We've been attending the 10th annual Billington CyberSecurity Summit in Washington, which began yesterday and wraps up today. The theme this year is "top government priorities: a call to action," and the presenters represent a strong mix of industry and government leaders. This year's Summit has a strongly international tone: Canada, Israel, and the United Kingdom. We share here a few highlights from yesterday's presentations.
Perspective from the Federal CISO. Grant Schneider, currently the US Federal Chief Information Security Officer, working from the Office of Management and Budget, explained that while his organization does have oversight responsibility, he sees it essentially as a “support structure” designed to enable sound cyber practices throughout the Federal Government. Schneider's predecessor and co-presenter, Brigadier General (retired) Greg Touhill (now president of Cyxtera Federal), said that his own views shifted over the course of his service. At one time he would have attributed most incidents to “careless, negligent and indifferent people.” But he eventually came to add "overworked," and that may be the most important risk factor. Learning how to manage risk under these conditions is a challenge, and Government personnel need to fully understand the new reality: “If you use a computer or a mobile phone, you are a cyber operator, and a target.” When both current and former Federal CISOs were asked what keeps them up at night, Touhill [corrected] pointed to the exposure of critical infrastructure to attacks against industrial control systems. As the Internet-of-things expands, risk exposure grows, and the cost of entry to threat actors declines. Schneider [corrected] gave a one-word answer: "China."
Notes on data and artificial intelligence. There are, a panel pointed out, two sides to artificial intelligence in cybersecurity: AI's use in cybersecurity, and the cybersecurity of AI systems themselves. Jack Shanahan, (Director of the US Department of Defense Joint Artificial Intelligence Center) described a challenge the Government has with artificial intelligence and data. The data the Government has collected (and it's been collecting data from the earliest days of the republic) is that collection obviously didn't assume that the data would be used with artificial intelligence. Commercial businesses like Amazon, Google, and Facebook aren't in this position. They don't have two centuries of legacy collection to reconsider. Dean Souleles (Chief Technology Advisor to the US Principal Deputy Director of National Intelligence) noted that a major problem with artificial intelligence is that we don’t really know what ‘normal’ is, and without some such baseline, it's unclear how we might detect anomalous behavior. Lynne E. Parker (Assistant Director of Artificial Intelligence, White House Office of Science and Technology Policy) raised the question of data integrity as a problem that grows sharper with the deployment of AI. Data poisoning attacks are a very real threat, and ensuring that data are trustworthy is a challenge, Weighing in from the private sector, Swami Sivasubramanian (Vice President, Amazon Web Services) compared stage of development of machine learning to the internet. "If the internet is still in Day 1 after 30 years, machine learning just awoke and hasn’t yet had a cup of coffee."
And thoughts from NSA's Cybersecurity Directorate. The day concluded with a fireside chat between Anne Neuberger, the director of the NSA’s new Cybersecurity Directorate, and Niloofar Razi Howe, a well-known cybersecurity venture investor. Howe asked if there was a strategy behind the directorate, which is set to launch on October 1st, and Neuberger said the goal was to “prevent and eradicate cyber actors from critical infrastructure.” She said NSA needed to change its approach in response to a drastically changing threat landscape. In particular, information operations changed with the rise of social media, and criminal operations changed with cryptocurrency. With the Cybersecurity Directorate, Neuberger plans to increase information sharing with other agencies and with the private sector, emphasizing how important it is to cooperate with social media companies to fight information operations. Neuberger also highlighted the threat posed by ransomware, saying that there are about 400,000 of these attacks per day. The intelligence community’s main objective is looking at threats posed by nation states, and Neuberger pointed to China as a major focus. She said the OPM hack, the Cloud Hopper activities, and rampant intellectual property theft reveal China’s goals.
We'll have more notes from the Billington CyberSecurity Summit tomorrow.