Cyber Threat Environment & Advice for Young Professionals
Last month, the Pallas Foundation for National Security Leadership hosted Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency, to highlight CISA's efforts in hardening our nation's cybersecurity infrastructure. Sharing life-shaping experiences throughout her impressive career with young professionals in the Pallas Foundation Fellows program, Director Easterly emphasized the importance of mental health and balance in life. Throughout the conversation, Director Easterly opened up about the important role of cyber and national security in maintaining a stable society. Reflecting on key cybersecurity issues, Director Easterly provides insight into her leadership roles and resilience in the face of adversity.
Director Easterly’s Advice on Building Resilience to Cyber Threats
In the past, the technology industry has rapidly evolved to create immediate value at scale for consumers. However, as the focus shifts towards increasing safety and security, the same products that create immediate value run the risk of exposing consumer and technology vulnerabilities. Large Language Learning Models (LLMs) like ChatGPT illustrate this pattern clearly. While LLMs can increase productivity and efficiency, they can be breached, posing a threat to private information. To mitigate this risk, innovators should prioritize security features as we move towards a more complicated AI-affected world.
Radical transparency: CISA advocates for "radical transparency" in the safe development of technologies by software producers, which requires closer partnerships between industry and government. Director Easterly emphasizes the importance of software bill of materials (SBOMs) as a step towards radical transparency in the technology development of software producers.
The United States must build up cyber, operational, and societal resilience, as we have seen the Ukrainians demonstrate. Malicious actors will almost certainly use cyber attacks to disrupt our cyber infrastructure and attempt to induce societal panic. So, how do we train for scenarios that knock once reliable systems offline? Director Easterly emphasized a Shields Up approach and said rehearsals or exercises can build operators' experience of what to do when systems go offline. Exercising or simulating these operations is best done with partners who have a role in the potential incident will provide better results by helping responders from the federal, state, local, tribal or territorial government and private sector understand each other’s roles and how they work together. We need to build the capability to defend against cyberattacks and bounce back as a society after an attack, which Director Easterly says is the most complex type of resilience to build up. The current atmosphere of polarization and disinformation is a significant roadblock to building this level of resilience, and the next generation should focus on dissolving it.
Advice to Young Professionals
Director Easterly referenced CISA’s Core values in her advice.
Learn from failure and use the power of imagination to anticipate potential threats to National Security.Director Easterly emphasizes the importance of learning from failure and using imagination to foresee potential threats to national security.
You should feel empowered to make an impact every day – and if you don’t, change what you’re doing. Director Easterly encourages young professionals to seize every day, maximize their impact, and work towards creating a positive difference in the world.
Allow yourself to be vulnerable to build trust. When discussing leadership, Director Easterly shares that the most effective leadership advice she has learned over the years is to be herself and "allow yourself to be vulnerable to build trust." Lastly, Easterly emphasizes that life is about relationships.
Life is a Contact Sport. "Life is a contact sport. The quality of your life is not judged solely by your resume but by personal relationships," she shares. While sacrifices are necessary for public service, it is still possible to have a career and a family.
Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. Easterly has previously worked as the head of Firm Resilience at Morgan Stanley, as the Deputy for Counterterrorism at the National Security Agency, as well as two tours at the White House, as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. A two-time recipient of the Bronze Star, she retired from the U.S. Army after more than twenty years of intelligence and cyber operations service, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan.