August 22, 2024 – The Institute for Security and Technology (IST)’s Steve Kelly and Josh Corman joined thousands of infosec experts, security professionals, journalists, government officials, and cyber enthusiasts at “hacker summer camp,” the cybersecurity conference trio of Black Hat, BSides, and DEF CON—amongst many other bespoke gatherings and meetings.
While there, IST Chief Trust Officer Steve Kelly moderated a fireside chat on the Black Hat mainstage with National Cyber Director Harry Coker, while new IST Executive in Residence Josh Corman announced our latest effort to drive resilient lifeline critical infrastructure at BSides.
Josh, who joined the IST team in August, is co-founder of I am the Cavalry and CyberMed Summit and served as the chief strategist for CISA’s Covid Task Force. At BSides, Josh kicked off the I Am The Cavalry track by announcing UnDisruptable27, a new initiative that seeks to inform, influence, and inspire community action to strengthen the safety and security of our lifeline infrastructure systems by 2027. Through community awareness and creative arts solutions, UnDisruptable27 aims to build resilience in our water and wastewater systems, emergency medical care and hospital services, food supply chains, and power grids. In the initial pilot stage, the project will focus on the nexus of water and emergency medical care.
“Across these lifeline critical infrastructure sectors, we are seeing more disruptions, larger disruptions, longer disruptions, and more life safety-affecting disruptions. The people in our communities don’t call these hacks or glitches — just disruptions,” Josh said during his opening remarks at the conference on Tuesday. “I feel, increasingly, like we’re failing the public.”
Supported with funding from Craig Newmark Philanthropies, UnDisruptable27 is an integral part of the Cyber Civil Defense initiative, which focuses on bringing broad elements of society to bear to defend people, organizations, communities and nations from cyber insecurity.
Before the announcement, Josh spoke to WIRED’s Lily Hay Newman on the impetus for the project and what he hopes to accomplish in UnDisruptable27’s pilot year.
“People have been doing good things, but public policy takes time, and I think this year we need to cross certain thresholds on the sense of urgency,” Josh told WIRED.
IST Executive in Residence Josh Corman introduces UnDisruptable27 during day 2 of BSides LV.
At DEF CON, Josh joined the support staff of “goons” – volunteers who help to run the conference, maintain order, and assist attendees – to give VIP tours to White House leaders and staff. In their conversations, he highlighted several fields showcased in DEF CON’s villages, including water and power, biohacking, automotives, aerospace, AI, and the ICS Village.
Meanwhile, at Black Hat, Steve Kelly took the mainstage with National Cyber Director Harry Coker for a fireside discussion on the White House Office of the National Cyber Director’s (ONCD) efforts to protect the nation’s digital infrastructure.
In their conversation, Director Coker told Steve that while the ONCD is currently focused on strengthening regulatory harmonization across departments. Regulatory harmonization would ease the burden on organizations who spend a great deal of time complying to various regulations, Coker said. A bill is currently before Congress to establish an interagency Harmonization Committee at the ONCD.
“It’s clear to us, and it’s going to become clear to others, that compliance does not equal cybersecurity,” Coker said. “Thirty to fifty percent of the time on compliance is way too much, hence, reciprocity is a key goal of ours in regulatory harmonization.”
Next up for the ONCD is cyber insurance. Director Coker took the opportunity to announce that the ONCD, CISA, and the Treasury Department will be releasing a joint proposal later this year to create a federal insurance backstop in the event of a “catastrophic” cyber incident.
“[The ONCD] has to continue to deliver value for our public and private sector partners,” Director Coker said.
IST Chief Trust Officer Steve Kelly moderated a fireside chat with National Cyber Director Harry Coker.
Steve also attended the AI Security Forum, a series of keynotes and workshops for security engineers, policymakers, and researchers working to secure AI systems. Steve engaged in high-level conversations on the national security implications of AI.
“Hacker summer camp 2024 did not disappoint. So many cybersecurity and AI innovators, researchers, policymakers, and practitioners converging in a single place with a unified mission to make the world a better and more secure place to live and work,” Steve said. “Josh and I were thrilled to contribute and heartened by the shared resolve to overcome the cybercriminal and nation-state threats confronting us.”