John Forte, the Deputy Executive for Johns Hopkins University Applied Physics Laboratory’s Homeland Protection Mission Area, said that the role of the CISO will have to evolve in order to address the changing landscape of increasingly interconnected devices. He points to transportation, healthcare, buildings and cities, education, public safety as examples of sectors that are growing increasingly automated.
Forte uses the example of an 85-year-old woman who is able to live at home due to advances in medical technology. Her medical sensors detect the signs of a blood clot in her leg, and the sensors send the data to doctors, who analyze the information and determine that the threat is real. A vertical take-off aircraft is dispatched to bring her to the hospital, and there are medical robots in the aircraft to take care of her on the way. Throughout this process, there are numerous instances of communication between devices, and all of the devices need to work together.
IoT devices will be used to assist in countless tasks, and all of these devices need to interact with each other. The challenge is getting them to interact securely, and building them so they can’t be hacked.
Forte said that the traditional consideration for a CISO is aligning the risk to the mission; in the future, however, CISOs will increasingly need to become business strategists. What CISOs need to start doing today is designing open, resilient, zero-trust architectures, mastering the supply chain, and enhancing automation and the use of AI. Forte noted that we’re currently in the very beginning stages of artificial intelligence.
Forte says that, in the coming world of interconnected devices, cybersecurity professionals have their work cut out for them. But, he adds, that’s what they’re there for.