Dr. Rita R. Colwell
Director
National Science Foundation
5th National Colloquium for Information Systems Security
Education
May 22, 2001
Good morning to you all. Thank you, Alan, the introduction.
I want to acknowledge what a terrific job you've done
here at George Mason, both in providing a vision for
our entire region, and for hosting this Colloquium.
Let me also thank all of our hosts and organizers for
bringing us together. And thank you all for inviting
me to join you today. I'm delighted and honored to
be here. I know this is very early in the day for
a speech, so to steal a line from the author Herman
Wouk, I promise to be sincere, be brief, and be seated.
Today, I have important news to share. I have the pleasure
of announcing the first awards for the National Science
Foundation's Scholarship for Service program. When
I last checked, most of the Principal and Co-Investigators
were in the room with us today. And if our security
holds, I'm sure they'll still be here when I finish!
I know that this Colloquium is the appropriate place
to make this announcement. You've provided the leadership
needed to elevate the issue of information security
on the national agenda. You've jumpstarted our quest
for cyber security, and put us on the right path to
meeting the many challenges confronting us.
So let me begin by congratulating you for your valuable
service. I know how difficult it is to get "off the
bench" and "inside the beltway," to get away from
our desks and from the hurly-burly of everyday business.
But it's worth it. The partnership you've forged among
academia, business, and government will have big payoffs
for the nation for many years to come.
Before I announce the awards, I'd like to say a few
words about the National Science Foundation. Then
I'll put the awards in a larger context and talk about
why they are so important to the future of the nation.
This year we have begun to implement a new NSF five-year
strategic plan. It lays out an updated vision for
NSF that is clear and simple: "Enabling the nation's
future through discovery, learning, and innovation."
Not long ago, you would likely not have seen the word
innovation in a vision statement for NSF. Now it's
there - side-by-side with learning and discovery.
To realize this vision, we've identified NSF's three
strategic goals. They're summed up by three key words:
People, Ideas and Tools. These strategies aim for
nothing less than world-class leadership in science
and technology.
You'll notice that People come first in our list. That's
intentional. NSF is as much about building a world-class
workforce as it is about discovery. Although we continually
break new ground with the research we support, we
need people to carry forward the continual
process of discovery and innovation.
NSF programs involve nearly 200,000 scientists, engineers,
teachers, and students each year. That includes more
than 61,000 post doctorates, trainees, and graduate
and undergraduate students. These are the young scientists
and engineers who will provide the highly skilled
workforce required in the new knowledge-based economy.
Now, let me put the work of NSF in a different context.
NSF accounts for about three and a half percent of
federal research and development spending. But that
three and a half percent supports roughly 50 percent
of the non-medical fundamental research at our colleges
and universities.
Society invests in science and technology because it
believes - appropriately - that new knowledge brings
progress. Seventy-four percent of the respondents
to the most recent NSF public attitudes survey agree
that the benefits of scientific research outweigh
any harmful results.
This is really why we are here today. It's our job
to ensure that society continues to see science and
technology as a source of positive progress.
In my own field of biology, I've heard the double helix
compared to a double-edged sword. Like many, I've
devoted much of my career to seeing that science and
technology advance social progress. I'm also fully
aware that a small subset of society can use the same
knowledge to wreak havoc.
All of us who care about progress in science and technology
generally must be good stewards of the power it brings.
That means giving equal priority to promoting appropriate
uses and identifying and addressing inappropriate
uses whenever possible.
Society places a high level of trust in us, and it's
up to all of us to provide the necessary leadership.
Sometimes it's a challenge to keep a positive perspective.
As a microbiologist, I've worked with others to address
the threats posed by biological warfare and terrorism.
You'll understand when I say that there is nothing
more sobering than a no-holds-barred briefing on security
issues.
We've all had the chilling experience of awakening
to a new perspective on the perils that confront us.
The age of rapid technological change and global communications
brings many possibilities, and many concerns. Whether
its biospace or cyberspace, the dangers are real and
growing.
