************************************************************************************

NISlecture 2014/01 (31.01.2014, 12.15-13.00 in K105)

Title : CyberDawn 2013 – because it was necessary

Speaker : Chief Security Intelligence Officer, Storm Jarl Landaasen, Telenor Norge

Published material: Video (the talk start approximately 10 minutes into the recording)

Abstract :

From Telenors viewpoint as a key infrastructure provider in the Norwegian society the company was concerned with the absence of planned national ICT/cyber exercise on the national Norwegian exercise calendar. In the perspective of no planned ICT / cyber exercise in the coming five years, Telenor Norways CEO invited in 2013 Norwegian authorities and large customers to a common exercise. CyberDawn was designed to test participating organisations internal and external cyber continuity strategies. CyberDawn resulted in increased awareness of vulnerabilities, formalities and lacking process in information security governance in addition to missing processes between private and public entities.

In his presentation Storm will address the preparations, execution and the follow-up of the exercise.

About the Speaker :

Storm Jarl Landaasen is Chief Security Intelligence Officer Telenor Norge and responsible for threat assessment and threat communication in Telenor Norge. Storm has been in Telenor since 1997 and has a background from the Norwegian Defence.

************************************************************************************

NISlecture 2014/02

Title : On Gait and Soft Biometrics

Speaker : Professor Mark S. Nixon, University of Southampton

Published material: video1video2slides

Abstract :

The prime advantage gait of gait as a biometric is that it can be used for recognition at a distance whereas other biometrics cannot. There is a rich selection of approaches and many advances have been made, as will be reviewed in this talk. Soft biometrics is an emerging area of interest in biometrics where we augment computer vision derived measures by human descriptions. Applied to gait biometrics, this again can be used where other biometric data is obscured or at too low resolution. The human descriptions are semantic and are a set of labels which are converted into numbers. Naturally, there are considerations of language and psychology when the labels are collected. After describing current progress in gait biometrics, this talk will describe how the soft biometrics labels are collected, and how they can be used to enhance recognising people by the way they walk. I shall also describe recent work in soft biometrics for face recognition. As well as reinforcing biometrics, this approach should to a new procedure for collecting witness statements, and to the ability to retrieve subjects from video using witness statements. Underlying the talk, are new techniques for (moving) feature extraction and description, as well as the new approaches to semantic feature analysis.

About the Speaker :

Mark is the Professor in Computer Vision at the School of Electronics and Computer Science. His research interests are in image processing and computer vision. He has helped to develop new techniques for static and moving shape extraction (both parametric and non-parametric) which have found application in automatic face and automatic gait recognition and in medical image analysis. His group were early workers in face recognition, later came to pioneer gait recognition and later joined the pioneers of ear biometrics, and currently we're working on soft biometrics where we recognise people by human attributes. Amongst previous research contracts, he was Principal Investigator with John Carter on the DARPA supported project Automatic Gait Recognition for Human ID at a Distance , on the General Dynamics Defence Technology Centre's program on data fusion (biometrics, naturally), on the MoD/ARL (US) IBM-led Information Technology Alliance and we're currently working on the EU funded Tabula Rasa programme which is the first co-ordinated study of spoofing biometrics.

************************************************************************************

NISlecture 2014/03 (28.03.2014, 12.15-13.00 in K105)

Title : The Birth of the Pointer Variable

A powerful but potentially dangerous programming language facility!

Speaker : Harold “Bud” Lawson, Inventor of the Pointer Variable Concept and Recipient of the prestigious IEEE Charles Babbage Computer Pioneer Award

Published material: slides video (the talk start approximately 9 minutes into the recording)

Abstract :

Harold “Bud” Lawson has been a leading pioneer in the computing and systems arenas. In this seminar he will share some of the significant highlights from the early part of his career that led to the introduction of the pointer variable concept in programming languages. His experiences and reflections have recently been published in a chapter of the book Reflections on the History of Computing: Preserving Memories and Sharing Stories (IFIP Advances in Information and Communication Technology).

About the Speaker :

Bud Lawson’s professional career began in 1959 under the leadership of the legendary Real Admiral Dr. Grace Murray Hopper at Remington Rand Univac in Philadelphia. During his long career he participated in several pioneering developments in software, hardware and computer based systems. For his invention of the pointer variable concept in programming languages he was awarded the prestigious IEEE Charles Babbage Computer Pioneer award in 2000.

************************************************************************************

NISlecture 2014/04 

Title : Cyber War, Cyber Peace, Stones, and Glass Houses

Speaker : Gary McGraw (PhD), Chief Technical Officer at Cigital Inc.

Published material: lecture interview  
(Thanks to Stian Pedersen [production] and Synne Grand Østern [interview])

Abstract :

Washington has become transfixed by cyber security and with good reason. Cyber threats cost Americans billions of dollars each year and put U.S. troops at risk. Yet, too much of the discussion about cyber security is ill informed, and even sophisticated policymakers struggle to sort hype from reality. As a result, Washington focuses on many of the wrong things. Offense overshadows defense. National security concerns dominate the discussion even though most costs of insecurity are borne by civilians. Meanwhile, effective but technical measures like security engineering and building secure software are overlooked. In my view, cyber security policy must focus on solving the software security problem - fixing the broken stuff. We must refocus our energy on addressing the glass house problem instead of on building faster, more accurate stones to throw.

