thanks everyone for joining us for the protecting your mission from Aid driven cyber threats the federal government faces growing number of cyber attacks targeting everything from critical infrastructure to sensitive citizen data while artificial intelligence promises Solutions it's also presents unique cyber security challenges today we'll examine the Dark Side of artificial intelligence cyber security we'll explore how malicious actors can exploit vulnerabilities in AI powered systems to launch even more sophisticated attacks we'll also talk about biases in AI algorithms potentially leading to the blind spots within security defenses by understanding these dangers we can develop strategies to mitigate them so let's explore how to harness the power of AI responsibly to Safeguard the US government's critical systems I'd like to introduce Mr David Carroll associate director for Mission engineering at sisa over David's distinguished uh career David has worked over worked to help build strategies for federal agencies and critical infrastructure verticals to protect and defend against existing and emergency cyber security threats I guess I'm up um good afternoon everybody and thank you for coming um representing an agency like the Cyber infrastructure Security Agency if there is a day you don't see us in the news I'd be very very amazed and surprised um it is a constant flow it is a constant challenge but it's also a constant incredible Mission and I um I've come back from industry after about 10 years I'm a DHS alumni um and it's just uh you know when when the director and the folks that brought me on asked me why because I was at you know at the time I was working with another uh uh big company in uh out there in Mountain View California with a with a lot of fun uh sleeping pods and um you know I said it's Mission you know it's really you know and they asked me they said Well we'd like someone who understands software engineering who understands machine learning and has that cross-section of cyber and um you know my background you know since before cyber was cyber um I was joking on with one of my staff the other day and they said when didd you get your cissp sir I said 20 0 2 and they went was very funny um but I've been doing this a long time and I've I I've had the pleasure of working with some of the greats in the field and um and working across you know two decades uh on my other side of life I'm actually a Navy cyber warfare officer I've uh done offensive and defensive cyber operations and um it's it's been interesting for the past you know 14 years working across this from um you know the dod side as well as working in the private Private Industry working on highly regulated institutions actually working for financial services um and then coming back into the mission and the mission and artificial intelligence um I'll give you a little brief background of what my division does uh anyone in the audience heard of a little program across us called Einstein yes that's mine that little that little you know detection system that's plugged in at every uh internet access point everywhere we run a every day all day long and my team's run it for almost two decades and they're amazing um however in the last 10 years or so because of the way we do application development because of the way that threats move that I'm going to talk about it's it's become increasingly evident that net flow and those traditional hunt methods where we're just looking for an ioc indicator on The Wire don't work so well anymore um a lot of that has been driven because of artificial intelligence because of the and also been overcome by the amount of data that we have to take in as operators it's it's it is an impossible job to try to look at this stuff and and you know and if you've ever seen a threat hunt floor it's very interesting I'll tell a little story about that um soon but my my group is um you know we were a a big pmo um I've been asked to evolve out of that and develop what is called the Cyber analytic data system and so those components um the director asked me a few weeks ago Dave when is that going to be ioc I go you know give her a wink and go it's been at ioc for about 24 months ma'am and so we you know we do everything that you would expect we bring in a lot of data um we've got a few different ways of looking at that data um I've got um a a pretty big crew of data scientists probably one of the biggest in homeland security and uh they are amazing uh and I'll start with that story then we can go into some of the other uh the landscape areas I I was you know basically um walking through um you know my one of my watch floors and I saw a bunch of my my thread hunt cousins sitting at the table hoodies on lots of Red Bull you you know the story right and I'm what are you what's wrong what's going on they're they're sitting there hunched over this this eight I think probably an eight core Macintosh right and they're looking at this line going by and they're like sir we got to wait for this this analytic to finish I go really and I said how long you think it's going to take they go I don't know 40 50 hours and I'm like so you're going to do 24-hour operations on a single machine I said oh I can do better so harnessing the power of AI um and when I say AI there's different levels of it so this is more robotic process automation or the first level you know we can go all the way up to the left and talk about you know convergence you hear that scary term every now and then something you know more a more Isaac azimov than reality right and then you have generative AI which is parked kind of right below it um in the in the conversational way we work with it with that but this was more robotic process automation so I went and got my data science Chief I said can you fix that because there's a difference between an intelligence or a thread analyst and a computer scientist or a data scientist and so um they took it and they parallelized it containerized it pushed it into our our hyperscale environment and had the same analytic done the first run in four hours second time it was minutes