AI, Critical Infrastructure, and Cascading Failures with Madison Horn
Season 3 Episode 4 •Show Notes
Madison Horn joins host Frank Cilluffo to explain why AI-driven cyber risk may be quieter, faster, and harder to spot in 2026. She breaks down “cascading failures” in critical infrastructure—and how a disruption in one sector can quickly ripple into others.
The conversation zeroes in on AI agents, especially their ability to create new user accounts, get access to systems, and hide inside everyday routine activity. Horn also warns that AI supply chain weaknesses could spread faster than traditional zero-days.
Main Topics Covered
- Why AI-enabled attacks may look like normal business activity.
- Cascading failures across water, power, telecom, and healthcare systems.
- AI agents creating identities and operating with “human-like” access.
- Why “AI supply chain” risk could eclipse zero-day exploits.
- “Slow and steady” AI adoption for critical infrastructure operators.
- Why quantum planning should happen alongside today’s AI rollouts.
Key Quotes
“Within critical infrastructure… water needs electricity, electricity needs telcos, and healthcare needs all three.” —Madison Horn
“Hackers are lazy. And I mean that not to be offensive, but if you can reach your objective, reaching the lowest hanging fruit, then you’re going to.” —Madison Horn
“Attacks are not going to look as restricting and as loud. I think it’s going to look just like business as normal until we see [impacts] in the physical world.” — Madison Horn
“What I worry about is people assuming and trusting that an AI tool is doing what it’s supposed to and not necessarily understanding or being able to detect that it’s doing something malicious.” — Madison Horn
“I just don’t want quantum to get lost into the AI conversation.” — Madison Horn
Relevant Links and Resources
Madison Horn’s 2026 predictions (Nextgov)
About the Guest
Madison Horn is the national security and critical infrastructure chief advisor at World Wide Technology, with 15+ years leading cyber strategy and incident response in high-consequence, regulated environments. She previously held senior roles at Siemens Energy, PwC, and Accenture Security, and founded Roserock Advisory Group focused on cybersecurity and geopolitics.
Transcript
1
00:00:00,000 –> 00:00:01,000
Madison Horn [00:00:00]: The cyber industry is moving to a place that is much more mature. Where I see it becoming the most mature is kind of this, like, realization that, like, yes, I’m going to get breached. And so, like, how do I ensure that I’m just, you know, containing that blast radius?
2
00:00:01,000 –> 00:00:02,000
Frank Cilluffo [00:00:19]: Welcome to Cyber Focus from the McCrary Institute, where we explore the people and ideas shaping and defending our digital world. I’m your host, Frank Cilluffo, and this week I have the privilege to sit down with Madison Horn. Madison is the Chief Senior Advisor for National Security and Critical Infrastructure at Worldwide Technology, has 15 plus years in an incident response kind of role, starting at Southern Company, I just learned today, but at many others including PWC, Siemens Energy and Accenture Security. She was recently asked to give her predictions for 2026 around cyber, and I thought that her response was incredibly thoughtful. And I’m excited to sit down with her and unpack some of those ideas a little more today. In addition to being a cyber expert, very cool member of Cherokee Nation as well. So truly great opportunity to sit down. And Madison, thank you so much for joining us today.
3
00:00:02,000 –> 00:00:03,000
Madison Horn [00:01:16]: Yeah, thanks so much for having me.
4
00:00:03,000 –> 00:00:04,000
Frank Cilluffo [00:01:17]: So I teed it up, I thought your response in terms of predictions looking to 2026 were a little different than many of the others we had seen and went deep into some of the AI issues. So as a first question, you want to unpack that a little bit, give some of your thoughts as to what you shared in 850 words.
5
00:00:04,000 –> 00:00:05,000
Madison Horn [00:01:39]: Yeah, so I mean, big question to ask in like a starting point. So anytime that, you know, I’m asked for a perspective, I always, I don’t want to say try to give the opposite, but what’s the perspective that we’re not thinking about or the parts of the conversation that feel a little monotone because it’s the one or the two thing that we’re all talking about and so what are the things that we’re missing? And so, you know, you know, my warning or the first thing that I think about looking at 2026, I mean, we’re 20 days in and I already want to be like, whoa, only 20 days?
6
00:00:05,000 –> 00:00:06,000
Frank Cilluffo [00:02:16]: Yeah, it’s exhausting.
7
00:00:06,000 –> 00:00:07,000
Madison Horn [00:02:17]: Buckle up. Yeah, buckle up. So let’s just start at 2026. So thinking about, not even knowing, because we wrote that in 2025, right, then we already knew that the geopolitical climate was going to be a little bit bananas. And I’m going to use the word bananas because it’s soft and light and not as scary. But when I think about organizations preparing for the climate, then it’s not necessarily their business function that I want them to necessarily worry about. It’s their utility within the positioning in a geopolitical conflict. So I kind of start there and then I go down to the second layer is, okay, well, you know, what’s the posture we want our organizations to take? Obviously we want to get to a much more proactive versus reactive posture and then start kind of like saying, okay, well, where’s emerging technology going in 2026, et cetera.
