MIT and Harvard Business School come together to facilitate the second-ever National Technology and Security Conference.

On April 15th, 2023, MIT’s Sloan School of Management in partnership with Harvard Business School hosted their Technology and National Security Conference; the second-ever event of its kind and the first to be held at MIT. The conference honed in on challenges, opportunities, and emerging dynamics within global defense. Centered around technology and innovation, this year’s conference honed in on the hybrid war between Russia and Ukraine, and its implications for China and Taiwan. The conference included not only a cybersecurity panel, but an Innovation Showcase displaying the work of a multitude of players in the cyber and defense sectors.

The cyber panel.

Discussed in the cyber panel was the importance of public and private partnership with governmental organizations, as well as the need for talent within the cybersecurity sector, and how the National Cybersecurity Strategy (among other governmental reports) is attempting to help build up the talent within the industry. Cybersecurity is manageable if resources and skills are readily available and accessible, however that has not proven to be the case in many instances. The world is facing incredible pressure to adopt technology at a pace faster than they are capable of managing, and remaining secure, and there isn't really an option in place to slow the progression. The panelists noted that the recently-released National Cybersecurity Strategy, attempts to shift the responsibility of remaining cybersecure onto bigger players, which can help aid in these quick developments for smaller retailers and individuals. Cloud service providers, larger technology companies, and major cybersecurity companies have a better infrastructure and more resources capable of managing these threats, rather than small businesses alone and individuals. The strategy also emphasizes the idea of "secure-by-design" principles; the idea that while products and services may not be necessarily first-to-market, it will be created and developed with a security-first mindset. The goal is to shift market forces in such a way that allows for the building and fostering of being secure by design, or secure by default, services and technologies.

Public-private partnerships are extremely important, as well, the panelists agreed, as collaboration allows for more vision and insight into the threat landscape. Each organization, company, and individual has a different vantage point and different information. The idea of public-private partnerships in the past has been a bit hindered by the idea that true collaboration is not really taking place, rather that it's nothing much more than an exchange of insights between parties. The strategy seeks to improve these relationships and deepen the collaboration between sectors, and emphasize and recognize the strengths between both governmental and nongovernmental organizations and what strengths they can contribute and leverage. A major key point in this strategy is to better that connection, facilitate open dialogue between the public and private sectors, and aid in discovery of pain points for the private sector and how they can be supported.

Emphasized by the panel was a need for individual foundational awareness of cybersecurity. Everyone today is now attached to internet-connected devices, and everyone, to some extent, should at least have foundational levels of digital literacy, computational literacy, and critical thinking skills in order to be able to discern the information that's being consumed. When you inherently have an awareness of cybersecurity, filling gaps may be easier because it's easier to get excited about the opportunities the field presents. Marrying this idea of awareness and learning with marketing is an opportunity for the industry; it's not just the engineers and developers that immediately come to mind employed within the field; there are also lawyers, marketers, and educators, among others, within this multidisciplinary cyber realm. Implementing a baseline cyber education in K-12 may be a positive opportunity to grow the cyber workforce and fill the gaps, in time. There are many benefits to working within cyber, but the narrative needs to shift away from fear-mongering into empowerment and self-protection. Making cyber more accessible, more digestible, and a bit less intimidating, will aid in every person gaining a level of understanding around cyber, and taking control of their own cyber posture.

The Innovation Showcase.

The conference also included an Innovation Showcase, demonstrating the work of 13 seed through Series A-stage defense startups. The showcase contained two parts: a set of lightning-round pitches from four finalists, and an innovation sandbox to meet with the startups doing groundbreaking work in their respective fields. Lightning round pitch finalists included:

• Adyton Public Benefit Corporation, a startup specializing in Zero Trust defense for military capabilities,
• Greynoise, a cyber company specializing in scanning Internet traffic and filtering through the noise to alerting to relevant, potential events of mass exploitation of vulnerabilities,
• Reach Security, a company working in enterprise security posture management to aid in maximizing the capabilities of existing company cyber infrastructure,
• True Anomaly, a company working to provide security and sustainability solutions in the space domain with mission-driven technologies.

As well as the Innovation Showcase finalists, which included:

• ANOVA Intelligence, a defense contractor providing mission-critical advanced persistent threat (APT) defense,
• Distributed Spectrum, a company providing a spectrum monitoring system for critical situational awareness,
• Mach Industries, who’s developing uses for hydrogen for better effects on guns and aerial systems,
• Pison Technology, a startup specializing in electroneurography to translate data generated by the body's natural physiological electricity into machine interpretable events,
• Reality Defender, a deepfake detection platform to fight against fraudulent users and content,
• Stitch3D, a cloud-based 3D data management platform accessible from any device,
• Team Cymru, a cyber threat intelligence and attack surface management provider,
• Themis AI, a startup aiming to remove bias within machine learning pipelines,
• Unstructured Technologies, a startup aiming to address the preprocessing bottleneck in using AI and machine learning against unstructured data.