On April 24-25 (this last Monday and Tuesday) I had an opportunity to watch the livestreams of the public segments of the Spring 2023 Meeting of the National Academies Forum on Cyber Resilience. This is a standing discussion forum that meets twice a year (as distinct from National Academies Committees which are convened to produce a study report), often with sessions focused on a single topic such as cryptographic agility; I’ve shared the outputs of some of these meetings with our community in the past.
This spring the meeting covered a wide range of fascinating topics; you can find links to the recordings of the livestreams and the agenda for the meeting at
Briefly, day 1 started with a summary and really informative discussion of the National Plan for an AI Research Resource; followed by a discussion of the current state of migration to post-quantum cryptographic systems (which included a lot of fascinating detail about the differing approaches of government agencies and the Internet Engineering Task Force). Day 1 concluded with a discussion of the characterization of cyberattacks on Ukraine, which contained a lot of information I hadn’t seen before.
Day 2 started with a discussion of recovery and restart mechanisms to regain control of potentially compromised systems, a very important and under-examined issue. It concluded with additional presentations on how Ukraine has been approaching cyber-resilience and what we may be able to learn from this.
Clifford Lynch
Director, CNI