George Barnes, Former NSA Deputy Director, Reflects On Cybersecurity Challenges With Active Cyber

February 19, 2025

At the beginning of each year, for the past 10 or more years, I am excited to get the invite from my friend Larry Gordon to make the trek to the University of Maryland to attend the annual, day long forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective. This year’s agenda for the 20th Forum was loaded with interesting topics and speakers. The luncheon keynote, delivered by the former Deputy Director of NSA, George Barnes, especially grabbed my interest and I was delighted that George accepted my offer to do a podcast and interview. I appreciate the insight George has gained from overseeing operations at NSA, which is at the forefront of the cyber war with nation states, especially in light of the recent Salt Typhoon and Volt Typhoon attacks. So read the interview below, or listen to the podcast here, or do both as George Barnes reflects about the cyber challenges we face and how AI is also rapidly changing the landscape of cyber offense and defense.

Spotlight on Mr. George Barnes

» Title: President, Cybersecurity Practicce, Red Cell Partners

» Website: https://www.redcellpartners.com/

» Linkedin: https://www.linkedin.com/in/george-barnes-7b53762aa

Check out his bio below.

Chris Daly, Active Cyber™: Welcome to the Active Cyber Zone everybody. Today I am thrilled to welcome Mr. George Barnes, former Deputy Director of the National Security Agency and President of the Cyber Practice for Red Cell Partners. So welcome to the Active Cyber Zone, George.

Mr. George Barnes, President Red Cell Partners, former NSA Deputy Director: Oh, it’s great to be here. Chris. I really appreciate you inviting me.

Active Cyber™: Absolutely. So George, to get us started, why don’t you provide my subscribers with some background on your career at NSA, and then let us know a little bit about what you’re doing at Red Cell.

Mr. Barnes: Great. Well, my career at NSA started way back at the end of the Cold War. I joined NSA coming right out of University of Maryland with an Electrical Engineering degree in 1986. It took about a year to get my clearance, as is typically the case going into the national security arena, especially NSA and CIA. And then came January of 1987 and it was really an interesting time because that was when the Reagan administration was putting the pressure campaign on the Soviets and brought them to capitulation. And so being in the national security arena when the Cold War ended, when the Berlin Wall came down, was just really a launch point for my career. It got my mindset into the criticality of the intelligence community, and understanding the broader national security community, and what it can and must do to protect America.

From there, I continued on in my technical career taking several overseas assignments, both as an engineer earlier in the days and then later as a leader at NSA. My experience was mostly in the collection and exploitation world, but I had experiences in the analytic world – really supporting the analytic community as it drives targeting for signals intelligence operations. And so I got to work at the intersection of all that for multiple years. Following that I did some industrial relations work, foreign relations work. I represented NSA as the senior rep to the United Kingdom for three years. And then when I came out of the UK in 2016, I led the organization at NSA that was called Workforce Support Activities. This included everything about people – hiring them, developing them, security facilities, career development, all those things were wrapped up in that organization. So it gave me a great complement to all the operational mission-related things I had done through my career. It helped round out my experience and prepare me to become the Deputy Director, which I became in 2017 and carried on with that for just under six and a half years.

So I retired in September of 2023 and then one month later in November I joined Red Cell Partners. Red Cell is really a venture studio that creates companies across three sectors, healthcare, national security and cyber. Cyber was not a standalone sector until I got there. And the Red Cell founder Grant Verstandig had a hypothesis that there was still a lot of need out there for cybersecurity products and services. And so he talked to me about coming over and joining up and creating a cybersecurity practice, which is what I did. We stood up the cyber practice in the calendar year of 2024. My job now is really to look at cybersecurity from a different vantage point than I had in the national security apparatus, which in that case, I was trying to gain intelligence insights on our adversaries, how they threaten us, and then work with our cybersecurity mission and NSA to develop standards, support industry, and help government better secure national security systems.

Now I’m looking at cybersecurity and national security from the vantage point of industry – how do we create new products and services for use by the government, but also for use by industry. We have a large attack surface in our country, and as all of you know there’s a continuous bombardment that’s coming at us from all points around the world. Many attacks are rooted in commonly known threat places like China, Russia, Iran, North Korea, but the threats really come from all directions. So it’s really exciting for me to be doing this now because it gives me a chance to work the mission from a different vantage point, but also to learn about the innovation engine of America – what does it take to build new companies? What’s the whole value chain of innovation, company creation, market penetration and value creation? And so I’m, in some respects, leveraging a career of working national security and cyber, but at the same time I’m back in first grade learning about venture and those types of things. So I went back to school to start learning again.