and so when I speak I usually talk about um we are right now in the in the fact that we can take a threat and and and with our large language models with the amount of data we have um talking you know getting to the landscape issues um we have an unusual amount of data that we collect as you can imagine um you know endpoint data from continuous Diagnostics and medication you guys have heard of that program um all the Federal Executive Branch Telemetry a lot of State local and tribal Telemetry a lot of international Partners sending us information so you can imagine that's a that's a big data feed um what does AI need more than anything to exist a lot of data um and the more data you get the more efficacy you get um and I I I love to show pictures of that real time because everybody goes I heard it again this morning in another venue um they go it's a black box I go it's not a black box it's math come on you know let's just be realistic and and so and I and I like to show them that because I you know as I've been become more educated from being a cyber operator everybody goes well how does Cyber really relate relate to this and I go well we've always been Big Data we've been doing map production for a decade and a half it's the only way we've been able to survive um and so you know the great story there is we approach things and we need that in in the Cyber in the security realm we need that understanding it it's endemic to what we do so I don't I'm not really surprised or or scared by artificial intelligence um I've watched my cousins in TSA and CBP doing computer vision for years um you all have been doing it for years too with the uh I'm reaching in for my phone but it's back there but you go like this and and you you look at that iPhone and that is a that is a form of artificial intelligence it's a form of computer vision um it's doing high-speed Vector analysis on all these little points in your face it's or your thumb whichever way so you know that that's the the only difference these days um cyber threat or not is that the machine can talk to us the machine can can can enrich itself we don't have to monitor it as much it's in that area where it can take the data go and improve the model and recurse through it that's literally what what a you know a generative um process does so the landscape today from a threat perspective we the same day I started at sisa last summer um Andrew Scott who some of you may have seen sitting behind the director when she talked with General nakason and and and Christopher Ray a few weeks back um he's my colleague sits in the office next to me and he's our director of China operations so like anything else whether it's looking at a uh something that looks suspiciously like an F35 only it has different markings on it or or any type of intellectual property um I I refrain to use theft but acquisition um lawful or not um I I think think you know AI is is something that we're we're taking a lot of time and trying to understand um I don't think that that inhibits us I think it actually enriches us because we're going to kind of know the guard rails we're doing things at DHS um secretary mayorcas has has stood up um you know a responsible AI ethical AI things that because this these things when they get out of the Cyber realm can have big impacts I'll give you an example of that um as we've been combating ransomware um you know we've been trying to look at the behavioral patterns of ransomware and trying to put out things like PR what we call prni Priority ransomware notifications anybody in here use those PR and I they're pretty cool about a thousand of them I think a thousand of them by the end of last year before I got here and and we just keep going why is that important well because we got to look at a lot of data to figure out what the what the vectors are and we actually use large language models to do that we use AI to do that and we give an answer back to our to our folks in vulnerability management that actually put out those not notifications and I when I say it I say you know it's it's pre right we're trying to warn folks if we don't or if they're not in if we don't provide a a smart way to intake them or we don't allow for maybe a generative AI bot to ask you know to ask questions when someone asks if they're subject to this the net effect could be and a real world effect a few months back was a health care Consortium getting owned by a pre ransomware and be having to redirect ambulances you guys saw that in the news right that's this close to loss of life in this country and that's not technically Warfare right not you know and and there's a very fine line there but it's darn close we don't want folks dying because we didn't do the proper thing we didn't give them the indicators we needed so you know the AI landscape but how does that stuff happen how do they how did they get it there um when we talk about fishing or ransomware um all of them have a vector to get in whether that is malware itself um and and I'll I'll I'll kind of try to time box each of these a little bit malware itself in an AI environment um we used to have to deal with what we called polymorphic adaptive malware right like you go in and and I think the best example of this early earlier in the decade I saw was um we we put malware into an environment we'd look at it and then we'd turn on the virus scanner or the counter malware protection on the endpoint and you'd see as that stuff came up and and that malware saw those processes it would make a decision to start ratcheting itself down so the cool thing back then was you know how you fix that it's it's a function of signal so you just you just condense time because if it was expecting to have a nice little slope like this and you basically condense time then it all of a sudden went loud and we saw it real quick and we could kill it AI makes it very very hard because it can process that data and take feedback on our systems as fast as as as it can adapt so at the end of the day um what we're really talking about and and folks this is where it get folks get they they're late they give me the the the