The White House’s new deputy cyber director: Tech’s challenges are society’s challenges
Camille Stewart Gloster, the inaugural deputy national cyber director for technology and ecosystem security, spoke at the DFRLab’s 360/StratCom about her newly created office’s ambitious agenda to address a wide scope of cyber challenges.
The White House is engaging in a “whole-of-society strategy” with its newly created Office of the National Cyber Director (ONCD), which set an ambitious agenda to diagnose and address the implications of everything from regional cybersecurity and quantum computing to Web3 blockchain technologies and sustainably expanding the tech workforce.
That was the message from Camille Stewart Gloster, the inaugural deputy national cyber director for technology and ecosystem security, who has been charged with crafting the scope of the office empowered to bridge a range of tech equities and help better define and grow a competitive tech workforce.
ONCD “is focused on moving us towards an affirmative vision of a thriving digital ecosystem that is secure, equitable, and resilient that we all can share in,” Gloster said at 360/StratCom, the annual government-to-government forum hosted by the Atlantic Council’s Digital Forensic Research Lab (DFRLab).
This year, 360/StratCom focused on the work of civil society to ensure that universal human rights in the physical world are also protected in the virtual realm. Here are just a few of Gloster’s insights into the Biden administration’s approach, in a conversation with Safa Shahwan Edwards, deputy director of the DFRLab’s Cyber Statecraft Initiative.
Security and education add up to resilience
- Gloster noted that the cyber challenge is “a shared problem across the public sector and the private sector.” As such, her office is working to produce a strategy that focuses on both cyber workforce education and digital safety awareness while striving to fill nearly seven hundred thousand open cybersecurity roles. “We don’t want to engage the same players exclusively,” Gloster said. “Yes, the big players must be a part of the conversation, but we want to make sure [to also include] civil society, academia, the small players, the innovators.”
- That multifaceted approach led to the administration’s announcement in August a string of partnerships with top tech companies (Google, Apple, IBM, Microsoft), coding credentialing programs (Code.org, Girls who Code), cyber insurers (Coalition, Resilience), and more than 150 electric utility providers (through its expansion of the Industrial Control Systems Cybersecurity Initiative).
- Gloster also emphasized that educational institutions will be critical to enhancing cybersecurity at the local level. The University of Texas system recently announced that it would expand its existing short-term credentials in cyber, as well as create new ones, leveraging its UT San Antonio Cybersecurity Manufacturing Innovation Institute.
- Later this week, Gloster will speak at Whatcom Community College, a remote college between Vancouver and Seattle, which was chosen in August to be the site for a National Science Foundation cybersecurity center providing education to “fast-track students from college to career.” At the heart of the conversation, Gloster said, is one core question: “How does a community college sit at the intersection of regional cyber awareness, regional technology awareness, and how does that catalyze and support the work that’s going on on a local or regional level?’”
Expanding cyber policy into the unknown
- The ONCD isn’t limited to tackling workforce education and training, but it is also well-positioned to address everything from “the emerging tech supply chain, the intersection of human rights and technology, privacy—all of the future-looking pieces of the technology landscape,” Gloster said.
- Cyber administrators will need to grapple with critical questions around quantum computing, which holds incredible promise for creating more effective vaccines and predicting threat models, as well as significant risk. “There’s a lot of good work that can come out of that, so how do we both prepare for the threats and the opportunities?”
- The increasing use of Web3 technologies built on blockchains will continue to present new security challenges (beyond financial instability threats, such as recent consumer losses caused by the sudden collapse of the crypto exchange FTX). A number of Web3 companies are built with a “collective contribution model that is open source,” Gloster said, which could leave them more vulnerable to cyberattacks.
The role of all sorts of governments
- The ONCD will need to work with the State Department and other interagency partners to coordinate around the national-security, economic, and human-rights implications of these new technologies. Groups like the thirty-four-nation Freedom Online Coalition provide an important avenue “to collaborate with our partners to really think about what democracy looks like now and in the future, and how technology underpins that,” Gloster said.
- International governments will need to be proactive in addressing pending security concerns around new technologies. Both the White House and international organizations like the European Commission have signaled that more regulation is coming in 2023 to address cryptocurrencies and the metaverse, for instance.
- While people often get lost in the conversation about tech, Gloster said preventing cyber threats in the future will require a significant understanding of human nature—and a workforce equipped with not just tech skills but also expertise in social and cultural contexts. “People create, promulgate, use, and are the malicious actors that weaponize or leverage technology. That means that we have to understand them as people.”
Nick Fouriezos is a writer with more than a decade of journalism experience around the globe.