The fourth meeting of the Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Advisory Committee (CSAC) was held in September 2022. Opening remarks were addressed to the committee by Ms. Megan Tsuyi, CISA CSAC Designated Federal Officer, The Honorable Jen Easterly, Director, CISA, Mr. Tom Fanning, CSAC Chair, and Mr. Ron Green, CSAC Vice Chair. – including the announcement and review of the 2023-2025 CISA Strategic Plan.
Another Seminal Call to Action: Strengthening Innovation and Protecting the U.S. Technological Advantage
Recent announcements by Razor’s Edge Ventures, America’s Frontier Fund, and the Quad Investor Network signal that the venture capital community is focusing its efforts on national security investment and American competitiveness – which has been formatively dubbed the “defense-related technologies” or “defense capabilities” sector. Others are calling it “Hacking for Defense”. On one level, the VC community’s pivot of its attention towards national security and innovation is the “dollars and cents” of it all. But what about the “sense” of it all – i.e. the creative ideas, strategic vision, and program management structure to succeed?
In late September, The National Academies of Sciences, Engineering, and Medicine weighed in on the challenges ahead. Details of the report can be found here.
In yet another example of a successful public/private policy research collaboration and in a continuation of the topic discussed by Brian Jenkins at the OODA Network November Monthly Meeting – domestic political extremism – we turn to a report released in July of this year: Breaking the Building Blocks of Hate: A Case Study of Minecraft Servers, which found that “one-in-four moderation actions across three private servers of the popular video game Minecraft are in response to online hate and harassment.”
In July 2021, President Biden signed a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. This memorandum required CISA, in coordination with the National Institute of Standards and Technology (NIST) and the interagency community, to develop baseline cybersecurity performance goals that are consistent across all critical infrastructure sectors. These voluntary cross-sector Cybersecurity Performance Goals (CPGs) are intended to help establish a common set of fundamental cybersecurity practices for critical infrastructure, and especially help small- and medium-sized organizations kickstart their cybersecurity efforts.
As the 27th Conference of the Parties to the United Nations Framework Convention on Climate Change (COP27) meets in Sharm el-Sheikh, Egypt, we dedicate this installment of the Speculative Design Series to the future of the planet. Take a step into the future of the planet @ Kapersky’s Earth 2050.
The InterPlanetary File System (IPFS) is an emerging Web3 technology that is currently seeing widespread abuse by threat actors. Cisco Talos has observed multiple ongoing campaigns that leverage the IPFS network to host their malware payloads and phishing kit infrastructure while facilitating other attacks. IPFS is often used for legitimate purposes, which makes it more difficult for security teams to differentiate between benign and malicious IPFS activity in their networks.
This cybersecurity incident is a really elegant case study that illustrates core concepts central to how we analyze a socio-technical system here at OODA Loop – core concepts we will return to often in the next couple of months as we provide a final analysis of certain research thematics (misinformation, AI innovation, etc.) and findings from our 2022 research agenda.
A DARPA In Person and Virtual Event: DARPA Forward – Advancing the Horizons of National Security (Nov.15-16; Dec. 13-14)
DARPA Forward has been taking national security innovation on the road. Since August – and through December 2022 – six regional events were scheduled at leading research and development universities nationwide to connect Defense Advanced Research Projects Agency leaders with new communities of talent and partnerships. The ultimate goal: to energize regional and national innovation ecosystems, fuel breakthroughs in national security, and help deliver the U.S. technological advantage. Attendees will have an opportunity to dive into diverse topics within and across multiple domains and disciplines, including air/space, ground, virtual, social, bio/medical, electromagnetic, materials/manufacturing, maritime, and computing/AI/cyber. As these will be hybrid conferences, DARPA invites you to join them in person for one event and virtually for as many as you’d like.
Upcoming DARPA Forward sessions include:
November 15-16 – College Station, TX at Texas A&M University
December 13-14 – San Diego, CA at the University of California, San Diego
In light of our recent recommendations regarding the CSET China AI Watchboard and the potential of public/private policy research collaborations within the policy research community in general, we found this recent successful public-private partnership in the space policy domain really interesting and worth a look: The Satellite Dashboard is a collaboration between the Secure World Foundation (SWF), the Center for Strategic and International Studies (CSIS), and the Department of Aerospace Engineering and Engineering Mechanics at the University of Texas at Austin.
On November 3, 2022, at the National Press Club in Washington D.C., Federal Communications Commission Chairwoman Jessica Rosenworcel announced a plan to reorganize the agency to better support the needs of the growing satellite industry, promote long-term technical capacity at the FCC, and navigate 21st-century global communications policy.
In our recent analysis of CSET’s research on China’s Advanced AI Research, we applauded the efforts of the CSET China AI Watchboard pilot program. OODA Loop is all about pattern recognition, sensemaking, risk awareness, and informing decision-making processes – and the pilot project has great potential for innovation. We also offered insights on the potential of public/private policy research collaborations. These insights were not designed to single out the CSET researchers and the CSET China AI pilot program – but were directed to the policy research community in general. In light of our recommendations, we were really pleased to see this CSET in-person and virtual event (held this week, Thursday, November 10th at 4 pm EST) includes a collaboration with AMPLYFI, a UK-based startup that offers what it describes as an “Insights Automation Platform”. This event is now available on demand online here via OODA Loop.