provocative stare I would say we're we're probably a couple years out for machine on machine cyber defense we do a little bit of it now um but we're very like any like any s like any cyber or AI effect right now it's in determinate like nobody wants a you know a a drone making decisions on its own does it does it fly it with a lot of telemetry and a lot of help absolutely does it make decisions by itself probably not I think in cyber we're going to have to Broach that pretty quick because we're talking about machine on machine effect so when the machine changes that fast and and can adapt you know 1 million times per second we're going to have to have something on the other side looking at it and and matching up what's the back end of that it has to be a large language model it has to be AI at that point we're not going to have a choice does that make sense wow um and going right into generative AI um I'm a big fan I'm having fun here's why I'm an old school programmer you know learned everything from when I was a little kid for Tran all the way up to um putting myself through God awful amounts of python and R in the last five years and and I love it however um when we talk about generative AI I'm also looking at it as it is the evolution of the programming language there's just a few articles coming out right now one of them actually came out from Microsoft a few days ago that talks about the fact that gen Ai and large language models and Ai and and and these AI models that can that can recurse are going to actually start writing the code for us everybody's shaking their head you've heard that right so at that point now you're defending the network machine to machine and and they're writing the code why so when we talk about what that means and and I think that's awesome because frankly I've I've seen every type of programming language and um it it's tough right because that's the the deal is not you know the efficiency there is is not scary it's what is the what is the the language Gap if anybody's gone to a foreign country and you've had a little bit of the language but not enough it's this clunky thing that you go through trying to get get it done and unfortunately threat on threat you know threat on defense we can't afford to do that so I don't I don't really have a choice but I look at it as a promise I I mean um my kids you know they they're like chat PT said this okay okay um here's what I'm trying to teach them and here's what I think that that in generative AI we're going to have a kind of a security or cyber Renaissance um I think when you can't trust the machine and Trust what you see what do you trust you're going to have to trust your own critical thinking at some point we're going to have to get back to not looking at that thing and going well I must believe that this is this because it's it it was on the internet come on everybody said that at some point and I've had I've had my you know my parents say it and and I'm just really really do you know what I do for a living seriously you know but but I want to look on the positive side of it because now what's happening is when my kids get something like that or get a story about Taylor Swift or get this they start looking at it and going Is that real that's awesome right because the best cognitive processor we have in existence is right here and so I think the the interesting thing trying to get um you know like and and I'll talk um I I'll give an example of some some bias which is interesting has anybody seen the you know you you understand that bias bias in an AI model means that you that that it's an inherent thing that it either gets from the data it intakes that means the data itself has to have enough information in it to to to defend the bias in other words it's got to see something or it's got to be taught that so that's that nature versus nurture thing it's really interesting if you talk about bi bi biological or Neuroscience alongside of it it's sort of like a real clunky version of what what we go through as human beings we learn things because we can breathe and we can do things and you know we you know there there's just certain Norms that that are biologic iCal to us and then there's what we learn and so the the models are no different um recent you know there some of the recent bias um things that have come out I I literally um the one I love to do when I teach this or when I talk to my staff is I I'm again weekend Navy officer right I go go to dolly or I go to um you know jp4 and I go hey draw me a picture of a jet landing on an aircraft carrier and I'd say about 50% of the time I get something that looks like a wild metallic flying squirrel Landing right on the water and I'm like it doesn't understand what a carrier is or in in more extreme cases um you know bias I'll talk about bias in the early part of the decade um we've all you know seen you know facial recognition and the bias that comes in there as you have different colors of of of tone in your skin and it and it creates false positives um for various reasons that's because the models aren't trained well enough they're not smart enough to see that and the irony there if you think about it is that bias is actually kind of you know the the the good side of it is some of that bias that says here's what a m you know a a a bad cell looks like for for example for breast cancer we can get down to the milron like literally the pixel and figure it out and it and it's what it's doing is it's providing forecasting of of cancer years before we could as humans because in that case the machine and the granularity and the and the dissection of that data is a little bit better than these tired eyes Behind these glasses right so I think there's promise in it in both but bias um at the extreme level is is is a product of of what I would say cyber warfare right um I I tell my team all the time Define the terrain you know it's it's a simple tactic well if you you know one of the ways that you would uh go after bias in generative AI is feed it the wrong data on purpose tell it what you think it's the is the truth that's where it's interesting