Against the backdrop of an anticipated increase in cyberattacks from Russia, the Arizona Junior Fellows hosted an expert panel at Arizona State University on Monday on the future of cybersecurity, as part of their Future of Arizona Democracy series.
The panel was moderated by President-Emerita of the Arizona Board of Regents and former Arizona Treasurer Eileen Klein. The panel consisted of Arizona Department of Homeland Security Director Tim Roemer; Klon Kitchen, senior fellow at the American Enterprise Institute; Brian Elisco, CEO of Abrazo Health and Gregg Davis, president of Global Market Innovators.
Russia’s invasion of Ukraine and the retaliatory sanctions and American and western support for Ukraine has American government and private sector leaders on high alert for attacks originating from Russia or from non-state actors sympathetic to the regime of Vladimir Putin.
On Monday, the White House urged businesses to implement a range of measures to improve their cybersecurity.
While the federal government can urge the private sector to improve overall cybersecurity, the government’s ability to help is often limited. Intelligence on cyber threats often cannot be shared with those who do not have a security clearance. Additionally, the government generally is not as familiar with companies’ technology and vulnerabilities as in-house cybersecurity teams.
“The federal government is increasingly a stakeholder in cybersecurity and not the stakeholder in it.” Kitchen said. “For example, Google has done the same if not more than the government for preventing cyber-attacks in Ukraine.”
Kitchen explained that even as cybersecurity becomes more important, it is important that the government does not overreach its authority.
“We don’t want to just be secure. We want to be secured and free,” he said. “We want to make sure that we maintain the things we’re trying to keep secure and not give them away in the name or security.”
Arizona is one of two states with a Department of Homeland Security. Part of AZDHS’s responsibilities are to ensure the state government remains protected from cyberattacks and helps private sector businesses improve their resilience.
“There’s not one specific piece of government that can handle this on their own,” Roemer said. “The best way to combat this is through partnerships between the public and private sector.”
Elisco praised Arizona’s approach to cybersecurity.
“What surprised me the most coming into the state of Arizona was how accessible our government officials really are and how open they are to collaboration,” he said.
However, Elisco added that cyberattacks are not always complicated attacks.
“Some of the largest cyberattacks in healthcare are some of the simplest emails that look like they were sent internally,” he said.
The panel concluded by discussing various cybersecurity measures that the public can implement: enable two-factor authentication, change passwords, think twice about clicking on links in emails, and adopt an attitude of “see something, say something.”