Active Cyber™: That sounds like a fascinating career journey. You mention something that is near and dear to my heart as far as looking at the innovations that are coming out of industry and especially in the cyber realm. Innovation is a topic on many folks’ minds when it comes to the AI world, but I am really intrigued of the possibilities looking at the intersection of AI and cyber. I guess you can look at the intersection simply that way, but I also wonder, based on your background, how cyber AND signals intelligence and AI seem to all come together. In particular, I’ve been thinking a lot about the concept of attribution for cyber attacks and how AI might help in that space or how it might create more difficulty in trying to do attribution. So tell me, how do you see AI helping cyber attribution and how good is the cyber attribution we have today in your opinion.

Mr. Barnes: Opinion? Well, that’s an interesting question. I remember discussing the issue of pros and cons of new technology around the creation of the internet. We were thinking, “is it going to make things better? Is it going to make things worse?” And it’s a little bit of both. And so AI is all of that. It’s definitely a step change in society. It’s monumental in its significance. Most people don’t realize how significant it is yet, but it’s starting to take a role in everyone’s daily lives. But what AI means for cybersecurity is multifaceted. We have to learn how to protect the AI ecosystem. We have to learn how to leverage the AI ecosystem to do all manner of functions, including cybersecurity. And we have to understand that it’s ubiquitously available globally and our adversaries are already using it to actually intensify, accelerate, and make more sophisticated attacks against us in all aspects of our economy and society.

And so what that means for us with respect to attribution, yes, AI can and should be and will be and is leveraged to better tackle the attribution challenge. Attribution has always been one of the hardest challenges in cybersecurity because the most sophisticated actors, of course, understand that they will be chased. And so they leverage not only global networking, but also the sophisticated ones use our laws against us really. The good thing about the US is we have laws in place. Our adversaries typically don’t have laws like we have, and so they have an advantage right out of the blocks. So we have to be smarter to leverage the strength of our laws, the respect that comes from civil liberties, privacy, all those things that are really important to us as a nation. We need to uphold those, but at the same time defend against adversaries that don’t care about those things.

And so attribution, whether it be for ransomware payment schemes, whether it be just for malicious cyber actor penetrations into our country, that’s a tough, tough job. And there’s all manner of obfuscation technologies and techniques out there that are used by the bad guys. AI is intensifying those. And so in that sense, it’s making things harder as we see with continuous breaches at the persona level –  synthetic persona creation is one of the first things that AI has been used to do. And so you have much more sophisticated phishing attacks going at people, at companies, what have you, but also at the distant end – the source, the creation of synthetic personas makes it harder to attribute in some respects. Now, on the flip side of that, the big, big networking companies and or governments that have the ability to harness big sets of data, they can use big data analytics and AI to pull out themes and threads that are not otherwise visible. And so that is, of course, a force multiplier for determining attribution if used legally, and used in conjunction with the continued emergence of sophisticated analytics to actually ferret out source ranges of malicious action. Most malicious actors when they come at us, they obfuscate through multiple countries, multiple networks including in the United States, but all of them come out of a source range, which is not strictly, but many times the root of where the evil starts. And so using big data analytics to chase that is definitely something that I think is being done and will be done and is needed.

Active Cyber™: Is determining that source range something where I think the signals intelligence piece and the cyber attribution piece come together too?

Mr. Barnes: Most definitely. I mean, the whole idea of the signals intelligence community is to get things that you can’t get otherwise. And so the good news now is so much is available in open source which is available and being harnessed by industry. And so if you look at the sophistication of the cybersecurity industry, the networking industry today, it is doing wonderful things in characterizing traffic flows, types of traffic, whether it’s bona fide or malicious. And so there’s a lot of collaboration that now happens, luckily, especially between NSA and the industrial base that is supported using DoD authorities for the bi-directional exchange of data. And so that’s really a force multiplier because it enables both to bring the power of their insights together to address common problems. And so NSA’s role is to get stuff you can’t get in the open source. And so it focuses on trying to identify the source range where things are coming from, how they’re getting there, what their functionality is, et cetera, and then matching that up with what industry sees from their vantage point. This is a win-win.

Active Cyber™: That sounds great. It gives me some more confidence that we’re starting to pick up the authentic attacker. I really worry about the case where there’s a lot of deception involved and the real adversary makes it look like the attack came from somebody else, and then we think it’s somebody else and then bad things may happen from that perception.

Mr. Barnes: That’s right, that’s right. So deception, it is always been part of intelligence trade craft. It started in humans and now still there, but it’s also now in networking. And so that’s where these synthetic personas as well as various different types of networking techniques enable and intensify deception operations. So again, that makes the job of the intelligence community and industry even harder, which means they really have to work together.

