Innovation in Government from TechNet Cyber

July 16, 2024

Presented by Carahsoft

Don't miss "Innovation in Government from TechNet Cyber," a compelling one-hour TV program recorded on location from the Fed Gov Today Mobile Studio at AFCEA s TechNet Cyber. This exclusive show delves into the critical cyber security challenges and solutions discussed at this flagship event. Featuring insightful interviews with leaders from, DISA, the DoD, and other key cyber leaders from government and industry, the program provides a deep dive into how these organizations are working together to outpace threats and secure our digital future. Don't miss this chance to gain firsthand insights from top cyber security experts. 

Emerging Cybersecurity Threats and Solutions at TechNet Cyber

Steve Jacyna, Director at Carahsoft, highlighted key cybersecurity trends and challenges at the TechNet Cyber conference. Jacyna emphasized the increasing importance of protecting critical infrastructure and the adoption of zero trust platforms to counter sophisticated threats. He pointed out the rising complexity of ransomware and malware attacks fueled by AI, making it harder to manage phishing attempts. The potential threats posed by quantum computing were also discussed, as these technologies could crack encryption algorithms quickly, posing significant security risks. Jacyna believes that AI will play a dual role, both as a threat and as a tool for improving cyber resiliency and incident response. He stressed the importance of rapid growth and adaptation in cybersecurity practices to stay ahead of adversaries.

Key Takeaways:

1. Critical Infrastructure Protection: Emphasized the need to safeguard vital systems against nation-state actors and evolving threats.
2. Adoption of Zero Trust Platforms: Highlighted the necessity of zero trust in enhancing identity access management and overall cybersecurity.
3. AI in Cybersecurity: Discussed the dual role of AI in both advancing cyber attacks and improving defensive measures like incident response.

The Evolution of DODIN's Cyber Defense Mission

Brigadier General Heather W. Blackwell, Deputy Commander of JFHQ DODIN, explained the consistent mission of securing, operating, and defending the Department of Defense Information Network (DODIN). She noted that while the mission remains unchanged, the nature of DODIN has evolved significantly with advancements in technology, including the integration of OT, cloud environments, and mission partner environments. Blackwell stressed the importance of focusing on data security, particularly within mission partner environments, as these will be crucial in future warfare. She advocated for investing in the training and technology for everyday cyber defense forces, and the necessity of a joint, unified approach to implementing zero trust architecture across the Department of Defense.

Key Takeaways:

1. Evolving Cyber Terrain: The addition of new technologies like cloud and OT has transformed the DODIN's cyber defense landscape.
2. Focus on Data Security: Emphasized the critical need to secure data within mission partner environments to maintain a strategic advantage.
3. Investing in Cyber Defense Forces: Advocated for enhancing the skills and tools available to everyday cyber defenders to strengthen overall defense capabilities.

Role of AI in Enhancing Government Cybersecurity

Jonathan Alboum, Federal CTO at ServiceNow, discussed the transformative impact of AI on cybersecurity in government agencies. He emphasized the use of AI to maintain a strong cyber defense, detect anomalies, and respond to incidents more effectively. Alboum highlighted the ability of AI to reduce false positives and focus human resources on high-value tasks. He pointed out that while AI can significantly enhance cybersecurity measures, it is crucial to ensure transparency and human oversight in AI-driven processes. Alboum also stressed the importance of balancing the rapid adoption of AI technologies with maintaining a skilled cybersecurity workforce.

Key Takeaways:

1. AI for Cyber Defense: AI can help detect deviations from normal behavior and reduce false positives, focusing human efforts on critical tasks.
2. Human Oversight in AI: Emphasized the need for transparency and human involvement in AI-driven cybersecurity processes.
3. Balancing Technology and Workforce: Highlighted the importance of maintaining a skilled cybersecurity workforce alongside the adoption of AI tools.

