Hello, Guest!

AI, Secure-by-Design, China Among CISA’s 2025 Focus Areas, Executive Director Says

Ever since the 2016 presidential election drew concerns of foreign influence, the Cybersecurity and Infrastructure Security Agency has been the point guard to ensure that the process runs fairly, equitably and without a hitch. After many public appearances by the agency’s director, Wash100 Award winner Jen Easterly, leading up to Nov. 5, wherein she assured the country that the system had never been more functional, the agency’s executive director, Bridget Bean, confirmed on Wednesday that 2024’s election security effort had been a success.

“I’ve been in government a long, long time, and I have never seen such collaboration and information-sharing in my career. And so, as … Americans, we should feel really good that we are getting that right,” Bean reassured the Potomac Officers Club’s 2024 Homeland Security Summit.

The summit was a phenomenal hit, packed with invaluable information, insights from Department of Homeland Security leaders and indelible networking moments. Don’t miss POC’s final event of the year: the 2024 Healthcare Summit, which will present partnership opportunities for contractors looking to work with the Departments of Health and Human Services and Veterans Affairs, among others. Register today for the Dec. 11 event!

At the Homeland Security Summit, Bean revealed the five key target areas for CISA’s work in 2025. We highlighted the select areas about which Bean was most adamant.

1. Mitigate Threats Posed by the People’s Republic of China

While acknowledging that nations like North Korea, Iran and Russia also pose significant threats to the U.S., Bean said China “continues to present the broadest, most active and persistent threat to our government and our critical infrastructure partners.” She said that they have “burrowed deep into our critical infrastructure,” not with the intent to swipe menial data but for a purpose far more sinister and insidious: to “launch a future cyber attack at a time of their choosing in the event of a major conflict in Asia.”

She noted that CISA, through tireless work with partners, has been able to stamp out some intrusions into CI “across multiple sectors.” However, she cautioned against becoming complacent and indicated that the worst is yet to come.

2. Developing Cyber Incident Reporting for the Critical Infrastructure Act of 2022

3. Utilizing CISA’s Role as the National Coordinator for Critical Infrastructure Resilience to Improve the Security and Resilience of U.S. Critical Infrastructure

A central part of CISA’s mission to safeguard CI over the last couple of years has been its dedication to secure-by-design principles, when a tech product is outfitted with proper security guardrails directly off the shelf, before a consumer even opens the box. While CISA is attempting to usher in a “secure-by-design revolution,” the government can’t do it alone, she said. It’s the responsibility of technology manufacturers to construct the programs properly and for consumers to use their dollar in a meaningful way — and only buy tools with security principles baked in.

“It is the power of industry that really will help make the difference and together we’ll create a stronger, more secure technology ecosystem that protects all of our citizens,” Bean stated.

4. Ensuring the Safety, Security and Resilience of Artificial Intelligence

Bean said CISA wants to understand how we can innovate AI and how we can use it, while also trying to understand how a malicious actor can harness it as a weapon.

“AI has the ability to really accelerate speed, scale and sophistication of cyber attacks and at a level that we are really only beginning to understand,” Bean warned.

But she was clear about the limitations of the tool as well and human involvement is still a requirement.

“AI is not a silver bullet,” Bean continued. “The best use of AI we found for vulnerability detection lies in supplementing existing tools and keeping humans in the loop. So we’re actively working with our critical infrastructure owners and operators to forward the exploration identification of AI.”

5. Continue to Work Collaboratively With Those on the Front Lines of U.S. Elections

The 2025 schedule is starting to fill out. Browse the full list of GovCon-focused Potomac Officers Club events and make plans to attend and learn more about your subject matter area of choice!

Video of the Day