The Chertoff Group hosted the Security Series Event “AI, Threat Intelligence, and The Cyber Arms Race” which convened an exclusive group of thought leaders to discuss critical security issues facing the public and private sectors. Below are key take-aways from the event.
Check out the full panel to hear how experts are leveraging AI solutions to prevent, detect, and respond to adversaries attacking our critical infrastructure and the private sector.
1. Election Security: There are “Have and Have-Nots” in the Election Space
- Director of CISA Chris Krebs emphasized that DHS plays a supporting role in elections, but ultimately the responsibility is on the jurisdictions themselves. There is a huge opportunity here for companies to help secure these critical systems.
- As new strains of malware becoming more widespread, states and counties are under-resourced to defend themselves. President and CEO of SonicWall Bill Conner highlighted that they found a new strain of malware that is evading traditional technology sandboxes.
- In a recent SonicWall report, his company found a substantial increase in weaponized PDFs being sent largely to recipients in Western nations’ most of which seem to be originating in Russia. If you combine machine-learning with processor-based memory inspection, you can detect and respond to these new strains.
- These evolving threats opens up opportunities for AI and machine learning to provide solutions to states and counties as well as SMBs who are often under resourced. For example, network sensors can enable states to take deeper look at net flow and comb through petabytes of data that no human would be capable of.
2. Data Relevancy is the Key to Getting AI Right
- AI will become a prominent geopolitical issue as Russia and China are already pledging to make it a top priority. While China has aggregated large amounts of data, there is under-appreciation for the importance of data cleaning and collecting the most relevant data.
- Krebs emphasized that we will always need a human involved in the process whether through design, control, or development of the algorithms. The key is to use AI as an enabler to get humans to elevate and make high order decisions.
- Our competitive edge will come by knowing the data we have and having the right expertise to translate that data. Innovation will keep the United States ahead, as will as prioritizing STEM in education.
- Department of Energy is a key leader in this space and has been a trailblazer for innovation. Undersecretary of AI and Tech at DoE, Dimitri Kusnezov highlighted the investment in both AI and super-computing as well as recently announced Aurora, Energy’s exascale system at Argonne and Frontier coming in at Oak Ridge National Lab. These developments allow the U.S. to push learning to extreme scales.
3. We Have Under Prioritized the Device Threat
- Digital threats and exploits are only getting more advanced. According to SonicWall, last year we saw a 240% increase in Internet of Things attacks.
- There are more than 3 times the device identities than there are human identities and we’ve spent a fraction of our energy and effort trying to manage those. Without any hard regulations in place, the IoT industry has defaulted to low security standards in the interest of perceived saved time and costs.
- Conner advocated for an IoT security framework that is use-case driven arguing that categorization of this data by use-case will change the entire ecosystem.
- In the UK, they have developed an IoT code of practice that defines reasonable approaches for ensuring consumer IoT security. Krebs highlights the need to determine key principles that require IoT to be patchable, comply with coordinated vulnerability disclosure programs and processes, plan for end of life-cycle scenarios and understand how devices are remotely managed. Until we get to a baseline of what a secure design looks like, we need to start baking in security from the beginning instead of segmenting it.
4. 5G Requires a Security Standard
- Attack surface will increase exponentially with 5G and yet we don’t have a single security standard that we are rallying around.
- There is a whole ecosystem emerging based solely on chips that are smaller, more powerful, and tailored to learning. We don’t know what technologies will be embedded in devices of the future, but it will be happening and there will be novel chips manufactured by companies that we need to keep an eye on. What is the implication of this ecosystem of these kinds of smart devices? Unclear whether they are made with security standards in mind.
- As we move to a more chip-based world, side-channel attacks could pose a serious threat. Side-channel attacks have not been weaponized yet, but could turn into nation-state sponsored threats in the future.
- 5G is going to require the private sector to develop supply chain security solutions and the government to collaborate through investments, incentives, and resources.
5. We Need to Move Away From a Model Where Lowest Price is Considered Technically Acceptable
- This applies to 5G/AI: As we move towards building 5G infrastructure in the US, we need to understand that in terms of quality, Hauwei products are “objectively worse” and more importantly concerning from a national security perspective.
- This also applies to DHS pushing out additional services to lower tier contractors that sit in the “have not space.”
- Department of Defense made an announcement last week that cybersecurity is an allowable cost. DoD is developing standards for cybersecurity vendors to expedite the acquisition process.
- Cybersecurity is critical for small and medium businesses as well. A positive step forward was the USG/NIST is transitioning attention to this space by creating a framework specific to that industry.
- DHS is looking to help with shared responsibility. How do network owners take responsibility for cybersecurity but if there is a market failure how does CISA correct and augment that? We need to get to a point where an integrated model is available for SMB enterprises.