Part 1 of 3 - Future Challenges of Operational Technology OT Security Artwork

HSDF THE PODCAST

The Homeland Security and Defense Forum proudly presents HSDF THE PODCAST, an engaging series of policy discussions with senior government and industry experts on technology and innovation in government. HSDF THE PODCAST looks at how emerging technology - such Artificial Intelligence, cloud computing, 5G, and cybersecurity - is being used to support government missions and secure U.S. national interests.

All Episodes

HSDF THE PODCAST

Part 1 of 3 - Future Challenges of Operational Technology OT Security

July 26, 2024 • Homeland Security & Defense Forum

Welcome to “HSDF THE PODCAST,” a collection of policy discussions on government technology and homeland security brought to you by the Homeland Security and Defense Forum.

In this episode, the we discuss how cutting-edge technologies are revolutionizing public safety and emergency response. The panel addresses the pressing challenges of balancing better, faster, and cheaper solutions while integrating zero trust and IT modernization to address life-and-death scenarios and mitigate financial impacts.

Featuring:

Bob Costello, Chief Information Officer, CISA
Bobby Hall, Director, Compliance Division, Office of the CIO, FEMA
Shawn Kingsberry, Vice President, Cybersecurity, SAIC
David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator)

This discussion took place at the HSDF’s Cybersecurity Symposium on July 10th, 2024.

Follow HSDF THE PODCAST and never miss latest insider talk on government technology, innovation, and security. Visit the HSDF YouTube channel to view hours of insightful policy discussion. For more information about the Homeland Security & Defense Forum (HSDF), visit hsdf.org.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 0:00

So let me start with the first questions. You know each of your organizations are charged with very important public safety missions or missions more largely public safety, emergency response, addressing citizen-centered outcomes. These missions have not only security and public safety elements to them. They increasingly have economic, community and individual considerations that must be balanced with the continuous pursuit of better, faster, cheaper. It's important that we be able to differentiate what we do out of the United States from an increasingly competitive global economy that looks often towards alternative solutions. So how are the agencies that you support employing emerging technologies such as AI, robotics, 5g, cloud to improve mission outcomes? And let me go ahead and start maybe with Sean and our system integrator on the panel.

Shawn Kingsberry, Vice President, Cybersecurity, SAIC: 1:03

You bet, yeah, you see, I was like okay. So first, hey, thanks a lot, and I'm glad everybody could come. This is a great, great conversation and I'm glad to be here as well. So first I start off saying better, cheaper, faster, pick two, because you're not going to get all three right, because when you look at the challenges and constraints that you have with time, how much budget do I actually have? What's the mission that's actually taking place? Typically, you're going to pick two right and you're going to figure out what that means and use emerging technologies Right.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 1:36

So help us with the emerging technologies.

Shawn Kingsberry, Vice President, Cybersecurity, SAIC: 1:38

Well, what I'm saying is it's important because you have to factor that in to every one of these models. And when you start to look at some of the I'm going to say some of the agencies so I'm also going to put on my former federal CIO hat right when you look through that lens, you have to look at where you are today and the mission today and some of the problems that have to be solved, and now a lot of the problems kind of go to that digital edge now, and when we say the digital edge, that really is finance, that's law enforcement, that's all of the above. And when you look at the elements that make up that and the innovation that's necessary to put into that and the factors and the problems, the outcome of the problems actually are life in some cases is life and death. In other cases it's actually financial impacts and the likes. So it's lots of opportunities. When you look at leveraging AI and I'm going to talk about zero trust Right, Because zero trust is real Sometimes we we kind of talk over it a little bit because everyone is kind of like when cloud first came out, everybody said cloud, they were clouds.

Shawn Kingsberry, Vice President, Cybersecurity, SAIC: 2:46

When they made cloud cloudy, right. So now everybody says that they are zero trust. And zero trust isn't a noun, it's a verb, it's an outcome, right. And when you look at what that means and you factor that into the decisions that are made and you look at it from IT modernization, cyber, by design, right, you start to pay attention a lot differently, right. So now you start to look at the edge. How can I actually have zero trust at the edge? Right, and that's happening today, especially when you look at CBP and some of the other law enforcement agencies where you can have security edge, because you have to, because of the pervasive nature of how everyone computes.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 3:27

I love that connection to Border Patrol right, because our borders nationally are no longer at the edge of our physical boundaries. We've got digital borders that are out there everywhere that need to be protected if we're going to protect the nation. But, bobby, what kind of emerging technologies is FEMA using to achieve better outcomes for your mission? Sure, thank you. Either one will pick it up.

