McCrary Institute for Cyber & Critical Infrastructure Security

Harnessing America’s cyber experts to safeguard our nation.

Securing America's Digital Future: a Bipartisan Cybersecurity Roadmap for the Next Administration

 

Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security seeks practical solutions to real-world problems, underpinned by research and scholarship. Founded in 2015 through a generous donation from the Alabama Power Foundation in honor of its retiring CEO and Auburn alumnus Charles D. McCrary, the Institute fuses theory with practice, and policy with technology, to protect and advance U.S. interests in the areas of cyber and critical infrastructure security.

The McCrary Institute is a nonpartisan think tank located at Auburn University, and is the leading group of public/private sector cyber experts providing unique end-to-end cyber capabilities from R&D, cybersecurity education/training, policy-relevant analysis, to future technology research.

As a top-tier research university, designated a Carnegie R1 institution, over 200 of Auburn’s on-campus faculty members conduct defense, cyber, and homeland security research for the Department of Defense, NASA, and other federal agencies.

Cyber Focus Podcast

In this episode of Cyber Focus, host Frank Cilluffo interviews Mark Green, Chairman of the House Homeland Security Committee. Congressman Green, a combat veteran and healthcare entrepreneur, discusses key cybersecurity challenges, including workforce shortages, bureaucratic inefficiencies, and economic models that incentivize cybercrime. The conversation highlights the importance of initiatives like the Cyber Pivot Act, designed to address critical workforce gaps, and the need for harmonizing regulatory requirements. Green also explores strategies for protecting critical infrastructure, enhancing state-level cybersecurity, and leveraging public-private partnerships to bolster national resilience.

Main Topics Covered:

  • Addressing the cybersecurity workforce gap through the Cyber Pivot Act
  • Harmonizing federal regulations to reduce bureaucratic inefficiencies
  • Strengthening cybersecurity for critical infrastructure at all levels of government
  • Tackling economic incentives that enable cybercrime and vulnerabilities
  • Advancing public-private partnerships and state-level cybersecurity initiatives

Key Quotes:

"We have a 500,000 person shortage in cybersecurity jobs in this in this country, empty spaces with nobody to put in them." - Mark Green

"If a company is spending more time complying than they are actually securing themselves, then... government is doing harm." - Mark Green

"I have a strong belief that we have to as a country own the fact that these businesses can't protect themselves against nation states. And we have an obligation." - Mark Green

"At the end of the day, the first to respond and the last to leave in a local incident are still going to be at [the] state level." - Frank Cilluffo

"We've got to figure out as a country how to put pressure on people, to enforce laws, to extradite when someone breaks our laws." - Mark Green

Relevant Links:
https://homeland.house.gov/2024/09/24/chairman-green-introduces-cyber-pivott-act-to-tackle-government-cyber-workforce-shortage-create-pathways-for-10000-new-professionals/

Guest Bio:

Mark Green is the Chairman of the House Homeland Security Committee, where he spearheads efforts to address cybersecurity, border security, and national resilience. A West Point graduate, Green served as a combat veteran and special operations physician in the Army’s renowned 160th Special Operations Aviation Regiment, known as the Night Stalkers. After his military service, he became a successful entrepreneur in the healthcare sector. Green has brought his leadership skills to Congress, focusing on critical issues like cybersecurity workforce development, regulatory harmonization, and protecting critical infrastructure. He is also the author of We Before Me, a book reflecting his philosophy of putting collective success above individual gain.

Listen: Episode 48

Overview: In this episode, host Frank Cilluffo sits down with Cheri Caddy, former Deputy Assistant National Cyber Director at the White House and senior technical advisor at the Department of Energy. They discuss the cybersecurity challenges surrounding connected vehicles, examining how modern cars are effectively "computers on wheels" and the broader implications for privacy, data security, and national security. Cheri highlights the convergence of IT and OT systems in vehicles, the need for cyber-informed engineering, and the importance of regulatory harmonization in addressing these challenges.

