On Oct. 29, five leading cybersecurity innovators will be recognized for their contributions to the field with an induction into the Cybersecurity Hall of Fame. Steven B. Lipner, Susan Landau, Jerry Saltzer, Cynthia E. Irvine and Ron Ross will be honored for security technology and awareness service extending across decades.
At first glance, the very idea of a Cybersecurity Hall of Fame might seem a bit surprising and even counterintuitive. We tend to think of security experts as laboring in the shadows like their opponents — and often this is the case.
But cybersecurity is as much about communication, awareness and education as it is about technology. A multimillion-dollar hacking attack may, and often does, begin with a naïvely chosen password or a careless click on a malicious link, which opens the door for attackers to break into a system.
The Hall of Fame thus has a double role: to recognize security innovators for their contributions and also to raise awareness of security challenges and how to fight back. This year’s honorees exemplify how progress is made in protecting data and systems from attack.
Steven B. Lipner
A board member and chair of SAFEcode and former partner director of software security in trustworthy computing security at Microsoft, Lipner holds 12 U.S. patents related to computer and network security, with two more pending. He is also co-author of “The Security Development Lifecycle.” He has been a leader in developing supply chain security as well as government evaluation of security technology.
In addition to being professor of cybersecurity policy at Worcester Polytechnic Institute, Landau is the author of books on cybersecurity and privacy, including “Privacy on the Line: The Politics of Wiretapping and Encryption” (along with Whitfield Diffie) and “Surveillance or Security? The Risks Posed by New Wiretapping Technologies.” She is a longtime supporter of strong encryption and the National Institute of Standards and Technology (NIST) Computer Security Lab.
Saltzer’s involvement with cybersecurity stretches back to 1964, when he discovered that it was all too easy to break into MIT’s Compatible Time-Sharing System. He joined the MIT faculty two years later and is now professor emeritus of computer science. His work on time-sharing security continued with the development of a security kernel for the Multics time-sharing system. Along with Michael D. Schroeder, he co-wrote a seminal paper, “The Protection of Information in Computer Systems,” which has been cited by professionals for four decades.
Cynthia E. Irvine
A distinguished professor of computer science at the Naval Postgraduate School, Irvine is a leader both in technology innovations, specializing in developmental security, trustworthy systems and cyber operations, and in security awareness and education. Her educational focus has been in developing security instruction designed to emphasize the concepts of constructive cybersecurity in courses and curricula. She has been a champion of the principle that security must be built in from the outset, not bolted on as an afterthought.
A fellow at NIST, Ross is regarded as the father of the security standards incorporated into the Federal Information Security Management Act (FISMA). He took the lead in developing the NIST Risk Management Framework, as well as formulating the first unified cybersecurity standards for the federal government. Previously inducted into the Information Systems Security Association (ISSA) Hall of Fame, he has also received awards from the NSA, the Department of Defense and the Department of Commerce.
Ahead of the Cybersecurity Hall of Fame awards banquet, let us give a warm round of applause for these innovators whose efforts have made our information systems safer.