Governance, Risk and Compliance, AI/ML, Vulnerability Management, Network Security, Critical Infrastructure Security

DHS cyber exec talks China, AI and CISO outreach

DHS cyber boss talks China threats, fed’s AI plan and CISO outreach

China poses the greatest existential cybersecurity threat to the U.S. — and not because of its hacking prowess, but rather because our interests are so tightly intertwined. Artificial intelligence is also a hot topic inside the Department of Homeland Security (DHS) and is seen as a tool to iron out bureaucracy and fortify cybersecurity, but not before bolting on guardrails.

These top takeaways are from Iranga Kahangama, assistant secretary for Cyber, Infrastructure, Risk, and Resilience at DHS. Last week Parham Eftekhari, executive vice president of CISO Communities for CyberRisk Alliance, sat down with Kahangama for a candid peek behind the DHS cybersecurity curtain during a fireside chat at the InfoSec World 2023 opening keynote.

Kahangama touched on major cybersecurity themes and punctuated the discussion with an invite to the members of the Cybersecurity Collaboration Forum to be active voices to help shape and refine cybersecurity policy, strategy and the nation’s defensive posture.  

With friends like China, who needs adversaries?

“The DoD [Department of Defense] sees China as a pacing threat. It’s there for the long run, it is a slow and steady, and an ever-increasing threat domestically to our cyber and critical infrastructure,” Kahangama said. That growing threat, he said, is because of a simultaneous geopolitical competition and entwined economies.

“China is halfway up the adversarial chain… We are economically linked, we're not fully decoupled,” he said. When that entanglement includes supply chains and Chinese technologies embedded in U.S. critical infrastructure, a higher bar for cybersecurity hygiene and readiness needs to be maintained.

A decade ago if you talked about China, it was about IP theft, he said. That hasn’t ceased, “But today we see China looking to pivot and target domestic and critical infrastructure. China has no real need [there], other than to potentially be disruptive or destructive,” he said.

One cyber scenario might include an attempt by China to retake Tiawan and a possible U.S. involvement to help defend the island nation. “Why would governors want planes going over the Pacific if there's pipelines bursting in their states?” he said.

At the same time, Kahangama points out, the Biden administration has sent high-level dignitaries to China to meet with leaders in an effort to better relations.

Quick take on Russia’s invasion of Ukraine

As for Russia, Kahangama said, its invasion of Ukraine has kept its cyberattacks focused on that cyber theater of war. His takeaway was the cyber resilience of the Ukraine government and its ability to thrive and not just survive a constant barrage of cyberattacks by Russia against its domestic and critical cyber infrastructure.   

“[Ukrainians have] taken a barrage of cyberattacks and been resilient. They've been able to continue to operate and give services. From a defensive perspective we have a lot to learn from them on that,” Kahangama said.

Uncle Sam says? Don’t just ask ChatGPT

Kahangama also outlined another area of focus for DHS which is artificial intelligence. On Sept. 15, DHS announced a host of new policies regarding the federal government’s acquisition and use of AI and named Eric Hysen as its first chief AI officer to help champion the department’s responsible adoption of AI.

“We have freed up millions of dollars to identify pilot programs to explore how we can use AI in the DHS mission space. We are exploring a wide range of scenarios where we can use AI to better automate processes such as TSA screening,” he said.

He noted DHS is already using AI at border crossings to process human behavior and vehicle information. It’s also used for human and child trafficking, immigration document processing and small object detection for the U.S. Coast Guard. The Cybersecurity and Infrastructure Security Agency is using AI to better detect and mitigate software vulnerabilities and cybersecurity threats in defense of federal networks and critical infrastructure.

Beyond these mission-specific applications, Kahangama said its AI task force is looking at how future iterations of large language models can be trained on protein synthesis and other kinds of bio knowledge. “We want to make sure we work with industry to safeguard and put guardrails on how chemicals and medicines and other potentially dangerous materials are created by AI,” he said.

“For DHS, the big focus is going to be the safe and secure development of AI within critical infrastructure. We see AI as connective tissue for a lot of organizations that are looking to move in that space,” he said.

You gotta be in IT to win IT: CISOs urged to speak up

Building inroads with the private sector is a key to DHS and its long-term mission, he said. In a nod to keynote moderator Eftekhari and support efforts to leverage the brain trust of CyberRisk Alliance’s Cybersecurity Collaborative, Kahangama said public-private partnerships are key to DHS and work that CISA is doing to help harden private sector critical cyber infrastructure.

“We have created a Cyber Safety Review Board that is a collaboration of government and private sector members. Established through CISA, the goal is to provide a direct path to the Secretary of Homeland Security and the President,” he said. Recommendations are solicited from private sector groups, such as CRA’s collaborative, and addressed and implemented, as appropriate, he said.

Part of that effort also includes periodic reports and investigations to help industry.

“We just launched our third investigation into cloud security. We are going to look at some of the cloud security issues around Microsoft's recent breach that resulted in compromises to the Department of Commerce and the Department of State including certain ambassadors and key cabinet officials having their emails compromised,” he said.

Previous investigations have included Log4j and the hacking group Lapsus$.

Tom Spring, Editorial Director

Tom Spring is Editorial Director for SC Media and is based in Boston, MA. For two decades he has worked at national publications in the leadership roles of publisher at Threatpost, executive news editor PCWorld/Macworld and technical editor at CRN. He is a seasoned cybersecurity reporter, editor and storyteller that aims always for truth and clarity.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.