as human you in human cognition we have a certain amount of of skepticism and we we have a lot more sensors than than our our friends in the uh in the AI world and so if you go and tell at something and I and this is something you've seen in recent news when they go and say hey get me a um a picture of a German soldier in 1943 and you get something that's interesting or George Washington and that turns out to be someone who's indigenous well that's not historically factual or I would say take take a look at a picture if you say you know I I was doing a picture for a class I'm I'm teaching and I I wanted it to show like a nation state or an AP actor right and you got to be really specific because it it wanted to show the US flag but it couldn't it would blur it and you know you know what that is that's a copyright by honest to goodness somebody programmed in that model you can't show a nation state flag because they're probably a global company I would say in this case they are absolutely a global company and it creates a bias or on the on the side of that um you know the German Soldier I I and I would say it was in the paper and it's a you know it is a it is a trained thing so you see you know basically it can't do certain symbols so you know I that's just what I've tried tried to tell people is that's showing how you ingest that bias and on the Cyber side it gets a little more Insidious I can start feeding it at scale bad data and I can get it to to you know to to flutter when uh we first started talking about chat GPT um there were articles out there about you know after a while it started to get a little bit like I'm going to shut your home system down you know that that type of thing that's that's snarkiness programmed in by programmers right those are those are answers that that it either looked up and found that in Reddit or gosh knows where and um and and added it so that the challenge of that um you know getting into you know pure adversarial work is to try to understand and control and have lockon bias um I I'll give the for instance I you when folks say well you know why aren't you scared of this I said well I said how many folks have flown everybody in here been in an aircraft you see there's two seats in the front yeah the one on the the one on the right side it's usually called what person with three stripes here co-pilot right so when we talk about gen how many have heard the term co-pilot just about every one of us right they're productizing it well that makes us in my opinion the other person in the left seat which has have the four stripes and we call them the pilot or the captain you cannot abdate responsibility for training these models for for monitoring them we can't just let them go and say that'd be great because you'll get unexpected results um at scale I've seen unexpected results um we you know we've seen you know active testing of of ioc's or indicators of compromise where we just if you alter it just enough you start to get a you start to get a Divergence in the model and you know what what how does that really manifest for a cyber defense operator well what we want to see is we want to take in the data and we want it to be reliable data and we want to see that area under the curves start to go like this and I always tell folks I said it's pretty simple mathematically it's statistics right you see that area under the curve that that space between the the trained model and the test data if it gets that close you probably got a bad guy right if it's this far apart maybe it's different data we need what if it is the bad guy but they were feeding you intermittent data that got that that curve to come out got a little ways to go before we can do those recursive checks in this and I think that's on the side of on the side of ethical AI building in those checks and balances forcing that human to the keyboard is really important because you'll hear you know in in a lot of a lot of things well we just want the machine to do it for us or we want you know we we and and I'm one of them right I'm like I can't do this at scale it's just too much data I started my discussion with that I can't um but what I do have to do is I have to have my operators come in there and look at it um similar to you know the way they work with drones things like that there has to be a human in the loop now that might take a different turn and it you know then then one of the novel things that might come out is you have an AI watching over the AI right one is trusted one is not that's pretty interesting because it follows scientific theorem right you got a control and then you've got the experiment kind of cool when you think about it all these basic things that we're getting back to it and critical thinking we've got to actually monitor the monitor I don't know know how susceptible um uh you know getting to the next question how susceptible is um a is AI I talked about it a little bit but really it's not the AI and the and the Machine learning you know the engine itself that's the susceptibility that's a pretty you know it's I I would equate it to I mean that's it's literally like saying you know to take out a fighter jet I need to take every bolt out of it and and reassemble it no really some days all you have to do is give it bad fuel right and so and so the fuel in our case is data uh and again when you go and get these results I'll go back to my kids asking me they now they think I'm the the you know the the constant Authority on this so Dad is this is this a right answer like I'm like go do some independent work and figure it out right but they're even starting to kind of look at this stuff and scratch their head and go and and and so what I'm saying is like one of the things I want to provide in my my cyber analytic data system is the true lineage of the data one of the things that's very helpful whether you're AI enabled or you're doing it you know on your own is you know intelligence professionals who are our threat hunters and our and our cyber operators want to know that that's a trusted source is that the file system that we were looking at is that