Nearly 500 people attended the National Security Agency's first Trusted Computing Conference and Exposition, which was held here from Sept. 14-16 to discuss the important role of trusted computing technologies in cybersecurity.
Generally speaking, trusted computing technologies ensure that hardware and software behave as designed. Trusted computing solutions prevent malicious computer attacks by combining commercially available, off-the-shelf IT tools. Such solutions are now being used in both the public and private sectors, but much too infrequently, officials noted.
Widespread adoption of these technologies could inoculate not only national security systems but also corporate computer devices and networks from criminals, foreign spies, and everyday hackers.
"It will be a lot of work, but the benefits that trusted computing can provide are worth it," said Neal Ziring, Technical Director in NSA's Information Assurance Directorate, in a keynote address at the conference.
To illustrate that point, the agency debuted a video showing a series of authentic network attacks against what would be considered a well protected, standard computer workstation and a High Assurance Platform (HAP) workstation. The National Security Agency's HAP Program demonstrates how commercial technologies and techniques can be merged to create secure, manageable, and usable computing platforms.
The video's message was clear: Even modern workstations and networks remain highly vulnerable to cyber intrusions. Trusted computer technologies, like those in HAP, reduce the risk of systems being compromised, improve system administrators' ability to quickly detect any compromises, and minimize damage from attacks. The audience watched while the well protected workstation was breached. The one with HAP was like Fort Knox.
HAP should be fully embraced officials said. The sooner the better.
Piecemeal efforts to strengthen cybersecurity are clearly ineffective, participants emphasized. Furthermore, securing cyberspace cannot be the responsibility of the U.S. government alone. More collaboration is needed between government and information-technology partners in the private sector, they said.
Greater use of trusted computing would give commercial systems more government-like security. Conversely, it would give national security systems more commercial-like functionality and mobility, a presenter pointed out. The federal government must depend on a steady stream of private-sector IT innovations that meet U.S. Department of Defense requirements, participants said.
Nearly 40 IT vendors were on hand in a conference exhibit hall to showcase the latest in trusted computing technology. NSA's HAP Program also works with eligible hardware and software vendors, integrators, IT organizations, and representatives from academia to disseminate HAP technology standards and promote trusted computing products and solutions.
"Ticking off adversaries, " Ziring quipped, is the ultimate goal.