hi everybodywelcome we’re so glad that you’re herewith us thanks for joining us my name isVivian Schiller and I am executivedirector of Aspen digital we’re aprogram of the Aspen Institute thatfocuses on the intersection oftechnology and media and a big area offocus for us is cyber securitywe’re here today to celebrate ananniversary that it means a lot to meand I know to many of you who are onthis uh this Zoom call with us today inthe cyber community and that is the oneyear anniversary of the Cyber CivilDefense Initiative which was bothinspired and also supported fullysupported by Craig Newmarkphilanthropies and composed of dozens oforganizations dedicated to educating andprotecting Americans amid escalatingcyber security threatstoday’s program is going to feature afew different parts we’re going to startwith a fireside chat with DeputyNational cyber director Camille StuartGloster and sis the chief of staffKirsten Kirsten Todd moderated by Aspendigital Zone Garrett Grafwe’ll then have a panel of practitionerswho are intimately involved with cybercivil defense including Tanisha Martinof black girls code Alexis eggleton ofGirl Scouts of Greater New York Philreitinger of the of the global cyberAlliance and Megan Stiefel of theinstitute for security and Technologyour moderator for that session will beMadeleine denona of the Gina DavisInstituteuh these panelists but not uh uh thefireside chat participants will betaking questions from the audience atthe end and finally we’re going to hearfrom the man himself Craig Newmark againhe is both the inspiration for all thiswork and an inspiration for many of usevery day with an encouraging remark andalways a pagan pigeon joke which wegreatly appreciateand with that I’m now going to turn itover to my colleague Derek Graf who willlead our Fireside chapgood afternoon everyone thank you allfor joining us and particularly uhpleased to be here with two friendsCamille Stuart Gloster from the officeof the national cyber director at theWhite House and Kirsten Todd chief ofstaff at sizza in the Department ofHomeland Securityum let me start by asking you hereum both you and Camille came intogovernment here from the private sectorum have experience in the non-profitworld and I wonder if you could start usoff this afternoon by talking a littlebit about how you see the public role incyber security differently now that youare sitting on the government sidewell thanks so much Garrett and thanksto Aspen digital for this opportunityand obviously a huge uh thanks to Craigand to all of his his generosity and forthe leadership that he has taken on inthis issue because the question that youask Garrett really is is driven so muchby uh Craig’s Mission and objectives anda lot of the achievements that havehappened within the last year you know Ithink having come from the nonprofitsector I was a little bit tuned into therole of individuals looking at smallbusinesses and individuals but I thinkeven more so when we look at the Cyberthreat landscape now today and how itcontinues to increase the the need forindividual accountability andresponsibility and cyber security is socritical so whether we’re looking atCyber education uh how we’re helpingindividuals understand their role incyber security through their jobs thetools that are out there the services toaccess all of these elements come downto how we as individuals have a role andI think you know sisa typically peopleunderstand it to be an engagement withindustry but at the end of the dayeverything comes down to people and Ithink that’s one of the things thatCraig has done uh so effectively uh andimportantly is to really articulate thatpersonal responsibility so what we’refocused on in these Partnerships uh withnon-profits and particularly when we’relooking at building out the workforceit’s so much about educating individualsand all of the relationships andengagements that Craig has are ones thatwe a lot of them are working off of aswell thanks to his support butimportantly how can we get twoindividuals to help them understand whattheir role isyeah Camille you sit in this fascinatingnew position in this fascinating newoffice in the White Housebringing really coordinated Nationallevel attention to issues around cybersecurity and prior to coming in togovernment you had spent a lot of timethinking about who should be around thetableum who the people were that were makingup the cyber security Workforce thecyber security policy community and Iwonder if you could talk a little bitabout that mission and how you see thatcoming together inside government andbuilding these public-privatePartnerships around this important issuefirst thank you for having mecongratulations Craig this is a reallyimportant work and to your pointdemocratizing influence democratizingaccess to resources is such an importantcomponent of that and this work the therole of philanthropy in general reallyhelps us reduce the chasm that existsbetween the big players and the smallplayers it allows some of the Grassrootsorganizations and non-profits to reallytake hold in the industry be able tobuild resilience and defense forthemselves and those things areextremely important to our broaderecosystem but also really important aswe seek to make sure that around thetable both in my seat and OCD and inPrior hats to make sure that all of thevoices are are represented in theconversations that we’re having afulsome discussion about our threatlandscape and even more importantly ouropportunity landscape means that we havebrought together non-profits privatesector because small innovators thesmall organizations whose innovativeideas and creativity are the things thatwill catapult us into the next evolutionof the internet and our digitalecosystem and so opportunities like theinvestment from philanthropy that opensthe conversation and creates theresources and opportunities to expandthe dialogue are extremely important anda big piece of the work we’re doing atoncd is making sure that wefacilitate those connections so that theconversation can be widerand Camille let me stay with you foranother question here um one that I’llactually put to both of you which issitting in your role today sitting inthe conversations that you are havingtoday where do you see the greatest needfrom the from Civil Society from theprivate sector around cyber issues andcyber policy right nowyeah the greatest need is as you saw inthe National cyber security strategywe’re trying to shift the burden fromthe small players to the big playersthat still means that there areum a lot of attacks being lobbed at theplayers that do not have the resourcesto protect themselves adequately and soa lot of what you’re