Stanford senior Sarah Kunis said she and other CISAC honors students were introducing themselves to some senior White House advisors when President Barack Obama walked in the room.

“I couldn’t stop my jaw from dropping,” said Kunis. It was honor enough to have an hourlong  sit-down with National Security Advisor Susan Rice, Senior Advisor to the President Valerie Jarrett, and Homeland Security Advisor Lisa Monaco.

The CISAC Honors Students spend their senior year working on theses that focus on critical international security issues. They were eager to get the chance to talk to the three powerful Washington advisors.

The students had just been in the audience to hear Obama address a large Stanford and Silicon Valley gathering at the White House Summit on Cybersecurity and Consumer Protection on Feb. 13. They were then taken to a conference room in the same auditorium where Obama spoke.

“I was surprised to see Susan Rice’s nameplate, so I thought she was who the invitation referred to, but there was an empty chair with no nameplate, between her and Jarrett,” recalled Patrick Cirenza, another CISAC honors student and a research assistant for retired U.S. Gen. Jim Mattis, a visiting fellow at the Hoover Institution.

Then Obama walked in the room. The students were stunned – and nervous.

“I remember how sweaty my palms were,” said Cirenza. “I already had a visceral reaction seeing him at the podium so you can only imagine being in the same room with him. His presence fills the room.”

Taylor Grossman, another CISAC honors student whose thesis looks at the incentives and payoffs of warning the public about terrorist threats, said the conversation started off with Obama asking them whether they might consider careers that would protect the digital domain.

“But then we branched out and talked about a lot of different things,” she said. “The situation in Syria, public warning systems, education, the civil-military divide. It was really a whole range of issues.”

Before being joined by Jarrett and Rice, the students spoke with Cheri Caddy, director for cybersecurity outreach and integration in the National Security Council, for about an hour.

“We asked her pretty frank questions about cybersecurity, North Korea … defensive and offensive capabilities, and getting students interested in the field,” said Grossman. “She was quite candid and provided her own opinions.”

Grossman is a research assistant for CISAC Co-Director Amy Zegart, who is also a senior fellow at Hoover and garnered a shout-out from the president during his keynote address, thanking her for helping to convene the summit.

Jarrett talked to the students about sexual assault on campus. It was the second time the honors students had met the Stanford alumna; they first met her during their two-week Honors College in Washington, D.C. before the start of their senior year.

Obama initially directed the conversation, focusing on cybersecurity. He then opened it up for questions on any topic.

CISAC Honors Students take a selfie before President Obama addresses the White House Summit on Cybersecurity and Consumer Protection, Feb. 13, 2015.

“I told him I thought we are in the 1950s nuclear stage now with regards to cyber-deterrence,” he said. The president disagreed.

“He said, ‘That’s interesting, but I don’t think it’s the case, since there are gradations with cyber wars whereas nuclear warfare is more black and white.’”

Grossman asked the president about the role of the National Terrorism Advisory System, which replaced the color-coded Homeland Security system, and whether he envisioned a scenario in which the government would have to use it.

“He and Lisa Monaco focused on specific warning systems, which was interesting to me,” she said.

The topic turned to Syria when the president noticed that Kunis had brought along a copy of U.N. Ambassador Samantha Power’s book, “A Problem From Hell: America and the Age of Genocide.”

“I asked why we are not intervening in Syria and why we are not fulfilling our Right to Protect (R2P) obligation,” said Kunis. “President Obama said that the situation there was heartbreaking and that everyone looked at the problem to figure out what we should do to stop the suffering, while evaluating our interests. We cannot intervene without having a plan for the future – and we can’t overthrow governments.”

Cirenza said Obama noted that there are routine calls to intervene in Syria, but few to intervene in other nations, such as the Democratic Republic of Congo, where more than 5.4 million people have died from conflict-related causes since a civil war erupted in the central African nation in 1998.

President Obama also shared his view that he doesn't believe the United States would have been locked into the Iraq and Afghanistan wars as long as it has if there were a mandatory national draft in place. He asked students what they thought of instituting such a draft.

Almost none thought it a good idea.

