Faculty Expert: The World of Cybersecurity
December 1, 2015—Over the last several years, the question of how to achieve security online has become a global issue. With countless headlines about major information breaches, hacks, and compromised data, cyber threats have become real to everyday Internet users.
With a long history in research and development for technology companies, as well as entrepreneurial experience, Eric Burger has been steeped in the world of Internet security for much of his career. As a research professor of computer science and director of the Georgetown site of the Security and Software Engineering Research Center, Burger is passionate about educating others on how to be smarter and safer online.
Burger’s research areas include secure communications, peer-to-peer networks, content-delivery networks, and communications policy and governance. He is a former member of the board of trustees of the Internet Society (ISOC), a global, nonprofit organization that works to ensure that the Internet grows and evolves as a platform for innovation, economic development, and social progress. Burger is now on the board of directors of the Public Interest Registry, a nonprofit created by ISOC that continues the society’s mission through the management of the .org, .ngo, and .ong domains.
In other words, Burger devotes much of his time to analyzing the ways in which online information can be breached and what solutions can be built to improve or guarantee security. And while cybersecurity is a concept with widespread and complicated reach, it’s crucial to almost everyone with a computer—and everyone plays a part in its success or failure.
“I like to compare it to seat belt use,” Burger said. “In the early 1960s, cars did not have to come with seat belts—only 11 percent of the U.S. population regularly wore them, and people died in car accidents. Then we said, we’ll make it so you can’t start the car without wearing one—so people would buckle the belt and then sit on it. They trained themselves not to put it on, which was worse than not having a seat belt to begin with.”
This same trend occurs in the computer world in a way that trickles down to the everyday consumer, Burge says. For example, think about password creation. Most people are familiar with the fact that passwords often must have a combination of letters, numbers, and special characters that should be difficulty to hack, yet something one can memorize at the same time.
“So you write your password down on a sticky note and put it on your computer, and anyone walking by knows your password. It’s actually worse than no security because the user thinks they have an incredibly secure password, but they’re no safer than they were without it,” Burger explained.
In October, Burger was featured in a documentary that premiered at the 25th Annual Computers, Freedom, and Privacy Conference in Washington, DC. The Internet Exposed: Encryption, Backdoors and Privacy—and the Quest to Maintain Trust offers insights from top Internet security and privacy scholars and practitioners; specifically, on the topics of encryption, privacy, and cybersecurity.
While public policy has a huge impact on the issues that the film explores, Burger says he’s interested in “the little changes that people can make today” to become more secure and more educated.
At the heart of such changes is the issue of trust and creating an online environment in which a user feels comfortable. Today, Burger says, users are conditioned to just click “okay” when asked to verify their relationship with a site or to proceed with an action on a website they trust—which can lead to the degradation of security. One way to avoid this, Burger says, is to come up with a way to not have to ask the user in the first place.
But as researchers like Burger work toward building environments that would change the face of Internet security, there are ways for users to become savvier.
First, Burger believes that educating children at an early age could improve the status of online security. He points to existing resources that can help users better understand cybersecurity, such as the Department of Homeland Security’s Stop. Think. Connect. campaign, which offers best practices, school curricula, and other information.
At Georgetown, there are opportunities for students to get involved with hands-on research. Burger’s work touches on a variety of topics related to Internet security. Research areas include cyber threat intelligence information exchange, telephone-network security and stability, and identity in cyberspace and its impact on money laundering, terrorism, peaceful assembly, and civil rights. With both a Ph.D. and MBA, Burger is also in a unique position to mentor students about scientific research as well as industry and business.
Burger works with both graduate and undergraduate students, and he emphasizes that not all of the latter are computer science majors. “We have students right now who are studying mathematics and justice and peace. There are opportunities for students from all walks of life.”
To learn more about the opportunities to get involved with Burger’s research, visit the Security and Software Engineering Research Center. You can also learn about current student researchers, such as Julia Kieserman (C’16). A computer science major and economics and film and media studies minor, Kieserman is working with Burger on authenticated identity management in Session Initiation Protocol (SIP) in order to combat robocalls and other undesirable and illegal activity on telephone networks.