seeing isimmobilization so that folks can bringall of that we have to bear around someof these threats and challenges soum not there are a number of non-profitsthat operate critical infrastructure orcritical capabilities we need to makesure that they are supportive supportedand have the resilience to be able tomaintain those capabilities we’rethinking about how we focus in on thebig player such that they can besupportive of those organizations sowhat I see from public-privatePartnerships that’ll be really key as wemove forward is some true collaborationsome information sharing some resourcesharing such that we are coming aroundproblems to create a holisticperspective that includes peopletechnology and the roles andresponsibilities and policy and all thetoolkit all of the things that are inour toolkit to Bear such that we areactuallyunderstanding the risks that we have andthe opportunity inherent in TheInnovation that’s coming from theecosystemthat’s great and Kirsten similarquestion to you you you sit in an agencythat has a tremendous amount ofAuthority for things you don’t actuallycontrolum and so I wonder if you could talk alittle bit about how uh you see thecurrent need for civil society for theprivate sector from your role at sizzaoverseeing critical infrastructure uhchallenges across the countryyes so that’s always great when you haveoversight over things that you don’tcontrol but I think it really leads inleads the three lines of effort Garrettand so the first is looking building offof what Camille said this industrygovernment collaboration operationalcollaboration for those of us that havebeen in this space for a long time youknow this public-private partnershipsort of was a term that lost its meaninga long time ago what we’ve been veryfocused on uh through different toolslike the joint cyber defensecollaborative and others is how do webring industry and government togetherto share data in real time which doesn’tmean that we have all of the points allof the the the facts together but we’regetting a better picture of the threatlandscape so that we can react quicklytogetherum you know as as many leaders in Cyprusa as we often say no one entity canaddress cyber challenges by itself thatcyber is a team sport that we must worktogether and so that industry governmentoperational collaboration is criticalthe second point is something that’slaid out in the strategy and and Camillereferenced it as well but it’s reallylooking at the secure by Design securedby default how do we ensure that theindustry that is building the softwarehas the responsibility to make sure thatthat software is secure and what are wedoing to build this in at the beginningand not something that’s built on laterand being able to look at securesecurity and Innovation as a partnershipas a compliment and that the term secureInnovation isn’t an oxymoron that we’vereally got to look at how we’re buildingout technology with security baked inand having it be seen as adifferentiator security while maybe notalways convenient should be really seenas something that’s more valuable sowhen you talk about the role of publicand cyber and Civil Society it’sindividuals and consumers seeingsecurity as something that they wantthat they prefer so that that starts towork with the market the third piece isreally looking at the workforce so wetend to think about cyber security astechnology which it certainly is andthinking of it as a sign science andmath discipline but if we can open theaperture so we really understand thatcyber security is interdisciplinary it’sabout problem solving Building Solutionsand that we need actually capabilitiesand aptitudes that go far beyond Mathand Science in order for us to beInnovative and to really get ahead ofwhere the technology is going then wehelp to build out this Civil Societybecause we can help everybody seethemselves in cyber and I know todaywe’ve got a great representation acrossGirl Scouts and others and thenonprofits that we work with it’s soimportant to help Talent across thecountry at Young ages in underservedcommunities in places that you typicallywouldn’t be able to attract cyber talentto go and help individuals andparticularly young people see themselvesin cyber security and we in governmentcan’t expect everybody to log on to USAjobs to find a job at ciso we have to goto where the talent is and the good newsis is that the talent is everywherewhere but when we’re looking at buildingout this civil society and cybersecurity we in government we in Industryreally have to do the work to get to itand to help build out thisinfrastructure but importantly build outthis communityyeahum and one final question for for bothof you here which we’ve talked about therole of government we’ve talked aboutthe role of the private sector andnon-profits let’s talk about the role ofindividuals you know the this idea ofcyber civil defenseum is modeled of course on the World WarII and Cold War efforts poster herebehind me uh from uh the Cold Warwhere really every individual everyfamily every block every building had acyber had a civil defense responsibilityin their Communityum I wonder if you Camille could startus off you knowthinking about this from the land of theWhite House from the land of the officeof the national cyber director what’sthe role that an individual can play inthisyeah even as we try to shift the burdenfrom small players to Big players therewill be residual risk and one of thethings that we are seeing is much likeyou need literacy and to know how to doarithmetic to be able to function insociety you are going to need somefoundational cyber skills and if youhave those the skills to navigatetechnology understand how to secure yourtechnology to make risk-based decisionsbased on what your privacy threshold isthings like that be able to understandhow to make choices about where youengage and what you engage in you’llhave a toolkit that will allow you toeffectively navigate the technologicallandscape that also empowers you to be ameaningful candidate to be a part of theCyber Workforce and in the broader sensenot just cyber security butunderstanding that it is amulti-disciplinary industry that allowsyou to use all of this skill sets thatexcite you that you have in your toolkitto be able to advance this challenginglandscape right every nurse is dealingwith technology every lawyer’s decisionshas an impact on our cyber risk calculusbut not just that you can also do thosethings do many of those things with alens towards cyber security and so froman individual perspective I would sayit’s twofold I want folks to feelempowered and to make decisions abouttheir digital safety much as they doabout their physical