TAMPA — Cyberattacks reported by federal agencies have grown nearly 800 percent in the past six years. PricewaterhouseCoopers reports that in the private sector, 93 percent of organizations experienced some form of cybersecurity breach in the previous year.
Defense Secretary Leon Panetta warned in 2012 that the United States could face a “cyber-Pearl Harbor.” Every second ticks on 18 new cybersecurity victims and the annual cost of cybercrime is estimated at $100 billion.
Who will take on that scourge?
Maybe the University of South Florida.
USF officials will appear before the state university system Board of Governors today to pitch the creation of a Florida Center for Cybersecurity at the Tampa campus, an organization called for by Gov. Rick Scott and the Legislature to put the state at the forefront of the growing field.
“Our vision is very simple,” said Sri Sridharan, managing director of the center. “Somebody in Scottsdale, Arizona says, ‘I have a question on cybersecurity.’ The answer should be, ‘Talk to those guys at USF. They’ll give you the answer. They know what they’re doing.’ ”
USF will seek a phased-in investment of $16.1 million and ultimately a $30 million center to take on cybercrime.
The center would serve as a hub for the entire state university system, guided by an advisory council with representation from every state university.
“It’s very exciting,” said USF System President Judy Genshaft. “It’ll mean a great deal to USF. We’re already engaged in a great deal of activity with cybersecurity, and this will really help us cooardinate and take the lead, bringing everybody together as partners.”
Sridharan identified three main goals for the cybersecurity center: education, research and outreach.
USF estimates that every year, the center would provide an additional 550 cybersecurity certificates, 475 undergraduate certificates or concentrations, 270 graduate certificates or concentrations, nearly 900 bachelor’s degrees, 215 master’s degrees and 50 doctoral degrees.
Many of those graduates would step into jobs with six-figure salaries, with the demand for cybersecurity professionals growing 3 ½ times faster than the demand for other information technology jobs and 12 times faster than for all jobs.
On the research side, the center would provide what is known as a sensitive compartmented information facility, or SCIF, to analyze and protect classified information.
But not all cybercrime involves technical hacks, and Randy Borum, a USF professor and coordinator of strategy and information analysis, said a cybersecurity center would provide an “awesome opportunity” to study what he calls social engineering – human behavior that can make systems vulnerable.
Think, for example, of a naïve student finding a thumb drive and, out of curiousity, plugging it in to a university network.
“There’s an opportunity here to create, in a laboratory, a better understanding of the conditions of how people can develop their own security triggers, what kinds of things circumvent those triggers, and what are some of the high-risk contexts in which they happen,” Borum said.
“It’s a little more challenging than it seems. You don’t know what those things are until you get the behavioral piece. Those are the kinds of solutions that haven’t been thoroughly evaluated going forward, but they are part of the next generation of thinking about what a security enterprise looks like.”
The USF center would serve as a statewide cybersecurity clearinghouse, sharing knowledge, resources and training. It would communicate threats and hold conferences and trade shows to spread information and train technicians.
Florida businesses “would have access to the latest and greatest technologies to deal with attacks,” Sridharan said. “Our objective is to always educate and make this information available to the public.”
The proponents say there will be additional advantages to the cybercenter.
The proximity to Central Command and Special Operations Command at MacDill Air Force Base gives USF access to uniquely qualified veterans returning to civilian life with skills in information technology and, often, advanced security clearances.
What’s more, the Tampa area is a hotbed of the tech industry, with major players such as Tech Data, Jabil and IBM supplying letters of support to the board of governors. Those businesses would both benefit from and provide their own input into the center, backers said.
Luke Hritsko, who graduates in December with a computer science degree, said establishing the center is a great idea for USF. “It’s a great opportunity to bring a lot of interested people into the school,” Hritsko said. “It’s a growing field right now.”
Hritsko leads the Whitehatters Computer Security Club on campus, which competes nationwide in cybersecurity events.
“It’s very difficult and challenging,” he said. “That’s the thing I like about computer security. It’s not straightforward engineering. You have to be very creative in your approach, there’s something different every single day.”
USF’s efforts to ramp up the cybersecurity center is on the fast track. It has to be, said Sridharan.
“This is not something we can afford to start in 2015 or 2016,” he said.
“Cybersecurity is a real thing today. If we don’t do it, somebody else is going to do it. The train is going to leave the station. And we want to be on that train. It’s our train.”
Cybercrime by the numbers
new vulnerabilities discovered in 2012, 415 of which were on mobile operating systems
percent of network intrusions exploiting weak or stolen credentials
percent of employees admitting to stealing company data when leaving previous job
1 in 10
social network users who say they’ve fallen victim to a scam or fake link on social network platforms
estimated annual cost of global cybercrime