Overall, the students said, it was the most incredible day of their Stanford careers“It’s going to be hard to look forward to much else,” said Cirenza, who now has adjustments to make to his honors thesis. “Pretty much downhill from here. Thanks, Obama.” 

Joshua Alvarez is a 2012 Stanford graduate and was a CISAC honors student.

Corporate leaders and government agencies must work more closely together to safeguard computer networks from cyber attacks, President Barack Obama said Friday during a speech at Stanford University.

“This has to be a shared mission,” Obama said. “Government cannot do this alone. But the private sector cannot do it alone, either.”

Following his 30-minute address, Obama signed an executive order creating a framework for how companies can better share cyber data with the government. Obama said the order creates “hubs” that will allow businesses to share security information with one another and will also give corporations access to classified threat information that could potentially help protect them.

And he stressed the need to balance privacy protection with a need for increased security against hackers who threaten the country’s economy and public safety.

“Grappling with how the government protects the American people from adverse events while making sure the government itself is not abusing its capabilities is hard,” Obama said. “The cyber world is the wild wild west. To some degree, we’re asked to be the sheriff.”

And he acknowledged that it’s more than reasonable to ask “what safeguards do we have against the government intruding on our own privacies?”

“When we go online, we shouldn’t have to forfeit the basic rights to privacy we have as Americans,” Obama said.

The president’s remarks were delivered during a White House Summit on Cybersecurity and Consumer Protection hosted at Stanford. The daylong event included panels moderated by Homeland Security Secretary Jeh Johnson and Commerce Secretary Penny Pritzker and attended by other government officials, Stanford scholars and the chief executives of major technology and health care companies, public utilities and financial institutions. He also surprised a group of Stanford students, including three honors students at FSI's Center for International Security and Cooperation, with an in-depth talk about global issues.

“Stanford’s proximity and sustained relationships with Silicon Valley are important assets in building a more secure cyber infrastructure,” Stanford President John Hennessy said in his welcoming remarks Friday morning. “But we need – and we have today – industry from across the country representing the many sectors that are connected to cyber systems.”

Friday’s summit came three months after Stanford launched a major Cyber Initiative. The initiative – funded with a $15 million grant from the William and Flora Hewlett Foundation – brings together faculty and researchers from across campus to address the challenges posed by cyber technologies. It also intends to connect their academic work with policymakers and industry leaders.

"This is the beginning of a new challenge for the government and a new field of study for us,” Michael McFaul, director and senior fellow at the university’s Freeman Spogli Institute for International Studies, said after the president’s remarks. McFaul, who is also a senior fellow at the Hoover Institution, served as Obama’s ambassador to Russia.

“For a president to come and talk about these issues is a huge boost to this as a subject of real inquiry. It's rare that the White House do a summit not at the White House. It shows the importance of this institution, the initiative and the collaboration that need to take place between universities, government and the private sector."

Obama ticked off a number of milestones that are the stuff of Stanford and Silicon Valley lore – the partnership between William Hewlett and David Packard, the creation of the computer mouse, the birth of Google, Yahoo, and dozens of other tech companies that have redefined how life is lived around the world.

“When we had to decide where to have this summit, the decision was easy,” Obama said, adding that Stanford is helping to “lead the way” technology is developed and used.

Those points resonated with students who were able to attend the speech after receiving tickets through a lottery.

"So much that is done in Silicon Valley got its start here," said Jason Chen, a sophomore interested in computer science and foreign languages. "Even though I don't know what exactly I'm going to do, what part I may contribute, (Obama) made us all connected to each other, part of the same community."

Obama also cited the university’s role in keeping a policy-relevant perspective when it comes to addressing issues of personal privacy and security against cyber threats.  He also acknowledged the Stanford graduates and faculty members who have served in his administration – including Pritzker and McFaul; Valerie Jarrett, Obama’s senior adviser; Susan Rice, the U.S. ambassador to the United Nations; and Steven Chu, who served as Obama’s energy secretary.

More multimedia content about the summit here.

