Sign In

Communications of the ACM

ACM News

First Gordon Prize in Managing Cybersecurity Resources Awarded

View as: Print Mobile App Share:

The first $1,000 Gordon Prize in Managing Cybersecurity Resources goes for an essay written by researchers from Harvard and Dresden, Germany. Maryland's Robert H. Smith School of Business announced the winner October 14.

The essay contest asked competitors to offer innovative solutions that show how to allocate resources that protect personal and sensitive data on computers and online. Rainer Böhme, of the Institute of Systems Architecture at Technische Universität Dresden in Germany, and Tyler Moore, of the Center for Research on Computation and Society at Harvard University, won for their essay titled "The Iterated Weakest Link."

The competition and prize is named for pioneering cybersecurity expert Lawrence A. Gordon, the Smith School's Ernst & Young Alumni Professor of Managerial Accounting and Information Assurance.


CRCS postdoctoral research fellow Tyler Moore
Tyler Moore is a post-doctoral research fellow atthe Center for Research onComputation and Societyat Harvard University.

"The entries we received represented excellent insight on how individuals, organizations and government can effectively manage cybersecurity resources," says Gordon. "It's so important to continually reassess the most effective investments to guard against cyber threats and vulnerabilities because the interconnectedness of technology means that any attack could cripple an organization. The winning essay analyzes an innovative wait-and-see approach on when and how to invest in information security."

In their winning essay, Böhme and Moore say that by waiting for hackers to strike the weakest link in an information system, the company ends up investing in the most needed area, and hence achieves a higher overall return on their information security investments. The team hatched the idea behind their winning essay on a bus ride from Dartmouth to Boston in the summer of 2008.

Technische Universitat Dresden's Rainer Bohme
Rainer Bohme is with thefaculty of computer scienceat Technische UniversitatDresden. 
Böhme received a Ph.D. in computer science from Technische Universität Dresden and is currently a post-doctoral researcher at the International Computer Science Institute, Berkeley. His research interests include economics of privacy and information security, steganography and steganalysis, multimedia forensics, and privacy-enhancing technologies.

Moore received a Ph.D. in computer science from the University of Cambridge, St John's College and is currently a postdoctoral research fellow at the Center for Research on Computation and Society (CRCS) at Harvard University. His research at CRCS focuses on the economics of information security, the study of electronic crime and the development of policy for strengthening security. Additional research interests include decentralized network security, critical infrastructure protection, and digital forensics.

The Gordon Prize is offered yearly and the competition is open to students, faculty, and information security professionals in both the public and private sector. Essays are evaluated on their ability to provide and describe a clear, innovative solution to the problem associated with managing cybersecurity resources.

Gordon is committed to raising awareness of the issue of cybersecurity and its importance to business and government leaders. In 2003 he and two other colleagues at the University of Maryland instituted the Smith School's annual Cybersecurity Forum, now in its sixth year, to bring together the rich interchange of ideas that can only occur when people from many academic backgrounds and industries gather. He sees the Gordon Prize as another way of encouraging practitioners and theoreticians alike to approach the problem of cybersecurity in a multi-disciplinary way.


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account