safety and to justbe intentional and make choices thatalign to their risk calculus but also toopen themselves up to how a career incyber could either augment what they’realready doing or be a next phase oftheir career or be something that theycan choose as a career pathand and Kirsten same question to youwe’re here today marking the one yearanniversary of the Cyber Civil DefenseInitiative it’s a little past theone-year anniversary of your Shields upprojectum and I wonder if you could talk aboutthe lessons that you have learned overthis last year about the role uh andwhat we should expect from individualsacross Society in thisbut I think again building off of whatCamille said I mean every individual hasa responsibility and so what we’rereally focused on at cisa is Raisingthat bar for cyber hygiene so thatindividuals do understand that and whatwas interesting about shields up whichwas a campaign that we launched inNovember uh with an understanding thatit was likely that Russia was going toinvade Ukraine was lowering the bar forreporting really highlighting the issuesthat you’ve just got to do the basics inyour company uh and while some of thosemight seem obvious I think for the mostpart A lot of it hadn’t been done and itgave cisos more power to really investin those those Basics but I’ll use yourquestion as an opportunity to reallyfocus on our education system andsomething that I know Craig’s donationsand philanthropy has focused on which iswhen we give a child an iPad to begin tolearn to read or understand math weshould also be teaching that child whatit means to be cyber secure what are thebasic cyber hygiene practices we have tolook at building this cult culture ofcyber security as early as we can justlike there’s the science around kids canlearn more languages when they’reyounger because of how their brain isformed and and being able to get it at ayounger age we need to be bringing cybersecurity into our education system at avery young age so that individualschildren are raised around it and soit’s not even a second thought it’s justpart of what they do and that will thenevolve our culture to be one that iscyber secure and that we can build outthis cyber Civil Society in an effectiveand impactful way Christian Todd chiefof staff at sizza Camille StewartGloster Deputy National cyber directorthank you both for joining us for thisgreat event todaythanks Garrettnow on to our next panelgreetings everyone I’m so happy to behere I’m Madeline dinono uh presidentand CEO of the Gina Davis Institute ongender and media and we have the honorand privilege of being supported byCraig Newmark uh philanthropies and uhthis subject matter is particularly nearand dear to our hearts so I’m going towelcome my esteemed group of colleaguesuh no particular orderum Tanisha Martin founder and executivedirector of black girls HACC hi nice tosee you again TanishaAlexis Eagleton of Girl Scouts ofGreater New Yorkgreat to see you Phil reitingerpresident and CEO of the global cyberAlliance hi Philand Megan stifle Chief strategy officerInstitute for security and technologyand you know in our previous discussionwe were talking about uh partnershipbetween civil society and government andmaking sure that from a civil societystandpoint the public is aware ofum the issues that also can engage interms of the pipeline in the workforceso my questions are a little bitdifferent and I want to go back to thetheme which is stronger together and uhissues that are near and dear to theheart of the Institute is particularlywhen it comes to diversity equity andinclusion and with you know childrenso I want to start first with Alexisum and also Tanisha because you know youare targeting girls and so from thatperspective can you talk a little bitabout your work within uh the uh uhcyber uh uh civil defense as a member ofof cyber civil defense in terms of thatlens that you’re using in terms of beinga part of the initiative and alsotalking aboutuh programs or initiatives that you’redoing uh and and I would love to startwith YouTube firstand you say would you like to startyou could take it away okay excellent umso Girl Scouts of Greater New York weserve the five boroughs um and GirlsScouts from within within the fiveboroughs and so we train about athousand girls a yearum in cyber security they earn badgework based on their ageum which is something that’s reallyexciting to us um we partnered recentlywith a group um called Hat Club for ourGirl Scouts to be able to come in andactually build the network and thenlearn how to both hack and defend itum I think Kirsten made a reallyinteresting point earlier which is thisidea of we need to teach young peoplewhile they’re young if these thingsbecome rote and have it uh then itbecomes part of their daily life and Ithink the other the other interestingpiece was to think about access andinclusionum these girls girl scouts may begrowing up in communities or growing upin homes where civil defense is notdiscussed it isn’t even thought of andso to be able to go to their Girl ScoutTroop or go to their specialized programuh within our offices or any of thevirtual programs we offer we’re allowingthem to see something that they may nothave known even existed and that’sreally important because that’s howwe’re going to get them that’s how we’regoing to continue to findum and in our our particular case findgirls who are interested in this as aprofession not just as a hobbythank youand I think for for us to black girlshack um we are open to all regardless ofrace and genderum and we are approaching it much in thesame way in terms of um trying to makesure that people are aware of careersinside of securityum as far as the workforce is concernedum and then also trying to get to youknow children especiallyunderrepresented groups within cybersecurity such as minority childrenum to let them know about careers incyber securityum sooner rather than laterum a lot of the the folks that wesupport at black girls hack are you knowadults who are looking to career changelooking to reskill upskillum but I I think that it’s alsoimportant much like the the Girl Scoutsthat we approach those who are youngerwho have not yet figured out you knowquote unquote what they want to be whenthey grow up um and I think that youknow things like being able to seeum women in the space especially withincareers such as hackingum is important because once you seethat it exists and you can aspire to bethat and I think that’s very importantwhen we’re moving forward and talkingabout you know how to best offendum our futureso I have a follow-up question for bothof youum building on that can you share withour audience a particular case historyor