a cancelation of a volunteer.
Volunteer Positions
Panelist
Panels should be composed of community members from passionate novices to experts
in cybersecurity. Panelists are to lead the session to explore and understand opportuniites
for monetizable cybersecurity solutions including specific technological approaches, market
analysis, and where possible, business case analysis. We are looking for at least
one technical expert and one entrepreneurial expert for each panel, with mixed expertise
in other panelists. Panelists will assist Session Judges with running the competition.
Session Chair
Session Chairs will be responsible to keep the panel on track, on time, and to facilitate
community interaction. Sessions Chairs will develop initial bullet points to guide
the panel discussion. Session Chairs will assist Session Judges with running the competition.
Session Judges
While all community members will be able to participate in judging via a smart phone
app, the Session Judges will explain the competition process, manage the competition
(with assistance from panelists and session chairs), and jointly, Session Judges will
determine the grand prize winning team.