Active Cyber™: So you talked about the cooperation among the commercial side and the DoD side as parts of that equation that say “what do you see, what do you see?” And so what types of other advancements do you think are needed at the endpoint or in the cloud to really combat misinformation and fake identities that are out there?

Secondly to that, do you believe that data provenance, which identifies the authentic source of data, or identity provenance can be something realistically achieved at scale?

Mr. Barnes: Well, I think we have to try, right? Because everything starts at the source. And so we know that along the daisy chain of data’s lifespan, there needs to be new techniques, new mechanisms, new standards put in place to bind identity and provenance along that journey. But in the end, you need to start with something you can trust. And so otherwise you’re binding against something that was fake. And so that’s where I think it’s going to take some iteration. It’s going to take innovation from industry insights through international collaboration and those types of things, but the key is really getting into understanding provenance of data along its lifespan. Also non-repudiation goes hand-in-hand with provenance – making sure that you can understand if and how data can be changed along the journey. And so it’s all a matter of being able to trust data. And there are a lot of various startup companies that are trying to introduce techniques that bind data tags with data as it’s created.

If you think about law enforcement and chain of custody, along with the images, videos, voice tracks, all manner of things that come into the evidentiary lifecycle, they have to be trustable and trusted. And so you have to start at the source. Now that’s hard because data’s created ubiquitously, and so the solution to this problem is something that I think will take iteration. You’re not going to standardize it, you’re not going to regulate it per se. You might in some areas regulate it for government-created information, but broadly, the global industrial base has to be innovative and we have to be responsive to that need, and that’s what industry does, right?

Active Cyber™: Yes. Your reference to the chain of evidence and forensics type stuff reminds me of a person I did interview with in the past – Jim Christy – an Air Force OSI guy that ran the Defense Computer Forensics Lab not too far from Linthicum. He’s retired and writing a book about his investigative experiences.

Anyhow, he reflected to me about the difficulty of managing that chain of evidence and the tools that you use – trying to determine if they were really trustworthy enough to stand up in court. And so I think we’re still in that ball game where we’re trying to figure out what are the right tools. It also reminds me of the high assurance platform work that I got involved in at one point, and the whole concept of root of trust.

Mr. Barnes: That’s right. It’s all about root of trust and binding data, and it gets into cryptographic binding really. And so I think there are various techniques that are in existence, but they will evolve. Everything we’re talking about today gets into root of trust in one way, shape or fashion. And now, unlike a few years ago, we have to be rightfully concerned about the origin of data itself. Is it trustable? How do you know where it came from, who touched it? All those types of things.

Active Cyber™: Yes, exactly. So bringing up trust, along with the concept of crypto binding, makes you think about RSA 2048 and elliptic curve cryptography and things like that. And so using quantum computing algorithms such as Shor’s and Grover’s, is the threat of breaking those algorithms more hype than reality, or is it going to happen and where do we stand from a readiness perspective on that? If you can talk about that to some degree?

Mr. Barnes: Yes, so the algorithms exist, and we know mathematically that asymmetric cryptography, that’s the ones you mentioned – RSA 2048, elliptic curve cryptography – they mathematically can be broken via the application of those algorithms. Shor’s has been around since I think the nineties, and so they’ve been there a long time waiting for some type of computing solution to realize their potential against encrypted comms. And so we hear about quantum computing technology evolution, it is happening all around us. I’ve spoken to many young companies or people who want to start companies who think they can break cryptography at that level or think they have a new approach or think their quantum computing solution is on the cusp of being able to scale, and none of them are there yet. And I think this is the magical question that faces all of us – when will that happen?

We know that around the globe, all advanced countries in some way are in pursuit of quantum computing, and that’s a good thing because the introduction of quantum computing will be a step change just like AI has been. It could revolutionize things in ways we can’t even imagine yet. We don’t even know the questions to ask in some respects because it’s so hard to understand quantum mechanics. But if you look at material science, if you are working at the atomic level, there are marvels that can happen in medicine, for instance, in atomic theory application. There’s research happening in a lot of these fields given the anticipation of relevantly scaled quantum computers that could do meaningful work. And so that’s a bunch of packed adjectives there. When it comes to breaking RSA or ECC, it takes scale, so it is well beyond the level of quantum computers that we’re hearing about today.