impact from one-year initiativesI think one of the things that’s reallyinteresting in the work that we do uhwith Craig newmark’s supportum is really not only focused on theGirl Scouts but also to focus on thetroop leaders we have 5 000 troopleaders here in New York City and so weoffer them stipends to go out andactually learn this cyber securityprogramming so that they can go on andteach it later and I think that that hasled us to not only have thousands ofGirl Scouts trained in civil defense whohadn’t thought about it before but alsoadults and it kind of gives a newappreciation for for the work and theimportance of the work so I think that’sbeen a reallyum wasn’t something that we naturallyLED with in the first year of theprogram but it’s something that’scertainly taken off in subsequent yearsum and I think for black girls hack oneof the things that we’re really um proudof um we help we’re able to host lastyear um girls hack Village which was aconference within Defcon a larger partof the theum hacker summer campum initiative and you know through thatwe were able to have you know I think itwas maybe 20 or so women that were ableto give talks about their experiencewithin cyber securityum and then you know their experiencewithin the education system as wellum and that was absolutely amazing forus because typically when you go tocyber security conferences you don’ttend to see women you don’t tend to seepeople of color that are operating inthose spaces so you know I think it wasvery important for us to be able torepresent you know what it looks likefor Women Within the hacker you knowmaker breaker space and I think theother thing that is very important to usis you know again educating the kids oneof our first donors for our kids programwas Craig Newmark so you know we wereable to you know reach out to kids totry to get them you know certified incyber security thing before you knowthey get to College before they even youknow have the opportunity to get intothe workforce so that they’re preparedthank you for that and so Megan and Philum going over to you kind of the samefirst question butum you know I actually pulled this fromthe IST website uh making more systemicissues of inequalityum or being confronted on a daily basisand I’d love to hear from you and Philalso aboutum how your work is uh addressing thatum also how are you thinking aboutdiversity Equity inclusion as you doum with your work uh within you know theinitiativeMegan you want to go aheadI’m gonna defer to you but no happy tohappy to take that first question Ithink um there’s a nice Synergy betweenour two organizations given the workthat GCA does on the toolkit so I’m surePhil we’ll talk aboutum we’re as I’ll get to in a few minutesuh trying to work across the ecosystemworking to leverage uh the capabilitiesof the most capable uh organizations outthere who can supportum themselves and others in bettersecuring our critical infrastructure andour personal user devices together withequipping um and all the way down toequipping small and medium-sizedEnterprises with recommendations to helpthem in particular better prepare andrespond to incidents of ransomware whichwe know is a problem that uh that isimmune to size of organization we nowsee some of the larger organizationsbeing targeted by ransomware but it canalso affect even the smallest and thatitselfum because of for a number of reasonssome of which have been discussed thisafternoon can can be particularlyproblematic for organizations andindividuals that fall below this what isoften referred to as the Cyber povertyline and so it’s essential we think toleverage these higher capable skillskills and organizations to bettersecure those who are not themselves asempowered may not have the resources tosecure themselvesum and so I will turn it over to Philjust to say that it’s as as has been thecase with the prior civil civil defensewe really need to think collectivelyabout this and so we’re trying to workacross that that ecosystemand just Phil before you jump in maybefor the two of you because I’m kind ofan outsiderum you mentionedum cyber uh security poverty line Ihadn’t heard that uh before what doesthat meanso I I can start with that if you likeuh it’s actually a term coined by Wendynatherum who was with Duro security and is nowthat’s been bought by Cisco but thenotion is and this is really sort of themotivating factor behind cyber civildefense if you will that you know cybersecurity is possible for the people thathave the resources and the expertiseum and that is actually a tiny tinyslice right it’s not like driving yourcar where everybody knows how to drive acar safelyum very few people know how to drive acomputer safely and even if they do theymay not have the resources to do itproperly right and so the notion is thatthe people who can do that are above thecyber security poverty line and thosewho are not able to do that are belowthat and that it’s it’s not at 30percent or 20 percent of even the U.Spopulation it’s about 95 or 96 or 97 sobut Craig’s cyber civil defense is allabout really is a whole of societyeffort is Garrett and Camille andKirsten talked before making sure thateveryone is enabled to do the thingsthat they need to do to protectthemselvesand so something both you know Megan’sorganization IST in mind the globalcyber Alliance do is working towardsthat our particular play is aroundmaking sure that everybody has access tothe tools and services to do the basicsand the expertise the knowledge to dothe basics sort of like you know how todrive your car safely you know how tobreak right so you know how to buckleyour seatbelt well the cool thing aboutthe internet is you can get sometimesthat seat belt with you know with thecar or externally and so what we doamong other things and Megan mentionedthis is provide a set of free cybersecurity toolkits for a bunch ofdifferent audiences that are designed tomake it possible for anybody around theworld to be able to do what is oftencalled basic cyber hygiene usingmultiple Factor authentication keepingyour software up up to date those kindsof things and I’m happy to to talk abouta particular case that we did inIndonesia to bring some of thecommunities left behind in the space butI don’t want to go on too long so that’sreally the idea though that everybodyhas the means to do what they need to doto be protected and absorb it frompeople that look like them you knowget a fully diverse environment inputting those tools forward so it’s notjust you know white men over 50 in theUnited States who can protect themselvesbut anybody around the worldthank you for thatMegan over to yousure well I think so Phil talked alittle bit about the Cyber