Categories
Current Projects News Research Projects Uncategorized What's New

Bringing the ‘economic miracle’ to Central African Republic November 2nd, 2021 / By Benjamin Kessler

Upcoming Events

There are no upcoming events at this time.

Join CARE Mailing List

* indicates required

Follow us on Twitter @ Mason Cyber

In 2019, Serge Adouaka, an IT executive from Central African Republic (CAR), paid a six-week visit to George Mason University as part of his Humphrey Fellowship, a Fulbright-affiliated program for scholars and professionals from developing countries. His Mason host was J. P. Auffret, who directs both the Center for Assurance Research and Engineering (CARE) in Mason’s College of Engineering and Computing and the Research Partnerships and Grant Initiative for Mason’s School of Business. This short stint laid the groundwork of a lasting partnership between the two that may help foster economic growth in one of the world’s most challenging contexts.

Adouaka was the seventh Humphrey Fellow to be hosted by Auffret, who believes that information and communication technology (ICT) “for development and entrepreneurship is a good path to enable careers and raise a country’s per-capita GDP and standard of living while reducing poverty.”

During Adouaka’s time at Mason, the pair explored how ICT ecosystem development could point the way toward a brighter future for CAR. Adouaka returned home inspired and determined to put these ideas into action.

He worked with Mason and the University of Bangui to launch an accelerator for CAR-based tech founders and start-up managers. The U.S. State Department has provided funding for the project. Participants in the three-month program receive mentoring from the Mason community, as well as from experienced professionals within the CAR and neighboring countries.

The initial cohort of 20 entrants represents a wide range of areas, including agriculture tech, health and geographic systems, computer design, system integration, IT placement, video games and financial technology (fintech). Their primary goal for the three months is to devise a “next-step” plan for achieving scale, with the help of their mentors.

It is also hoped, however, that by forming relationships with other accelerator participants and mentors from CAR and beyond, they will foster a culture of entrepreneurship in the small African country and build strong professional networks that are more than the sum of their parts.

Almost as soon as the program began, there were hints that this was starting to happen. Recently, participants decided to hold some meetings face-to-face at the University of Bangui instead of remotely. The final presentation that officially concludes the program’s first iteration—where participants will unveil their future plans—will also be an in-person event.

CAR’s small population and challenging rural terrain mean that networking across national borders is essential for fueling future business growth. Any viable plan for scale must involve penetrating regional markets outside CAR. Sub-Saharan Africa has an increasing number of regional role models. For example, five-year-old Nigerian fintech unicorn Flutterwave has expanded to 20 African countries and even has an office in San Francisco (so it can tap into the $48 billion remittances business driven by the sub-Saharan Africa diaspora). Microloan app Tala launched in Kenya in 2014 and has since spread to the Philippines, Mexico and India.

To be sure, CAR has unique challenges. It has experienced only intermittent intervals of peace in its 61 years as an independent nation. To this day, the government and people, security forces and U.N. peacekeepers struggle to quell rebel violence and stabilize the country. Amid these volatile conditions, CAR has been left out of the economic growth enjoyed by many other sub-Saharan countries. Rwanda, for example, is on a path to becoming an upper-middle-income country within 15 years despite the turbulence of its recent history. Could CAR, too, join in the “African economic miracle”?

Auffret cites CAR’s increasing mobile phone adoption as a meaningful sign of hope. Mobile technologies enable developing countries to leapfrog the need for heavy physical infrastructure such as telephone wires and bank branches.

Also, Auffret says that underdeveloped countries like CAR may also be able to use their relatively open regulatory environment to gain an advantage in commercial drone technology. Already, companies in Kenya and Nigeria are widely deploying drones for last mile delivery, cartography and other business purposes.

In the meantime, ambitions run high for the Mason accelerator. With the initial three-month program nearly concluded, plans for the second cohort are underway. Eventually, Auffret and Adouaka would like to secure support from private companies, both in Africa and the United States.

Another short-term goal is to recruit major international development agencies as venture partners. Auffret expects these influential parties will share his view that the uncertain security situation in CAR makes this accelerator—and ICT innovation in general—an urgent priority for the country.

Increasingly the Mason mission is to contribute and have impact globally, and this project is one of many Mason initiatives aligned with the U.N. Strategic Development Goals,” Auffret said. “Through international work, such as this accelerator, one can gain a better sense of the wonder of the world, as well as make a contribution to the well-being of societies.”

For the article, please go to: https://www.gmu.edu/news/2021-11/bringing-economic-miracle-central-african-republic

Categories
Current Projects Research Projects

Cybersecurity on Enterprise Risk and Mobile Security

Upcoming Events

There are no upcoming events at this time.

Join CARE Mailing List

* indicates required

Follow us on Twitter @ Mason Cyber

This NSA granted curriculum development project focuses on two security areas: Enterprise Risk and Mobile Security.

Motivation and Background
With the rapidly increasing role of technology in society and the  increasing cybersecurity threat,  industry and government have a great need to scale cybersecurity leadership and governance.  In turn, there is a great need for educators to scale cybersecurity leadership and governance education and training.

Design
The courses are multidisciplinary, covering leadership and management, technical and engineering and policy.

 

Course I: Enterprise Risk Management and Cybersecurity Governance

The course provides an introduction and overview of the changing nature of cybersecurity risk management and cybersecurity governance.

