The Central Intelligence Agency (CIA) is hyper-focused on cybersecurity and is conducting simulated cyberattacks to better understand the “bad actors” who are trying to do “the unthinkable,” the agency’s chief information security officer (CISO) said on May 16.
Joseph “Rich” Baich, who became CIA CISO last year, said he has found “a very strong tone from the top regarding cybersecurity. Within the agency, cybersecurity is every individual’s responsibility. We’re implementing, we’re configuring, we’re innovating technology.”
Speaking during an Intelligence and National Security Alliance (INSA) webinar, Baich said CIA cyber officials are focused on “utilizing simulations to understand the effectiveness of our controls … bad actors have the advantage because they get to study, watch, learn and more importantly, do the unthinkable. We as defenders need to be ready.”
Amid a longstanding cybersecurity workforce shortage, Baich emphasized that the CIA is seeking to employ and promote talented cybersecurity professionals. “Workforce is critical,” he said. “You cannot achieve mission without appropriate operators and skilled individuals, so we are very much focused on building up our workforce and making sure they have what they need to be successful. It’s about recruitment, retention, and scalability.”
Baich came to the agency with extensive private sector experience, having worked as CISO at American Insurance Group (AIG) and Wells Fargo, and as a principal at Deloitte. He told webinar participants that his broad resume “has allowed me to look at the risks associated with cyber threats through a unique window that is filled with various experiences that include listening to customers, delivering solutions, and innovating.”
Private industry can help the CIA’s cybersecurity mission by “partnering with the agency” and helping it develop better “speed of execution and greater agility,” said Baich who added: “Unfortunately, the government ecosystem…isn’t very friendly in terms of execution and agility.”
Baich said the CIA is partnering with researchers to learn more about artificial intelligence (AI) and apply it to cybersecurity. “AI obviously is an evolving area that has tremendous impact as well as applications to cyber as a whole,” he said. “Really, it’s about how you operationalize AI. AI without operationalizing can be just a very large data set. It’s about having the ability to … use AI in the cyber defender world to potentially open up opportunities that may have been manual in the past, to provide greater speed and execution.”