poverty linewhat I can do now is just to highlightsome of the work that we’ve beenum with Craig’s to run to support ableto accomplish and thinking about againstBanning the ecosystem and just to sayyou know we’re delighted to be herealongside our peers and highlighting howparticipation in the Civil cyber civildefense has helped us work to improveour nation’s cyber securityphilanthropies that supported ourorganization in competing the ransomwaretask force which was an effort welaunched in early 2021 to helporganizations including governments butalso large and smaller organizationsBetter prepare for and respond toransomware incidents while alsosupporting public policy makers anddeterring and disrupting the ransomwarethreatwe umwith the essential support of CraigDeMark philanthropies we’ve been runningseven lines of effort for some mightcall them many projects in order tosupport implementation of therecommendations of the task force andwe’ll be talking a little bit more aboutthese efforts on an event on May 5thwhich is currently open for registrationand would encourage folks to join we’vebeen successful in making progress in 90seconds 90 of those recommendationsum and I’ll just touch quickly on on acouple of those one is that theransomware task force which was amulti-stakeholder meaning governmentCivil Society nonprofits uh and Industrystakeholders from the biggest to thesmallest uh put forward a set ofrecommendations that included amongother thingsum asking the government to makeavailable resources through both largeand small Enterprises to better protectthemselves and actually uh PresidentBiden signed the bipartisaninfrastructure Bill uh over about a yearand a half ago that included anallocated over a billion dollars to helpmodernize and better secure sorry forthe noise systemsone of the ones that I think is mostrelevant for this audience though thatwe’ve been supporting it together andpartnering with the global cyberAlliance and other civil society andIndustry Partners is an effort toimprove cyber hygiene so last yeartogether with the center for InternetSecurity uh Global silence and others wepublished something called the blueprintfor ransomware defense it’s aConsolidated list of cyber securityactions known to reduce ransomware by upto seven over seventy percent and we’vebeen working to raise awareness throughthings like webinars which have beenrecorded and are available on ourwebsite and next we’ll be looking topartner with an organization to supporttraining against the set ofrecommendations that we know have beeneffective and luckily for us we have apartner in the global cyber Alliancewhich has incorporated therecommendations into its toolkits thatPhilip mentioned the last one I’llquickly touch on is um working toimprove public pirate collaboration issomething that Kirsten mentionedum this effort from our for our work onit also finds its roots in theransomware task forceum while we and others in Industry workto boost users defenses as Camillementioned we know for the first theforeseeable future malicious actors willcontinue to leverage hardware andsoftware vulnerabilities to prey onorganizations both large and small inorder to make a profit and we know thatdisrupting these actors ability to makeprofit is one way to reduce harmso over the past year again with thesupport of pregnant philanthropies we’vebeen engaging relevant parts of ourgovernment in like-minded stakeholdersto share with them the expertise withthem the expertise resident within theprivate sector and highlight how closetheir collaboration operationalcollaboration between public and privatePartners can limit these Bad actorsability to keep hiring us we wereparticularly honored to support thedevelopment of the national cybersecurity strategy and pleased to see insection two the objectives to enhancepublic-private collaborationto disrupt adversaries and to defeatransomware which were core elements ofour engagement in the strategy as thestrategy develops for us engaging ourpeers and partners in government anddialogue about the challenge ofransomware has led to progress andCraig’s support has been critical in ourefforts to do soso to sum it up uh the Cyber civildefense cyber civil defense bannedindividuals to experts in the old timeswith Craig’s Jenner’s support we’ve beenworking to empower the smallestorganizations and leverage thecapabilities of the biggest to improvesecurity for all so thank you Craig andour peersso before we go to our next round ofquestions again being The Outsiderumeffectively and maybe this is a note forCraig uh with all the grantees you knowAs a caretaker as an educator as apersonum knowing that we want all of thisinformation to be accessibleuh in terms of availability andaccessible can I understand what youjust said is there some sort ofuhvocabulary or you know how to becomesmarter what you need to know as aparent or something somewherehosted by somebody that anybody you knowwho did a Google search that said uh youknow I want to know more about cybercivil defense or how to safeguard myfamily or myself does that existsomewhere I’m just curiousum and and um I I open that up also forTanisha and Alexis to answer because Idon’t know that there’s a place that Ican go so I understand what you know uhcyber civil you knowpoverty means or all these terms andthingsum ransomware I don’t even know whatthat meansum that like somebody like me who who’soutside the industry can educate myselfor at least understand kind of whatthese terms are does that exist anywhereso I’ll start Madeline um it actuallyexists in lots of places right and thereare lots of resources that could helpyou like another grantee not here isconsumer reports and Consumer Reports ifyou go to their site you’ll see a thingcalled security planner that will helpyou through doing some basic hygiene forour stuff the global cyber Alliance ifyou just write this down go to GCAtoolkit.org and you’ll see five freecyber security toolkits one of ones forsmall businesses one is for individualsand it’s designed to lead you step bystep with the training embedded there todo the things that you need to do to dothe basics like how do you enabletwo-factor authentication what’s thetool that lets you do that so that’s aresource that’s available and of the thefive toolkits I mentioned I’m Craigspecifically funded the development ofthree of them so that’s the kind of worktypically that goes into cyber civildefense I will tell you for you youprobably really want the individuals tolook at Craig helped sponsor that if youhave any problems just send me an emailand we’ll improve the toolkit so it’sbetter for peopleum like you but cisa has resources aswellum uh the