Bobby Hall, Director, Compliance Division, Office of the CIO, FEMA: 3:53

Well, my voice travels right, so I want to make sure everyone can hear me. So I don't want to get into any specific implementations of emerging technologies from a FEMA perspective, but I would say that the federal government as a whole has, you know, has truly embraced emerging technology in the form of artificial intelligence, rpas such as you know, robotic process automation, machine learning, even leveraging cloud-based solutions. Here at FEMA, we have a very unique mission set, and our mission is to help people before, during and after disasters, and so, from an emerging technology perspective, we're looking for solutions that would help us be able to better serve the American public, and so we're looking for trustworthy and resilient systems that are able to meet operational requirements at the speed of the mission, operational requirements at the speed of the mission, and so we have essentially leveraged cloud-based solutions over the past two or three years. The intent is to continue to leverage emerging technologies based on our core mission, and so it has to map back to a mission or a requirement per se, and so, even though we have all a treasure trove of emerging technologies that are available at our disposal, if it doesn't fit within our core mission set, then we would pretty much forego that.

Bobby Hall, Director, Compliance Division, Office of the CIO, FEMA: 5:12

But I think we can all agree that AI is probably the way of the future now, and so we're looking at ways where we can leverage AI not only to serve the American public, but then also how we can gain better efficiencies from a female perspective. In terms of our cyber mission Case in point, we can leverage AI machine learning to parse through a treasure trove of information that we can then feed into our incident response capabilities and so, having your security analysts trying to identify indicators of compromise, we can essentially leverage AI to kind of identify that information up and up front. And so now we are focusing really on core mission and then we're letting AI kind of pick up some of the heavy lifting on the back end. So, from a FEMA perspective again, and as a overall government perspective, we are utilizing emerging technology, but again it goes back to your core mission and your requirements to support, you know, your core mission.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 6:10

So yeah, and Bobby FEMA is deployed today right Hurricane Barrel, south Texas.

Bobby Hall, Director, Compliance Division, Office of the CIO, FEMA: 6:17

I kind of want my mic right here.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 6:19

You're going to be thinking about well, how do we first assuage ongoing suffering, but then how do we restore and recover and things like counter-fraud and those kinds of missions?

Shawn Kingsberry, Vice President, Cybersecurity, SAIC: 6:31

Yeah, but Bobby made a good point that I think everybody needs to kind of catch on to Business slash mission drives technology. Technology enables business to meet its goals and objectives.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 6:45

Right, so it's not about the, but this is a good segue to Bob, because I don't think that's entirely true. There are some times where technology invention creates opportunities and, whether we like it or not, the commercial sector will build upon those opportunities. And this is core to CISA's mission, because your mission isn't just cyber for your own sake, right, it's cyber for the nation, for the economy, for an innovation within using some of these emerging technologies to be better at your own cyber. So can you talk to some of us from those two different universes?

Bob Costello, Chief Information Officer, CISA: 7:36

Sure, hopefully everyone can hear me. We're arguing with the microphones here, but I have a louder voice than you, so you know I think I tend not to talk in like hyperbole. Often Many of you have worked with me. I tend to be pretty direct so I don't know that we can highlight that it's emerging technology. Some of these technologies have been there a long time. Some of us on the federal side you know I'm like all the rest of you If you're feds I have very legacy systems that were, were part of CISA or actually that I'm trying to upgrade from the formation of DHS stuff that came over from DOD and it's quite challenging.

Bob Costello, Chief Information Officer, CISA: 8:17

I think that that we're we are pushing forward is, you know, I've been there about three years now the end of August. You know, one of the best things that we can do internally. I handle the internal IT needs of the agency, so that's from employee endpoints, the systems we run. I serve as the authorizer for a lot of our cyber systems and we work back and forth with the cybersecurity directorate. You'll hear from David Carroll shortly. You know we're all partners at CISA. I think what I'm trying to do is no one's going to say well, bob Cussell, you did a good job. You saved millions of dollars, but CISA was hacked every Tuesday around 3 pm. So I try and make really risk-based decisions, which can be really hard, because often we can't quantify the risk on some of our systems because I've inherited some legacy systems that it's difficult to do that.

