# Maj Gen Don Dunbar at the 2019 Wisconsin Governor's Cybersecurity Summit

## Метаданные

- **Канал:** Dave Schroeder
- **YouTube:** https://www.youtube.com/watch?v=Hey45hqP3gQ
- **Источник:** https://ekstraktznaniy.ru/video/35247

## Транскрипт

### Segment 1 (00:00 - 05:00) []

good morning well you're off and running ahead of schedule I'll do my best to keep us there because there's some really smart gifted people going to speak to us and I can't wait to hear what they had to say so our seventh cyber summit pretty excited about that the room is it's more full every year and I've never gone through one of these where I didn't sit there and have an epiphany moment and I'm missing some time to do something different I'm very proud of what Wisconsin has done over these last seven years has been a pretty extraordinary it does go back seven years as the National Governors Association had an event where they talked about the responsibilities that governors have across the 50 states and the six territories and of course the District of Columbia didn't have leaders to elect and understanding what cyber it is and so much I understand what cyber is but I know that we all understand it's important in if we can define delay and it's a big deal a good place to get started I mentioned governors have particular roles they're important roles the average American in our country the average citizen in Wisconsin probably isn't spending too much time thinking about cyber until something bad happens and then they say well why do you do something to stop that and those are tough questions for elected officials to ask and so they rely on all of us whether you're working for the state or local official or if you're a vendor in our state or whatever it might be we want to make sure that we're doing everything we can as a whole of government not just the state federal government locals partner with the FBI and DHS we've come a long way I want to thank some of the folks in the room you'll hear from them later on but lost visual areas David cash goes in the room our CIO bill Nash our sister I've got some of my colleagues in the National Guard getting a little divey view in general Devin I've got you know in the last seven years while we haven't solved everything because you ever stop everything in cyber it's always sort of a journey you're on but Wisconsin not because of me but Wisconsin has come a long way and I am confident we have made things better here in the state of Wisconsin because of all that you've done and because of the leaders that is highlighted in different ways including other agencies like the fusion centers in our state who work so hard with us developing cyber liaison program to make us more effective when it comes to the soccer world we live in there's a lot of goodness system of the state of Wisconsin but it doesn't mean we're not facing races there are all kinds of challenges facing us so I thought I'd kind of walk through I've got what I call my scrapbook here please so I think pictures to try and highlight what I'd like to talk about hopefully I can use that to good effect I will tell you that I really depend on my security advisor and that I think DHS calls it the senior States a court official which is kind of laughable because I don't speak dolphin I I'm not very good at cyber I know it's important but I really got to rely on smart people in the room who know what they're doing but I did learn something every day and I five humor insider I really did I used to be impressed when texting came sort of the thing and it was so popular now and people would shorten the words like lol right okay so it took me a while to figure it out lol I got it what's going through the next iteration now as humans does people say that and somebody you shared story so much about lol and I think wow it's come full circle we texted those working our clock at those words and I don't know if you've experienced this but I find this all the time that's a bit maddening for me because I have a pretty busy schedule and I'm always trying to get somewhere and I have found on the road that people in front of me who like to tax well that's the slow down we're looking to catch a light so that they can stop it