the key Point I’ve I’d like tomake here is all the people doing thishave got to have one goal in mind whichis we’ve got to treat people we’ve gotto meet people where they are and expectyou to basically be able to devote thelevel of resources to cyber securitythat you do to driving your car safelyright so that’s how we try to approachit that’s how organizations I know likeIST approach it when they’re workingwith end users that’s how Kirsten Todd’sorganizationum the Cyber resource ReadinessInstitute before she went into DHSapproaches it how do we meet peoplewhere they are and I think that’s whatblack girls hack do and what the GirlScouts of New York do too it’s alltrying to get people because you knowthere’s too much mythology built aroundcyber security the basics really are thebasicsMegan Tanisha Alexis same thought to youin terms of and if and if people canpost uh these things either in the chator in the Q a where anybody listeningcan just quickly copy those links thatwould be great butum anything you want to add to thatI would just reiterate what what Philsaid there are a number of greatresources out there and I think what’swhat’s tremendous about this is thatthat’s also too uh you know they canmeet organizations and users where theyare both so the blueprint that Imentioned as well as the GCA toolkitsare available in multiple languagesum ours is in Spanish and soon to be inPortuguese uh TCA has that and a fewothers and so it’s it’sum I think no longer the case where wedon’t know what to do it’s reallygetting to the use of help them do whatwe need to do and that’s where Craig’sNew Mart philanthropies has been soinstrumental in in equipping us andhelping us scale to reach all of theuserswell this stuff tells with my um finalquestion and we’ve talked a lot aboutlike you know bless Craig for fundingthis Initiative for bringing everyonetogether and I know and he’ll probablytalk about this he loves when hisgrantees work together so can you talkabout how you are partnering Phil youhad mentioned another partner how areyou partnering with your other uh fellowgrantees under the initiativeand I’ll anybody can jump in and starton that oneum up I can start um I think wementioned earlier that we adjusted athackathon with hack Clubum I had 100 young people come into ouroffices and build that Network and learnhow to defend it um we’re alsopartnering with Wikimedia and our GirlScouts are learning all about what ittakes to build and maintain uh WikipediaPages we’re going to have a big eventwhere they’re all going to come togetherandum at credit’s wonderful suggestionwhich we hadn’t thought of um but it wasgreat was this idea of not only focusingon people that they admire but focusingon prominent former Girl Scout alums andmaking sure that we’re sharing thatinformation about all the things thatthey’ve achieved in their careers thatmay not have been expected and that’scoming up in Junewell uh I’ll go nextum so yeahas we’ve all been talking about rightthis is really a community effort itreally takes you know it takes more thana village for cyber security it takes aglobal community and that’s one of thethings that Craig has drivenum one of the things I would just liketo quickly point out is you know there’sa lot of behind the scenes collaborationthat people don’t know about so you knowthere’s a mailing list that all ofCraig’s grantees and a bunch of otherpeople share information onum and it’s amazing the things that havecome out of that I’ve gotten moreinvolved and share the mic in cyberwhich is a wonderful organization wepartner with and my daughter actuallywas worked at girl security so you knowgirl security is another really awesomeorganization getting younger girlsinvolved in cyber security so there’s areal opportunity there our big area ofwork right now around networks is youknow I said we all need tools andservices right we need the capabilitiesalong with the education that we can useto secure ourselves so we’re leading aneffort to sort of take a look look atwhat are all the tools and services thatare out there and do they meet the needsof all individuals like all entities youknow individuals in the UK smallbusinesses in Angola you know there’s awhole collection and do we have thetools and services that are necessaryand many grantees and people who are notyet grantees are involved in thatum the Cyber peace Instituteum the uh first The Forum of incidentresponse and security teams uh ConsumerReports The Institute for security andtechnology so there’s a whole collectionof people that say yeah we need to cometogether and work on this and it plugsin really wellum in terms of developing tools andservices to the work that IST hasactually LED on the ransomwareinitiative I did want to put out youknow I expect there’s going to be arequest for calls to action you knowwe’re looking to get even more and morepeople involved and I saw one questionin the chat how can I get involved ifyou send an email to CCD they go forcyber civil defense atglobalcyberreliance.org we can tell youabout the work that’s going on arounddeveloping mapping and developing andGAP filling tools and services for thewhole community and we can get youinvolved in that so just send an emailand if there are non-profits out thereum think about joining non-profit cyberwhich is a community organization that’sfocused on bringing together thoseentities that work on implementation ofcyber security and both um Tanisha andblack girls hack and Megan and IST aremembers of nonprofit cyber as wellany comments Tanisha Alexiswell I think we have time for somequestions so I’m gonna open it up and Ithink one of our colleagues May pop onwith some questionsabsolutely so one question that justcame in uh is there something you’d liketo see government do to help invest in afuture generation of cyber leaders uhthis was by Anonymous it can be foranybodyso I’ll take a crack at thatum I I think that I’ve seen this recentAdministration doing a great job offocusing on careers within cybersecurity and reaching out to diversegroups to you know open up you know tosome non-traditional means of seekingpeople for those but you know I I’d liketo see some further workum as far as you know making the the jobrequisitions you know more reflective ofwhat is needed to be able to perform inthese um in the positions um a lot oftimes and it’s not just the governmentsector that does this the public sectordoes it as welluma lot of times the jobs are notrealistic and they’re you know lookingfor people for example who have like acisp cissp which requires five years ofexperience for entry level positionsrightum we have I think it’s something likemillions of jobs within the UnitedStates