I mean those algorithms, there’s been lots of modeling and calculations done about how many qubits, how many effective qubits, are needed to break asymmetric encryption. We are not talking just physical qubits because physical qubits are only one piece. You need a logical qubit to be effective and they’re not steady – they only are in a steady state for a very short amount of time. That issue gets into other parts of science and math that have to mature – error correction, coating and just raw pure engineering, there’s so many things that have to happen. Many of us have heard about quantum computers working at almost absolute zero. That brings in other concerns and variables – you’ve got pressure and temperature and the size of what it takes to actually contain these qubit arrays, much less the supercomputers that are required to actually connect to the quantum computers. And so it’s very, very tough.

We’re in a race, we hear about the US companies, the big ones of course naturally are pursuing it, IBM, Google and others. There are small companies that many of those big companies are invested in. And then we know that in the realm of our allies, Australia is very advanced, the UK’s got advanced technologies and techniques under development, Japan is interested, and so on in other countries in Europe.

On the other side, we know that China is pursuing quantum computing and they’ve been trying to be in a race with Google and they make pronouncements. They put out a lot of their research. They make no bones about the fact that they see quantum computing as part of their future strategy when they do their five year strategy updates. The Chinese Communist Party – they include quantum computing as a destiny, and they are not bashful about doing research in cryptography. And so we have to expect that they aspire to stand up a cryptographically relevant quantum computer, which means one that’s big enough, robust enough, stable enough, or created in a way that can actually implement Shor’s and/or Grover’s algorithms.

When will that happen? Well, that’s the big question. Nobody knows. And so all we can do is project based on the rate of change of technology. In the last administration, they put out the National Security Memorandum number 10, which basically said by 2035, all US government National Security Systems need to be quantum resistant. And so NIST, as many of you know, has spent multiple years doing an open source deliberation assessment and publication of algorithms that are quantum resistant. So they put their list of algorithms out last summer, and they are being adopted steadily and broadly by commercial enterprises as well as a lot of government agencies. NSA has its own algorithms for National Security Systems and so those have been developed and they’re being rolled into capabilities, but the whole government is on path, given the requirement, to be conformant by 2035. Will there be a cryptographically relevant quantum computer by then? Well, we don’t know, but you have to bet on the come since there is a pursuit and there’s an acceleration of the science, and so we have to be ready as opposed to not ready.

Active Cyber™: What’s your estimation on the lifetime of secrets then? If they’re recording today, are these secrets going to last into 2035 or beyond?

Mr. Barnes: The big thing that people are worried about is this whole thing about record today / decrypt tomorrow. We should expect the big nation states like China, who are collecting on us day in and day out, we should know that they’re also looking at things they would deem as high priority and collecting on those even though they can’t break them today. And their crypto analytic activities are looking for mistakes [in configurations and algorithms], which is possible in everything that’s developed by humans. Overall, we have to expect that some crypto can be, to some degree, broken by humans over time. And so I know how they operate and what is in their focus, and you got to believe that they’re looking for mistakes. And so it’s standard business practice to collect these things, but making decisions on what to collect gets into, well, how much do you want to pay for storage space? But it is meaningful to China to have things stored up to reflect on at a future date.

There’s also an evolution happening right now. Space systems have crypto and space systems last a long time. And so that’s one of the things that there’s been a lot of push on – to get systems with long duration assets that are not accessible to rollover to be quantum resistant. There is a push now to have new space architectures that allow for change outs of algorithms on board. And so that’s a trend that we’ll continue to see as onboard computing gets more and more robust and flexible. But traditionally you’ve put the crypto there and it was stuck with that algorithm, and so that’s been a big priority to evolve crypto for space systems.

Active Cyber™: I guess in terms of space assets that we depend a bit on commercial space assets as well. I would assume that some of those assets may have contracts where the government requests them to institute certain types of algorithms.

Mr. Barnes: If they’re going to be conducting National Security System missions, there’s a requirement for them to be conformant and to be certified by NSA. And so there’s a whole process for “commercial solutions for classified” where industry can bring a proposed algorithm and implementation, and NSA does a review and certification of that before it can be used operationally. That process has been in place for a long time. Nowadays that process includes becoming conformant with quantum resistant cryptography.

Active Cyber™: Okay, so in terms of threat vectors, we should also look at the supply chain. You talk about mistakes – human mistakes. Human mistakes may happen at any point in the supply chain as well as technical mistakes. And the supply chain appears to be a growing threat vector today and has been for a while. So what type of support has the government provided to address these types of threats? And I’m really also thinking of the role of open source software in the supply chain, GitHubs and places like that.

Mr. Barnes: Oh, big time. Big time. So we learned lessons about supply chain security a couple times in the last few years. We learned from the cybersecurity perspective when SolarWinds happened, the fragility of supply chains, when the Russians subverted the supply chain through SolarWinds and got into scads of government systems. We learned at the backend of Covid, the physical supply chain and its vulnerabilities. We learned last summer what happened to Hezbollah given a supply chain of vulnerabilities.