Main Topics Covered:

  • Convergence of IT/OT systems in connected vehicles
  • Cybersecurity and privacy risks of modern cars
  • Global supply chain implications for vehicle data security
  • Regulatory harmonization across sectors impacting connected vehicles
  • Future of automation and autonomous vehicles in the cybersecurity landscape
  • Managing cybersecurity at an enterprise level for government and corporate vehicle fleets

Key Quotes:

"Your car has always been something in your environment, but now it's a computer. It's software-defined, and you have to treat it with all of the cyber implications of being a computer." – Cheri Caddy

"There's no cyber problem that's a single sector anymore." – Cheri Caddy

"Vehicles are giant sensor platforms recording everything. What are the security implications of taking a connected vehicle on to a sensitive facility? ...I think that is very much an open question.– Cheri Caddy

"We need to get [vehicle engineers] to think about cybersecurity at the design phase. Because dealing with bolting on cyber after the fact is, is just not practical.– Cheri Caddy

This is just such an interesting area of converging, of all of the exciting cyber things, from supply chain to applied machine learning to data standards and integration. – Cheri Caddy

Relevant Links:

National Cyber Informed Engineering Strategy

Information on vehicle data privacy and cybersecurity from the National Highway Traffic Safety Administration (NHTSA)

Guest Bio: Cheri Caddy is a cybersecurity leader with over 30 years of experience in national security, intelligence, and technical advisory roles. She has served as the Deputy Assistant National Cyber Director at the White House, as well as a senior advisor at the Department of Energy. Caddy's expertise lies in bridging policy and technical innovation, particularly in IT/OT convergence and secure-by-design engineering for critical infrastructure.

Listen: Episode 47

In this episode of Cyber Focus, host Frank Cilluffo interviews Kiersten Todt, president of Wondros, a creative firm focused on social and policy change. Todt, who previously served as Chief of Staff at the Cybersecurity and Infrastructure Security Agency (CISA) and as a senior advisor on the Senate Homeland Security Committee, shares insights on the challenges and advancements in cybersecurity workforce development, public-private collaboration, and the critical role of community involvement in cybersecurity initiatives.

Main Topics Covered:

  • Cybersecurity workforce development, with a focus on neurodiversity and inclusivity
  • Public-private partnerships and CISA's role in regional engagement
  • The importance of community-level cybersecurity initiatives
  • Cybersecurity supply chain issues and the need for inclusive small business support
  • Cybersecurity awareness through campaigns, education, and human-centered design

Key Quotes:

"I think we as a nation will be so much better if we create inclusive workforces that represent and acknowledge and honor the aptitudes of individuals that we may not define as being... typical." – Kiersten Todt

"If we're truly looking at securing [critical infrastructure sectors], we have to look with a cross-sector approach." – Kiersten Todt

"[Cyber incident response] starts in the community, it starts at the local level. And so being able to engage those individuals is critical." – Kiersten Todt

"The applied side is what attracts most of these kids [to cybersecurity]. It's not sitting behind a computer and just the zeros and ones. It's actually seeing the fruit of their work and actually getting involved." - Frank Cilluffo

"Creating more of an activist culture in cybersecurity, as well as some of these other issues, really helps to turn the tide and to create change."
– Kiersten Todt

Relevant Links and Resources:

Guest Bio: Kiersten Todt is the president of Wondros, a firm dedicated to social and policy change. She previously served as Chief of Staff at CISA and has held senior advisory roles on the Senate Homeland Security Committee. Her work focuses on building inclusive cybersecurity solutions, workforce development, and fostering partnerships across public and private sectors.

Listen: Episode 46

Recent News

Applied Research, Development, & Commercialization

The McCrary Institute’s experts work to safeguard America as an applied research, development, and commercialization partner supporting government, military, national labs and industry clients.  We focus our work on critical infrastructure sectors including energy & water, space & defense, transportation, rural industries, and more. By leveraging a world class Southeast Cybersecurity Operations Center and classified labs, we help solve some of America’s greatest threats and challenges.

Research Focus