This project provides support for a National Academies Roundtable, the Forum on Cyber Resilience. The Forum will facilitate and enhance the exchange of ideas among scientists, practitioners, and policy makers concerned with the resilience of computing and communications systems, including the Internet, critical infrastructure, and other societally important systems. Resilience encompasses not only security in the face of attacks, resistance to degradation, and the ability to recover from adverse events but also the capacity for innovation and adaptation and the ability to absorb rapid technological disruption in a way that reflects the values, such as privacy, and needs of the infrastructure's many stakeholders. Information technology systems are deployed at ever-increasing scale and have an impact on nearly every area of human activity. Cybersecurity has taken on increasing visibility and priority among policymakers and federal research sponsors, as has the need for information and communications infrastructure that can withstand other forms of damage, disruption, and adverse events and that meet the other evolving needs and demands of those who use them. The Forum would provide a unique venue for stakeholders from academia, industry, and government to consider resilience and these other attributes broadly along with the tensions that may arise among them.
The Forum will convene senior representatives from government, universities, and industry to define and explore critical issues that are of shared interest; to frame critical questions and needs; and to incubate activities of on-going value to participants. Discussions will encompass such issues as research directions, emerging technologies, design and engineering approaches, human-system interactions, policy and social implications, education and workforce considerations, and institutional roles. Modalities would include cross-sector and public-private dialogue about goals and challenges; consideration of technical and/or policy means to achieve goals shared by system owners, end users and other stakeholders; and exploration of case studies to extract lessons applicable in other domains. The forum would facilitate cross-sector exchange of ideas among scientists, practitioners, and policy makers, joint exploration of challenges and opportunities, and enable the early identification of promising approaches to improve cyber resilience and the vitality of software-intensive systems and critical infrastructure.