President Obama meets with Stanford students, including three from the Honors Program at FSI's Center for International Security and Cooperation, at the White House Summit on Cybersecurity and Consumer Protection at Stanford University on Feb. 13, 2015.

The summit and Obama’s executive order come on the heels of high-profile computer network attacks that helped make the case for Obama to put cybersecurity at the top of his agenda. Hackers have breached the computer systems of  federal agencies, Sony Pictures, Home Depot, Target, and Anthem – the nation’s second-largest health insurer.

The Obama administration also announced this week the creation of the Cyber Threat Intelligence Integration Center, which will share and help monitor cybersecurity intelligence gathered by government agencies.

Amy Zegart, co-director of the Center for International Security and Cooperation and a senior fellow at Hoover, said Stanford is an obvious place for Obama to discuss the responsibilities of tech companies when it comes to the safety of computer networks.

“The most important message that came across today is that this effort crosses all the traditional boundaries in academia, in industry, in government,” said Zegart, who has been a key player in the university’s Cyber Initiative and met with Obama just before the president delivered his remarks. “Cybersecurity is the ultimate team sport and the summit brought all the elements of the team together."

And Kathy Garcia, a sophomore majoring in management science and engineering, said the president spoke about cybersecurity and consumer protection in a way that everyone could understand.

"He made a good point that to be successful both the public and the private sectors have to work together," Garcia said

Before Obama’s remarks, Apple CEO Tim Cook talked about the privacy concerns that are inherent to data sharing. But he said the private sector and government agencies could work together to protect the safety and privacy of customers and citizens.

“Safeguarding the world of digitized personal information is an enormous task,” he said. “And no single company or organization can accomplish it on its own. That is why we’re committed to engaging productively with the White House and Congress and putting the results of these conversations into action.”

Other business leaders attending the summit agreed.

"I think the president is really trying to come to grips with a really big problem that's ever expanding,” said RSA executive chairman Art Coviello. “He's doing it by executive order, but as was said so many times today, we need congressional action as well. We also need to ensure that we create the trust that we need between government and private sector to ensure that we can have this public-private partnership. As a starting point, I think (the summit) was terrific, but let's see a lot of action coming out of it."

As weighty as the substance of his talk was, Obama opened his talk with some lighthearted comments about the bicycle-riding, fountain-splashing, Cardinal-obsessed Stanford students who have “made nerd cool.”

“Ambassador McFaul told me if I came to Stanford, you'd talk nerdy to me,” Obama said.

Then, getting to business, the president said: “I’m not just here to enjoy myself.”

A half-hour later, he signed his executive order and walked off the stage in Memorial Auditorium with a wave to the audience.

Brooke Donald, Beth Duff-Brown, Amy Adams, Kathleen Sullivan, Ker Than, Bjorn Carey and Tom Abate contributed to this report.

Herb Lin has a long agenda crafted from big ideas.

As CISAC’s inaugural senior research scholar for cyber policy and security, Lin intends to make Stanford the premier hub for academic research and public policy in an effort to protect the world’s computer networks against cyber attacks.

“When I was recruited, Stanford told me to think big. So I’m thinking big,” says Lin, who comes to Stanford from the National Research Council of the National Academies in Washington, D.C., where he was chief scientist at the Computer Science and Telecommunications Board.

“Part of my job is also to find a way to build cyber connections to other parts of the campus – law, medicine, the business school, engineering – so there are a variety of interesting possibilities that I’d like to tackle.”

Even before taking up his new role at Stanford last month, Lin worked with CISAC co-director Amy Zegart to convene a three-day boot camp that brought together Silicon Valley heavyweights and congressional staffers working on critical cyber legislation.

Lin wants to launch a policy journal devoted to research about cybersecurity. He hopes to construct the university’s first undergraduate courses about the foreign policy and economic implications of cybersecurity, as well as the risk analysis of cyberspace. He will represent Stanford's efforts in public commentaries, such as the one he wrote for The Wall Street Journal about how companies can ward off hackers.

And Lin was instrumental in facilitating the Feb. 12-13 White House Summit on Cybersecurity and Consumer Protection at Stanford University. President Barack Obama addressed the summit, the first time a sitting U.S. president conducted business on the Stanford campus in 40 years.

