Dr. David A. Bray is a 2015 Eisenhower Fellow, a Visiting Associate on Cyber Security with the University of Oxford, and Chief Information Officer for the Federal Communications Commission. He will join our conference on Friday for the 3pm panel discussion “Innovate or Die: Reshape Organizations Through Innovation Initiatives”.
1. David, you’re headed out with the Eisenhower Fellowship to discuss the Internet of Everything in Taiwan & Australia. Could you fill us in on the reasons you’re taking this trip?
Happy to share details. The Eisenhower Fellowship [https://efworld.org] (EF) is intended to be an opportunity for individuals wanting to build bridges across borders and work together to make the world more peaceful, prosperous and just. As part of my EF experience, I’ll be traveling to both Taiwan and Australia for five weeks to meet with their industry and government leaders on the topic of regional cyber strategies for the Internet of Everything (IoE). This will be in a non-official, personal capacity.
As background on the Fellowships: anyone can apply with a topic of your choosing that would help advance world peace, global prosperity, and international justice. The Fellowship itself is an intensive four- to five-week individualized professional program in either one or two countries from a list of some 42 potential destinations. While overseas, Fellows will meet with experts in business, government and non-profit institutions in their respective fields.
My proposal centered on the fact that the IoE currently is in its “early adopter” formative stages. We’re just now beginning to see devices in what we wear, what we drive, what’s in our house, and even in some medical cases what’s inside our own bodies. I would like to better understand what strategies Pacific industry and nation-states are considering as the IoE becomes an integral part of our daily lives including how we work, travel, communicate, and play.
2. Why did you focus on the Internet of Everything and what makes it a topic that you are passionate about?
For the most part the IoE is uncharted territory in terms of what the most useful applications will be, though there currently is no shortage of possible ideas on the horizon as well as early devices today. At the same time there’s not a lot of interoperability among the different IoE devices – instead, it’s a lot like the early days of the internet before we converged on the Transmission Control Protocol/Internet Protocol (TCP/IP) stack.
For our modern world, TCP/IP is now one of the most important computer protocols for collaborating, as it provides end-to-end connectivity specifying how data should be packetized, addressed, transmitted, routed, and received. In the early days of the internet before TCP/IP, interoperability among different network components required a lot of work.
Ultimately if we are to realize the benefits of the IoE, we will need interoperability amongst the different parts. It could be that TCP/IP by itself is sufficient, though I might suggest given the IoE will impact just about every element of our lives and societies – now is the time to think about what additional elements we might wish for TCP/IP to have.
3. While you are on your Eisenhower Fellowship, what type of questions will you ask industry and government leaders?
Can we bake-in additional security into the interoperability stack? Can we do privacy by design into the stack? What design elements should we consider now, as part of cyber strategies for the IoE, before there is widespread adoption and it becomes “too late” to roll back the protocol.
Answering these questions will require collaborative discussions across industry and government. It’s also going to require both regional and ultimately global discussions. I hope we do not end up with a future similar to our current state of power adapters, where we need different adapters and transformers for different parts of the world. At the same time the objectives of different nations, as well as industry sectors, might right now be different and thus warrant initially regionally discussions that can then “bubble up” to ultimately global discussions on how to achieve improvements to the interoperability, security, and privacy protections incorporated into the IoE.
4. Why particularly Australia and Taiwan for your meetings?
Australia's regional view regarding the IoE is key given its national role as a critical bridge between the East, as a valued trader of natural resources – and the West, as a key ally of the United States, Canada, and the United Kingdom. Taiwan's regional view also is key given its role as the frequent world-leader in the manufacturing and adoption of new technologies at a national scale to promote continued economic growth, in addition to its geographical proximity to mainland China, South Korea, and Japan.
5. Given your past work in biotechnology and public health, as IT Chief for the Bioterrorism Preparedness and Response Program and Associate Director of Informatics of HIV/AIDS Prevention at the CDC, how do you think the IoE will impact public health?
