Executives from Verizon, Microsoft and Google and a U.S. senator discussed cybersecurity at a daylong forum at the School of Media and Public Affairs Tuesday.
Sen. Mark Warner, D-VA, Verizon Chairman and CEO Hans Vestburg, Microsoft Corporate Vice President Tom Burt and Google President of Global Affairs Kent Walker participated in keynote conversations about innovation, policy and regulation of emerging cybertechnology at GW’s first annual Business & Policy Forum, titled “Attacking Cybersecurity Risks.” The event, which also included four panels and a networking reception, was launched with support from the School of Business Advisory Council and co-hosted by the School of Business, GW Engineering, GW Law and the College of Professional Studies.
School of Business Dean Anuj Mehrotra introduced interim University President Mark Wrighton to open the event, who said cybersecurity is an “urgent” need for every person in society and Cyber@GW, an initiative to bolster the University’s programs in cybersecurity and privacy announced in February, will make the University a “global leader” in the fields.
Here are some of the forum’s highlights:
Virginia senator talks U.S. cybersecurity legislation, role in healthcare
Warner, chairman of the Senate Select Committee on Intelligence and a GW alumnus, discussed the intersection of cybersecurity and healthcare, cybersecurity legislation and a cybersecurity workforce during a keynote speech with Wrighton moderating.
He said he devoted a lot of time in the last couple years addressing cybersecurity risks in healthcare and that the most “lucrative” ransomware targets health care information. He said legislation to make cybersecurity protections mandatory for health care systems is a “work in progress” but encouraged health care providers to consider cybersecurity from the start of the decision making and development of health care systems and devices for the next generation of health care design.
“Too often in health care, we end up bolting on cybersecurity protections after the fact,” Warner said. “I think we need to really think about cybersecurity and health care as being built in at the beginning.”
Warner cosponsored a 2020 act that requires minimum cybersecurity standards on federal Internet of Things devices, which form systems to collect sensor data like infrastructures in cities or smart security systems in homes. He said the bill is “fairly watered down” because “lower end” IoT device manufacturers didn’t want to comply to the originally proposed standards.
He said cyber attacks, like the December 2020 SolarWinds attack and the May 2021 Colonial Pipeline attack, led him to cosponsor the Strengthening American Cybersecurity Act, which became law in March 2022 and requires companies responsible for the U.S.’s “critical infrastructure” to report cybersecurity incidents to the government.
Verizon CEO discusses digital inclusion, network’s role in cybersecurity
Vestburg’s discussion about Verizon’s plan to expand internet access and the company’s contribution to cybersecurity began with a selfie with the audience, which moderator Mehrotra said he may do as a keynote speaker at the School of Business’ commencement celebration this year.
Vestburg said he advocated to add internet connection and access for all people as an 18th goal for the United Nations’ 17 Sustainable Development Goals, but the UN did not adopt it. Vestburg said most of the money to increase internet access should come from private companies, like Verizon, and that increasing affordability is a “match” between public and private actors, where internet providers should offer “better” plans and governments should offer subsidized programs for low-income families to access the internet.
“It shouldn’t be where you’re born, or where you live or who you are that you actually have access to the basic infrastructure in our society,” Vestburg said.
Vestburg said Verizon experiences “a lot more” cyber threats daily than other internet providers as the “largest network in the world” and that he understands Verizon has a “big responsibility” to contribute to cybersecurity efforts given the size of its network. He said while Verizon’s main concern is securing its own network, the company also engages in conversation with other companies on cybersecurity.
“This is nothing you seek by yourself,” Vestburg said. “It’s that you see that you share and learn more from others, especially with the incidents, how the threat people are coming, how they’re doing it, what they’re demanding, how can we work together and do that better.”
Microsoft vice president talks intelligence, media’s role in Ukraine war
Burt discussed the Russian government’s spread of misinformation during its invasion of Ukraine with moderator David Sanger, White House and national security correspondent at The New York Times.
Burt said cyberwarfare during the war began Feb. 23, when Russia launched a “major” cyber attack against government and private sector organizations in Ukraine. He said the attack used “custom wiper malware” which removes data from devices and corrupts the network it attacked. Burt said Microsoft notifies customers of attacks like these when the company sees customers “threatened or compromised” by another country.
Burt said Russia created a network of more than 40 spoken languages that spreads pro-Russia propaganda messaging through online and “conventional” media outlets, making the messaging the “most highly consumed” media source in many countries, according to Microsoft’s research.
“It’s true in many of these countries if you had them vote in the United Nations, ‘Do the people of your country believe that Russia’s war with Ukraine is justified?’ the answer would be yes, because they have heard and believe the Russian messaging about why they are in this war,” Burt said.
Google president discusses AI’s abilities
Walker discussed evolving cybersecurity threats, the power of artificial intelligence and being proactive in a changing technological landscape with moderator Provost Chris Bracey.
Walker said AI’s capabilities go “well beyond” chatbots, referencing DeepMind, AI based in London that beat the world Go champion by studying 100,000 Go games and playing itself 3 million times, as a “remarkable” example. Walker said the AI went on to practice chess and beat the world Computer Chess Champion by playing itself 3 million times, showing a “powerful” self-learning arc.
“The head of DeepMind, who is himself a chess master, said, ‘In the morning the machine was playing random moves on the board. By brunch, it was playing at my level, and by dinnertime it was playing better than any human being has ever played and better than any other computer ever played,’” he said.
Walker said the threat of cyber attacks is increasing because people can buy tools needed to conduct these attacks “off the shelf.” Walker said he is worried about the “next generation” of attacks, where one could go to AI such as ChatGPT and ask it to analyze a code for them, making attacks faster and easier than “ever before.”
Walker said the “hack now, decrypt later” method, where one takes encrypted information and waits “five to 10 years” to use quantum technology to decrypt it, might inadvertently disclose sensitive secrets. He said Google is working on “post-quantum cryptography” that can reverse the “complex mathematics” built into today’s cryptography because of this threat.
“We can gradually start to fold this into our security at Google and ultimately, for everyone’s security, to make sure that that threat winning materializes isn’t as devastating as it otherwise could be,” Walker said.
This post was updated to correct the following:
The Hatchet incorrectly reported that the Business & Policy Forum was hosted by the School of Business Advisory Council. The forum was co-hosted by the School of Business, GW Engineering, GW Law and the College of Professional Studies. We regret this error.