So we are faced with a conundrum. But it's not a new
one. Scientific progress and scientific misuse have
always appeared as two sides of the same coin. What's
different today, however, is that the stakes are higher.
Let me elaborate on this dynamic.
In the last ten years, the winds of change have literally
swept across our institutions. They have reshaped
the once familiar landscape of the economy, clearing
new paths in business, in research, in science and
engineering, and in education.
Today, advances in science and engineering and technological
change are the driving forces of our economy. We recognize
that the capacity to create and use new knowledge
is key to both economic prosperity and social well
being. It's no surprise that nations all over the
world are gearing up to compete in this knowledge-based
economy.
At the same time, science and engineering research
are increasingly international in scope. The number
of scientific papers co-authored by investigators
from different countries has skyrocketed in recent
years. Scientists around the world now routinely share
the use of large experimental facilities and instrumentation.
Using distributed databases, researchers anywhere
on the globe can contribute to research efforts. Virtual
collaboratories allow us to bring the best minds to
bear on problems, no matter where they reside.
The most talented and highly skilled workers in every
country comprise the modern phenomenon of a global
and mobile workforce. They can gravitate to where
the best jobs are located. Information technologies
have also made it possible for them to stay home and
yet work abroad.
The new information and communication technologies
have opened the gates for greater international cooperation.
We can now envision a world in which the benefits
of scientific progress and technological innovation
are available to all.
It's no surprise that these powerful new technologies
have also cast a shadow for the future. Worrisome
signals are becoming all too familiar. We've all seen
the reports - putting the "costs" of security breakdowns
in the hundreds of millions, possibly the billions
of dollars. Attacks on commercial and government Internet
sites are increasing in frequency and sophistication.
Government information and communication systems have
come under special scrutiny. Studies have raised questions
about our ability to ensure the security of everything
from IRS information and sensitive economic forecasts
to critical infrastructure and military operations.
These red flags have stimulated efforts to address
the problem, with this Colloquium and NSF's Scholarship
for Service program being two leading examples.
Questions about the adequacy of the U.S. science and
engineering workforce are rising to a chorus. Reported
shortages of skilled workers in the IT sector are
only one example. The need we all recognize for a
cadre of professionals in computer security and information
assurance is another.
The advances in science and technology that supply
us with powerful new tools to shape a better future
have also created these new vulnerabilities.
Whether we welcome it or not, the pace of change is
unlikely to lessen anytime soon. We haven't seen the
end of the information revolution by a long shot,
and we're only beginning to feel the impact of biotechnology
in our everyday lives. Even newer technologies are
visible on the horizon. Nanotechnology, for example,
is likely to make the information revolution look
like ripples in a pond.
I think all of us would agree that the solution to
the current conundrum lies in moving forward, not
in reversing course. More science, more innovation,
and more education are the answer, not the problem.
Satchel Paige, the famous baseball pitcher and part-time
sage, recognized the dangers in the second approach,
and he coined one of my favorite lines: "Don't look
back. Something may be gaining on you."
In the context of information security, moving forward
means strengthening our capacity to advance science
and innovation in all fields and across all sectors.
But it also means engaging the people, ideas, and
tools necessary to make us as smart about cyber security
as we have always been about cyberspace.
We can do that if we bring the same level of innovation
to bear on information security that has served us
so well in information technology itself.
That brings me to my final point. I've saved it for
last because it's pertinent to today's events. It's
what underpins every other effort we might make to
address information security challenges.
Let me read a quote from a report released in January
by the United States Commission on National Security/21st
Century, Co-chaired by former senators Gary Hart and
Warren Rudmann:
"...the inadequacies of our systems of research
and education pose a greater threat to U.S. security
over the next quarter century than any potential
conventional war that we might imagine."
Those are strong words. After 50 years of U.S. global
leadership in science and technology, what is the
core of this concern?
At the root of it all are very real concerns about
how our children will be able to thrive in this increasingly
complex and technical world.
