Explore global, national, and local cybersecurity challenges and their impact on democracy, with insights from Black Hat 2024 and Las Vegas officials.
In an era where technology and geopolitics intersect more than ever, cybersecurity's importance in maintaining democratic processes cannot be overstated. At Black Hat 2024, global leaders and local officials discussed the challenges and strategies for protecting elections, critical infrastructure, and the very foundations of democracy. This article delves into the insights shared at the conference, offering developers, engineers, and architects a comprehensive view of the cybersecurity landscape and its implications for democratic societies.
The Changing Landscape of Global Threats
Jeff Moss, founder of Black Hat, set the stage by highlighting the rapid evolution of the threat landscape. "Things are different now," Moss observed. "Things have sped up. You have all the routine problems and a giant bucket of other problems; you have all these risks you didn't consider."
This acceleration of threats is compounded by global events, creating what Moss termed "the great sorting," a period where nations and entities are aligning into distinct camps:
Team rule of law
Team undecided (e.g., India)
Team authoritarian (e.g., Russia, China)
Team neutral (e.g., Switzerland)
This realignment creates new challenges for cybersecurity professionals as traditional alliances and assumptions are being upended. "Pretty soon, there will be no unconflicted parties," Moss warned, underscoring the complexity of navigating this new geopolitical reality.
The Global Fight for Secure Elections
With over two billion voters casting ballots in national elections worldwide in 2024, the stakes for election security have never been higher. A panel featuring Jen Easterly (CISA), Hans de Vries (ENISA), and Felicity Oswald (NCSC) discussed the multifaceted approach to securing democratic processes.
Felicity Oswald emphasized the reality of state-sponsored threats: "The hostile state threat is real and present in the UK." Despite these challenges, she noted that they were "able to vote securely on the day," highlighting the effectiveness of their preparedness efforts.
Hans de Vries echoed this sentiment: "Everything went pretty okay, even though the threat is much greater than five years ago." He emphasized the importance of information sharing between nation-states and thorough preparation.
Jen Easterly highlighted the evolving nature of threats, noting, "Iran, Russia, and China try to influence elections with Russia using PR firms and Americans to hide their hand to try and get out misinformation and influence." To combat these efforts, CISA employs a multipronged approach:
Sharing tactics with the FBI
Using the "Rumor vs. Reality" website
Amplifying voices of state and local election officials
Easterly stressed, "Election officials are the subject-matter experts when it comes to elections."
The Importance of Collaboration and Resilience
A recurring theme throughout the discussions was the critical need for collaboration across all levels of government and with private sector partners. Oswald stated, "Cybersecurity is a team sport; we work together," while de Vries emphasized, "Sharing information is crucial to the process."
Easterly reinforced this point, explaining CISA's comprehensive approach: "We are working to reduce risk across the entire spectrum; all are part of the layers of controls in place."
The concept of resilience emerged as a key factor in maintaining secure elections and critical infrastructure. Easterly noted, "While these types of events are disruptive, they will not affect the integrity of the votes cast or the counting of the vote."
Oswald added, "Resilience is the buzzword for every organization. Cybersecurity needs to be as important as finance and operations."
Local Perspectives: Securing Las Vegas and Clark County
Bob Leek, CIO of Clark County, and Michael Sherwood, Chief Innovation and Technology Officer of Las Vegas, illuminated the challenges of cybersecurity at the local level. Their insights provided a ground-level view of the complexities of securing a major tourist destination and critical infrastructure.
Leek described Clark County, which is the size of New Jersey, as equivalent to a "$2 billion company," emphasizing the scale and complexity of its operations. He outlined their approach to cybersecurity:
"Deter, detect, respond, and recover to ensure security. Securing emergency service and critical infrastructure. Supporting and collaborating with a number of dispersed departments to develop their own set of solutions."
Sherwood highlighted the unique challenges faced by Las Vegas, including:
Protecting tourism infrastructure
Managing an ever-expanding and contracting attack surface
Dealing with non-compliant and white-labeled devices
Vulnerability prioritization and remediation
Maintaining services in a dynamic environment
He emphasized the city's commitment to innovation, stating, "We have about 100 pilot programs, everything from advanced signal timing systems to air quality sensors to computer vision LIDAR systems."
Both officials stressed the importance of collaboration. Leek noted, "We are proactively collaborating to talk in earnest ways to do cross-organizational scenario planning," Sherwood added, "A rising tide lifts all boats. The more that we collaborate, the better the region is."
The Role of AI and Emerging Technologies
Artificial Intelligence (AI) emerged as both a potential threat and a powerful tool in the cybersecurity arsenal. Leek mentioned that Clark County has "15 pilots actively taking place" related to AI. At the same time, Sherwood discussed Las Vegas's "Smart Vegas" initiative, which uses AI-powered LIDAR sensors in parks for enhanced security and efficiency.
However, the officials also acknowledged the potential risks associated with AI. Easterly cautioned, "AI will exacerbate current threats but not create new threats," emphasizing the need for vigilance and adaptability in the face of evolving technologies.
Securing Critical Infrastructure and IoT Devices
The proliferation of Internet of Things (IoT) and Operational Technology (OT) devices presents unique challenges for cybersecurity professionals. Sherwood highlighted this issue, stating, "More and more today, and I'm not going to draw on the specifics for good reason, but I'll give you, I'll answer your question. I can go get the hint, or the gist of it is that there are a lot of manufacturers that put their name on something that they have bought from another equipment manufacturer, more and more that is becoming a concern over time, especially you're talking about things that control critical infrastructure."
Both Clark County and Las Vegas are leveraging advanced security solutions to address these challenges. Leek mentioned their use of Armis for asset discovery and analysis, describing it as "complementary to that layers across" their existing security infrastructure, providing visibility into "every device on the network."
Lessons for Developers, Engineers, and Architects
For technical professionals working on systems that may impact democratic processes or critical infrastructure, several vital takeaways emerged:
Prioritize resilience: Design systems that can withstand disruptions and quickly recover.
Embrace collaboration: Work across organizational and jurisdictional boundaries to share information and best practices.
Implement layered security: Adopt a defense-in-depth approach that addresses threats at multiple levels.
Stay informed about geopolitical factors: Understand how global events may impact the threat landscape for your systems and applications.
Leverage AI responsibly: Explore the potential of AI for enhancing security while being mindful of its potential risks.
Maintain visibility: Implement solutions that provide comprehensive visibility into all devices and systems on your network.
Plan for the unexpected: As Sherwood noted, "Plan for the worst and hope for the best."
Conclusion
As we navigate the complex intersection of technology, democracy, and security, the insights from Black Hat 2024 and Las Vegas officials underscore the critical role that cybersecurity plays in maintaining the integrity of our democratic institutions. We can work towards a more secure and resilient digital future by fostering collaboration, embracing innovation, and remaining vigilant against evolving threats.
The final word goes to Jen Easterly, who reminds us of our collective responsibility: "It is up to all of us to protect our democracy, resist adversary attempts to interfere and influence elections." As developers, engineers, and architects, we have a crucial part to play in this ongoing effort to safeguard the foundations of our democratic societies.
Comentários