### Segment 2 (05:00 - 10:00) [5:00]

alight and then do some text that when you sit there so sometimes you know the speed of up to 40 miles an hour I'm trying to do 45 on the guy in front of me and connecting with my nieces and nephews it's bit of a challenge for me so I was on a vacation my wife and I were on vacation my niece at the time she's about five years old and couple years ago and then I was talking to her trying to impart knowledge but this month let's do we part nylons right with all this wisdom we want to share and she's looking at me and she finally catch my farted I had to slip Harrison what are you doing and she said well I know it doesn't always work but when I'm on the internet if I tap the screen it will tell me how long this gonna go and I just sound kind of smiles okay so same vacation a couple days later and I'm sitting at the kitchen table and I get a text and it's from my knees and it says oh god I'm in the bathroom there's a moth on the wall can you come take care of it I just waited and a couple minutes later Uncle Tom I'm really scared didn't say anything third one comes Uncle Don I'm gonna cry and I texted back uncle down is dead you're next beside the mom and later on where you sit around the table as she tried to explain why this young 12 year old ran and they get down the hall screaming to the top of our lungs she's trying to tell the story and I had the opportunity to reach up and doctor on the party to see how long the conversation and we're great friends today so I've made that connection so I can write great humor in cyber I thought what I would do is kind of go back through the last year looking through the rearview mirror 2018 has been a pretty amazing year for Wisconsin a lot of good things about and a lot more to do I'll start with elections it's nice as a bear as the factors just beat the bear but of course here we're talking about the Russian mare right and in 2018 we had a midterm election and we really had a really what I thought was exceptional team effort getting ready for that election and trying to make sure that the one thing that matters in the election back when a citizen of our state walked into that booth and made his or her choice or whatever position we're talking about that their vote counted and whoever won the election got credit for one of the election and that used to be something we took for granted but it's not something we can take for granted anymore enough and I don't want to do a lot of thunder here because we do have making wolf in the room that she's going to talk later about elections but I will tell you this young lady is doing an awesome job for us leading on behalf of the Wisconsin Election Commission that in preparation and as we should every agency and every group that can bring something to support her and the Commission's effort is doing that and in 2018 we had our cyber response teams ready to respond the governor allowed us to mobilize the National Guard cyber experts in case something happened nothing did that's good but we talked about what else could we do we had a group public affairs folks ready at the Commission so that if something did go wrong election night we had a lot of resources there willing and able to support Meghan and her team because in that kind of a fight when you trying to go to election and answer questions of the press that would be very powerful we found out that one of the phone lines they had wasn't always man with the human you had a lot of taking a message to getting back which works most of the year but not necessarily when elections actually gone on so we made sure that there was an actual human answer on the phone for a couple of days that something wrong somebody would answer the phone and get it to the right person and try to mitigate whatever was going on in the election and we did exercise him with the Department Homeland Security and we did exercising amongst ourselves and we tried to make things

### Segment 3 (10:00 - 15:00) [10:00]

better not me but us in support of Wisconsin Elections Commission very important the election went up great I'd love to tell you the end of the story but we got one coming up in 2020 and if a team was going to be tough when we thought because 2020 could be a real big deal right it's got a presidential election the entire house turns over again one third of the Senate big deal in the state of Wisconsin so while we're doing good things with our partners at elections we have a lot more to do but maybe no one just thank you publicly for all you're doing an awesome job and I look forward to hearing more I don't think they want your thunder I want to talk about that season so far Homeland Security changed one of their big agencies into CICA stands for the cyber security infrastructure security agency this was a brilliant idea it took a long time to get this through Congress I don't know why but if the Congress eventually said we're going to do this and this agency is sort of the risk manager for the country they've got specific responsibilities in terms of comparative cyber protection infrastructure resilience now that's partnership right because the federal government generally doesn't own the infrastructure but they understand how important it is so they're working hard so that all of the infrastructure in the country rely on and there's 60w see right on the right-hand side to the extent that we can we try to make them stronger better more resilient they worry about emergency communications when everything fails what is going to be the way we campaign with the public that is if you're like my niece much more dependent on that phone that I ever was with most also at a hackathon two different generations do different approaches they are particularly focused on protecting the gov domain and they're acutely interested and trying very hard and I think doing a great job in trying to collaborate when the dot-com coming this was a big shift for DHS and I think it's a powerful shift at the bar Homeland Security because of a much better method of partnering with us and allowing us to build a better capacity and better capability across the country and in space like Wisconsin now CSIS led by a guy named Chris Pratt is a friend of mine you know when everybody's would he brought together but I consider my friend because I've had a chance to work with them and he's a really smart guy who's doing a great job running this particular agency he just it just had a cyber summit of their own and he had a chance to make a few comments and he I thought if he was comments were worth sharing with you so these are paraphrased by Chris Prez they talked about you know the world is increasingly networked it's not gonna change and it's having acute impacts on online security and rezoning on landscape where silos or sector-specific approaches despite how effective they may have been in the past are not going to be successful now in the future we must partner together it's not a question if we want to work with the federal agent who would be stupid enacted it's not a question if the state wants to work with locals it would be stupid not to it's not questioning we want to rely on industry with all the talent it's an industry it would be stupid not to and we will fail we must have process as a whole-of-government approach I think he's on the right track he also says something that I think we need to hear more of and I get very credit of this he said we need to stop the fear now there are real challenges when it comes to cyber there is no doubt about it and we need to prepare for what might be a bad night in there and I'm advocated grid goes down whatever it will be but it can't just be something we're fearful there's a lot of goodness that comes from this cyber world that is he in developing and expanding and driving on and providing enormous efficiencies for our industries and our people and of course you want that and at the same time they recognize that we have to partner together in order to meet the threats that come with that expanding universe and be prepared as a nation and I think with folks like Chris pres and his wonderful team and they really are wonderful team if you don't know somebody at DHS I hope that you will take the time to either go see the any paper or go see what they're about as they really are doing a great job and they're focused on helping us do our job so I appreciate that he also talked about CSIS five areas of focus I think we'll hear more about this later