Main Topics

  • Technology Innovation, Adoption and the Changing Nature of Cybersecurity Risk
  • Enterprise Risk Management, Cybersecurity Governance and Cybersecurity Strategy
  • Legal and Compliance Landscape
  • Roles of Boards and CISOs
  • Benchmarking, Information Asset Classification and Developing a Consensus of Cybersecurity Risks
  • Developing a Cybersecurity Strategy and Risk Mitigation Program
  • Enterprise Risk and Cybersecurity Frameworks
  • Role and Considerations for Cybersecurity Insurance

Learning Outcomes

  • Describe the cybersecurity risks resulting from new and rapidly developing technologies such as IoT, Cloud and mobile and analyze and describe the changing nature of the cybersecurity threat
  • Explain the complementary roles of enterprise risk management, cybersecurity governance and cybersecurity strategy
  • Discuss the evolving role of Boards and executive committees in enterprise risk management and cybersecurity and the evolving role of the CISO
  • Analyze cybersecurity governance in recent major cybersecurity compromises such as OPM
  • Apply cybersecurity lifecycle and the elements of identify, protect, detect, respond and recover
  • Outline the process and considerations for developing a cybersecurity strategy and risk mitigation program including benchmarking and information asset classification

Course II: Mobile Cybersecurity Management

This course provides an introduction and overview of the rapidly changing enterprise mobility environment, associated cybersecurity risks and approaches for developing a mobile cybersecurity strategy.

Main Topics

  • Mobility and Organization Strategy
  • The Changing Landscape of Mobile Technologies -from Smart Phones and Tablets to IoT
  • Mobile Policies and BYOD
  • Leadership and Governance for Mobile Security
  • Rapidly Evolving Mobile Device Management Technologies
  • Mobile Life Cycle Management
  • Cybersecurity Risk Framework and Mobile

Learning Outcomes

  • Understand the evolving nature and capability of mobile technologies
  • Understand mobile security risk including endpoint, network and process/policy
  • Evaluate mobile cybersecurity policy and BYOD alternatives in light of organization’s cyber strategy
  • Understand and evaluate new mobile device management technologies
  • Understand and apply the mobile device life cycle to mobile strategy
  • Outline the process and considerations and apply to developing a mobile cybersecurity strategy

 

Contacts

Dr. J.P. Auffret

jauffret@gmu.edu

703-993-5641                            

Categories
Research Projects

NSF “Bridging the Cybersecurity Leadership Gap: Assessment, Competencies and Capacity Building” Project

Upcoming Events

There are no upcoming events at this time.

Join CARE Mailing List

* indicates required

Follow us on Twitter @ Mason Cyber

The goal of the 2013 – 2016 NSF “Bridging the Cybersecurity Leadership Gap: Assessment, Competencies and Capacity Building” project is to help address the cybersecurity leadership gap developing Chief Information Security Officer (CISO) core competencies.

Categories
Current Projects Research Projects

City/County Cybersecurity Partnership

Upcoming Events

There are no upcoming events at this time.

Join CARE Mailing List

* indicates required

Follow us on Twitter @ Mason Cyber

The objective of this NSF-funded project (NSF Award #1623653) is to develop and provide focused and context specific cybersecurity leadership education and training for city and county governments.

Categories
Current Projects Research Projects

Extreme DDoS Defense (XD3)

Upcoming Events

There are no upcoming events at this time.

Join CARE Mailing List

* indicates required

Follow us on Twitter @ Mason Cyber

The threat of distributed denial of service (DDoS) attacks has been well-recognized in the data networking world for two decades. Such attacks are orchestrated by sets of networked hosts that collectively act to disrupt or deny access to information, communications or computing capabilities, generally by exhausting critical resources such as bandwidth, processor capacity or memory of targeted resources. The nature of DDoS attacks can span a wide range. Botnet-induced volumetric attacks, which can generate hundreds of gigabits per second of malicious traffic, are perhaps the best-known form of DDoS. However, low-volume DDoS attacks can be even more pernicious and problematic from a defensive standpoint. Such attacks target specific applications, protocols or state-machine behaviors while relying on traffic sparseness (or seemingly innocuous message transmission) to evade traditional intrusion-detection techniques.

The current art in DDoS defense generally relies on combinations of network-based filtering, traffic diversion and ”scrubbing” or replication of stored data (or the logical points of connectivity used to access the data) to dilute volumetric attacks and/or to provide diverse access for legitimate users. In general, these existing approaches fall well short of desired capabilities in terms of response times, the ability to identify and to thwart low-volume DDoS, the ability to stop DDoS within encrypted traffic and the need to defend real-time transactional services such as those associated with cloud computing and military command and control.

DARPA’s Extreme DDoS Defense (XD3) program will focus on three broad areas of opportunity to improve resilience against DDoS attacks. The program aims to thwart DDoS attacks by: (1) dispersing cyber assets (physically and/or logically) to complicate adversarial targeting; (2) disguising the characteristics and behaviors of those assets through networked maneuver to confuse or deceive the adversary; and (3) using adaptive mitigation techniques on endpoints (e.g., mission-critical servers) to blunt the effects of attacks that succeed in penetrating other defensive measures. This research program will include formulation of new algorithms, demonstrations and field exercises with software prototypes, development of performance metrics to assess effectiveness and integration of systems across the three aforementioned areas to maximize overall defensive capabilities.

Categories
Current Projects Research Projects

LADS Project

Upcoming Events

There are no upcoming events at this time.

Join CARE Mailing List

* indicates required

Follow us on Twitter @ Mason Cyber

The main goal of the project is to enhance the cyber security of digital devices, such as Embedded and Mission‐Specific Devices (EMSD), by developing a monitor capable of detecting attackers by analyzing involuntary analog emissions across a variety of modalities, including power consumption, electromagnetic, and acoustic emissions.