the is that log do did we maintain chain of custody for that you know that that to me is all data lineage it's data engineering and um you know there's even a practice around that um you know making data go from bronze to Gold has anybody heard that before you got data engineers in your midst you're starting to talk about this this process of curating data and and you get to the end and you're like okay um I think I've got it and I've I've actually seen the results with that um again think of an adversary what's the easiest thing to do well why would I why would I go and mess with the data intermittently when I could just you know or why would I confound it that might get you know that might actually get detected I'm just going to replace the whole data set or I'm going to deny you the data set so some of these things are really simple they're not real real you know AI on AI related um but I can understand where you know the threats will start to um basically change into simpler things I hate to say that but I mean sometime you know I'll I'll to another um upcoming technology um when we talk about post Quantum cryptography does anybody anybody following that so really what that means is we've got this big crazy thing you've seen a Quantum lab right it looks like something out of a sci-fi movie it's got hydrogen tanks and You' got to get you know to get those cubits to go through you got to have absolute you know um stasis well what's the best way to make something that's really run and perfect not work good throw something really chaotic into it right got that you got that reactor throw a wrench in there and see what happens and that's kind of where we're going with that postquantum cryptography use current cryptographic techniques that are random very random and very variable and interject them into the quantum environment to counteract um you know Quantum processing I can see the same thing going on with AI we're starting to think about it the same way um how can you become more aware I think I've talked a little bit about it use the cognitive processor you have trust but verify when you know when when you look at an article or you get a response I find the one that's really really wild is um chatbots has anybody been talking to a chatbot and didn't know it till the end I have I've actually got entire data sets back that were machined by an AI by a generative Ai and we looked at it and went wow this looks like it came from one of our partners and we've been do you know we do tests like that to try to figure that out it's incredible um the increase in threats will be I I'd say a public level it's it's obviously going to be misinformation um but that's going to span into things that you may not expect um that's going to span into images videos you get I mean the Taylor Swift thing has come out already right perfect example um I will say you can if you really get if you don't just you know look at it on your phone and and swipe there's there's a lot of times that you can you can tell um I was showing a picture the other day um again talking to another group and um you could tell the eyes were just slightly off or or sometimes the picture's too perfect there's something in our in our basic our basic cognition as humans that that allows us to go that's just creeping me out in the video game industry do you know why do you know why a lot of these these characters still look kind of too smooth and everything because they figured out cognitively that it really disturbs human beings when it looks too real like you play these games and you're shooting at each other and stuff it really it really gets into your fabric so I'd say let's let's use that for good um if you're on the if you're on the you know if you're working with service now or you're you're going through work workflows validate those workflows use AI to to to validate them independent get that control set going um you know interrogate at every at every point and and not it doesn't have to be audacious sometimes it's just the simplest thing that stops the the bad guy right um like I said you know um when when we looking at it you know I I kind of you know old school Communications um military guy like me I was like why don't you just increase the frequency and see what happens you know give it something it doesn't expect and and and then Watch What Happens because these are perfect machines they really want they want that good order and discipline um and they get a little crazy when you you know you've already seen it with GPT they gets a little crazy and and answers strangely when you keep pressing it on something it's almost like it gets frustrated it's not frustrated it just means the programmer didn't want to go through that many recursions right it's okay or you didn't have enough processing power to go through that many recursions or you brown out some you know data center in Utah or something I mean that's what it is um what will we be seeing an increase in we'll be seeing an increase on on polymorphic threats we'll be seeing an increase in fishing and the fishing will look so like we're not talking anymore the um you you know the the the Exotic um you know folks um from you know like I I'll use the you know the the classic Nigerian prince wanting to you to come pick up money right um you're not going to see that you're going to see something that looks really really close to reality the bottom line is you have to actually use this muscle up here to look at it um because we are the pilots we're the captain we have to be the responsible people and I know everybody wants that Silver Bullet I get asked about it all the time well you guys are smart and engineers you you you know you do all kinds of large you know I I was actually talking to the director the other day and um and uh she asked me what was good and and and I said I bent space in time today and that was the story about the analytic and she's like am I going to have to take your clearance you know what is going on with you and then she realized she's like that is a cool story because you know we can bend space and time the problem is it's a