### Segment 4 (15:00 - 20:00) [15:00]

just that highlight then for you just so you know what's on their mind I think the right to have these issues at the time number one China at least pretending anymore that we can't name the country China is a challenge the way they approach certain things in particular our supply chain and in particular as 5g comes online these are issues it's not the end of the world of things in contrast deal with in the dealing with number two soft targets superior that certainly affects us here in Wisconsin number three government network protection and they cemented I've got the main number for SCADA systems or industrial controls very important number five we discussed on election security and one of the ways they're approaching these five lanes of effort is what the National risk management center this is brand-new it's an evolution of DHS's cyber of initiatives it's aimed at planning analysis and collaboration I think that's perfect to identify and address the most significant that we're facing in the saga around so what should you think you should think critical infrastructure of the structural functions the things that we rely on if it's fresh water or sewage systems working or power that's reliable an uninterruptible those kinds of things and then your supply chain pipeline selections obviously I think they're on the right track and just to give you an idea these are those national critical functions you can see that they fed across lines they're really thinking through how they want to help us and in the future what C's has been working on it's my understanding is more scenarios which we've enjoyed when I haven't mentioned the elections with that tabletops it's phenomenal on the phone across the country with folks in other locations and go through a tabletop trying to figure out how you might respond to something get the benefit of that and then take that and then you can distribute it in your own state to your own locals and try to get that benefit multiplied several times they're also working on risk hatcheries and trying to figure out the highest diversity probability and what you focus on and then lastly something we all share important so readiness as we go forward so I think DHS is not only a great partner but my hats off to them because I think they've turned some important corners and are engaged and just exactly the right way really proud of the work when DHS but we're doing a lot of things here in Wisconsin about what we did last year we were one of four states chosen to our National Governors Association cybersecurity policy Academy so for about a year we sent folks from David chef David gospel shop about MasterChef DOA Det we sent some folks in the National Guard or dependent enclose an infusion center was set folks from the Wisconsin Emergency Management and we participated in trying to figure out what we're doing which we know what we're doing and bring that to the discussion and then how we make that better going forward and after a year they came away with four goals that I want to share those with because I think they're excellent this will sort of guide us into the future as we update Beaumont security strategy as we update our cybersecurity strategy and our cyber disruption response strategy as continue to try and make these documents that we took a lot of time to create we try to make them more effective so the four areas the four goals are number one communication of Sacre risks so that individuals and corporations and entities know there is a risk on what that risk is number two develop a local engagement strategy very important doesn't matter the state protects itself or its own network that's important but or as well we want to strengthen our Wisconsin cyber strategy planning workgroup this workgroups been under the tutelage Ashville for number of years does a great job but we need to make some improvements we're gonna try and do that if filled with a manpower associated with it so that we can continue to unleash the talent that's in this birth and number four one establish a cyber workforce development pipeline you just saw a piece of that with those young men and women who are getting those awards and we've done some development of our own as a state over the last year trying to develop young men and women who had an interest in the cyber arena I'm selfish as the Eisinger general because I want them to be in all the state agencies but I also want them to be in uniform there's no requirement to do any of that but I will tell you I think it's one of the best opportunities for an

