SunSpec & Sandia DER Cybersecurity Webinar: Historical Public Key Infrastructure Failures

What can the energy sector learn from past failures of PKI?

This talk will cover security compromises related to Public Key Infrastructure, with an emphasis on the 2011 breach of the Diginotar Certificate Authority and how it altered the landscape of certificate security, and also including discussions of CNNIC security concerns and breaches at Comodo as well as other certificate authorities. We’ll discuss how these incidents have shifted the security ecosystem around PKI over the course of the past decade and also what lessons can be drawn from these incidents for different PKI application areas, for critical infrastructure sectors in general, and for distributed energy resources in particular.

Speaker: Dr. Josephine Wolff, Tufts University

Josephine Wolff is an associate professor of cybersecurity policy at The Fletcher School at Tufts University. Her research interests include international Internet governance, cyber-insurance, security responsibilities and liability of online intermediaries, government-funded programs for cybersecurity education and workforce development, and the legal, political, and economic consequences of cybersecurity incidents. Her book “You’ll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” was published by MIT Press in 2018. Her writing on cybersecurity has also appeared in Slate, The New York Times, The Washington Post, The Atlantic, and Wired. Prior to joining Fletcher, she was an assistant professor of public policy at the Rochester Institute of Technology and a fellow at the New America Cybersecurity Initiative and Harvard’s Berkman Klein Center for Internet & Society.