Daniel Kroese, associate director of the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency joined a panel of industry leaders at GTC DC Tuesday to discuss how industry, Congress and the administration can use AI to sharpen the nation’s cybersecurity capabilities.
Kroese joined Coleman Mehta, senior director of U.S. policy at Palo Alto Networks; Moira Bergin, staff director for the House Homeland Subcommittee on Cybersecurity and Infrastructure Protection; and Joshua Patterson, general manager of data science at NVIDIA.
GTC DC has become the premier AI conference in the nation’s capital, with more than 3,500 registered attendees — developers, researchers, policymakers and CIOs — focusing on the intersection of AI, public policy and industry.
Tuesday’s panel, moderated by Iain Cunningham, vice president of intellectual property and cybersecurity at NVIDIA, discussed data, demystifying AI and diversifying access to security tools.
Following the release earlier this year of a government-wide cybersecurity strategy last year by Trump Administration, Kroese said processes have been streamlined and lines of responsibility have been more clearly delineated.
On the House side, Bergin said she’s “excited” about the prospects for AI after what she described as a decade of deferred investment in R&D, though she also said she was concerned “we are setting standards for ourselves and goals for ourselves that our budgets won’t meet.”
Close partnerships between industry, academia and government are also key, particularly when it involves data sharing. Advances in cybersecurity depend, in part, on government agencies providing data that can be used to train AI models, panelists said.
“Data is truly key here,” Mehta said.
The panelists also discussed the challenges of educating policymakers and the public about the power and potential of modern AI.
“There’s a lot of demystification that needs to happen about what AI actually is, what it’s capabilities are now and what its capabilities will be later,” Bergin said. “You can’t have a productive conversation with someone if you don’t know what words to use.”
“There needs to be a conversation about how AI is a tool and not a panacea,” Bergin added.
One of the opportunities for education: helping the public and policymakers understand that AI won’t replace human cybersecurity experts.
“AI will allow us to do our core mission better,” Kroese said, noting that it amplifies the capabilities of scarce cybersecurity experts.
“We need to make sure people are hired to do the things that only they can do,” he added.
That kind of automation will be key to spreading cybersecurity expertise around to smaller institutions and municipalities, who are among the most vulnerable to ransomware attacks.
“We need to get into a mind where [we’re] doing the basics better in cyber [that] can help and empower [smaller institutions with] basic blocking and tackling,” Kroese said.