that are open in the cybersecurity realm and we want to you knowwork towards getting people involved inthose careersum but we need them to you know be morereflective of what’s actually being donefor those positions and not just like aa unicorn wish list which a lot of Ithink organizations focus inI’ll just I’ll I’ll stop what Tanishajust said and just add there aregovernment programs to get peopleinvolved in cyber security but you knowas is generally the case with publicinterest cyber security I like to talkabout public interest cyber securitybecause there’s a big public interestaround it the level of under investmentis massive so you know talking you lookat the need that we’ve got you knowthere are essentially noum open or or uh there are no people whohave cyber security expertise who arelooking for jobs they all get hired weneed to have a bigger pipeline we needto get more people involved so it’s timefor the government to stop talking interms of Millions for Workforceinvestment and start talking in terms ofbillions and you know I you know I Iknow that sounds ridiculous but itreally is not you know the FBI has saidfor years that right up there withterrorism cyber security is our biggestissue then we ought to invest in thatand Congress ought to invest in that andother governments ought to invest inthat you know it’s not until we getpeople who really look likethe country and look like the worldinvolved in cyber security that we’rereally going to start to solve theproblemsyeah any questionsdrawers so this is especially for thosewho work with younger folks what’s thereaction you get from young kids whenyou’re explaining cyber security themyou know these are people who grew upwith digital as digital natives but dothey understand the security needimmediately and is there a special wayyou communicate with themI I don’t think so um I think that kidsyou know as young as like you knowToddlers and babies are being handeddevices whether that be like a tablet towatch TV or you know YouTube or a phoneum and you know as they grow up withthose devices something that we didn’thave you know my generation didn’t havethe ability to do they’re not taughtlike the security considerations thatthey need to consider right you know sowhen they’re talking to people forexample on these video games if theyhave chat features you know they youknow don’t necessarily know not toum you know for example share theirinformation you know we’re teaching themtheir phone numbers we’re teaching themtheir names and you know they may sharethat information online thinking thatthese are their friends right you knowwhen I grew up we had Concepts likestranger danger right but a lot ofpeople feel like when they’re growing upand especially when they’re playinggames especially if they’re with thesame people day after date they’re notnecessarily taught like how to protectthemselves online so I think that asearly as we’re handingum children these devices and youngpeople these devices we also need to behaving conversations about you know whattypes of information they will besharing and you know like even if youthink that they’re your friend you knowon the game you know how you shouldprotect things like your address andyour real name or your birthday and youknow your family members and things ofthat nature right just so that we cantry to keep Kids Safeit’s so funny that you said strangerdanger Tanisha because that’s all Icould think was like stranger dangerdoes not translate IRL to online itreally just doesn’tum and so oftentimesum it’s a new thing to be concernedabout in a time period where kids are ontheir devices all the time whether it’sfor remote school or hybrid or whateverit happens to be in addition to all thethings that they do online afterwardsthe conversation needs to be had I thinkone of the things that Phil hadmentioned earlier was you know this ideaof of investing in teaching them thesethings now um 70 of our Girl Scouts comefrom low or moderate income communitiesum they may not have devices if theyweren’t provided by the school districtand I would argue that the the doe hasan obligation to make sure that theyknow how to use those safely and theninvestment certainly from the governmentand that would be would be huge in termsof Educationumyou know I think it’s about approachingyoung people where they are and that’sone of the kind of like the recurringthemes that we see todayum we have bad work that starts at agefiveum obviously that looks very differentthan maybe a girl scout who’s in highschool um but starting thoseconversations at the appropriate agelevelum and continuing them on through everyage level has been a way for us to besuccessful in impressing the importanceof this and then also making sure thatyou know these Girl Scouts understandthat this is a career opportunitythese are not girls girl scouts who arecoming from families that have this typeof background and so we do a lot ofcareer panels and virtual panels andPhil’s daughter did one for us tooum really talking about how to make thisa career opportunity for yourselfum and that showing that pathway forwardis really important toohere’s a phrase that some of us like tosay which is that if you can’t protectit don’t connect it and I think we oftenthink of that as in terms of devices butit’s for humans too one of the ways thatwe can do that which a number of folkshere have been advocating for is that wehave more secure devices in themarketplace in the first place but itwill be a while so we really need towork on and I think we’ve hopefullyshared some tools today that thatindividuals can use to help betterprotect themselves I think about it intalking with my young children I do talkto them a bit aboutum a stranger danger and and I think youknowto answer the questions post a littlebit earlier about what can thegovernment do I still see that there’s atremendous Gap in age-appropriatesecurity training and modeling of coursefor kids you know we can teach kids tobuckle their seatbelts and recycle wecan certainly teach them about strangerdanger and things like not sharingpasswordsum I just noticed that for youngerchildren it’s a it’s a code instead of along passwordum and thinking about you know notsharing their any number is reallyonline whether it’s your phone numberyour parent you know your address youryour secure passcode so that’s where Iwould um love to see some progress andand know that we can make a differencethanks to Craig supportI was just going to say that is a greathashtag if you can’t protect it don’tconnect it or I’d love to see that as ahashtag I think that’s a great way foreveryone to promote uh you know whatthey’re doing and I’m sorry Tanisha