Bob Costello, Chief Information Officer, CISA: 9:17

So one of the first things we started a number of years ago, kind of like three points. It was a very small office. It was about 40 people when I started there. It's about 500 now, with a lot of our partners in the integrator community. What we did is, you know it was a multi-year plan. As we enter year three, like first year, you know, build the right technical staff. Second year, start building stuff. Third year, we're deploying stuff. Third year, we're deploying, so we're deploying into new CISA environments. That are one of the things I want to be able to say is these things are just as a standards or our own guidance. I think that that's vitally important.

Bob Costello, Chief Information Officer, CISA: 9:57

And the second thing that I often joke like CIO either stands for chief information officer or career is over. Could really go either way. Or I live in New York City too. There it's chief information officer career is over. It could really go either way or I live in New York City too. There it's chief investment officer. What we're trying to really do is CISA had a very federated or fragmented approach to IT. My goal is not to run all the IT but to enable the CISA mission operators to concentrate on their mission. And if that's deploying systems, that's wonderful. Can I take some of the noise floor off of you? Can I run your help desk for you? Can I deploy endpoints? And for other groups that are much smaller that probably shouldn't run IT, we took that over and provided back to them and take their requirements. So it's really a partnership On the AI front definitely emerging, although AI is not new.

Bob Costello, Chief Information Officer, CISA: 10:47

I'd say what we did a little bit differently at CISA. We started really early with an AI action plan that you can view externally on our website, and then we have an internal plan that's a little more detailed. That kind of goes over things. But I'd say you know, one of the best aspects of that has been a partnership between myself and the chief privacy officer. We lead the responsible use of AI at CISA and you know he very much serves as a check on me because you know IT people will just deploy anything you know, give me your data, a check on me, because you know IT people will just deploy anything. You know, give me your data, let's data mine it. It's great. So that partnership has been really fabulous and I think that's what we're trying to do.

Bob Costello, Chief Information Officer, CISA: 11:26

Differently To your point on CISA's, you know many missions to speak through. Our emergency communications division was running an event with many of the largest police departments across the country and we were speaking extensively about. You know my prior roles at CBP and ICE. Like we ran big radio systems, we ran systems that are really OT or IOT and hard to protect. They run for 20 or 30 years the advantage that we have in the federal government.

Bob Costello, Chief Information Officer, CISA: 12:02

Yes, we sometimes have budget problems. My budget problems are very easy to deal with compared to a local police department or others. So I think our role really is how can we get our advisory services out there? Can you consume our cyber hygiene services and other services? Can we make it easier to sign up? At the end of August, we'll be dropping a new portal that my team's designed to make it easier for our partners to sign up for CISR services. Right now it's like send us an email. You know that's not always the best way you know. So we'll have a workflow management system that lets us kind of monitor that a lot better.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 12:42

Bob, I love that you brought up the Emergency Communications Division. It's a group that I have a special affinity for all things 911, emergency alerting, alerting Landmobile Radios we're here in AT&T's headquarters FirstNet and the other competitive broadband providers. I just coincidentally, had the CEO of a company called Rapid SOS speak to my MBA students last night and the topic to them was about a startup and what's your noble purpose for being a startup and you know what, what's your noble purpose for being a CEO and how do you align the activities. And he brought up that they had just completed a partnership with Apple and with Google to now, for the first time, be able to support live stream FaceTime into the 911 Center. And what was so interesting and Michael's a great guy, michael Martin a year ago Michael kind of knew the word AI and last night he talked to me about the types of neural networks they're using in the AI and he went all the way down to RAG, r-a-g and how they're implementing artificial intelligence to address the challenge of now.

David Simpson, RADM (ret.) USN, Virginia Tech, Pamplin Business College Professor in Leadership and Cybersecurity (moderator): 14:01

You've got these videos at a crime scene, videos at an accident, and they're coming in to the public safety answering point. And how do we not have all those call takers just be permanently scarred from PTSD. So they're using artificial intelligence to recognize that there's a scene that maybe should be blurred or should be preemptively addressed to help the end-to-end response. So this is the kind of example where the technologies have been around forever. But I'll tell you that two years ago everyone was talking cloud when they gave their testimony to Congress. This year it's alternative AI. You know we get these storms of chat, gpt and for July 4th this year, the most number of calls to 911 that this nation ever experienced, and part of it is we're just more connected than we were and people called 911 for more things and