"Is It Time to Shift from Cybersecurity to Cyber Resilience?"

In the context of an ongoing research collaboration, Prof. Mehdi Mirakhorli will be in a research visit to IRISA Vannes, and will deliver a seminar entitled "Is It Time to Shift from Cybersecurity to Cyber Resilience?".

 

 

 

 

Seminar summary: The ongoing pursuit of secure software in the face of increasing system complexity and fragmented assurance practices is proving to be an unattainable goal. As threats evolve and breaches become more sophisticated and inevitable, the traditional approach to cybersecurity is no longer sufficient. In this talk, I will explore the critical need to shift from a secure software mindset to a focus on cyber resilience. By embracing resilience as a design principle and operating under the assumption that breaches are inevitable, we can better prepare our systems to withstand, adapt, and recover from attacks. This shift requires a significant investment in research and development to create resilient-by-design architectures that prioritize recovery and continuity over an unrealistic expectation of perfect security. Now is the time to reevaluate our strategies and commit to building a more resilient digital future.

 

Bio: Mehdi Tarrit Mirakhorli is an associate professor in the department of Information and Computer Sciences at University of Hawaii at Manoa. Prior to that Dr. Mirakhorli served as Kodak Endowed Chair, Associate Professor and Director of Research at ESL Global Cybersecurity Institute and Software Engineering Department at Rochester Institute of Technology. Mirakhorli is also the director of Software Assurance Laboratory. His research is the broad area of software engineering, he has carried out various projects of national importance in the areas of trustworthy software, software assurance, cybersecurity, AI, scientific software development, and software enabled sustainable disposal. Additionally, Dr. Mirakhorli has supported the implementation of President Biden's Executive Order on Improving the Nation’s Cybersecurity.
His team has developed techniques based on program analysis, software verification and custom artificial intelligence, machine learning algorithms to solve software engineering problems at scale in the areas such as software architecture analysis, requirements engineering, software security, software compliance and verification, and source code comprehension. Mirakhorli has led several large fundamental research and technology transition projects with the Department of Defense, U.S. Air Force, U.S. Department of Homeland Security and National Science Foundation (NSF). He has more than a decade of experience as a software architect and tech-lead on large, complex and multi-stakeholder projects such as AI-enabled automation, cyber-threats and intelligence, data-intensive meteorological systems, and health care. In 2017, he has worked at the Air Force Research Laboratory as a faculty fellow. Currently, he serves on the advisory board of two leading software companies in the technology development sector. Mirakhorli is a recipient of the NSF CAREER Award. His paper "A Tactic-Centric Approach for Automating Traceability of Quality Concerns" received ACM SIGSOFT Distinguished Paper Award at ICSE'2012. Mirakhorli's paper "Understanding Software Vulnerabilities Related to Architectural Security Tactics: An Empirical Investigation of Chromium, PHP and Thunderbird" received the Best Paper Award at the 2017 IEEE International Conference on Software Architecture. Mirakhorli serves as associated editor for IEEE Transaction on Software Engineering (TSE) and Empirical Software Engineering (EMSE) Journals. He is a public speaker in the area of software architecture and application security. He is also an ACM Distinguished Speaker, has been ALTA Distinguished Speaker at Alcatel-Lucent, and given several technical briefings.