Iinterrupted you I was just going to sayum that um if you’re an educatorum cyber.org has a lot of great contentfor folks that are relatively youngum and it’s very age-appropriate as faras like how to teach Concepts withincyber securityum we’ve partnered with them for ourkids program but I think that you knowthere are a lot of differentorganizations that like cyber.org whichI think is funded by through thegovernmentum that are trying to makeage-appropriate content to help teachpeople you know not just about careersin cyber security but how to stay safeand what it looks likeum you know some of these largerConcepts you know from the perspectiveof someone who’s not a spotwell I think we are at time forquestions so without further Ado I wouldlove to welcome our dear friend andcolleagueum and the reason why all of thiswonderful work is happening pleasewelcome founder and Main thought leaderof the Cyber Civil Defense InitiativeCraig Newmark take it away Craighey folks my deal is uh is about I wantto help and protect the people who helpand protect our countryI work with a lot of vets and theirfamilies they tell me that’s the fight Ishould be focused onthey tell me that in practice I enlistedlike five years ago I’m now 70 I kind offeel like I’m living on borrowed timeI got all this from my parents they grewup during World War II everyone wasexpected to play a role everyone wasexpected to pitch in and helpwhen I was a kid I was I guess a Duckand Cover guy in school I did the wholecivil defense thing to the extent whereGarrett Graf bought me this hat you seethe poster there illustrating that Ireally have no dignity whatsoevernow we take the Cyber civil or the civildefense conceptit’s cyber civil defense because in thiswar everyone is at risk we’re all beingattackedbut it’s important for a guy like mewho talks like he grew up in New Jerseybecause I did I got to put my moneywhere my mouth isa year ago I pledged 50 million tocreate this cyber civil defense thingfor regular people to be able to protectthemselves that includes education tooldevelopment Workforce Development andthat should be available to everyonethat’s the really important deal thereit should be inclusive so that everyonegets a fair Shakein the years since it has actually growninto a thing it’s a community ofnon-profits and Civil Society groupsworking together to a shared goal ofsecuring our stuffa couple months ago I decided 50 millionwasn’t enough I really really had to putmy money where my mouth is like a goodnew jerseyan and I increase thatcommitment to a hundred million dollarsbut also I want to remind people thatthere’s a lot of opportunities in cyberso I’m trying to help people grow andseriously Empower a Workforce of peopleand who can do cyber work both Technicaland non-technical stuffwe always do need to remember that wewant to treat people like we want to betreated and that means making all thistraining and opportunity available foreveryoneso this is I guess Unapologetic on mypart this is all about diversity andinclusionwe do need help from the governmentpeople like the office of the nationalcyber director and the cyber securityand infrastructure Support Agencyyou know we are helping them we arefollowing their lead and to do thingsthat are rightobviously they help protect the countrybut we’re also still again talking aboutgetting people jobs in cyber securityand that’s a big part of that they’recommitted to it we’re committed to itthey remind me that there are groupsnon-profits who are part of the fight inways that are not well understood Isupport a group called Shadow server andpeople fighting cyber crime uh peoplefighting our foreign adversaries tell methey need groups like saddle serverwhich are really good at finding badstuff on the net and stopping it forexample they fight ransomware gangs bytaking over their servers and they fightransomware gangs by interfering withtheir payment processesbut we need helpand this is my little call to action notonly to everyone who could be involvedbut we need additional investments fromindustry from nonprofits from non-uhfrom Academia and philanthropy basicallywhat I’m saying is it’s time for otherRich guys to Pony up some dough alsoalert a thing I learned to say in NewJerseyin close I just want to thank everyoneand all the organizations for being partof cyber civil defense this is allimportant to the success of cyber civildefense to the success of our nation andthe safety of our nationbut like the Batman saysI don’t think I’m the nerd you want butI’m the nerd you got and it’s over to uhGarrett nowwho may be in order tothank you Craig and thank you to all ofour participants and our uh grantees andpartners in cyber civil defense here uhand thank you all for watching out thereon the internet have a great day
Each of us has the ability to improve our own cybersecurity, protect our own data and privacy, and by extension our national and economic security. craig newmark philanthropies and Aspen Digital will highlight the one-year anniversary of Craig Newmark’s launch of the Cyber Civil Defense (CCD) initiative, a broad coalition of organizations dedicated to educating and protecting Americans amid escalating cybersecurity threats. We’ll hear innovative program launches and discuss the future of cybersecurity and CCD.
Speakers
Madeline Di Nonno, CEO & President, Geena Davis Institute
Tennisha Martin, Founder and Executive Director, Black Girls Hack
Meridith Maskara, CEO, Girl Scouts of Greater New York
Phil Reitinger, President and CEO, Global Cyber Alliance Camille Stewart Gloster, Deputy National Cyber Director, Office of the National Cyber Director, The White House
Megan Stifel, Chief Strategy Officer, Institute for Security and Technology
Nicole Tisdale, Senior Advisor for Cyber Workforce and Education, Aspen Digital, The Aspen Institute
Kiersten Todt, Chief of Staff, Cybersecurity and Infrastructure Security Agency
Introduction by Vivian Schiller, Executive Director, Aspen Digital
{"includes":[{"object":"taxonomy","value":"134"}],"excludes":[{"object":"page","value":"200813"},{"object":"type","value":"callout"},{"object":"type","value":"form"},{"object":"type","value":"page"},{"object":"type","value":"article"},{"object":"type","value":"company"},{"object":"type","value":"person"},{"object":"type","value":"press"},{"object":"type","value":"report"},{"object":"type","value":"workstream"}],"order":[],"meta":"","rules":[],"property":"","details":["title"],"title":"Browse More Events","description":"","columns":2,"total":4,"filters":[],"filtering":[],"abilities":[],"action":"swipe","buttons":[],"pagination":[],"search":"","className":"random","sorts":[]}
Facebook
Twitter
LinkedIn
Email