In this context, the word "thrive" has a number of
meanings. It means enjoying continued economic and
social prosperity. But it also means living as responsible
and responsive citizens. Sustaining our security -
as individuals and as a nation - now requires a scientifically
literate public, alert to the possibilities and the
challenges of a complex world. That means starting
with today's children.
Science and mathematics education is no longer a luxury.
It's imperative that all children be well-versed in
science and mathematics to be successful in today's
technology-based society.
I hope my comments will encourage you to go to local
secondary schools and encourage students. Tell them
to take more science and math courses that will interest
them in careers in science and engineering - and,
of course, in information security! Tell them some
of the exciting things that scientists are discovering.
Convey to them the passion you have for your own work.
And tell them, by all means, how important developing
their own talent is to the future of our nation.
That leads me to my most important comments. The NSF
Scholarship for Service Program is designed to encourage
undergraduates and Master's degree candidates to choose
careers in the field of information security.
We need more of our nation's most promising minds focused
on the growing cyberthreat to national security. These
scholarships will encourage young people to enter
the field and give them the opportunity to put their
talents to work at the frontlines of government cyber
security efforts.
Today, I have the honor of announcing the first awards
in this program. This is where talk becomes action
and we do something to address the challenges
we face as a nation.
These awards provide 2-year scholarships for talented
students to complete undergraduate and master's degrees
in information assurance and security. As part of
their education, students will serve in internship
positions with the federal government. After receiving
their degrees, they will work for two years in key
positions in the federal government. They will be
in the forefront of a new cadre of computer security
and information assurance professionals.
The Office of Personnel Management, NSF's partner in
this endeavor, will manage the placement of interns
and graduates.
The National Security Agency has designated 23 institutions
across the U.S. as Centers of Excellence in Information
Assurance and Security Education. I'm pleased to tell
you that the first Scholarship for Service will be
awarded through six of these institutions.
Let me emphasize that this has truly been a team effort.
The Interagency Coordinating Committee for the Scholarship
for Service program has been a helpful guiding light
throughout the planning.
I want to pay particular tribute to Dr. Richard Clark
of the National Security Council for his leadership
in making today's event a reality. Dick, please join
me at the podium so we can both congratulate the recipients
of these awards.
With all the fanfare I can muster from this podium,
I will make the announcements, and would like each
of you to come forward to receive an award letter.
In alphabetical order, then:
Carnegie Mellon University, Dr. Donald McGillen, Department
of Mathematics.
University of Idaho, Dr. John Dickinson, Department
of Computer Science; Co-PI, Dr. Deborah Frincke will
accept the award.
Iowa State University, Dr. James Davis, Department
of Electrical and Computer Engineering.
Naval Postgraduate School, Dr. Cynthia Irvine, Department
of Computer Science. Co-PI Paul Clark will accept
the award.
Purdue University, Dr. Eugene Spafford, Director, Center
for Education and Research in Information Assurance
and Security. I understand that Dr. Spafford cannot
be here to accept the award.
University of Tulsa, Dr. Sujeet Shenoi, Department
of Computer Sciences. Co-PI John Hale will accept
the award.
On behalf of the National Science Foundation, I congratulate
you all. You are pioneers and the new territory you
explore will help us all learn how to meet information
security challenges.
Let me conclude with a few words about the work we're
accomplishing together.
More than ever before in history, advances in science,
in engineering, in education, and in technological
innovation are the key to our future. New knowledge
and ideas are the best hope we have for raising people's
prospects, for combating poverty, hunger, and disease,
and for sustaining a secure and healthy environment.
Our work on cyber security education is vital to this
agenda. We need people with the skills and
training to ensure that advances in science and technology
are used in the public interest.
We can't advance that agenda, however, without strong
public support. Translating the technical into the
accessible, and promoting a deeper understanding of
the importance of our work is central to our task.
The students who will serve in the federal government
as part of the Scholarship for Service program will
have the opportunity to contribute to this larger
vision. They will be following in your footsteps.
I thank all of you for your leadership on this vital
issue. Mr. Clarke will now add his words of wisdom
and, of course, congratulations.
|