And so you have a great question. Supply chains are something we all should care about and they need to be understood and they need to be better secured. And I just was reading this morning that there’s a company called Resilience, a cybersecurity firm that found that about 47% of organizations suffered a disruptive outage in the past year from a breach related to a vendor. So that’s a risk that enterprises are accepting from others, they’re taking on risks by accepting software products. This reflects that we don’t know what we’re accepting. And so there’s been for quite some time an industrial supply chain effort in the US government because that’s a big attack service that adversaries want to penetrate and unfortunately do sometimes. And so we have to actually make sure those supply chains are robust, but we also have to extend those protections beyond just the government because our economy, our industry, our role in the world is under attack day in and day out by all manner of malicious foreign actors. They are coming at us for intellectual property theft, as an example, as well as to lay down their capabilities for another day.

I mean, they’re just a whole bunch of things where supply chains are relevant. Software supply chain, you mentioned open source, that’s a big, big deal. There are a growing number of companies that are trying to get into the software supply chain world. One of mine at Red Cell is actually in that world as well, and it’s for good reason because we don’t know what we’re getting. And I think I’ve heard of over 80% of the software we all use is reliant on the open source global software supply chain. So we’re accepting risk and there’s a lot of focus on securing what we see.

There’s not as much focus on understanding who actually develops that code, controls that code, what are their influences, who’s pushing them. And so that’s an area that is going to be addressed more and more. What risk are we taking on, not just can we find vulnerabilities in the code that are known today, but what does that access do. As an Intel professional my whole life, I worry about preparing for another day. And so it’s not just about laying down protections today, it’s about being prepared for tomorrow.

So that’s an area – the “influencers”- we have to really understand as we have become reliant on software. And with AI now, we have AI-driven code development integration. And so the AI engines are going after those same libraries and repositories. AI is going to actually intensify and accelerate the adoption of code that could be weak or could have questionable origin. And so this is a time where, again, we need to try to use AI for these things, but at the same time, we need to shore up our defenses and our awareness about what we’re bringing into our systems.

Active Cyber™: That makes me think about a couple things, the Deepseek AI tool for example, and what’s embedded in that. I also read something recently about something called DarkMind – some research work that was done out of the University of St. Louis where they’ve come up with a way of creating back doors for chain-of-thought reasoning models like Deepseek. And the backdoors are very hard to detect – they’re embedded in the backend reasoning process and they can be triggered by anything so to speak. So they can be latent and undetectable and in your supply chain AI model and then wait for some event to occur. And then guess what? Something bad.

Mr. Barnes: And to your point, this rapid development and deployment of AI is going at an incredible pace. I mean, you can’t even characterize it. It’s happening so fast with such a miraculous intensity, but at the same time it’s creating an attack surface. So you mentioned subverting the reasoning engine. I was just reading this morning about the onslaught of penetrating API interfaces because everybody’s creating APIs to connect into these AI models, and so that creates more opportunity for mischief.

Another thing we have to think about, which is kind of the darker side of where cyber’s going, is we deal with the immediate things whether that’s theft, whether that’s ransomware, et cetera. But the thing that’s less visible is when typically nation states, but I wouldn’t say exclusively, are preparing for offensive cyber operations for the future. And that’s very hard to detect. And I remember when Salt Typhoon came out, the Chinese critical infrastructure penetrations, and everybody was wrestling with why it hadn’t been found, how it could be there latent for all these years.

And if you think about it, when you pre-position for the future, you need to make sure that perhaps you go back and revisit every once in a while. Is there a heartbeat? Is it still there? Have the systems been updated to nullify my exploits? But it’s basically sitting there waiting. But if you’re penetrating a foreign system for piracy, then typically there are a lot more tells. You can look at exfiltration of data that is easier to find because it’s higher in volume than typical networking for the given system being penetrated. And so it has more observables than the pre-positioning things. And the other problem with pre-positioning things, because there aren’t these immediate observables, what they typically leverage is the fact that, as much as we’re focusing on all this, so many systems are not updated in patch. They don’t have robust defenses as far as identity access management controls, the basic protections we all know about for infrastructure, not just the people interface but infrastructure. And so that’s something that all of us need to really focus on.

Active Cyber™: Yes, as you were talking about APIs it reminded me that it’s not just the technical aspect of this, but it’s the human or mission aspect. I mean, I heard that the Typhoon penetration, they leveraged some connection point to get into those system via a warrant system that the FBI managed. And I remember looking at that FBI system a while back and thinking it’s kind of open. I wonder if there were some controls that were not updated or missing to make it easy for the FBI to do its work? Unfortunately, it is the holes we sometimes open in our protections to make our job easier that the bad guy uses as well.