very delicate operation and you have to put guard rails around it and you have to make sure it took longer to curate that data than it did to run the analytic and the difference in timing was really we had control of the data the second time right we didn't know we had what we had the first time so we had to go and clean do all this e what US US data Geeks call ETL extract transform and load you'll hear your database folks telling you all that all the time it's just a fancy word for we got to clean the data up and then we punched it into the machine and and then the second time was like nah we don't have to do that this time and then all a sudden the machine's like oo clean data I like this it loves it it it loves good order and discipline so what I'd say is is whether you're the human or whether you're a counter AI package give it a little variability and see what happens um now over time that's going to become more and more difficult and our and the bad guys don't have the same rules we have they're going to pull in data that for example pii data they're going to pull in your family's privacy data if they can get a hold of it they're going to pull in yours they're going to come up and say you know you work for DHS and I need you to do this and God God forbid it's on my network I mean how many have done a fishing you know corporate or otherwise had you know been subject to a fishing you test how many failed it I have and I am pretty decent at this so you know what what is that that was just time and being tired that day you know you look at it and you kind of uh click you know it's the old um do it defer it or delete it careful with that one you know because then you get the big screen well you failed this really you know it's like okay um I will uh I will probably leave you with the optimism I I recently took over being the community practice leader for the for the cyber security um service we have a we have what's called title 60 United States code that means we hire under a different Authority um and I'm one of the one of the first Executives hired into that and um they asked me would you take over the AIML community of practice and and build our our you know our interest and our capabilities in this I was like yeah of course and then I was like wow that's a lot of work you know um so I I I have a real passion for this um I hope the stories I can't get the stories out of a sailor um I hope this has helped I I I I I get to gloom and doom too much with with AI um I'd like to balance that with a little bit of if we're just good if we if we use this this you know this this better processor I think we'll make it um but it's it's going to be a fight do we have time for any questions I have time for questions we've got a mic coming yes um hello um I was wondering if you had any thoughts about using blockchains or distributed ledgers to sort of help with the um I say deep vake and video and image certification as a way to verify it absolutely yeah um so to answer that question fully um got a wide audience you know blockchain um cryptographic control and and you know is most commonly used right now in supply chain risk or transactional and it's because it's hard to cryptographically break the chain yes for data sets that's exactly where we need to go we need to combine those two technologies we need to take the data in get it clean certify it and then we need to put it into custody um so so we can trust it Mak sense but and the interesting thing about that is both of those things whether it's AI or blockchain what's the big problem um you know sort of like that that Triad of pain that we go through and compute it's always the network the code or the data right and or the processing of the data I think this one's the processing both those operations take a lot of compute so we've got to figure out what's the right size to that because again sometimes um you know the the high the higher quality and C custodial data it's going to cost a lot to get that to get that blockchain you know um ACC blockchain blockchain addition to it and so I just want everybody to be cognizant it's it's sort of like there's a lot of silver bullets out there but they come with interesting problems like you know if you look at chat GPT there's articles out there right now about how and I'm not I'm not saying it's not a product I'm just saying generative AI in general um and large language models cost a lot of money to run those things um you know there's a lot of power consumption and a lot of sunk costs and we're sort of sort of in in this introduction phase and as they go logarithmic so do the requirements unless we make Innovations unless we get to Quantum you know crypto Quantum cryptography or Quantum you know Quantum compute unless we can improve one of those parts of the Triad in a meaningful way it's going to be tough thank you sure any other questions everybody's happy now and you want to you want to pursue AI come on so how do you set boundaries uh for different agencies uh sharing the same AI platform how how canot uh how can you eliminate the interjection of those two AIS so in the department and I was talking to the the cdao on folks on on the on the uh DOD side we have to have they're they're starting to develop Frameworks and uh and and it's it's a little bit of security but it's a little bit of quality like what are the what are the and then you put you put proper walls around them sort of like uh we have Pi controls now or we have you know custodial controls over financial data we're going to have to kind of be really smart about what is the use of that data and that's all part of that ethical and and controlled AI roll out again I don't think our the bad guys are going to be that that that bound they'll take whatever data they can and make whatever they want but on our side um we we you know at a national level as far as I'm you know my my role and and also if you see National Institute of Standards and technology or you see the White House directive or you see what my what um sorry what what the DHS secretary is putting out about you know we're going to we're going to