 About the Speaker :

Gary McGraw is an author of many books and peer-reviewed publications on IT security. In addition, Gary McGraw produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine. Gary is the Chief Technical Officer at Cigital Inc. He holds dual PhD in Cognitive Science and Computer Science from Indiana University.

************************************************************************************

NISlecture 2014/05 (29.08.2014, 12.15-13.00 in K102)

Title : Threats and Security in the Cyber World

Speaker : Dr., Col (ret.) Martti Lehto, Cyber security and Cyber defence researcher at University of Jyväskylä

Published material: Video (the lecture starts 9 min into the recording) and slides

Abstract :

The global community continues to experience an increase in the scale, sophistication and successful perpetration of cyber-attacks. As the quantity and value of electronic information has increased, so have the efforts of criminals and other malicious actors who have embraced the Internet as a more anonymous, convenient and profitable way of carrying out their activities. Of primary concern is the threat of organized cyber-attacks capable of causing debilitating disruption to a nation’s critical infrastructures, functions vital to society, economy, or national security.

Threats in cyberspace are as difficult to define, as it is hard to identify the source of attacks and the motives that drive them or even to foresee the course of an attack as it unfolds. The identification of cyber threats is further complicated by the difficulty in defining the boundaries between national, international, public and private interests. 
This lecture will describe the cyber world phenomena, threats, vulnerabilities and cyber weaponry as well as the critical structures of society as the targets.

About the Speaker :

Martti Lehto graduated as doctor of Military Sciences at the Finnish National Defence University in 2012. He has over 30 years of experience mainly as developer and leader of C4ISR Systems in Finnish Defence Forces. He is a Cyber security and Cyber defence researcher and teacher in the University of Jyväskylä in the Department of Mathematical Information Technology. He also coordinates the Cyber Security Master of Science and Doctoral programs in the University.

************************************************************************************

NISlecture 2014/06 (26.09.2014, 12.15-13.00 in K102)

Title : Privacy is 80% Information Security:  How to manage privacy in your organization


Speaker : Head of Business Area Risk and Security, Hans Dahlquist at Rote Consulting AB

Published material: Video (the lecture starts 9 min into the recording) and slides

Abstract :

It is well known that Privacy related fraud is a growing concern for individuals, corporations and law enforcement. There are however many other aspects of Privacy Management as current and coming legislation, compliance, brand and reputation, self-regulation, data protection and purging. The presentation will discuss these aspects as well as indicate a strategy how to start handling the challenges.

About the Speaker :

Hans Dahlquist is Head of Business Area Risk and Security at Rote Consulting AB since 2007. He was earlier Chief Security officer (CSO) at Ericsson for five years and came from the position as Colonel in Swedish Armed Forces Intelligence and Security Directorate with responsibility for the Armed Forces communication and information security. Hans has over the last five years at Rote specialized in consulting organization in Sweden and around the world in Integrated Security Management Systems, Information Governance and Privacy management.

************************************************************************************

NISlecture 2014/07 (31.10.2014, 12.15-13.00 in K102 and live online)

Title : How we discovered Heartbleed

Speaker : Account executive Tomi Väisänen, Codenomicon Oy, Finland

Published material: Video (the lecture starts 9 min into the recording)

Abstract :

In his presentation Tomi Väisänen describes and tells the story of how Codenomicon discovery the Heartbleed bug in April 2014. The presentation is built based upon interviews with people directly involved in the discovery as well as mitigation processes, and explains what happened right before-during-and-after the discovery. The presentation will describe the events from a high level view and not go into the deep technical nature of this major security vulnerability.

The presentation will also review and explain the history of Codenomicon company on how it has evolved its security testing technology over the last 20 years and what challenges they see facing the security software testing fields in the coming years.

About the Speaker :

Mr. Tomi Väisänen is the Account Executive for Codenomicon in the Nordic countries. Mr. Väisänen has worked 15 years in the software industry dealing with business development. For the last four years in information security he has focused on helping customers disentangle complex security testing issues.

************************************************************************************

NISlecture 2014/08 (28.11.2014, 12.15-13.00 in K102 and live online)

Title : Norwegian ID Centre

Speaker : Leder Nasjonalt ID-senter Arne Isak Tveitan

Published material: Video (the lecture starts 9 min into the recording)

Abstract :

The Norwegian ID Centre’s purpose is to strengthen the immigration authorities' and the police's work in establishing the identity of foreign nationals applying for residence, entering or residing in Norway. In cooperation with our partners we strive to consolidate, evaluate and analyze the work being done to meet the challenges surrounding identity in modern society.

About the Speaker :

Arne Isak Tveitan is Leader of the Norwegian ID Centre and has more than 30 years of diverse experience from the Police and the justice sector. In the Ministry of Justice and in the Police Directorate he has worked with preparedness measures. He has held positions as instructor, trainer and planner of studies at the Norwegian Police College and also various positions within Oslo Police District.

************************************************************************************