Mr. Barnes: That’s right. And that happened with Salt Typhoon in the last fall. And this is the challenge: we are a compute, data-driven society. We’re an open society. China is also data-driven, but they’re a closed society. And so they and also Russia have these big firewalls. They proxy everything that comes in out of their country and control it. We don’t do that and nor should we, but that means the task for them is much easier. The task for us is harder. And so that means we have to do better at defense in depth, not just at the perimeter because we don’t really have it at the perimeter.

Active Cyber™: I think we have to think in a similar mindset to close everything off as a defensive cyber person.

Mr. Barnes: Yes, we need to achieve a balance between access and protection and it’s expensive. Right now we’re all trying to figure out how to adopt zero trust. I look at the criteria that came out in the Executive Order 14028, back in about 2021. And if industry could find a way to adopt all or most of those requirements that were levied on the government itself, we’d be a lot better off because it gets into these standard things that I’ve known forever, but they have not been commonplace in industry. And you really had to pay for them if you wanted them, like logging. Who actually used to pay extra for logging? Sophisticated adversaries would go and cover up and change the logs, and so they can hide their path when they come in. And so incident response, developing playbooks, I mean, there are just so many things that are expensive.

And so if I’m a company, I look at all these cyber levies as leaching on my margin, so which it is in some respects. But I think we have to reconcile the fact that it’s just a cost of doing business. And so we can’t look at security as something you bolt on at the end and grimace every time you have to pay the bill because basically we’re getting the efficiencies of computing and data and networking. Those efficiencies come at a cost and we have to start baking that cost into our overall company portfolio.

Active Cyber™: You bring up zero trust and I think back on the high assurance platform program and I was thinking, wow, zero trust reminds me of that. It involves many of the same concepts such as comply to connect, root of trust, and all those other types of concepts back then. And I was disappointed that I had never saw it widely adopted across more places. It had the root of trust, it had the secure connection, it had all that stuff. So now that the zero trust is finally coming up, people are starting to deal with that problem, but it’s still in infancy. Are you seeing zero trust adoption right now? It seems to be a hot thing from a vendor perspective.

Mr. Barnes: Yes, I mean I think a lot of those things that you and I saw a couple of decades ago, even within the national security community for classified networking have now are making their way into industry. And part of the problem is it’s expensive. And so there might’ve been an appreciation, but there wasn’t the same pressure earlier on to adopt those things. And everything’s really about the bottom line. How much does it cost?

In my company, we’ve been looking at the space industry as something that needs to be better protected. And a lot of these startups, they know that security is the thing, but it’s kind of the last thing on their mind right now because they’re in a race to actually get to market, get on orbit, and that’s how things work. And so I think culturally, all of us have to get into this different mindset, and that’s where I give credit to CISA. For the last couple of years, there has been a drumbeat from CISA about secure by design, secure by default – those are catchy terms, but those are the things that, having done this my whole life, I would’ve thought were obvious, but they weren’t obvious.

They came at an expense that was additive to bottom lines in companies. And so unfortunately now people have realized we have to adopt them. We have to pay to adopt them. Look how much money’s been lost to ransomware in our society in the last couple of years. I mean, I can’t imagine standing behind those losses, and that’s all because we couldn’t pay, didn’t want to pay for the extra defenses ahead of time.

Active Cyber™: Yes, well, healthcare is case in point there. They didn’t do anything for the longest time and now they’re getting killed.

Mr. Barnes: That’s right.

Active Cyber™: So we’ve got AI and we’ve got quantum computing on the horizon or actively working right now, and then we’ve got Bitcoin out there. And all of these technologies are going to drive huge demands for energy. I think they already are. And so given the fact that people don’t want to spend more than they have to and they’re going to be spending a lot more on energy, how will this impact cyber protection in the future you think?

Mr. Barnes: Well, I think it will accelerate an understanding of this more recent dimension of insecurity. And that’s critical infrastructure, because what’s happening, the demand for compute capacity in this form of data centers, for instance, is outpacing the supply and it’s quicker to stand up compute than it is to stand up critical infrastructure to power and cool it. So I won’t say a crisis, but there’s been a lot of pressure just in the US. Virginia and Texas have the highest concentration of data centers in our country, but of course we have data centers distributed everywhere. But if you look at the current power requirements, and I’ll just say for AI, since the big models were stood up and they’re now accelerating, and then you look at what’s already planned and the projection for power capacity requirements by 2030, it vastly outstrips the ability of the power grid that we currently have to address the need.

