Dr. Stacey Dixon took over as Director of the Intelligence Advanced Research Projects Activity (IARPA) in September of last year. Her specific task is to advance innovative research programs that will help the Government gain an advantage in the overall intelligence mission. No small task.
Dr. Dixon is also a featured speaker at The Cipher Brief’s 2019 Threat Conference and we spoke with her in a pre-conference brief, about the challenges of leading the way toward investment in high-risk/high-payoff research programs.
The programs IARPA is particularly interested in, she told us, are ones that better position the U.S. to have an “overwhelming intelligence advantage over future adversaries.” That’s a tall order in today’s fast-moving tech environment and it requires having IARPA’s research finger on the pulse of everything from AI to 5G.
One of the best things about IARPA, also poses one of its biggest challenges, as it is heavily-reliant on private sector research and partnerships, a topic that is both controversial and challenging in today’s environment. We asked Dr. Dixon to talk to us about a few of the points she’ll be addressing at the conference, about exactly what the government is most interested in and what needs to happen to make it work.
BRIEFING POINT: Priority Programs (That We Can Talk About)
Probably the newest work that I can talk about, deals with two AI (artificial intelligence) security programs and the reason we're investing in these areas is because there are vulnerabilities within AI that we didn't see others in the community investing in, and because we know that we're going to be dependent as a world, really, on a lot of these algorithms. The issue is that there is a possibility that Trojans can be embedded in AI data and that could mean that the technology could someday do something other than what you wanted it to do.
So to the challenges, at IARPA, we're actually building off of an algorithm that had a data set that we didn't own, for example. So, we need to be able to know whether these trojans are in there before they cause some harm along the way. So, AI security, from that perspective, is one thing that we don't see enough people thinking about and we’d like to see more people thinking about it so we're taking the bold step of funding some researchers to actually do that.
BRIEFING POINT: Maintaining the Advantage
Partnerships with industry and academia are critical, to include foreign government and private sector partnerships, those guided by civil liberties and privacy protections and those that include creative consideration of how new technology can be applied. Just because something is created for one thing, doesn't mean that it wouldn't possibly be used for something else and we need to be prepared for any situation.
The importance of the data, especially for machine-learning and deep-learning algorithms, is a big deal for training and for testing. We have to make sure we’re not wasting money on things that don’t work. There are a lot of organizations that sell capability based on anecdotes or retrospectives. Historically, I can tell you that my product would have predicted the Arab Spring, for example. I want to get people to start thinking about better ways to assess whether the capabilities really work before they spend the money on them and so it's a reprieve for better scientifically-driven tests and evaluations and more emphasis on common data sets that actually allow us to compare apples to apples.
BRIEFING POINT: Private Companies Need to Develop a New Risk Calculus
This gets back to the Google Project Maven issue, and helping people see that voluntarily working with the government is not evil. It does not make you a bad person. Protecting one's company or industry at the expense of everything else is counterproductive because everything's so networked these days that if they get into one system, it's more than likely they'll get into yours as well.
Hiding your vulnerability to protect your reputation will eventually hurt your reputation because as we've seen, there are still breaches, and by not being open about what the challenges are, you can't fix them and by not letting others in the industry know that you're being attacked in this way means that you really are isolating yourself and not taking advantage of the best resources that collectively could be applied to the problem.
I have a couple of examples of places where we've tried to get data and we haven’t been able to, which means that basically we can't run a program, or the program has to end early and isn’t able to deliver an ultimate capability.
Of course, we asked for the data to be provided voluntarily and assured that it would be held by a third-party, but we could not get through the leadership and the legal teams. This is my assessment, I don't think they came out and said this, but literally the data to them was too sensitive to share and I think they figured that the risk of their vulnerabilities being known was a greater risk than the risk of attacks that were inevitably going to come.
So, let's have a conversation and figure out how we take advantage of the data that the private sector has lots of, that shows who's trying to attack them and how they're trying to attack them, while considering that we can help provide tools to better protect them.
BRIEFING POINT: Investing in a more secure environment for everyone
The government is not the biggest investor in many of these emerging technology spaces and what is able to be commercialized and how startups get their funding may not be moving in the direction of what the nation needs for its own security. So how do we balance that? How do we insure that we aren't losing access to all of these really creative, innovative startups because they're focused on survival and survival comes when you get investment and investment is coming from venture capitalists, more so than the government, for these types of organizations. So, how do we figure out how to still have a voice in the room that says, “Okay, that's great commercially but we could also leverage this for national security even if we don't have the deep wallets that everyone else has?”
Engage with experts like Dr. Dixon at The Cipher Brief’s 2019 Threat Conference March 24-26th. There are a few seats remaining. Request yours today.