we're going to try to do the right thing for the for the for the nation the right thing for the people um but that's it's a it's kind of a really old school posit that it's always always been about the data we've never been really good at taking large data sets classifying them making them available and and making the information about the data reasonable and so um you know we just throw it into a bucket no pun intended you know and uh and and and hope for the best and now we're getting getting into that and that goes into things like that you'll hear about like zero trust contextual based access to those data sets why are they being used is this the proper AI use uh you know use or llm use okay uh so can agencies come to you because of your expertise and uh have their cyber security portions uh assessed using Ai and give them the report for for for their cyber security requirements I mean for for sisa of course um you know it depends on which side we're on um you've got the FED side which is the Federal Executive Branch and that and we are the C the computer network defense provider provider for them or coordinator and then you've got jcdc I will take any collaboration if you know our job is to serve you and to and to make things better for the for our national security for our Citizens State local tribal International Partners um my my my colleague uh Clayton runs um The Joint cyber defense collaborative so it depends on on what you're asking for but um if you're looking to collaborate on on on big engineering and and on the uh cyber analytic data system definitely I'll I'll always take a call yeah obviously it's going to cost a lot if you to do it all by themselves yeah let me let me talk about that for a second so um I'm just endeavoring into building this system out of what was Einstein now into what we call cads and we've had the infrastructure like I said it's been ioc for a little while and it's not nothing it's nothing unusual from a data standpoint but what are the products so to me I'll give you guys a preview the products are three different types of machine learning and AI products because it is the Cyber analytic data system because we have to be analyzing data right and then we have to provide collaboration and communication to get our partners in that's a that's a necessity from the salarium commission directly to me for this thing called The Joint collaborative environment if anybody's follow the legislation there it means that we need to take all Partners in and we need to be able to collaborate on Cyber sort of like Jad C2 on the military side only we're very focused on Cyber defense um what I would say is there going to be three product lines in my head and I've been sharing it with our service catalog folks and I've even been talking to my service now colleagues who who work with me I've got one which is we have unusual access to a lot of data right by law and and just because folks are kind enough to give it to us we can go make very interesting models out of that and so you have two types of activities you have training the model which takes a ton of data and then of course what you have is testing the model which doesn't take as much data because you've trained it right I want to be the library for cyber defense that trains those data models and I want that to be my first line products then if you can't do that second line product I don't have the infrastructure to do that Dave I do come talk to us that's my second line is you know we are the Cyber analytic data system we want to provide that workbench for folks who who don't have it and then the third one is I'm a small agen or you know I was talking to a person down in a a small electrical Collective last week at a conference and they don't have any of it the guy he's like I'm the CIO the ciso the it manager you know and and and we call that you know that that's a that you know what I what I would say is that's you know it's it's an unfortunate resource poor environment but a lot of these you know utilities are are high targets so we have to pay attention to that so what's the third one we just want the answer Dave so between myself threat hunt VM jcdc and and capacity building we'll find a way to get you the answer yeah and the more you do the better your AI going to be yeah yeah well let's let's hit on that really quick before I get off this stage because if I don't walk out of one of these things and tell you that I need your collaboration I failed I need you guys Se Me In other organ in other events um I got hashtag cyber fuel right because I I keep saying you know you you all of the fuel for the engine I'm building you know if if you give me high octane I'm going to produce a lot of horsepower if you give me you know you know leaded fuel it's probably going to clunk a little bit right and so I I I just want to encourage you I want to action you reach out to us um I also want to say you know we we're living through this with you we have an initiative called secure by Design anybody heard about that so you know we don't want to be the you know as as director easterly puts it we don't want to be the crash test dummies for bad software anymore so with my friends here uh I'll give my service now colleagues a uh a plug here we just released um the software repository for those first attestations from organizations that build software to come in and certify their software as as secure it's fantastic right um and so what that's saying is hey I've done the best I can I've done all these good practices and and I and I I guarantee that that you know to a certain extent that that's that that's happening um we need that as a nation as as as you know collectively with our partners on the on the industry side to the to the people on the uh on the government side we need to um not put those walls up and my job is when that data comes in and you tell us what your vulnerabilities are and tell us tell and and you're you're that honest and you're helping us defend this country and defend our critical infrastructure and our water systems and you know our K through 12 and and even you know working with