WELCOME

Alex Stamos is an adjunct professor at Stanford's Freeman Spogli

April 16, 2019 by Katherine Berry

Alex Stamos is an adjunct professor at Stanford's Freeman Spogli Institute, a William J. Perry Fellow at the Center for International Security and Cooperation, and a visiting scholar at the Hoover Institution. As a chief security officer at Facebook and Yahoo and a co-founder of iSEC Partners, Stamos has investigated and responded to some of the most seminal events in the short history of cybersecurity, and he has been called the "Forrest Gump of Information Sec" by friends. He is working on election security via the Defending Digital Democracy Project and advising NATO's Cybersecurity Center of Excellence. He has spoken on six continents, testified in Congress, served as an expert witness for the wrongly accused, earned a BSEE from UC Berkeley, and holds five patents.

A recent report from the Center for International Security and Cooperation's Institute for Cyber-National Security (ICSS), an international cybersecurity group, is particularly troubling. The report, co-authored by Robert C. Smith and Jonathan H. Wright, a professor at the Center for International Security and Cooperation, calls on governments to address their own systems failure and to make changes to improve their security infrastructure. Specifically, it calls for the adoption of a "system-on-top" approach that allows governments to use a variety of different technologies, from smart grid solutions and other infrastructure upgrades, to "systems of value" (that's those that "prove" to be valuable, but are ultimately a fraud). Smith, a former director of cyber security for the World Trade Center project and co-author of the report, says he found this approach to be "highly effective." He also says that the government needs to learn that the "systems of value" approach has its limitations. It's unclear if the report is correct, but it's worth noting this approach could be used to make cyber security as complex as the government is willing to acknowledge.

The report also notes that "in the absence of effective cybersecurity measures available, the United States is likely to be unable to defend against cyberattacks, and may well face widespread cyberattacks that threaten to destroy critical infrastructure, threaten to disrupt critical infrastructure of countries, or harm national security in a global scale, leading to widespread cyberattacks that could harm U.S. national security interests." It also argues the U.S. can use its influence, and other U.S. government, in shaping the security of our digital infrastructure to achieve effective cyber security.

But Smith and Wright are also critical of the U.S. government's