The Integration of AI and Zero Trust in Cyber Defense

Jim Smid, Federal CTO for DOD/Intel at Palo Alto Networks, elaborated on the longstanding use of AI in cybersecurity through machine learning for pattern recognition and anomaly detection. Smid highlighted the need for automation in managing the sheer volume of cyber threats and alerts, advocating for AI's role in correlating and normalizing data to provide actionable insights. He also stressed the importance of integrating AI into the zero trust architecture, ensuring that all tools within the framework leverage AI for optimal efficiency and security. Smid's insights emphasize the necessity of automation and AI integration to keep pace with the evolving cyber threat landscape.

Key Takeaways:

1. Automation in Cyber Defense: Stressed the importance of automating repetitive tasks to manage the high volume of cyber alerts and threats.
2. AI in Zero Trust Architecture: Advocated for embedding AI across all tools within the zero trust framework for enhanced security and efficiency.
3. Pattern Recognition and Anomaly Detection: Highlighted the role of machine learning in identifying new and emerging cyber threats.

Impact of AI and Large Language Models in Cybersecurity

Steve Wallace, Emerging Technology Directorate, DISA, discussed the significant impact of AI and large language models (LLMs) on cybersecurity. Wallace highlighted the integration of AI across various commercial off-the-shelf (COTS) products, enhancing capabilities in endpoint defense, threat analysis, and phishing attack detection. He mentioned the development of chatbots and models trained on security-specific data, aimed at improving analyst efficiency. Wallace also addressed the ongoing threat posed by quantum computing to cryptography and the proactive measures DISA is taking to prepare for such advancements. His insights underscore the transformative potential of AI and the necessity of staying ahead of quantum threats.

Key Takeaways:

1. AI Integration in COTS Products: Emphasized the benefits of AI integration in commercial cybersecurity tools for enhanced threat detection and analysis.
2. Development of Security-Specific Models: Discussed the creation of AI models trained on security data to improve analyst performance.
3. Preparing for Quantum Threats: Highlighted the proactive steps DISA is taking to address the potential risks posed by quantum computing to encryption.

Defined Trust in Cyber Resiliency

Matt Topper, President of UberEther, critiqued the zero trust moniker, suggesting it should be called defined trust to better represent the concept. He highlighted the need for multi-provider, standards-based solutions to ensure resiliency in the face of cyber threats. Topper discussed the importance of being able to rekey entire networks quickly and maintaining consistent security policies across different platforms. He emphasized the necessity of agencies understanding their risk points and adopting a strategy that allows them to pivot and adapt rapidly during cyber attacks. His insights stress the importance of flexibility and preparedness in achieving true cyber resiliency.

Key Takeaways:

1. Defined Trust Over Zero Trust: Suggested redefining zero trust as defined trust to better capture its essence.
2. Multi-Provider Resiliency: Advocated for solutions that ensure resiliency across various platforms and providers.
3. Rapid Adaptation During Attacks: Emphasized the need for quick rekeying and consistent security policies to effectively respond to cyber threats.

Scaling Cybersecurity Solutions and Maintaining Vigilance

Bill Lemons, Director of Solutions Architecture and Systems Engineering at Fortinet Federal, discussed the challenges of scaling cybersecurity solutions and the importance of continuous assessment. Lemons stressed the need for a methodical approach to pilot programs, ensuring they meet security milestones and intent before full-scale implementation. He highlighted the necessity of adapting to the ever-changing cyber landscape and the importance of gathering feedback to identify gaps and improve systems. Lemons' insights emphasize the ongoing nature of cybersecurity efforts and the need for vigilance and adaptability in defending against evolving threats.

Key Takeaways:

1. Methodical Approach to Scaling: Advocated for a measured approach to scaling cybersecurity solutions, ensuring they meet security milestones.
2. Continuous Assessment and Feedback: Emphasized the importance of ongoing assessment and feedback to identify and address security gaps.
3. Adapting to the Changing Landscape: Highlighted the necessity of staying vigilant and adaptable to keep pace with the evolving cyber threat landscape.