International Partners to defend things my obligation is I'm going to make sure that that data has has the expectation of Safety and Security and propriety that your organizations would ask for thank you anything else all right think you got one down there I love this stuff I'll sit here all day and talk to you about it thank thank you for combing through all our data and uh making uh making knowledge of it um one of the biggest challs I see so we have service now we have Microsoft that are coming up with very secure environments for AI sure but we know and I was just at the uh Gardener data analytics conference last week a lot of organizations aren't going to get the governance that they need until way after they have their first incident you know with with AI right so what like just in your organization I'm sure people are playing with some of these Technologies just like other things and we just hope that they aren't playing with government data or or things that are you know but but but the stuff stuff exists out there what do you think or what do you look at you're part of the organization you know you can take do all the security training everything out there and people still don't click in their Med that in their mind that this applies to them how do we protect the government by making sure people are not going to all these free resources that are out there for AI versus using these um secure platforms that are coming out wow um I should introduce you to my friend Bob Lord um he works with me he's he's a secure by Design guy it's a hard problem there's a couple of things that that come to mind the first one is just the old adage that you can't really patch Humanity right we're we're we're a wild machine um we do things that are unexpected all the time um but I think I think um to defend the nation and and and again open source is not a bad thing it's do I follow the practices in Earnest for the right reason I you know there are groups and and I've talked about a few of them I can get pretty specific with some of them if if folks want to talk to me afterwards but I mean it's it's one of these things that there's a cultural reason for example when we talk about some nation state threats and them uplifting information I almost even don't blame them because culturally they're not the same as we are we like to we like to say that your patents and the things that you that you work hard on are are are are Sanctified right not all not all cultures do that and so I think culturally we have to like put in front of us you know this or the flag and say listen you know we've got an obligation to to do the right thing and that goes back to that Renaissance and critical thinking because right now we do you know we do compliance for the sake of doing compliance because we get our funding that way we don't get in trouble that way and we don't end up in my case you know having to testify in front of folks because for all those things um but I think you know I I think most most folks come to work every day wanting to do the right thing if they're if if they're on on my side of of of the mission I and I've worked at those companies right and I think they are on the right side of the mission but I think it's it's up to us there is a certain amount of you know buyer beware right it it's impossible for example to go out and say hey go drive this car and not incur any risk now what I would say is by by doing software attestation by getting involved in that and being a champion of it or being a champion you know and working with our cyber defense Collective you're on the right side of it and set the example for your organization because I haven't had a whole lot of folks come up and say I'm just going to beat you guys to death all day I've had them say I want to help you tell me how to help you because it's you know it is a it is a a wide ranging and interesting job and I want I want your collaboration I want you to come in and be part of my mission Engineers um and what we'll do in return and what we're trying to do as a department if you can see it is trying to establish and make that it you know we're not trying to regulate we're trying to go in and say here are the best practices to do this this is how this should work and you should question things that don't work that way I honestly think at some point we're going to end up crossing over with like consumer protection because folks are going to have to uh they just haven't hit it yet right and like you said something bad's going to have to happen probably before we we kind of shake it off a little bit um like the self-driving cars perfect example of AI right they're fantastic technology has anybody been in one I have scares the Daylights out of you the first time right I think I had worked for Microsoft and I think I was in one of those for the first time and I I mean I was I'm like white knuckling it and you know and I know the technology right I know how many iterations per second the computer vision is bringing in and I find it fascinating but still scary um but you can see the variability right now like one company's getting shut down because they you know they've had x amount of accidents the question is is that because we didn't have the standards is that because we didn't have the control is that because the data wasn't the the best data what is it and then it comes back to if we collaborate on and say Hey you know it's sort of the reason that safety belts look like the way they do or that we have crumple zones on cars I'll go back to that traffic analogy that that my director uses about being Crash Test Dummies we got to collectively get get our head around that it is a decision Advantage but it is also a very nent threat um because it's sort of like unleashing something that doesn't have that that that six sense that we seem to have right so I you know I I wish I had an answer for that but right now all I can tell you is collaborate with us and on my in my specific case help us defend the nation thanks everybody appreciate you coming out for this and if you have any questions we'll be around for a few minutes