Summary of Security at the Speed of Research

00:00:00 - 00:55:00

This video discusses the importance of cyber security for researchers. It highlights the different types of attacks that can happen, and the need for continual innovation in the field. The video also discusses the need for high performance computing to support research and the need for security solutions to be fast and efficient.

• 00:00:00 The presenter introduces Isaac Straley, CSO at the University of Toronto, who will talk about information security. They discuss Straley's experience as a CSO and privacy officer, and his work at the University of Toronto. They also mention that he will be talking about cyber security and private sector innovation.
• 00:05:00 Isaac provides a briefing on the threats faced by researchers in the cyber security field. He highlights the importance of thinking differently when managing risk, and emphasizes the need for flexibility in research. He also discusses the need for continual innovation in the research field.
• 00:10:00 The video discusses the different types of attacks that can happen online, including garden variety attacks and Criminal and Criminal Enterprise attacks. It also discusses the different motivations behind these attacks, including fraud, scams, revenge, data theft, and disruption. Finally, the video discusses the insider threat and how nation state actors are motivated to conduct these attacks.
• 00:15:00 The three major concerns that the security community has regarding research are espionage, financial exploitation, and disruptive technology. Each of these concerns has the potential to have a significant impact on the research community as a whole, and it is important that measures are in place to protect researchers and their data.
• 00:20:00 The speaker discusses various types of attacks, including reconnaissance, weaponization, and command and control. He notes that these attacks are often recursive, with multiple threads of activity. The speaker also discusses the Lockheed Martin kill chain, a model for analyzing and understanding attacks. The talk concludes with a discussion of how research needs to be approached in a different way than other types of systems.
• 00:25:00 The speaker discusses the new state of security, which is managed risk and empowering individuals. He says that security controls can be orthogonal to scientific discovery and that we need to keep having conversations about this issue. The speaker mentions Professor Jones, who has a very interesting perspective on the tension between security and research. The speaker discusses the need for high performance computing to support research and the need for security solutions to be fast and efficient.
• 00:30:00 Tyson McCauley is the Chief Security Officer and Vice-President of Field Engineer at Rockport and is a researcher in his own right. Tyson's background includes experience in product strategy, corporate development, business development, and thought leadership in general. Tyson currently serves on the board of directors for the Canadian Standards Association, and is a member of the ISO/IEC JTC 1/SC 38 Working Group on Security Standards. Tyson has authored and co-authored four books, dozens of publications, and holds two registered patents.
• 00:35:00 The video discusses a new network security system that is called a "network card." This card fits into any server and removes switches from the attack surface, simplifying the operational profile for research and education systems.
• 00:40:00 The video discusses the security and performance benefits of a network made up of nodes that are directly connected, without any switches. This network is called a "Rockport switchless environment." The network is designed to be redundant and non-blocking, which eliminates the need for top-of-rack switches. This prevents the occurrence of bottlenecks, and allows for more efficient use of computing resources.
• 00:45:00 In this video, Tyson explains how research networks, such as the ones used by HPC facilities and artificial intelligence research, are difficult to attack and have reduced attack surfaces. Richard Yu from Carleton University talks about his research in cyber security and how efficiency and speed are important. Tyson and Richard discuss how less is more in cyber security, and Tyson tells a story about how he met Richard.
• 00:50:00 The presenter discusses a cyber security research project conducted at Rockport, which found that network equipment from Rockport showed an average of 7.5% increase in performance when congested, meeting success criteria set by the company.
• 00:55:00 The video discusses security issues in research. It discusses the different types of security attacks that can happen, and the ways that Canary can help to protect against them.