As anxiety escalates over credit card breaches at leading retailers, fresh attacks against Yahoo Mail accounts, national security privacy intrusions and even the threat of cyberwar, Tampa Bay is learning how to fight back.
Atop these efforts is the University of South Florida's recent plan to become a bigger player in cybersecurity education. The university has hired the energetic Sri Sridharan, a former IBM'er and executive at several technology firms, to build a "center of excellence" as the first managing director of USF's Cybersecurity initiative.
His mission: to get ahead of the hackers, who often are ahead of technologies meant to stop them.
The school also has partnered with Clearwater's (ISC)2 — a global not-for-profit that trains information security professionals — to offer industry certifications through academic programs.
This fall USF will also launch a cybersecurity master's degree program to prepare students for high-end certifications upon graduation. The university is proposing a phased-in state investment of $16.1 million, which a hopeful USF president Judy Genshaft says will require financial support from state legislators at this year's session in Tallahassee. Combined with USF and private funds, the university seeks a $30 million headquarters at its Tampa campus.
A broader mission for this facility is to help transform Florida into a major economic player and business recruiter in the cybersecurity industry.
Last month, the board of governors of the state university system issued a report, "Florida Center for Cybersecurity: Making Florida the Cyber State." The report, endorsing USF's initiative, suggests there's a window of opportunity.
"Within the next 12 months, one of a handful of states will emerge as the leader in cybersecurity and become the magnet that attracts the billions of dollars of private-sector and military spending that will be invested in this emerging field. Florida can become this leader," the report states.
That's a tall order. Florida is clearly behind in this sophisticated arena.
But the rewards could be big. Cybersecurity jobs are currently among the most high-demand and high-paying, with starting salaries near six figures, USF says.
Experts warn the high-profile breaches at Target, Neiman Marcus and Michael's, among other retailers, could continue unless companies do some major rethinking of their security defenses.
This is not just a technology battle. Many cyber ripoffs at stores or other organizations could be reduced if customers had to show proof of identification along with their credit or debit cards. And many successful cyber attacks of businesses happen because a hacker sweet-talks information from people to gain access to an organization's technology defenses. That method even has a name: social engineering.
Here's a recent example. Website provider GoDaddy, which will run a TV ad during today's Super Bowl, admitted this week that one of its employees was "socially engineered" into providing private information that allowed a hacker to gain access to one of GoDaddy's accounts, the online TechCrunch news site reports.
In 2010, Tampa's Sypris Electronics unveiled plans to promote cybersecurity by opening a Cyber Range where practice cyber attacks and defenses could play out. Last fall, the company unveiled a cybersecurity research center in Indiana affiliated with Purdue University's Center for Education and Research in Information Assurance and Security. Purdue's expertise in cybersecurity is well documented, as are centers at Carnegie Mellon University and MIT.
Another key player here in cybersecurity that often runs below the radar is Tampa's MITRE, a nonprofit, congressionally chartered organization created to assist the federal government with national defense expertise. That includes cybersecurity. In addition to its more sophisticated pursuits, the group has held interstate cybersecurity competitions with high school and university teams.
If USF can establish a center of excellence in cybersecurity, the university estimates the program will yield an additional 550 cybersecurity certificates, 475 undergraduate certificates or concentrations, 270 graduate certificates or concentrations, nearly 900 more bachelor's degrees, 215 master's degrees and 50 more doctoral degrees annually.
The presence of MacDill Air Force Base is a big plus for regional ambitions. "The supply of prospective cybersecurity students and employees with the requisite security clearance represents a significant pool of talent that will be attractive to new businesses looking to relocate to Florida," says last month's state university report.
The cybersecurity initiative has plenty of backers here in the business community. Area CEOs ranging from Celestar's Greg Celestan and Vykin Corp.'s Edwin Bachl to Crystal Clear Technologies' Crystal Culbertson and others wrote to Florida Gov. Rick Scott urging his support for the USF initiative.
"We struggle to hire talented graduates with cybersecurity training to help us fortify our defenses," said Culbertson, who runs a fast-growing defense contracting business.
Even Tech Data Corp. CEO Bob Dutkowsky, who runs the largest public corporation in Tampa Bay, says he must outsource the cybersecurity protection of his technology distribution company to an out-of-state firm because he can't find the expertise in this area. He would like to see that change.
Warnings have escalated for decades that we are vulnerable to our rapidly growing dependence on electronic data and the Internet to handle core activities like banking, bill paying, credit purchases, medical records and taxes.
A former Pinellas County systems consultant testified before Congress that the country could face an "electronic Pearl Harbor" — a devastating cyberattack — without a more aggressive effort to thwart such a menace.
The consultant was Winn Schwartau. His testimony happened before widespread adoption of the Internet, in 1991.
Imagine what he would say today.
Robert Trigaux can be reached at [email protected]