I am currently a Research & Development manager with Accenture Labs in Washington D.C., responsible for defining and executing the lab's cyber security research agenda and developing funding sources for research projects. At the moment, I am working on two government projects—Active Authentication and Integrated Cyber Analysis System (ICAS).
Our Active Authentication program is exploring new ways to authenticate users through their “cognitive footprint.” Gathering and analyzing large amounts of data based on user behavior creates a picture of the ways people use computers—from how a user moves a mouse to the language used in documents. Eventually, cognitive footprint software will help an agency’s security system determine the authenticity of the person who signs onto a computer.
I am proud my work on fingerprinting the cognitive behaviors of computer users was recently showcased at the Biometrics Consortium’s annual conference in September 2013.
Our ICAS work is exciting too. We are developing a digital forensics tool, which will have access to all sources of an enterprise’s network data through a joint database, to enable reasoning and targeted attack discovery. We are also collaborating with academic institutions including John Hopkins University in Baltimore, on securing embedded devices, and a New York University to identify personality traits that make users more susceptible to social engineering attacks.
I come to office every day (Arlington, VA office). The entire cyber security lab team is based in Arlington, VA, so that helps with the team interaction. But developers on my research projects are located in various parts of the United States.
We do host clients in our office on a weekly basis to give them an overview of the cyber security research work that we perform at Accenture.
Each day, I typically spend half of my time on the delivery of advanced research projects (ICAS and Active Authentication). The other half of my time is spent on writing proposals for new research projects that advance the state-of-the-art in security both for commercial and government clients, reading/writing about the latest developments in security and technology, planning the team’s R&D agenda, or developing collaborations with external research partners from academe or the industry.
I’m also involved in a number of professional forums and do a lot of service within the security research community by participating in security conference program committees and security journal editing teams. I review articles submitted to those conferences and journals and offer feedback to the researchers submitting the articles.
This keeps involved with the security research community and also up-to-date on the latest research in the field before it gets even published.
Enjoy what you do, innovate and stay passionate. Ensure that you follow all the safe online practices to protect your identity and information assets.