Pete Sessions Asks AI Experts About Creation Of 'Standards Body' To Protect Sensitive Data

7 months ago

During a House Oversight Committee hearing on Thursday, Rep. Pete Sessions (R-TX) spoke about the creation of an AI 'standards body' to ensure adequate protection for sensitive data.

Transcript

00:00Sessions for five minutes. Madam Chair, thank you very much and good morning to each of the panel

00:05members. We appreciate you being here. A long time ago I spent time at Bell Labs where we were

00:12responsible for the network architecture but also the development of the switch that would be

00:20utilized. We set standards and did things to where we had unified way to look at how switch

00:27operated. We both know we had SALT and VOLT Typhoon whereby our government people learned that the

00:36Chinese had been into our cyber through cyber our databases for a long time.

00:44Should have found it, didn't find it, cost us. My question really is and I'm sure every each one of

00:51you have an answer for this or at least your vision of that. All it takes is one node to be

00:59compromised. It's like a big fence that goes around. It just takes one loose place. Does the federal

01:09government, do we here in Congress need to ask someone, do we need to deal with other countries,

01:16that there's a need to be a standards body that's specifically like when I worked at the labs

01:23to set what those standards are? How do we avoid with all the things we're doing

01:29getting something that happens like that again? I'll, sir, evidently you're, you've got your hand on the

01:36panel first. Any ideas? I didn't know this is jeopardy that you had to be quick. Well, okay, then we can go to

01:43your last if you want. But my point is, do you have any ideas on this question?

01:49So we have things. I mean, this is the job of the NSA, right? This is the, we have security

01:55organizations in the United States whose job is to protect American data. And I think we do actually

02:00do a pretty good job. And we have problems that a lot of data is in private hands that, you know,

02:05right now that if you think about just the Defense Department, there are thousands of networks,

02:09but there are rules. And, you know, I think we're doing okay. I don't think we need an international

02:15standard. I mean, this is very much United States. I mean, NATO does things together. So there are

02:21groups. But I would, this isn't like a corporate security thing where we need an international

02:26standard. Everyone's consistent. The U.S. has U.S. problems, U.S. adversaries, and we do have U.S.

02:32solutions. We also have battleships and aircraft carriers are out in the middle of places. Anyone

02:39else? Thank you, sir. Mr. Shaw? Yeah, I think, you know, what we've seen, and especially in

02:45cybersecurity, the NIST has created standards there that became adopted by a majority of the

02:50industry. And I think when it comes to AI and protecting data, coming from the lens of a startup

02:56from a young company, we've looked at the new standards that they have around AI, and they're

03:01actually pretty good. And they do provide for a lot of recommendations that we actually follow.

03:07And then furthermore, you know, going through the FedRAMP process, while I found it to be very

03:11expensive, there was a lot of amazing sort of things that they recommended in terms of infrastructure,

03:18software, process, and procedures that allow us to really make sure that the data is secured.

03:24And so I think that if we can have more of these types of frameworks, more of a lighter touch,

03:30it'll allow us to continue to innovate fast, but still give us all a true north of where we should

03:36take things in terms of our infrastructure and our processes.

03:39Sir?

03:40Sir, I would say three things. Number one, just to follow on Mr. Shaw's point, I think NIST is well

03:45positioned for this. I think the remissioning of the Safety Institute by the Department of Commerce

03:49two days ago that will focus on really building the standards across our federal government and how

03:54they use AI. It's a step forward. Also looking at, you know, open source models coming from countries of

04:00concern, specifically China, and what kind of a risk they possess in our ecosystem. I think that's the right

04:05step to do it. At the allies and partners levels, as I mentioned in my opening remarks, the Five-I

04:11Alliance really provides us with a stepping stone of, you know, coming with some common standards among our

04:17five allied partners, and then start bringing other countries under the fold. And the third

04:21piece, as Mr. Shreya mentioned here earlier, what can we do on the offensive side, so our

04:26adversary doesn't get a hold of our data, they don't use it against us, and then actually we are, we put

04:32them on the back foot instead of letting them, you know, really attack us on a daily and hourly basis.

04:37Good. Anyone else?

04:39Just very briefly, sir. I just want to put in a good word for what the Trump Administration's been doing with its

04:44recent executive orders and OMB guidance on this front, which has been to provide not only a framework

04:48for expanding the use of AI throughout government, but also getting more serious about security

04:53vulnerabilities and other types of concerns, and recent OMB guidances like M25-21 and M22 basically try to

04:59address these concerns you're raising.

05:01Great. Thank you. I appreciate the panel very much. Madam Chair, I yield back.

05:05Thank you, and I'll recognize

Pete Sessions Asks AI Experts About Creation Of 'Standards Body' To Protect Sensitive Data

Category

Transcript

Be the first to comment

Recommended