“Obviously the president has a great bully pulpit here, and is highlighting the importance of cybersecurity on the national policy agenda,” said Lin. “We are particularly delighted that he’s come to Stanford – which is recognition of our role in advancing the cybersecurity interests of the nation.”

Lin, who took up his new role at CISAC in January and is also a research fellow at the Hoover Institution, plans to reach across campus to help the university establish a cohesive strategy for the intersection of cyber policy and international security.

“Cyber touches many facets of life,” said Lin, who has a Ph.D. in physics from MIT. “Some of us are interested in the implications of cyber for international security and foreign relations. Others focus on how protect the nation’s critical infrastructure. Still others are trying to develop tools that can be used to make better decisions about consumer protections. I’d like to bring all of that under one coherent theme.”

Lin also helped organize the Department of Commerce’s National Institute of Standards and Technology workshop at Stanford on Feb. 12. The roundtable, which was in coordination with the White House summit, brought together chief technology and security executives to discuss the challenges of implementing consumer protection technologies in real-world conditions.

Lin moderated a panel at that workshop about academic research that has applications for consumer protections against cyber threats. Michael Daniel, special assistant to the president and cybersecurity coordinator at the White House, gave the keynote at the workshop.

Cybersecurity has become a priority for the Obama administration. The White House in October launched the BuySecure initiative, which includes reforms such as securing payment systems and preventing identity theft. Obama also spoke about cybersecurity in his State of the Union address on Jan. 20.

“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets or invade the privacy of American families, especially our kids,’ Obama said.

Track II Diplomacy

Just as CISAC scholars have for decades been involved in Track II diplomacy in foreign policy, nuclear arms control, and counterinsurgency, Lin would like to see Stanford build on that by facilitating dialogue with other nations about ways to protect and defend their digital networks against cyber attacks and breaches.

“CISAC, as you know, has a long tradition of having nuclear dialogue with China and Russia, even during the coldest periods of the Cold War,” said Lin. “I’d like there to be a Track II diplomacy effort for cyber based here at Stanford, which many Chinese regard as the world’s No. 1 university.  That’s a very attractive platform from which a cyber dialog can be started and sustained.”

CISAC Senior Research Scholar for Cyber Policy and Security, and a research fellow at the Hoover Institution, says to understand cybersecurity you must first understand the basic components of locks and keys.

Finally, Lin intends to work with academics and scientists at Columbia University and the American Academy of Arts and Sciences to establish a boot camp for scholars of international relations and political science who want to work on cyber issues.

Last August, Lin worked with Zegart – who is also a senior fellow and associate director for academic affairs at Hoover – to bring in two dozen senior congressional staffers for a rigorous boot camp that paired them with military, academic and technology experts working at the highest levels of cybersecurity.

The three-day camp drew such names at Google Chairman Eric Schmidt and Facebook’s Chief Information Officer Joe Sullivan. Many of the congressional staffers said it was the first time they’d had the chance to closely interact with the very tech executives for whom they are working on protections and legislation.

Stanford announced in November it had launched the Stanford Cyber Initiative with the support of a Hewlett Foundation grant of $15 million. The initiative will take an interdisciplinary approach to address the challenges raised by cyber technologies.

Michael McFaul, director of CISAC’s parent organization, the Freeman Spogli Institute for International Studies, said Stanford is poised to lead in the cyber arena.

“We have a tradition and an ability to do things in an interdisciplinary way,” said McFaul, a professor of political science and a senior fellow at Hoover.

“I think we’re uniquely qualified and uniquely placed to tackle all those here at Stanford, especially because we sit at the heart of Silicon Valley,” said McFaul, who was the U.S. ambassador to Russia for President Obama before returning to Stanford last year. “I expect to see Stanford become the leading institution in the world for addressing cybersecurity issues.”

Readers can learn more about Stanford University’s push into cybersecurity here.

