Welcome to part 2 of this series. We were lucky to welcome back Phil Goldstein, Senior Editor for FedTech and StateTech and Mike Gruss, Executive Editor at Defense News and C4ISRNET at Sightline Media to To the Point Cybersecurity Podcast. Our first episode (read part 1 here) covered the 2020’s impact on the direction of cybersecurity, the danger of disinformation, and the future of data management. This week, we continued our discussion of Forcepoint’s Insights for 2021 and Mike and Phil shared some of their own forecasts for the next year.
Human Centered Solutions
Building products that accommodate human behavior will be paramount to reducing security threats. As mentioned in part 1, by understanding what protocols are cumbersome to follow, thus leading to unsecure work arounds, we can adjust the architecture of those systems. This can be a contrast other agencies (like the DoD) who prefer a zero-trust model. This can be challenging, especially for state agencies that often have limited ability and resources to adjust their system. This is one reason why local governments have been targets for ransomware attacks. Ensuring that IT leaders within the government have the context and behavioral baseline to meet people where they’re at can give more insight into how to best implement security.
Machine Based Learning, AI, and Diversity
Even super computers have to be taught by someone! It is through diversity on those “teaching teams” that AI can be fully comprehensive and less biased. People create the algorithms that teach and inform AI, and human predisposition can get baked into the system itself. These biases can be particularly problematic in the government sector. Imagine if the military built a program that can only identify a certain type of threat. The resulting blind spots lead us to be vulnerable to attacks that look different than expected. Phil suggests: “Building more diversity into your machine learning team reduces the probability that you're going to have biases that compound.” As machine learning and AI becomes a larger part of how the government does its job and analyzes data, diversity efforts will become even more critical.
Finally, we put Mike and Phil in the hot seat to share their 2021 predictions and what they believe were the biggest cybersecurity impacts of 2020. Here’s what they said.
Mike Gruss – 2021 Predictions
- We are going to see a continued emphasis within the military and the intelligence community on information warfare, “We've thought of cyber operations and, to a certain extent, cybersecurity is kind of a separate domain. We're going to see that tied in more broadly to information warfare and maybe have that integration between other services.”
- We will hopefully see a greater level of thoughtfulness when it comes to classification. As made apparent during the pandemic, it is more challenging to work on classified material while remote. It has been a habit to over-classify data but sharing and collaborating with a team has shown the drawbacks of this approach.
- Tech fatigue. Many of us have been stuck behind the computer for more meetings than ever before. Mike warns that although counter-intuitive, cybersecurity may slip out of the spotlight as people grow weary of dealing with IT day in and day out.
#1 2020 Cybersecurity Impact: “CMMC. The way they've talked with the industry has been revolutionary. I don't think we've seen the government have the same openness to what industry was doing before. If that provides a playbook for what happens in the future, to me, that would be pretty interesting.”
Phil Goldstein – 2021 Predictions
- Uptake of zero-trust security on the civilian side. We’ve seen the DOD take the lead on zero-trust, and when civilian CISOs see how its working they may follow suit. While less of a “deployment” and more of a paradigm shift, he still foresees more agencies having “their own sort of flavor of zero-trust.” Increasing discussions about best practices, including zero-trust, will lead to more movement happening in this area.
- Greater emphasis on cloud security in 2021. The workforce will continue to be remote, and file sharing cloud tools and collaboration between customers and vendors will only increase. There will likely be increased pressure for this from the federal customer.
#1 2020 Cybersecurity Impact: “The pandemic, it's shifted everybody who [previously thought they] couldn’t work remotely to remote work. [We will see many] different cybersecurity considerations come out from that, whether it's cloud security or endpoint security. It's really changed the way a good portion of us work and operate in the world. That obviously has security implications.”
If you want to listen to other episodes, subscribe today wherever you get your podcasts: