White House CIO Genuinely Plans to Fight Manipulation
SPONSORED BY NUTANIX
CIO Theresa Payton warns CXOs of how cybercriminals use manipulation, but believes that collaboration will win the fight.
In April 2020, a Chief Information Officer (CIO) published a book - a book that didn’t guide CIO and their CXO peers through the adoption of a hybrid cloud implementation or technology-led transformation. CIO Theresa Payton published Manipulated, a stark but also informative book on how business, society, and politics are being manipulated and that technology is driving this exploitation of trust.
As the first female CIO of the White House and with extensive experience in financial services, Payton has, from the very Oval Office, seen the impact of manipulation on the economy and society. Despite a passion for technology, she reveals to CXO Focus her concerns that the power of technologies such as Artificial Intelligence (AI) make manipulation more likely, and with an impact that could be devastating.
Payton joined the White House in May 2006. She brought to the president’s office significant experience of technology leadership in organizations such as Wachovia and the Bank of America. Today Payton is a member of the leadership team at Fortalice Solutions and an author.
“Manipulations are hard to discern and hard to stop. It will take a global effort because we cannot technology our way out of misinformation and disinformation campaigns,” Payton says of her continuing concern following the publication of her book. Payton is clear that if society and CXOs are to combat both disinformation and cybercrime, then collaboration will be essential. “It is going to take a global partnership to stem the rising tide of cybercrime,” she says.
“Our financial services have always been on the leading edge of managing fraud and cybercrime, but I am concerned that some of the weaponization of AI, chatbots, and mixed with cryptocurrencies could lead to a future run on the banks - a black swan event,” she says of how cybercriminals are some of the most advanced users of next-generation technologies. It is this ability to innovate that keeps those that threaten organizations in the lead, she says. “Every year, we have the biggest and baddest cybercrime event, and every year the good guys try to learn from that. Then, the next year there’s the biggest and baddest cyber breach ever.”
Payton references the hack of global entertainment giant Sony in 2014, “which was almost debilitating to the business and they had information stolen and details dumped on the internet”. She adds that the Wannacry attack on the National Health Service (NHS) in the UK in 2017, which also hit shipping firms, would then be followed by the Colonial Pipeline hack in early 2021, which gave the world a preview of the impact of fuel shortages, which the UK is experiencing as a result of the Conservative Party Brexit. “Each year, cybercriminals find ways to go around our offensive and defensive measures, and not just steal things, but actually create real physical reactions.”
“So I am incredibly worried about the fragility of our technology and the ability of cybercriminals to adapt and learn and come back with new tactics,” she says. Returning to her book and its theme of Manipulation, Payton believes that cybercriminals will use the full armory of manipulation methods. “In 2022, a black swan financial sector event could happen, where a provider has money stolen as a result of this huge move to touchless and automated banking and chatbots. This will make people nervous, and they will try to get to a human, and then when they are not able to, this will perpetuate a conspiracy that there is a cover-up.
“At that point, deep fake forgeries will be released by the cybercriminals that will then create a run on the banks,” Payton theorizes.
The CXO's Role
Despite Payton’s concerns about the abilities of the cybercriminal community, she also believes CXOs have a vital role to play in combating manipulation and threats to organizations. “The first thing you want to do is create human user stories. In the majority of breaches, it was a human error that led to that open window that let the cybercriminals in; it could be your system administrator misconfiguring a cloud tool, it could be someone clicking on a link or recycling a password. So if we think about the user stories and think of a way to put safety and security nets around the users, we can minimize the opportunity for mistakes. And that reduces the threat,” she says. CXOs are in a powerful position to be both storytellers, architects, defenders, and occasionally prosecutors in the organization.
“If you don’t have a big budget or team, think of ways to out-think and outmaneuver the cybercriminal,” she says, adding that sometimes relatively simple solutions can provide the greatest protection; for example creating separate domains for payments and restricted access to this domain, which is protected by code words that only the CFO, CEO and the recipient of that payment will know. She says such simple designs can prevent email compromises whereby criminals successfully receive wire payments for appearing to be the CEO.
Payton, though, states that the solution to manipulation and cybercrime will ultimately have to come from the highest echelons of global leadership. “I believe that if we can get the brightest minds in the room from academia, research, independent technologists, the big tech firms, and law enforcement, they can come up with a new approach and a new way of thinking where we provide privacy and security.
“We have people with their feet in cement on all sides of the argument. We argue for privacy and national and international security, but we have to get creative minds together to come up with the people, process, and technology,” she says of the lack of collaboration to tackle what is perhaps one of the biggest issues facing society and technology.
The author and former White House CIO never avoids the challenge facing lawmakers, CXOs, and technology providers, but it is clear, she believes together they have the ability to come together and be a force for authentic good, and in doing so, prevent manipulation.