The NSA’s research chief on emerging tech including ‘beyond … – The Record by Recorded Future

admin on May 8, 2023 Leave a Comment

NASHVILLE Gilbert Herrera was accustomed to never seeing the fruits of his labor.

After spending almost 40 years at Sandia National Laboratories, Herrera was appointed in 2021 as the head of the National Security Agencys Research Directorate, the largest research and development organization in the U.S. clandestine community.

One of the reasons why I decided to come to NSA is because I spent a career engaged in research and technology deployment in a field that you hope your research would never be tested, Herrera told The Record on Thursday during the Vanderbilt University Summit on Modern Conflict and Emerging Threats. Sandia, based in Albuquerque, New Mexico, is one of the federal governments most important nuclear science laboratories.

But at NSA, research eventually makes its way into mission, helping anyone ranging from lower-level agency analysts all the way to policymakers who seek better information.

The Record sat down with Herrera before his appearance at the summit to discuss the directorate, how it works to be relevant and the outlook for some of todays top emerging technologies. This transcript has been edited for length and clarity.

The Record: What is the job of the Research Directorate?

Gilbert Herrera: The role of the Research Directorate is really twofold.

One is, it needs to be the eyes and ears of the agency in terms of what's happening in research, in academia and in industry; to kind of have this outward-facing look. That's why we have a number of facilities that are unclassified, like universities and whatnot.

The other is to help prevent technology surprise on the inside. We help advise the agency, make sure we're prepared for that. And part of that is developing tools and techniques that help in a mission.

TR: How does the directorate stay operationally relevant? Do you keep an ear out for whats happening in the private sector or academia? Are you tinkering in a lab? Are you receiving orders from leadership to explore certain technologies?

GH: We have a lot of people who are outward-facing, but we also have people who are inward-facing and people that do both.

So having people go forward to work with the mission customers, so they could better understand what their needs are, so they could feel the pain. That helps inform the research. It's this virtuous cycle of gaining an understanding of the mission needs; understanding in part through practice and in part through observation of what the best opportunities are in the research regime. Then conducting tailored and focused research so you can create tools that will make the life of the analyst easier is really what an effective research organization and a mission organization does.

It's that virtuous cycle of understanding, awareness, creation and deployment.

TR: What's changed at the directorate under your tenure and where do you want to put emphasis?

GH: It's easy to get caught up in the moment of wanting to solve today's problem, but what I'm trying to do is make sure we have an adequate balance of today, tomorrow, and then the future transformational problems.

Because we need to do all three. An example of the today is, we actually have an email distribution list where if an analyst has a scientific question that they need answered, then it goes to this [distribution list] of a bunch of scientists called Scientist on Call and then they can answer it. That's an important thing for us to do. That's probably not research.

When the [Ukraine] war broke out, there were a number of things we did where we deployed researchers in order to help in the prompt.

The other is that as I came in, it was right around the time of changing focus away from looking at the war on terror. We also had China and Russia and Iran and others as priorities and more focusing on the realities of today. Our mission pivoted at the time that I came in, and so I'm working with my leadership team to make sure that we're following that pivot.

TR: Lets talk about some emerging technologies. Artificial intelligence. What excites you about it? What concerns you?

GH: What excites me is that it's developing at a level much faster than I ever expected. I've been involved in AI for a while and I never thought it could actually help research, per se.

But I'm beginning to change my mind on that.

I'm beginning to believe now that AI might be able to actually support science. What it's done relative to writing is beyond belief. These models are so big. I see that there's a lot more near-term opportunity.

Now from a threat perspective the most immediate one is that AI can now help the infamous Nigerian prince and other phishers to make more credible English-sounding attacks.

But it's much more than that in terms of potential for reverse engineering.

Right now, the big companies have said that they have put protections on it. You can't tell DALL-E to make child pornography or write stuff like that, but innovative people can find loops around that. The LLaMA model that Facebook had done has gotten into the outside world and people are already modifying that.

Bad actors will pursue ways to get around it and do bad things like child porn, like finding zero-day vulnerabilities and all these other terrible things.

The challenge we have with AI is similar to the challenge we had in 1968 when the protocols were developed for TCP IP. If you develop these technologies without envisioning how you integrate security into them, then that's a problem. I don't know how well we've done with AI. I don't have an opinion at this point.

TR: Lightning round time. Your take on quantum computing, encryption and a non-obvious threat we should be talking about today?

GH: Let me do the reverse order.

What are the energy ramifications of AI? These models take massive amounts of energy to train and to update [and utilize]. AI is going to help revolutionize things but at what energy cost? I don't think weve fully thought through the ramifications. It could be that in the final analysis, we save energy through AI, but I'm not sure that's obvious.

Now, relative to quantum, you really said two questions in one. The first one relative to the encryption part. NSM-10 came out. People need to take it seriously. There's guidance in moving to quantum-resistant encryption. NIST has published a bunch of standards. Something the government rarely does in my reading, they published some standards a year early, and more will come out this summer.

Now, back to computing. I've been involved in quantum computing since 2006. I am on the National Quantum Initiative Advisory Committee, and, over time, my optimism has diminished. I still am a believer in quantum computing. We'll get there someday, but it's a really tough problem.

We need the best minds working on it. The Laboratory for Physical Sciences, which is the physical science research arm of my organization, is funding academics all over the world in pursuit of dealing with the underlying problems for quantum computing because there are still a lot of unanswered questions.

What I hope we can do in quantum computing space is get through the quantum winter, because a winter is coming.

Remember, AI was coined in 1956. Then it ran into the reality of the compute they had. Then there was another revolution in the early 80s when the microprocessor came out and they realized you had neither enough information or compute power. The next one came towards the end of the 90s with the dawn of the internet, but the infrastructure wasn't there. We're finally successful now where we have sufficient compute power and information and new technologies like the GPU, so we can train models. There were, in my counting, three winters before we got to the final goal.

What I tell people is my own personal estimate is somewhere between and I stole this from somebody else 10 years and never.

Martin Matishak is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.

See the original post:
The NSA's research chief on emerging tech including 'beyond ... - The Record by Recorded Future

Related Posts
Posted in Encryption

Comments are closed.