### Segment 5 (20:00 - 25:00) [20:00]

unmarried young woman because you can be 18 years old graduating high school if you choose to you can join the National Guard it's not full-time nobody's going to pcs jeetil Korea or someplace else around the world you stay here Wisconsin you drove for a weekend a month maybe 15 30 maybe 40 days a year and I'm an attorney and the state will pay for your college education and the army the Air Force will give you the best cyber training anywhere in the world and in the top-secret clearance and he imagine somebody being 22 to graduate he was a degree no debt from college and top secret clearance there's not many companies or agencies not looking to hire that kind of talent it's a heck of an opportunity so there's no requirement but I'm trying to make sure as many young men women here that opportunity is I can exactly that's pretty unique one of the biggest things in glance talk about is the crushing student debt load that they have and this opportunity for some of these interested but what an opportunity graduate debt-free that's pretty cool thing so I want to congratulate everybody who went participated with this nga Academy David thank you Mark Mitchie thank you a lot Fredo of folks work very hard if you Center I don't see anybody but they also want I appreciate the baby okay and then I mentioned we were working on trying to build family let me tell you what the state's doing here under David has opposed to Toulouse I've mentioned his name a lot as you can see or so less Knar state you know most states and blessed have done match to most states have a CIO or says okay last for maybe 12 months or 18 months we need to get a better job or something happens and show them the door we've had these two gentlemen for several years now and the longer we have them the stronger we get in cyber that better the leadership is the better our functions become our processes become our exercises become and we all have a chance to benefit from them so gentlemen thank you again for all you're doing but they created this cyber edu WI back together the website and tell folks about educational opportunities if you remember they were here two years ago we had Alan Palmer here who talked about sort of a game theory approach to developing talent so we took them up on that we went out to several universities and we offered them the opportunity to take this game that was developed that is designed to see if you have talent in or expertise or intellect or ability when it comes to the cyber realm and the young men and women who took it the ones who scored the best we offered them an internship paid internship come to work for us do a come to work for other agencies in the state of Wisconsin and we'll pay you and we'll let you help us work our networks and we'll expose you to state government expose you to the military and see if something to connect them and I am very proud I think we had about 30 or 40 throughout the year we did several in the department military affairs gonna have lunch with him later on today here so here's some of the feedback from them again but it was really powerful now some of them are going to just leave this and go on to live their lives and that's fine but some of them are talking about can I come back next year what's this National Guard like how do I do that and that's awfully powerful for the state of Wisconsin so a something brand-new this year and I'm very proud of Wisconsin's effort here trying to develop future talent there are hundreds of thousands something millions of jobs vacant in our state and across this country good jobs that pay good wages have benefits great opportunities we just don't have people to film and we're gonna keep trying to the bail of talent here in Wisconsin and trying to take advantage of so breaks out ladies and gentlemen what you've done let's talk about the future a little bit now again I'm not an expert but I think I need to mention five g's done whether I like it or not I'm not sure I do but the five B's done a lot of goodness coming to five feet what I understand a lot more speed less latency or low latency which means the apps run faster is the layman's term as I understand it and that's an awfully good thing it will bring challenges for us it will bring threats with it there's a lot of things our country's going to have to it's my understanding that you can do this different frequency ranges and depending on what frequency rings to company Tuesdays you get different

