To most people, last summer’s breach of Capital One, which exposed the financial records of nearly 106 million of the San Francisco-based bank’s customers, was more of the same: the latest in a numbing string of hacks that seem to threaten personal security more every year.
But in an important way, it was different – and more alarming – than past hacks, like the Equifax breach of 2017.
Capital One stores its customer data not on computers it owns that are housed on its premises but, in a trend that has leapfrogged traditional cybersecurity defenses, in “the cloud,” immense clusters of offsite servers managed by third parties.
“There's been a lot of progress in defending internal computer systems against external attack, the way you’d secure a castle,” said Chris Skalka, chair of UVM’s Computer Science department and director of the university’s Center for Computer Security and Privacy. “But cloud security is very different and presents entirely new challenges.”
At the frontlines of this new cybersecurity war is a company founded and led by UVM alum Brian Ahern called Threat Stack, which Forbes magazine profiled as an emerging leader in cloud based security that is “eating the lunch” of legacy firms like IBM. Last year the company saw its revenues grow 100 percent and now has 150 employees in its Boston headquarters.
“We are in the midst of a massive migration to the cloud,” said Ahern, who graduated from UVM in 1990 with a degree in electrical engineering. “Most of the companies in the process of migrating are having difficulty understanding where their data – particularly sensitive information – is located, which is a significant risk both for organizations and their customers. Threat Stack was developed specifically to solve the unique security challenges of the cloud, so we’ve been able to drive the pace of innovation in the cloud security space.”
This fall Threat Stack and UVM began a relationship with the potential to offer significant benefits to both the company and the university.
Skalka, fellow Computer Science faculty member Joe Near and postdoctoral student John Ring have begun a project designed to enhance Threat Stack’s threat assessment process with artificial intelligence that could make cloud-based cybersecurity more efficient and accurate and lengthen the company’s lead in the marketplace. Threat Stack has provided $100,000 to support the research project, which will subsidize a fellowship for Ring.
This fall Ring was embedded at the firm for two weeks to learn its technology first-hand. He and his UVM colleagues are now conducting research to determine if they can use machine learning to prioritize the anomalies Threat Stack’s software identifies as potential threats, some of which are false positives, so human oversight can better concentrate on those that deserve attention. If the project is successful, UVM’s work may allow the company to more reliably identify false negatives, as well.
The work is a good match for UVM’s expertise, Skalka said.
“We have a track record in cybersecurity and in using machine-learning to preserve privacy in large, cloud-based data sets,” he said.
In the classroom
Partnering with the company offers the university another advantage: a chance to bring leading edge cloud-based cybersecurity expertise to UVM computer science classrooms.
Like the cybersecurity industry itself, computer science departments at most universities have been slow to adapt their cybersecurity curriculum to the growing ubiquity of the cloud.
With Ahern’s and Threat Stack’s help, that could change. Skalka has already invited Threat Stack’s chief security officer, Sam Bisbee, to present a lecture in an advanced Computer Science class next spring.
“We’re optimistic that the academic partnership can evolve and grow,” he said.Ahern sees clear benefits for UVM. “Today’s workforce has a lot of cloud experts and a lot of security experts but very few cloud security experts,” he said. “Incorporating cloud security in UVM’s computer science curriculum is great for students and something businesses will be looking for as cloud usage continues to grow.”
Skin in the Game
The UVM/Threat Stack partnership is the latest pairing in a program called the UVM Business Fellowship Program developed by the university’s Office of the Vice President for Research, which contributed $40,000 to the partnership.
“The goal of the program is to build relationships between businesses and the university,” said Richard Galbraith, UVM’s vice president for research. “In this case, it’s the ideal situation. Both the company and UVM have invested in the relationship. We both have skin in the game; that kind of commensal arrangement is good for everyone and increases the chance of success.”
"Collaboration between business and higher education is a critical piece of moving technology and business forward,” Ahern said. “By collaborating with leading universities like UVM, companies like Threat Stack can accomplish two goals simultaneously: continue driving the pace of innovation and preparing students for the reality of a cloud-first job market.”