Sandia LabNews

Sandia brings best cybersecurity minds to bear in national policy talks

MEETINGS OF THE MINDS — Participants in the “Tailored Cyber Strategies for the 21st Century” conference, organized by Sandia National Laboratories on December 6, 2020, discuss the national cybersecurity policy.

In a world where open conflict is evolving and adversaries are using cyberwarfare to attack United States institutions, Sandia is poised to play a key role in helping to secure the nation in this new theater.

Sandia hosted a series of virtual cybersecurity events called Meetings of the Minds, to pull together the best thinking on how the nation should respond to changing threats. The first one, held Dec. 6, 2020, and the second on May 26. The first event brought together experts from Sandia; Bob Kolasky, the head of the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency; retired Rear Admiral Mark Montgomery of the Cyberspace Solarium Commission; and other groups on the front lines of cybersecurity to discuss a national policy to confront the threats we face.

In the May session, following several high-profile national cyberattacks, Sandia brought together panelists from CISA, Google, Microsoft and other institutions to talk about emergent research and development. Sandia systems analyst Eva Uribe highlighted the complex nature of cyber conflict and competition.

“Severity of attack has been used as a guiding principle for how to respond. We are trying to protect against a Pearl Harbor,” she said. “But an overwhelming number of smaller attacks can potentially target the things that are important to us — power, transportation, wireless networks and, as we saw, the Colonial Pipeline.”

In May, the operator of the Colonial Pipeline paid $4.4 million to hackers who successfully attacked the system that transports gasoline from the south to the northeast corridor. Meeting participants in December learned that 85% of the nation’s water, electricity and natural gas infrastructure are managed by local and regional agencies that lack budgets to pay for high-end cybersecurity. Data shows that ransomware attacks increased by 41% in 2019, with successful penetrations in more than 205,000 business and local entities and attacks are still coming.

David White, director of Sandia’s Information Operations Center, emphasized the need for preparedness, starting with these kinds of meetings to coordinate the best and brightest in cybersecurity.

“I don’t think we can ever fully deter our adversaries. Resilience is really the core interest of the nation,” David said, adding that Sandia is already helping confront these threats. “It’s an insidious problem. I think it requires a national response. Sandia can certainly advise about new threats and opportunities, but the best role for our brilliant people is solving the hardest technological problems.”

The first session in December is available to view on the Labs’ Systems Seminars website.