DISA's Cyber Strategy and Operational Readiness

Tinisha McMillan, Director of Operations, Plans, and Exercises at DISA, discussed her role in driving DISA's cyber strategy and ensuring operational readiness. McMillan emphasized the importance of aligning DISA's acquisitions, programs, and capabilities with its strategic goals. She highlighted the need for automation and AI to improve data analysis and risk assessment, freeing up personnel to focus on critical thinking and proactive measures. McMillan also stressed the importance of clear communication and understanding between DISA and its vendors to achieve shared objectives. Her insights underscore the need for strategic alignment and technological innovation in enhancing DISA's cyber operations.

Key Takeaways:

1. Strategic Alignment: Emphasized the importance of aligning acquisitions, programs, and capabilities with DISA's strategic goals.
2. Automation and AI: Highlighted the role of automation and AI in improving data analysis and risk assessment.
3. Vendor Collaboration: Stressed the need for clear communication and understanding between DISA and its vendors to achieve shared objectives.

The Evolving Cyber Threat Landscape and Infrastructure Security

Chris Stuntz, Solutions Architect at Equinix, discussed the evolving cyber threat landscape and the importance of infrastructure security. Stuntz highlighted the increasing complexity of threats, including AI-driven attacks, advanced persistent threats, and cyber-physical attacks targeting critical infrastructure. He emphasized the need for robust physical security measures and compliance with government guidelines. Stuntz also discussed the trend of government agencies moving towards hybrid cloud environments and the importance of balancing on-premises and cloud security. His insights highlight the multi-faceted nature of cybersecurity and the need for comprehensive strategies to address evolving threats.

Key Takeaways:

1. Evolving Threat Landscape: Emphasized the increasing complexity of cyber threats, including AI-driven and cyber-physical attacks.
2. Infrastructure Security: Highlighted the importance of robust physical security measures and compliance with government guidelines.
3. Hybrid Cloud Environments: Discussed the trend towards hybrid cloud environments and the need to balance on-premises and cloud security.

DOD's Software Modernization Strategy

Robert Vietmeyer, Chief Software Officer at the Department of Defense, elaborated on the DOD's software modernization strategy. Vietmeyer highlighted the shift towards software-defined infrastructure and the adoption of modern delivery models like DevSecOps. He discussed the challenges of changing the culture within the DOD to embrace continuous iteration and automation. Vietmeyer emphasized the importance of collaboration with industry partners to leverage advanced technologies and optimize software delivery. His insights underline the necessity of modernizing software practices to enhance the DOD's operational capabilities and maintain a technological edge.

Key Takeaways:

1. Shift to Software-Defined Infrastructure: Emphasized the move towards software-defined infrastructure and modern delivery models.
2. Cultural Change in the DOD: Highlighted the challenges of changing the DOD's culture to embrace continuous iteration and automation.
3. Collaboration with Industry: Stressed the importance of working with industry partners to leverage advanced technologies and optimize software delivery.

Securing AI and Integrating Zero Trust in Government Cybersecurity

Gina Scinta, Deputy CTO at Thales TCT, discussed the dual aspects of AI in cybersecurity: using AI for cybersecurity tasks and securing AI data. Scinta highlighted the importance of identity access management and data encryption in protecting AI environments. She emphasized the challenges of data tagging and the need for precise data classification to ensure effective AI-driven security measures. Scinta also discussed the integration of AI within the zero trust framework, highlighting the interconnectedness of identity, data, and application security. Her insights underscore the critical role of AI and zero trust in modern cybersecurity strategies.

Key Takeaways:

1. Dual Aspects of AI in Cybersecurity: Discussed the use of AI for cybersecurity tasks and the importance of securing AI data.
2. Data Tagging Challenges: Emphasized the need for precise data classification to ensure effective AI-driven security measures.
3. Integration with Zero Trust: Highlighted the interconnectedness of identity, data, and application security within the zero trust framework.