The IoE will transform public health. Epidemiologists and public health professionals will be able to monitor environmental and population health factors in near-real time. If we can assure the appropriate privacy and informed consent protections for the public, this will provide longitudinal data on the health of many folks on an unprecedented scale, and a strong data-rich foundation for evidence-based public policy decisions.
For example: when determining whether some addition or removal of something in your neighborhood, community, or city has an impact on your health (for example: building a new factory or installing a new public park), the IoE will provide a data source both for members of that community and for policy makers to see whether the additional or removal of that environmental factor does correlate with changes in population health. Also, from my experiences with bioterrorism preparedness and response, the IoE will be invaluable in ensuring a rapid response to mitigate the effects of any outbreak whether caused by humans or natural activities.
6. You also have extensive background in cyber security. How can we ensure the IoE isn’t just a large network of even more electronic vulnerabilities?
Security is the “million dollar question” and it remains to be seen if the IoE provides great benefits for our society or additional sources of vulnerability across the critical infrastructure of our society. From my work at the University of Oxford, personally I’d suggest we need to shift away from treating cyber security as just perimeter defense, and instead think of cyber security like we do epidemiology in public health. That is, we should do our best to encourage “cyber” hygiene and health, including the equivalent of cyber vaccinations and antibiotics, yet even then – just like in public health in the natural world – sometimes cyber outbreaks will still occur in the digital world. When such cyber outbreaks occur, professionals should center on rapid detection of the outbreak, containment of its spread, and finally remediation.
Such an approach to cyber-epidemiology should focus on population-level health of the internet and the IoE, would across industry sectors. This will be essential since there will be an exponential growth in the number of networked devices that will comprise the IoE. Already we’ve gone from 7 billion network devices on the face of the planet in 2013 to 14 billion – double the number of humans on the face of the planet – for 2015. By 2020, estimates are between 50 to 200 billion network devices on the face of the planet.
For the IoE, my view with the Eisenhower Fellowship is that we need to focus on resiliency, to include rapid detection and minimizing the dwell time of any potential cyber threats. Resiliency might also include novel approaches that minimize and potentially randomize the potential attack surface for IoE devices and ultimately incorporate insights from a cyber-epidemiological approach to enable self-healing systems. Just like public health made great strides tackling polio and smallpox in the 1950s, 60s, and 70s – we now need to do similar approaches for the cyber security of IoE, to include partnerships and collaborations across sectors.
7. Are there additional ideas and insights that you hope to share with leaders in Taiwan and Australia when you meet with them?
Serving as a CIO requires me to be both "digital diplomat" internally and externally and a champion of positive change agents. Building a network of positive change agents is necessary to address difficult challenges, work horizontally, and incentivize the right reward mechanisms to adapt to our changing world. I would like to hear about how do leaders in Taiwan and Australia encourage transformational change.
In addition, I would like to hear more about the challenges Taiwan and Australia face with partnerships that span both their private and public sectors. Given the accelerating rate of technological and global change, the future of the IoE will require beneficial partnerships that span sectors.
8. David, you’re a rather well-known tweeter and blogger, most recently named the “most social CIO globally” by the Huffington Post. Will we be able to stay in touch with you during your Eisenhower expedition?
I’m humbled weekly by the insights shared and experts that I meet online, and hope 2015 represents the year where it is actually common place for CIOs to be actively online and interacting both with each other and public.
As for staying in touch while I’m in Australia and Taiwan, yes – will continue to tweet from @fcc_cio and since this is in a non-official, personal capacity, I will reactivate my old blog at http://blog.dbray.org. This was the same blog I used when I pursued my PhD and subsequent post-docs back in 2005-2008. While on Fellowship, I have full confidence that three Deputy CIOs at FCC will keep the IT efforts we already have underway moving forward, and look forward to sharing the international IoE insights and ideas when I return.