Stanford will welcome President Barack Obama to the campus Friday, Feb. 13, where he will address the White House Summit on Cybersecurity and Consumer Protection.  The president will join top-level government officials, corporate CEOs and Stanford faculty members who will gather to discuss pressing issues at the all-day summit organized by the White House.

President Obama is expected to deliver the keynote remarks at the event, which will be held in Memorial Auditorium and in the Cemex Auditorium at the Stanford Graduate School of Business. The invitation-only event will not be open to the public, but Stanford students can register for a lottery to obtain tickets.  Stanford faculty, students and staff members currently researching cyber-related issues have been invited to take part in panels and conversations.

The summit will be Webcast live in its entirety here for those unable to attend in person, and more details will be posted at WhiteHouse.gov/CyberSummit.

The event will mark the first time that a sitting U.S. President has made public remarks at Stanford since 1975, when then President Gerald Ford dedicated the Crown Quadrangle at the Stanford Law School. President Herbert Hoover addressed students at Stanford in 1932, and President Theodore Roosevelt spoke at Stanford in 1903.  President Bill Clinton was a visitor to campus during his presidency, but in his private capacity as a Stanford parent to daughter Chelsea Clinton.

The campus community can expect further information about parking and transportation changes as a result of the president's visit as event details are finalized.

President Obama announced the full-day White House cyber summit during a Jan. 13 speech and said "It's going to bring everybody together – industry, tech companies, law enforcement, consumer and privacy advocates, law professors who are specialists in the field, as well as students – to make sure that we work through these issues in a public, transparent fashion."

From increasing cybersecurity information sharing to improving adoption of more secure payment technologies, topics listed by the White House that the summit will address:

• Public-Private Collaboration on Cybersecurity;

• Improving Cybersecurity Practices at Consumer-Oriented Businesses and Organizations;

• Promoting More Secure Payment Technologies;

• Cybersecurity Information Sharing;

• International Law Enforcement Cooperation on Cybersecurity;

• Improving Authentication: Moving Beyond the Password.

The White House summit is also the next step in the President's BuySecure Initiative, which was launched in November 2014, and will help advance national efforts the government has led over the last two years with executive orders on consumer financial protection and critical cybersecurity infrastructure.

Stanford announced a major Cyber Initiative in November that will apply broad campus expertise to the diverse challenges cyber-technologies pose for virtually every facet of our personal, governmental and economic lives. Funded with a $15 million grant from the William and Flora Hewlett Foundation, the Stanford Cyber Initiative draws upon Stanford's experience with multi-disciplinary, university-wide initiatives to focus research on the core themes of trustworthiness, governance and the unexpected impacts of technological change.

While the agenda for the White House summit has not yet been finalized, among the Stanford faculty members and researchers invited to participate are Amy Zegart, co-director of the Center for International Security and Cooperation (CISAC) and a senior fellow at the Hoover Institution; Stanford Law Professor George Triantis, who chairs the Cyber Initiative; John Mitchell, vice provost for teaching and learning and professor of computer science; and Herb Lin, senior research scholar for cyber policy and security at CISAC and a Hoover research fellow. Stanford President John Hennessy is slated to open the summit and will have the honor of introducing President Obama.

Stanford is preparing for a significant media attendance for the event, and coverage is expected by major television networks and more than 200 journalists from around the world. 

Students interested in registering for the student ticket lottery can consult the Stanford Ticket Office website for further information Monday.  Registration will close Tuesday at 11:59 p.m.

We will be updating this social media story about the summit:

The United States has thrust itself and the world into the era of cyber warfare, Kim Zetter, an award-winning cybersecurity journalist for WIRED magazine, told a Stanford audience. Zetter discussed her book “Countdown to Zero Day,” which details the discovery and unraveling of Stuxnet, the world’s first cyber weapon. 

Stuxnet was the name given to a highly complex digital malware that targeted, and physically damaged, Iran’s clandestine nuclear program from 2007 until its cover was blown in 2010 by computer security researchers. The malware targeted the computer systems controlling physical infrastructure such as centrifuges and gas valves.

Reports following its discovery attributed the creation and deployment of Stuxnet to the United States and Israel. The New York Times quoted anonymous U.S. officials claiming responsibility for Stuxnet. 

