The government’s cybersecurity challenges demand teamwork and a strong workforce pipeline.
“Let’s face it, we are in an era of great power competition,” he said, name-checking Russia and China as well as Iran and North Korea.
“We all know that there have been governments that have been out stealing intellectual property,” he said. “We know they’ve been stealing personally identifiable information and even using proxies to conduct malign influence in our government and against even our electoral processes.”
“Collectively, these activities are corrosive,” Luber said. “That’s something we all need to work together on, as a whole-of-government effort.”
Luber cited the work of the National Security Agency (NSA) and the rest of the Intelligence Community (IC) to help protect the midterm elections from foreign interference.
“That was absolutely critical work as we focused on those actors that wished to use malign influence against the U.S. and our democratic process,” he said. “It took a team from Cyber Command, it took a team from NSA, and it took a lot of coordination, working closely with DHS, working closely with FBI, and working closely with the rest of the U.S government to ensure that we could counter those threats.”
He suggested that the IC in general still needs to “work together on some of our data standards, data tagging opportunities, and then even down to the lowest level possible where we can identify classification of data”—so intelligence products can be disseminated at the lowest classification possible.
“When you think about our warfighters and many of our tactical users out there, they’re not necessarily sitting there with a top-secret terminal ready to receive our intelligence,” Luber observed.
After saying that the IC’s first competitive advantage is its people, Luber also discussed NSA’s attempts to build a talent pipeline.
“We’re reaching out to even the K-through-the-12 schools in programs like GenCyber, focusing on STEM development,” he said, and cited an example from two years ago.
“We had one of the local Denver schools participating in GenCyber,” Luber said. “And it was about 30 14-year-old students who were engaged in STEM work, writing Python programs, working with robotics—all the things you might imagine you might do in a STEM camp, a summer camp for students—but they were also speaking Mandarin Chinese the whole time.”
Right there, he suggested, you can see the “multi-disciplined language analyst of the future.” NSA’s outreach to students also includes a work-study program for high schoolers and 300 university partnerships.
Luber’s message of collaboration and cooperation also extends to private industry. He pointed attendees to DreamPort, a new facility in Columbia, Md., “where we bring in companies to focus on new, innovative cyber defensive capabilities.”
But even companies not looking to get NSA’s business have work to do. Noting the steady stream of security patches to combat new forms of malware, Luber offered a useful reminder: “Keeping those systems patched is absolutely critical.”