Speaker:
Robert Morton
Google Cloud

Abstract: This research explores the complex challenge of quantifying data protection, tracing its evolution from ancient ethics to modern cybersecurity. It emphasizes the need for a scientific approach with measurable security properties and a strong theoretical base, highlighting the increasing importance and complexity of safeguarding information in the digital age. Key challenges include evolving threats, the gap between theory and practice, and risk modeling. Societal issues like breaches, surveillance, and regulatory gaps are also addressed.

The research develops a causal model examining security controls, vulnerabilities, and threats to understand data exposure. Built on a literature review and security protection taxonomy, the model uses Directed Acyclic Graphs (DAGs) to visualize causal relationships and is validated through various techniques, including assessing model fit and examining confounding factors. The research also outlines experiments for interventions and counterfactual studies.

Finally, the research identifies future directions, emphasizing standardized data protection metrics and adaptive security systems. It stresses the need for consistent measurement to enable performance comparison and adaptation to evolving threats. The research contributes a systematic approach to studying data protection, from problem identification to model development, validation, and future directions, ultimately aiming to enhance information security.

About: Robert Morton currently works at Google, leading the Risk Performance Management team, an interdisciplinary team of data scientists, engineers, and program managers who analyze, measure, and report organizational risk across Google Cloud for the Alphabet Board, Google Cloud CEO, Executive leadership, and tens of thousands of engineers.

Prior to joining Google, Robert led several cyber threat programs at the U.S. Intelligence Community that integrated multidisciplinary expertise to provide strategic warning and opportunity analysis to the President of the United States, National Security Council, and policymakers across the federal government. In 2018, Dr. Morton served as an Intelligence Community policy advisor on encryption and lawful access to the White House and National Security Council. In 2014, Dr. Morton was the principal intelligence briefer to the White House on cyber threats.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info