Majority Statement

• Chairman John Thune
  Read statement

  Majority Statement

  Chairman John Thune

  Good morning.  As Chairman, I have made it a priority for this Committee to focus on emerging technologies.  We have held some of the first hearings in Congress on artificial intelligence, self-driving vehicles, the internet of things, and augmented reality.  Today we will continue this practice, but this time we will be focusing on the potential benefits, and sometimes risks, that certain emerging technologies have on cybersecurity.

  As my fellow Committee members know well, cybersecurity is a topic that comes up at almost every hearing we hold.  The cutting edge technologies we are exploring today are fundamentally transforming how people and businesses connect, as well as the creation and transmission of information.  Emerging technologies such as artificial intelligence, blockchain, and quantum computing, as well as the flourishing internet of things, offer innovative approaches for combating future cyber threats, but also present new risks.  As threats continually evolve, flexible and innovative approaches will be required to protect businesses, critical infrastructure, and individual citizens. 

  This hearing will explore the enormous potential of these fields to revolutionize the cybersecurity arena and grow our economy.  For example, by 2020, the estimated number of connected devices making up the internet of things may exceed 50 billion.  Furthermore, a World Economic Forum report predicts that 10 percent of global gross domestic product will be stored on blockchain technology by 2027.  Artificial intelligence, or AI, will increasingly allow computers to mimic cognitive functions associated with humans.  And, as described in a recent cover story in The Economist, quantum computing’s “untapped potential” will be capable of handling complex problems that today’s computers cannot solve.

  Even with all of their promise, these technologies also have the potential to create new security risks.  For example, nefarious hackers can use AI to identify cyber vulnerabilities and victims faster.   Future quantum computers could break our current encryption standards with ease. 

  Federal agencies under the Committee’s jurisdiction, such as the Department of Commerce, the National Science Foundation (NSF), the White House Office of Science and Technology Policy, and NASA, in partnership with academia and industry, are focused on research and the development of standards to ensure the U.S. remains the leader in these fields.  Our Committee has been supportive of prioritizing such work due its national and economic security benefits.

  The recently-enacted, bipartisan American Innovation and Competitiveness Act, sponsored by Senators Gardner, Peters, Nelson and myself, charged our science agencies to research future cybersecurity needs.  In particular, the law directed the Commerce Department’s National Institute of Standards and Technology (NIST) to work with stakeholders to identify cryptography standards that future computers will not be able to break, and directed NSF to focus research on cybersecurity and human-computer interactions.   In addition, the bipartisan Cybersecurity Enhancement Act of 2014, which I cosponsored with then-Chairman Rockefeller, included important provisions for cybersecurity research, workforce development, and standards.  It authorized NIST’s continued efforts to develop the voluntary Framework for Critical Infrastructure Cybersecurity and the National Initiative on Cybersecurity Education (NICE), as well as the NSF’s successful Cybercorps scholarship program.  In fact, Dakota State University, which is located in my home state of South Dakota, is an active participant in this program.

  Our nation faces an array of evolving cyber threats to our personal data, access to online services, and critical infrastructure.  To be clear, cybersecurity is not solely a technology issue.  Also, while there is no silver-bullet solution to cybersecurity risks, I believe promoting public-private partnerships on risk management, foundational research, and a robust cyber workforce are essential to combating these challenges.   That is why I am excited to continue our Committee’s discussion on cybersecurity by looking toward the future.  

  The companies represented at today’s hearing are driving innovation.  They have employed machine learning to identify new threats, conducted research that may soon unlock the commercial potential of private blockchains and quantum computing, and launched new tech startups that create jobs and grow the economy. And Mr. Rosenbach, thank you for your dedicated service at the Defense Department.

  Cybersecurity will continue to be a priority for this Committee. Cybersecurity will continue to be a priority for this Committee.  In fact, Senator Gardner and I will be sending letters to newly confirmed Commerce Secretary Ross and Transportation Secretary Chao urging them to prioritize the cybersecurity of federal systems. As the heads of the respective departments, they have an opportunity to improve the effectiveness of cybersecurity programs.  In addition, I look forward to working with Senators Schatz, Risch, and Cantwell on potential legislation to ensure that small businesses fully benefit from the NIST Cybersecurity Framework.

  I want to thank all of our witnesses for being here today.  I look forward to hearing your testimony.  I will now turn it over to Senator Nelson for his opening remarks.   

Minority Statement

• Bill Nelson
  Read statement

  Minority Statement

  Bill Nelson

  Thank you, Mr. Chairman, for holding this hearing.  Enhancing America’s cybersecurity remains a top priority for many of us on this committee and I look forward to our continued work to address cyber threats, whether they are in the commercial aviation industry or in driverless cars. It is imperative that this committee and Congress is doing everything we can to protect our nation from cyberattacks.

  Cyberattacks keep coming and we must remain vigilant in protecting against them.  Combating these attacks is like playing a game of whack-a-mole where the bad guys keep popping up with new tools to exploit any weakness.  Therefore, we must constantly look down the road and anticipate the impact of new technologies. 

  The rapid commercialization of the so-called Internet of Things, which provides consumers with potential benefits, also provides hackers with a multitude of new targets to attack.  Artificial intelligence and quantum computing could greatly enhance our cyber defense capabilities, but in the wrong hands, could make detecting threats more difficult, risking our economic and physical well-being.  Blockchain technology, which has proven successful in securing financial transactions, could be used to secure all kinds of sensitive data and information.  At today’s hearing, I hope to learn more about all of these emerging technologies and their cybersecurity applications—good or bad.

  Americans are rightly concerned about cybersecurity, including the privacy of their own information and hacks of banks, insurance companies, and critical infrastructure like the power grid.  According to the intelligence community’s January 6^th assessment, we know that Russian hackers—at Vladimir Putin’s direction—used a series of relatively simple cyberattacks to try to influence the 2016 election, striking at the very core of our cherished democracy. Imagine what Russian or Chinese hackers or cyber criminals might do with advanced technologies.

  Because the technologies we discuss today could be used as weapons against us in a cyberattack, I want to know how Russia, China, and other adversaries might use these technologies to disrupt our economy and civil society.  How might Russian hackers use the Internet of Things to hack our most vulnerable systems? How might blockchain technology be used to secure sensitive data or disguise illicit activity?  How might quantum computing and artificial intelligence improve or undermine the cybersecurity of everyday Americans, our private sector, and our government?

  These are all questions I hope our distinguished panel will shed some light on today. 

  Thank you, Mr. Chairman. I look forward to hearing from our witnesses.

Testimony

• The Honorable Eric Rosenbach

  Former Chief of Staff, Office of the Secretary of Defense

  Former Assistant Secretary of Defense for Homeland Defense and Global Security
  Download Testimony (222.73 KB)

• Mr. Caleb Barlow

  Vice President, Threat Intelligence

  IBM Security
  Download Testimony (445.08 KB)

• Mr. Venky Ganesan

  Chair, National Venture Capital Association

  Partner, Menlo Ventures
  Download Testimony (378.54 KB)

• Mr. Steve Grobman

  Chief Technology Officer and Intel Fellow

  Intel Security
  Download Testimony (179.02 KB)

• Mr. Malcolm Harkins

  Chief Security and Trust Officer

  Cylance Corporation
  Download Testimony (583.90 KB)