And that’s why you see the Microsofts of the world doing things like taking over Three Mile Island to try to rejuvenate old nuclear that had been left latent. We’re going to have a resurgence in supply side for power. It is just going to happen because everybody understands the power of high performance compute, and that is a necessary ingredient for realizing the benefits of AI. And so all these things are going to come together. And what that means is malicious actors – mostly nation states, but as we saw with the Russian hacktivist that went after the water systems in Pennsylvania last year it is possible with less resources, they are going to look at that risk. And so we’ve seen China through Volt Typhoon targeting water systems and other types of infrastructure. We have to imagine that power and water in areas of compute capacity are going to be under threat and we have to respond. And so for the providers, that’s a challenge. The power is privatized; water typically is municipalities. And so those are two different pressure points, but both of which have to be addressed.

Active Cyber™: One of your compatriots – Charles Harry – is taking a look at some of that across the municipalities and states in his work at the University of Maryland.

Mr. Barnes: That’s right.

Active Cyber™ And so thank goodness for that.

Mr. Barnes: Yes. Just understanding risk, understanding your key assets and trying to understand for business continuity and resiliency, where do I need to put my next dollar? What could take me down for how long and at what cost?

Active Cyber™: So we’ve got this race out there to produce the next best LLM or neural network or whatever using all this data, and I kind of get worried about privacy. My preference would be: “I own my data. If you want to buy it for your AI tool, fine, I’ll sell it to you.” That’ll never happen, I think. But I would love to see it happen, kind of a decentralized ID and decentralized data, and then you AI guys come after me and buy the rights to it, and that could help solve that privacy thing – I give up or hold onto the privacy based on my own personal preference. But now you have to depend on the company to protect your privacy. That means these guardrails and stuff for AI, but I have my doubts about technical guardrails and I’m not so sure how well they’ll be regulated. So what’s your view on that? Will these privacy guardrails be enough? Will we will see more regulation or because the rush to get AI out there, we’re going to see it just ignored and pushed away?

Mr. Barnes: I think we’re going to have to pursue solutions and we have to understand the role that government needs to play and the role industry needs to play. I think about personal health data as an example. There needs to be some type of a standard for personal health data because health systems are privatized, they’re all over the country, but they exchange data and they have to exchange it in a meaningful way that’s consistent and they need to protect it in some consistent fashion.

Similarly, we know, and I’ve been to talks with some of the big pharmaceutical research entities here in the US, and they’ve spoken about their own efforts and they’ve spoken about what they know about efforts happening in China and the difference. We are at a point where we are increasingly ready to leverage the magic of big data analytics as applied, I’ll just say to health right now, to find things that you couldn’t otherwise find when you expose algorithms to humongous data sets.

And that could dramatically change medicine, it’s effectivity, it’s targeting, et cetera. These researchers that I was listening to were talking about research right now in that field, and they were also talking about being exposed to Chinese counterparts who just get data. They don’t care about privacy. But that’s a big thing for us. And so I’m just talking about big data analytics, but AI is the special sauce that actually can make those big data analytics more effective. We’re integrating AI with pre-existing machine learning and other big data algorithms, and so that intensity can create magic for us while at the same time we have to understand what vulnerabilities come along with that exposure. And so personal health data needs to be secured. And I know the confidential computing world is trying to look at that. There have some cryptographic approaches there. Various industry players are trying to set up confidential compute clusters to better isolate this data from other customers and data.

And so AI privacy concerns – we need thought on this right now. I know at the same time we’re in a race as a country. We are the leaders. We have been the leaders. We want to remain the leaders in AI. That’s just typically been our destiny as a country, but also as the most important country in the free world. And we know that China cuts corners. We just saw DeepSeek come out and they heralded how much more efficient, fast, cheaper, whatever it was, but they didn’t start from scratch. I am highly certain that they leveraged what we’d done before – it’s what they do. And so when people are looking to leverage DeepSeek, well, those systems are in China, so that means everything that comes in and out of the systems is subject to Chinese capture and they capture everything that comes in and out as does Russia.

And so we don’t do that here in the US – that’s a big difference. So even if the company itself wasn’t connected to the Intel apparatus of China, it sits in China. So everything’s accessible anyway by law. We have to think about those things. We don’t want to slow down our industry in a race, but we need to be thoughtful. I think that’s where we see different administrations in the US will take different stances on how hard to push AI versus privacy or at what pace. I think it’s going to be iterative. I don’t know the right answer, but I know we need something more than nothing.

