The tech leaders, who testified before a House subcommittee on cyber on Wednesday, told lawmakers that greater coordination between the public and private sectors is needed to identify security threats posed by emerging technologies such as quantum computing and artificial intelligence.
Ron Green, executive vice president and chief security officer at MasterCard, said the partnership should encourage the government to share threat information with the private sector so that both sectors are able to mitigate cyber security threats from US enemies at home and abroad.
“Cybercrime is not limited by borders or territories,” Green told lawmakers.
“Our digital worlds are so interconnected, and the threats to any one organization are changing so rapidly.” He continued.
Green, who was joined by three other tech leaders, made the remarks during a House Homeland Security subpanel that touched on the intersection between emerging technologies and security risks.
Green’s recommendations to Congress have already been made by US cyber officials and private sector experts.
Robert Nake, a U.S. official in the White House’s Office of National Cyber Director, told lawmakers in April that companies are asking the government to share information on cyber threats to prepare and counter growing security threats.
“What we’ve heard from every private sector company is that we can provide something that private companies can’t do on their own, that is intelligence,” Nake said.
“Only the US government can gather intelligence and only the US government can give it back. Therefore, it is the main focus of our efforts, “he added.
Cyber executives who testified before Congress in April said the U.S. government should have fewer regulators and more partners for critical infrastructure in the private sector, and their focus should be on providing guidance and sharing risk intelligence.
President Biden’s executive order on cybersecurity has given impetus to these appeals, which have led to a number of major initiatives, including facilitating the sharing of threat information between the government and the private sector.
Green also suggested that Congress authorize the Cyber Security and Infrastructure Security Agency (CISA) to establish a National Cyber Training Center to train and prepare cyber security personnel to identify and mitigate national security threats posed by emerging technologies.
“It’s important to plan attacks, but without practice these plans are ultimately useless,” Green said.
Green offered similarities that illustrate how cyber-attacks should be taken as seriously as military action. “It simply came to our notice then [ground] Without real world war games and live firefighting exercises, war plans would not be of much use.
Green said the US Army already has a national training center in Fort Irwin, California, adding that the CISA should follow suit.
“We need a similar facility for cyber security,” he added.
Green said part of his job is to anticipate future threats as technology evolves and to assess how those security risks could pose a threat to him and government agencies like Congress.
“We’re looking forward to 10 years from now,” Green said.
He added that he and his team regularly consult with experts in the private sector, government and education, and on ways to identify and mitigate emerging threats.
“It may sound like a net speculation, but we’re actually developing an informative texture picture of the future,” he said.