Cybersecurity experts from state and local government, as well as top federal agencies, gathered this week to discuss everything from critical infrastructure attacks to concerns about China. Here are some top takeaways.
March 24, 2024 •
Who can you trust to combat the growing number of AI-generated election deepfake threats?
That was just one of the questions addressed during roundtable discussions this past week at the inaugural Billington State and Local Cybersecurity Summit held on March 19-20 at the National Press Club in Washington, D.C. The event included nationwide experts from local, state and federal government agencies, as well as private-sector companies and nonprofit groups.
Some of the topics on the agenda included:
- Behind the scenes details on ransomware attacks against governments
- Various aspects of election security — including threats from foreign nation-states
- The role of the National Guard in state and local cybersecurity
- Advancements in AI — in both good and bad directions
- Resources available from federal agencies to state/local governments — including updates on cyber grants
- White House cybersecurity policy implications for states and locals
- Regional approaches to cybersecurity collaboration
- Fireside chats (without the actual fire) that discussed state and local CISO priorities and future plans
I was able to attend the entire event and moderate two sessions — one on elections and one on ransomware. I found this event to be different than any other recent cybersecurity events due to the many discussions that were not shared openly with the press and the federal government involvement, including several three-letter agencies (think NSA, CIA, FBI and DHS).
My favorite session was entitled “China in Your Digital Backyard” with T.J. Sayers, director of intelligence and incident response with the Center for Internet Security; Dave Frederick, assistant deputy director for China with the National Security Agency; and Andrew Scott, associate director for China operations with the Cybersecurity and Infrastructure Security Agency. The session was moderated by Katherine Gronberg, head of government services at NightDragon.
What frankly shocked me from that session was the level of concern from the intelligence community over current attacks that are coming from China.
Scott said, “In the last six months, our incident response effort has confirmed that the People’s Republic of China cyber actors have been on our critical infrastructure networks for in some cases up to the last five years.”
“They have the access that they need, and if the order was given, they could disrupt some services in this country right now,” he added.
“Disabling cyberattacks are striking water and wastewater systems throughout the United States. These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities. We are writing to describe the nature of these threats and request your partnership on important actions to secure water systems against the increasing risks from and consequences of these attacks.”
An article from The Verge describes the cyber threats against water systems in more detail:
“Hackers believed to be affiliated with the Iranian government conducted attacks against US water facilities in November that hadn’t changed the default manufacturing password on common operational technology they were using. White House national security official Anne Neuberger said the incident was a call to tighten security around utilities, with the US Treasury sanctioning six Iranian Armed Forces officials responsible for the attacks in February.
“The letter also referenced threats posed by Volt Typhoon, a Chinese state-sponsored group that was revealed in February to have compromised information about US drinking water systems.”
More than 30 cyber leaders spoke at the cybersecurity event this week, including the following state and local government cybersecurity leaders:
- Vitaliy Panych, CISO, California
- Nancy Rainosek, Chief Information Security Officer, Texas Department of Information Resources
- Colin Ahern, Chief Cyber Officer, New York state
- Katie Savage, Secretary, Maryland Department of IT
- William Zielinksi, CIO, Dallas
- Brian Gardner, CISO, Dallas
- Nishant Shah, Senior Advisor for Responsible AI, Maryland
- Josiah Raiche, Director of Artificial Intelligence, Vermont
- Michael Geraghty, Director, NJCCIC (New Jersey) and New Jersey CISO
- Michael Gregg, CISO, North Dakota
- Netta Squires, Director of Local Cybersecurity, Office of Security Management, Maryland
- Bruce Coffing, CISO, Chicago
- Ryan Murray, CISO, Arizona
- Ralph Johnson, CISO, Washington state
On the federal side, there were also many cybersecurity leaders, including Steven Hernandez, CISO of the Department of Education, who co-chairs the federal CISO council, and Drenan Dudley, deputy national cyber director for strategy and budget with the Office of the National Cyber Director.
You can see the full agenda on the event website, but many of the sessions were conducted in a format that cannot be shared in this blog due to confidentiality.
Nevertheless, the open sessions will be made available in a few weeks online, and I urge you to watch as many of them as possible. (If you can only pick one, watch the closing session from Tuesday on the China cyber threat.)
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
*** This is a Security Bloggers Network syndicated blog from Lohrmann on Cybersecurity authored by Lohrmann on Cybersecurity. Read the original post at: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/federal-state-local-cyber-leaders-meet-to-discuss-threats