### Segment 6 (25:00 - 30:00) [25:00]

speeds and latency and they gotta figure all that out it's not for me to figure out but somebody's got to figure out a standard we're not there yet and I don't think we're at the 5g level yet I could be wrong certainly somebody ministry might correct me but my understanding is there's been a few nodes developed in a few of our biggest cities but we still don't have five together but it wasn't that long ago we're talking about 40 anything over 40 started yeah so that's 11 years ago and has the pulse in the world breaking out but it took two or three years maybe four before the applications really started to develop and unleash the power of 14 I expect the same thing will happen with five he will come online industry we have the greatest industry in the world will figure out how to do this the right way and we'll get benefits right away where we can watching Netflix but then things that we haven't even thought of I've better development and they'll be goodness with that and I think there'll be some challenges with that so we'll see what happens going forward but this is the big issue best one I like this there are a lot of players when it comes to 5g our country's one so is China so sure so I don't know how we're gonna develop five days where the stands will come from this will by smart people much smarter than me but this is a challenge because if you radio compress China has a different approach than the United States acts we believe in things like the rule of law if you developed it and it's your patent you get the rights we go with that and China's approach to intellectual property is a little bit different and that's got to be something that gets worked out or all those jobs I thought about that exist today may not be there in ten years when your children branch looking for jazz because they may be overseas so nobody wants to I think protectionist Lane I certainly don't but I think everybody must have standards that are understood and applied fairly across the board and that we've done that before with partners in Europe we once were very far apart figured out a way to do that I'm hopeful that our government will be successful in partnering with government China and other governments in Asia and Europe to have those same kind of standards and then let the best industry thrive and personally I may be prejudiced but I think though there's going to be an American engineer it's just they're just too talented you go back 50 years ago different companies but at the same time of American ingenuity I think that will survive for a long time so we will see what the future holds but I'm confident a lot of goodness and a lot of challenges one of the big things that came to bear this year was again malware encryption ransomware affected a lot of cities you've heard about the cities that were affected and two approaches to this there were some cities that are as well known and they got the infamous email that says we just locked up your stuff and if you wanted me to get a lot of money and whatever that about is the city huddled and talked with their mayor and their system CIO or whatever they call them at the city level and they decided to pay and took the risk and they paid it and some of them got the key and they got their data released them what about their business now that's not what a lot of the professionals recommend they recommend you not pay that ransom paying ransom records more bad behavior but some of the cities who didn't pay the ransom didn't necessarily have the best backup systems going and that's a challenge right and then some of them when they didn't pay the ransom n that I paid perhaps more than they thought they would have so this is a big challenge for a small government as they approach in the future and it used to be easy to say well I've just got good backup she's got no problem right but maybe that's not so true anymore because the bad guys get inside the system and it's not hey we broke through the door let's do something they're pretty sophisticated and they know that smart guys like Bill and David are looking for them and they just sit and listen and observe and maybe they attach the same malware to your system as it so that they've infected your backup systems and so that's a challenge as we go forward again this game keeps changing a little bit like a basketball game you one side does something that works yet aside just the defense and

### Segment 7 (30:00 - 35:00) [30:00]

then the other side just rocks back and forth and I think we're in that world right now but it does highlight the value of good hygiene because at least if you have a backup system giving a much better chance as you go forward and a lot of our cities and our local PDS and some of our state's quite frankly some of our federal agencies quite frankly include the military organizations like the Navy and the Army you find out that some parts in there also are pretty far behind when it comes to networking or maybe they're using open computers or older systems it's not just you know a small city so things we need to do we've talked about this before they don't have the things it's coming I don't know if it's true or not sorry here we go but I told twenty point four billion things 20 connected by 2020 they're designed to connect they're not designed to ask you want me look for the event now I'm sure that they'll build into them ways that you can say don't connect that's certainly where I would live but others you know again my niece sure she wants everything connections very smart she's very well-educated that she likes this connection I've gone for but surely anybody in this room of those the vulnerabilities associated as we go forward with twenty point four billion it's only five billion things that are connected and the ability for one application or virus or something to affect them all perhaps turn them into something that they're not designed to be your refrigerator is something more malicious your series on the table or something more malicious then they start to listen to you again I don't want to talk about just the negatives but this is a big deal as we go forward the Internet of Things again a promise of goodness and a promise of Chris I think the goodness is that there'll be more efficiencies in our business processes you can monitor your applications of anywhere that's a cool thing you can be in Tahiti and adjust your air conditioner Wisconsin that's a cool thing save time save money productivity will go up who doesn't want that but the same goodness that says you can access from anywhere in the world is also the challenge isn't it to somebody else can access it from anywhere in the world and if they can access it then maybe they can affect those business processes that are so efficient with bad content and that kind of undoes all that productivity we just talked about so the scale of connections is huge again lack of standards may be a problem these are the big things our country faces going forward I don't want to touch on one more thing that we did was also excellent we have a wonderful relationship with our electric utilities you hear a little about that today and it's going great but we started reaching out to other critical infrastructure sectors we want to build the same kind of public-private partnerships in the state of Wisconsin with all of our partners to the extent that we can now not all of our critical infrastructure makes sense to have that kind of a barrier but the ones that do we are trying to develop those relationships and here we went up to Kolkata utilities and we took our national priority and we brought some experts in from US Cyber Command which is the active duty combatant command that is responsible for Sagra around the world they can partner with us amount to the utility and we put some sensors on the net so we tried to figure out anything was wrong and try to help them in making their systems better what a wonderful thing to do soldiers and airmen get great training directly related to their military specialty and help one of our utilities and no cost to the utility now I know about you and me or about you but for me I want to do that as often as I can with every partner that I can because that's a great thing for my soldiers and airmen and it's a great thing for Wisconsin because it helped them get stronger they got stronger and that's better for our citizens so again my hats off to the leadership that was consummated our Wisconsin burns advancement that's just did a great job going forward and just recently our cyber Response Teams had some training they did in conjunction with the wick trailer Victor's here today areas Jerry that Eastman is here former Guardsman with a great job which they have developed different ways to train sort of training the box take