Active Cyber™: Are you seeing companies producing technology in this space already? Privacy guardrail technology for AI kind of stuff?

Mr. Barnes: I have not specifically, but I haven’t had a chance to delve too much into it.

Active Cyber™: I do know that, for example, NIST had an initiative called ARIA that was missioned to do evaluations on AI technologies. I’m assuming part of their look is from a privacy perspective. I know it got stood up based on the last administration’s AI guidance Executive Order but not sure of its current status under the new administration.

Mr. Barnes: What different entities are using, doing with access to these big data sets. I mean, you’ve got this intersection of the large language models stood up by the big companies, the frontier companies, and then you have techniques like retrieval augmented generation that actually takes your own data and intersects it with these models. And so all that needs to have a security framework.

Active Cyber™: Yes. And then GDPR is going to be an impact on the pace of AI and privacy.

Mr. Barnes: Yes, big time. And that’s happening. Of course, Europe is where that started, but there are similar equivalents that are being stood up in the GCC countries in the Middle East. So various countries are concerned about that stuff.

Active Cyber™: So there’s been a lot of different government programs over time to look at how to measure and regulate software security quality and security controls through evaluations, assessments, continuous monitoring, trust labels, and so forth – they have a trust label now for IoT devices. But do you think that cyber technology has, or the cyber aspects of these new technologies, have improved from doing these assessments. It seems like despite these government programs that we still find holes, we still find vulnerabilities. It’s a never ending thing. Do these programs make it better? Is it worth the money? Should we think of something totally different about how to do this?

Mr. Barnes: Well, I think we’re on a journey, and the journey means we’re iterating on what we had, what didn’t work, what we adopt. Does it work, learn, iterate. It’s like the OODA loop process. And so we have not found perfection nor will we. We’re relying on software developed all around the world. And so we really have to figure out through iterative engagement with the environment, what works, what doesn’t, what seems good, but in practice is not. That’s why I mentioned earlier, secure by design is an example. Well, what does that really mean in practice? How do we certify that? What are the labels that come along with that? Are they reputable? Are they reliable? We’re on a journey. And so there’s no perfect answer yet, but hopefully in aggregate, the mindset is awakening and people realize that this is a thing. And so that’s the bottom line. Every C-suite needs to understand the essence of this, take it on board, invest in it, be proactive to try to make it better.

Active Cyber™: So we only have a couple minutes left, George, so I wanted to see if there’s anything you’d like to add before we finish up today.

Mr. Barnes: I just really appreciate the opportunity to talk about these things. They’re critical for our country. We’re at a point right now where we are wrestling with destiny. We have China growing globally. Our two economies are very inextricably interdependent. We built it that way over time. There are efforts to try to actually pull that apart a little bit. We learned with Covid, some of the vulnerabilities of that interdependency, but we’re in a race for technology. China, as it always has been, is learning from us, stealing what we have, replicating what we have, but building on their own. And some of the pressure we’re putting on them is actually accelerating their Western application of technology, which is also a risk to us.

And so they come to us because we are the beginning of the innovation chain globally, traditionally. But our pressures on them are prompting them to take it on board themselves. And so they’re behind us. We want them always to be behind us, but we have to be vigilant and mindful that we are in some respects, propelling them forward. And so we’ve got to take that on board from our industrial policy, from our access to technology and all the interdependencies. So this is a journey, but we need to uphold what we’ve created as a global force for good.

Active Cyber™: Well, George, thank you so much today. I really hope that the work that you’re doing with Red Cell Partners will provide some of that innovation steam for our own country moving it forward. And looking forward, I would love to do this again sometime in the future with you. There’s some other things I’d like to cover with you. So hopefully we’ll have a follow-up session. Thanks again.

Mr. Barnes: Okay. Hey, thanks so much for having me on. Great to see you. Take care. Thank you.

Thanks George for sharing your insight into past, current, and future trends of cybersecurity. It seems that the evolutionary pace for cyber offense and defense is accelerating. I am grateful for the service you provided to this country during your career, and I wish you much success in your current endeavor to create a collaborative and innovative cyber ecosystem that will ensure the market for this technology stays fresh and matures in a robust fashion. And thanks to my subscribers and visitors to my site for checking out ActiveCyber.net! Please give us your feedback because we’d love to know some topics you’d like to hear about in the area of active cyber defenses, authenticity, PQ cryptography, risk assessment and modeling, autonomous security, digital forensics, securing OT / IIoT and IoT systems, Augmented Reality, AI, or other emerging technology topics. Also, email chrisdaly@activecyber.net if you’re interested in interviewing or advertising with us at Active Cyber™.