Enable breadcrumbs token at /includes/pageheader.html.twig

On Point: Q&A with Melissa Hathaway

Q&A with Melissa Hathaway, president of Hathaway Global Strategies, and former cyber advisor to President George W. Bush and President Barack H. Obama.

President of Hathaway Global Strategies, and former cyber advisor to President George W. Bush and President Barack H. Obama

What do the recent ransomware attacks bode for the United States? Is the wave of the future here, now? 

The wave of the ransomware events is just at the beginning stages of accelerating. The fact that the companies are paying the ransom, and the fact that the ransom syndicates are targeting key critical infrastructures, are the confluence that should concern our government and our business leaders for both our national security and our economic security. The Colonial Pipeline event knocked 45 percent of the country’s fuel offline, the JBS event knocked 25 percent of the nation’s beef supply offline, the transportation authority in Massachusetts knocked ferry service for Martha’s Vineyard offline, and we’re going to see many more of these types of attacks again because our businesses and critical infrastructure services are
paying the ransom—and there’s no deterrent for conducting the activity.

What is the key to building a coherent government-industry partnership for cybersecurity?

The key in that partnership—which is a contract—is we have to be very clear and define what problem we are trying to solve. It can’t just be a blanket discussion of information sharing or threat intelligence or industry needing to increase its defenses and/or network hygiene. We need to be very clear about what problems we’re trying to solve and then design the action plan where both parties are held responsible and accountable for the activities that they are going to undertake. We also need key performance indicators or metrics around whatever that is. I always define this as the what, the so what and the now what.

What should the United States do to ensure future primacy in global telecommunications?

Industry and government need to first define that we want to be leading the standards in the next generation of technology, 6G, and then have commensurate investment by all parties in research and development. This includes industry and standards bodies driving the discussion, the innovation and the anticipation of what might the spectrum need be for the 6th generation. In the interim, the United States needs to adopt a broader broadband policy. We should be continuing to fund or support telecommunications from space. Whether that’s Starlink, Kuiper, OneWeb or Telesat, we could deliver better broadband to underserved and rural communities at probably a better price point than terrestrial broadband. That should be part of the strategy, and that will also require government and industry to recognize that we need to have a complementary terrestrial and space strategy for telecommunications.

Where will we see the greatest changes wrought by the pandemic in cyberspace?

We’re already seeing them—the rapid digitization and dependence on the telecommunications infrastructure and these digital assets. Overall, there has just been a broad-based transformation of industry: work from home, learn from home, deliver product to home and a broader-based dependency. You’re also starting to see the fragility of the infrastructures, services and companies because of their lack of investment over at least the past decade. They’re being taken advantage of and knocked offline when they need to be online by malicious actors. We are at an inflection point where most every American has been impacted now by our cyber insecurity. It’s a question of whether or not we’re going to really increase our resilience, address the safety issues and invest so that our digital transformation can continue and we can all benefit from it.

What do you think is the next great information technology trend?

It’s probably going to be the mainstreaming of artificial intelligence/machine learning algorithms in the core of our businesses and the platforms that we use. With that, we have to understand: are the algorithms sound behind the decisions; were they developed without bias with good and broad and diverse data sets; are we allowing these algorithms to make decisions for us and/or increase our bias or proclivity to things? I think that is the biggest trend that we’re going to see right now.