### Segment 8 (35:00 - 40:00) [35:00]

these as how like try to imagine the medical folks who experiment with diseases right so they go to a secured room and they put all the gear on and love us and they maybe pick up the anthrax or the Black Plague and then and they work on it right they make sure that sure is protected but they do the same kind of thing in a cyber box so they bring in a box they connect and they can train our cyber response teams with actual malware on systems because he was like see how Sava practice with not only the technical folks but the leaders in another room and they just recently did that at the armed force of in the center right here in Madison and we had to do this more across the state of Wisconsin to develop more Skills more ability more capability capacity so Jerry Olson or Jerry where you are very RF thank you for your leadership and again David and Bill for the cyber responsibilities this kind of training and makes us better and work it will respond the back to elections again so I think it's important one more time 2020 is coming on our team this guy is going to try and mess with our life it's been try and infiltrate our election systems but he's doing a heck of a job messing with the American public on the internet telling stories they have some really impressive capabilities and it's playing havoc across the United States it is I'm not a guy who spent a lot of time on Facebook or Twitter or Instagram or all these wonderful programs are out there but if you do if you just even look on the internet when the story comes out and those threads that come down somebody said something did something and then there's somebody saying oh he didn't mean he's a nice guy somebody else said now surely and then they go from there more vicious and more pointed the chances are very good that both sides of that argument are being placed by somebody from a foreign mention now I'm gonna say it's Russia but we have some indications are right this is public domain that smart people in Russia are trying to do this and if you're her if you tend to be leaving left or we can write in our country both of which are fine for me it plays right into your passion because people stoked and get some angry and that can affect turnout that can affect how people not how they vote but whether they even joked about important for us to be thinking about this as we go forward and probably was constellation commissioners are working very hard across this thing we also speak in elections had the DNC coming to Milwaukee in 2020 next July for three days the Democratic Party will choose their candidate to run against President Trump in 2020 it's a big deal for them welcome I don't know what this is gonna bring it's gonna bring a lot of goodness I mean for sure we have great teamwork in this very proud we are not gonna lead our military affairs we are assisting the u. s. Secret Service has federal government and of course the City of Milwaukee has the lead for the city walking and great people working very hard we are working together one team to try to make sure that this but that goes off flawlessly but who knows what's going to happen when this event comes to death so it's on our radar screen we're working very hard to make sure that this event is one that we're very proud of the know we will be and showcases Milwaukee as the great city that it is this year in 2020 and I'll end with this I've said many times in this podium at this summit that I'm not the guy that wants my refrigerator to tell me I'm a developer that my milk is expired I don't need it perfectly capable of opening that door I just don't want it I don't have a Siri or a another one of those blocks in the house with you say hey Siri what's the weather or hey somebody else you know what was the score the Brewers game last night I don't trust them the ones in my house my personal opinion my opinion is I'm going to be nothing as this world continues to evolve and expand I'm just one of a handful of those sort of saying a little slower the world would continue to expand and what we need to do as a state as partners all of us is we need to

### Segment 9 (40:00 - 41:00) [40:00]

recognize the goodness that is available to us from this expansion from wonderful technology from the internet of things by gee take the goodness our kids that wanted our kids will 1 a. m. and try our best to mitigate the dangers and when something pops up to quickly adjust and correct it's going to be quite a ride I think over the next 20 or 30 years if you just imagine where you were in 1990 you know and cell phones were like the suitcase I have no idea what 2045 is going to look like but it's better be different and it's gonna be fun and it's going to be better for us in ways that we never saw coming but it's believed this challenges that we never really anticipated either and the entire presentation I didn't even talk about the dark web which things are happening then we don't even really know about so with that I will thank you for all that all you do we have a choice we can work together or we can fail separately and I don't know about you but I'm all in working together thanks for being here has done a much better speaker