From OntologPSMW

Jump to: navigation, search
[ ]
Session Ontology and Cybersecurity
Duration 1 hour
Date/Time 08 Jun 2022 16:00 GMT
9:00am PDT/12:00pm EDT
5:00pm BST/6:00pm CEST
Convener Ravi Sharma
Track Disasters: Ransomware -Cybersecurity


Ontology Summit 2022 Ontology and Cybersecurity     (2)

Dealing with Disasters     (2A)

The COVID-19 pandemic as well as other pandemics and disasters have prompted an impressive, worldwide response by governments, industry, and the academic community. Ontologies can play a significant role in search, data description, interoperability and harmonization of the increasingly large data sources that are relevant to disasters such as the COVID-19 pandemic. The Ontology Summit 2022 examined the overall landscape of disasters and related ontologies. A framework consisting of a set of dimensions was developed to characterize this landscape. The framework was applied to health-related disasters, environmental disasters, as well as aerospace and cyberspace disasters. It was found that there are many cross-domain linkages between different kinds of disasters and that ontologies developed for one kind of disaster can be repurposed for other kinds. A representative sample of projects that have been developing and using ontologies for disaster monitoring and response management is presented to illustrate best practices and lessons learned. The Communiqué ends by presenting the findings and recommendations of the summit.     (2B)

Agenda     (2C)

  • Mark Underwood Challenges in Ransomware Recovery - Paying for the Absence of Micro-ontologies in Cybersecurity Video Recording     (2C1)
    • Ransomware attacks are a high profile, costly type of cyber crime which is on the increase. In the first half of 2021, ransomware accounted for $590 million in threats or losses, including the notorious Colonial pipeline attack on US critical infrastructure. A single 2021 attack on a San Diego hospital network cost at least $131 million. It is so profitable that ransomware-as-a-service is available for attackers unwilling to invest in crafting the underlying malware. Ransomware discussions focus mainly on prevention, but recovery from ransomware is a significant challenge. Recovery considerations figure prominently in decisions to pay attackers, especially when enterprises determine that sensitive data is less likely to have been stolen. Despite the promise of work on a Uniform Cybersecurity Ontology (Syed, Padia, Finin et al., 2016), to date this approach is given light attention. A survey of potential, largely unrealized opportunities for micro-ontologies to support ransomware recovery analysis is offered. Possible causes, alternative frameworks, and micro-ontology scenarios are considered. The community’s enduring characterization of metadata as “tags” remains a sobering antipattern to adoption.     (2C1A)
  • Mark Underwood is currently AVP, Information Security Strategic Initiatives at Synchrony. Interests include Big Data security & privacy, ontologies for model-based software engineering, DevSecOps, and DevOps for Ops and domain-specific frameworks. He has promoted the use of ontology-based systems to support cybersecurity and has published two chapters in software engineering; they cover the use of social media in intranets and complex event processing for cybersecurity in IoT. Previously Mark Underwood has served as lead engineer or principal investigator on artificial intelligence projects for DARPA, Army and Air Force research laboratories. He served as co-chair of the 2015 Ontology Summit focused on the Internet of Things. and is currently Chair of the IEEE P2957 Big Data Governance and Metadata Management Working Group.     (2C2)
    • Mark Underwood holds certificates from ASQ (Certified Software Quality Engineer), ISACA (CRISC, CDPSE), Scaled Agile (SAFe4 Agilist).     (2C2A)
    • He is an occasional electric violinist and poet.     (2C2B)
    • Expressed views reflect his own, not those of employers or professional associations.     (2C2C)
    • Twitter: @knowlengr     (2C2D)
    • As a collaborator in standards organizations, Mark Underwood has worked to foster information assurance, transparency and algorithmic ethics for autonomous systems. From 2013-2018, Mark Underwood served as co-chair of the NIST Big Data Public Working Group’s security and privacy subgroup, In 2014, he served on the workshop committee for the IEEE Big Data Conference and moderated several panels, and served on the IEEE P2675, P7001, P7003, and P7000 standards committees. Invited presentations have included DevSecOps Days 2019 (Washington DC), keynote co-presenter with ontologist Leo Obrst at the Semantic Technology for Intelligence Defense Security Conference (STIDS 2016).     (2C2E)

Conference Call Information     (2D)

Attendees     (2E)

Discussion     (2F)

Resources     (2G)

Previous Meetings     (2H)

Next Meetings     (2I)