Zetter began reporting on the cyber weapon in 2010.

“When the first news came out, I didn’t think much of it,” Zetter told a CISAC seminar on Monday. The title of her book refers to a “zero-day attack," which exploits a previously unknown vulnerability in a computer application or operating system.

“Watching the Symantec researchers unravel Stuxnet, I knew what fascinated me was the process and brilliance of the researchers. The detective story is what pulled me in.” 

Zetter’s book follows computer security researchers from around the world as they discover and disassemble Stuxnet over the course of months, much longer than any time spent on typical malware. The realization that Stuxnet was the world’s first cyber weapon sent shock waves throughout the tech community, yet did not create as much of a stir in mainstream society. 

“It’s funny because a lot of people still don’t know Stuxnet or haven’t even heard of it,” Zetter said. “The recent vandalization of Sony seems to have finally gotten people’s attention. It was not a case of true cyber warefare, but I'm glad that my book came out right before it happened because its perception as a nation-state attack has led to interest in all nation-state attacks, including Stuxnet. The Snowden leaks also put cyber warfare on the map.” 

“Countdown to Zero” also places Stuxnet in political context. The first version of Stuxnet was built and unleashed by the Bush administration in 2007, according to Zetter. Iran accelerated its enrichment process in 2008, leading to fears it would have enough uranium to build a bomb by 2010. President Barack Obama inherited the program; he not only continued it,but accelerated it. Another, more aggressive version of Stuxnet was unleashed in June 2009 and again in 2010. Obama gave the order to unleash Stuxnet while publicly demanding Iran to open itself up to negotiations. 

The effectiveness of the world’s first cyber weapon remains a subject of debate. The most optimistic assessment of Stuxnet is that it delayed and slowed Iran’s uranium development enough to dissuade Israel from unilaterally striking the country, and it afforded time for intelligence and diplomatic efforts. Stuxnet contributed to dissension and frustration among the upper ranks of Iran’s government (the head of Iran’s nuclear program was replaced) and bought time for harsh economic sanctions to impact the Iranian public.

“Stuxnet actually had very little effect on Iran’s nuclear program,” said Zetter. “It was premature, it could have had a much bigger effect had the attackers waited.” Iran still made a net gain in their uranium stockpile while being attacked and they are updating their centrifuges, which would make Stuxnet obsolete.

The more unsettling parts of Zetter’s book catalog security vulnerabilities in America’s public infrastructure, which could easily be victim to a Stuxnet-style attack, and consider the implications of the era Stuxnet heralded. For example, in 2001 hackers attacked California ISO, a nonprofit corporation that manages the transmission system for moving electricity throughout most of California. More recently, Zetter writes, in 2011 a security research team “penetrated the remote-access system for a Southern California water plant and was able to take control of equipment the facility used for adding chemicals to drinking water.”

The Obama administration has publicly announced that shoring up infrastructure security is a top priority. Zetter finds this ironic, because unleashing Stuxnet has opened the U.S. up to attacks using the same malware.

“When you launch a cyber weapon, you don’t just send the weapon to your enemies, you send the intellectual property that created it and the ability to launch the weapon back against you,” writes Zetter. “Marcus Ranum, one of the early innovators of the computer firewall, called Stuxnet ‘a stone thrown by people who live in a glass house.’”

More broadly, Stuxnet heralded an era of cyber warfare that could prove to be more destructive than the nuclear era. For Zetter there is also irony to the use of cyber weapons to combat nuclear weapons. She quotes Kennette Benedict, the executive director of the “Bulletin of the Atomic Scientists,” pointing out, “that the first acknowledged military use of cyber warfare is ostensibly to prevent the spread of nuclear weapons. A new age of mass destruction will begin in an effort to close a chapter from the first age of mass destruction.” 

Zetter has similar fears.

“The U.S. lost the moral high ground from where it could tell other countries to not use digital weapons to resolve disputes,” Zetter said. “No one has been killed by a cyber attack, but I think it’s only a matter of time.”

Joshua Alvarez was a 2012 CISAC Honors Student.