8
00:00:07,000 –> 00:00:08,000
Madison Horn [00:03:10]: Obviously, AI is the buzzword and we’ll throw out some others. Drink your water here. But again, kind of going back to the predictions and I know we’ll dive into it then I really kind of wanted to think about some of the hidden layers within AI and just the pieces of the conversation that we’re not talking about so that I don’t sound monotone and people aren’t being like, well, she’s just saying the same things that everybody else is saying.
9
00:00:08,000 –> 00:00:09,000
Frank Cilluffo [00:03:36]: And along those lines, you talked about sort of AI cascading failures. And can you unpack that in a layman’s terms initially and then we can jump into some of the more technical discussions?
10
00:00:09,000 –> 00:00:10,000
Madison Horn [00:03:50]: Sure. Well, I’m coming from the lens of obviously critical infrastructure, where your institute focuses. And so when I think about cascading failures is I think about the interdependencies of critical infrastructure. And what does that even mean? So within critical infrastructure, then water needs electricity, electricity needs telcos, and healthcare needs all three. That’s right, exactly. And so when I think about a failure in the electric system, and I’m talking about just like lights going out, then what that shuts down. Going down from a technical perspective, then I don’t think that a cyber attack is necessarily going to look the same as perhaps, let’s just say file share going down or not being able to access it, or ransomware that’s, you know, holding data hostage, it’s going to actually interact within the physical world.
11
00:00:10,000 –> 00:00:11,000
Madison Horn [00:04:43]: Again, because of the geopolitical climate and because of the rise of AI and it supplementing the fact that, you know, we do have a workforce that is overloaded and so automation is being used for us to get to that point of more of a proactive security posture. It’s a good and a bad. But if we’re saying that AI agents are going to have access to to or the ability to create new identities, to access ticket systems, to grant permissions, then that is a set of, that is a capability that we haven’t necessarily experienced a major breach or any type of failure around. And so that was where I focused some of my predictions in 2026.
12
00:00:11,000 –> 00:00:12,000
Frank Cilluffo [00:05:31]: And you mentioned that some of these will not look like cyber attacks, which I think is part of it. I mean, I think we can say with confidence all conflict is going to have a cyber dimension to it. But increasingly you’re looking for the outlier, not necessarily the norm. And if you don’t understand the norm, game over potentially, right? Or it’s a little late to get into that. So what does that mean that, that, when you say they won’t look like cyber attacks?
13
00:00:12,000 –> 00:00:13,000
Madison Horn [00:06:01]: I used to have to apologize for saying this because I used to be a part of a red team, but hackers are lazy.
14
00:00:13,000 –> 00:00:14,000
Frank Cilluffo [00:06:08]: Some of them.
15
00:00:14,000 –> 00:00:15,000
Madison Horn [00:06:09]: Hackers are lazy. And I mean that not to be offensive, but if you can reach your objective, reaching the lowest hanging fruit, then you’re going to. Why do I say that in the context of your question, like, why are cyber attacks going to look different? We are seeing within the world of critical infrastructure this pre positioning that we have really just been monitoring that pre positioning by Chinese activists.
16
00:00:15,000 –> 00:00:16,000
Frank Cilluffo [00:06:37]: Volt Typhoon and the like.
17
00:00:16,000 –> 00:00:17,000
Madison Horn [00:06:38]: Exactly, exactly. And what they’re doing is they’re mapping out networks. They are learning the way of the land. What type of access, what type of pressure points are there?
18
00:00:17,000 –> 00:00:18,000
Frank Cilluffo [00:06:50]: They’re living off the land too.
19
00:00:18,000 –> 00:00:19,000
Madison Horn [00:06:51]: Yeah, yeah. And so how does that connect to hackers are lazy? Well, if you understand that a process is allowed, then you’re not necessarily having to leverage that exploit that took hours and hours and hours to develop. Right? Now you have agents that we have already talked about that have escalated access and, or privileges and, or are operating as humans. And so now all you have to do is figure out, well, what are the commands that agent is gaining? And so I think it’s going to look like a very, very basic type of like, process that’s going to make it, if you looked at a dashboard, like if you were in a SOC, you’d be like, everything looks normal. But there’s going to be something that’s just a fraction of a degree off. And the agent is going to say, this is normal business operations. Or it’s within that threshold of like, good and bad.
20
00:00:19,000 –> 00:00:20,000
Madison Horn [00:07:44]: But to a human, we’re going to be like, man, I think that’s off. But trust the robot. Right? Because which one’s smarter, me or the computer? And you go, well, the computer probably. I didn’t sleep that much because my kid was awake or whatever. Right? And so I just think that attacks are not going to look as restricting and as loud. I think it’s going to look just like business as normal until we see something in the physical world.
21
00:00:20,000 –> 00:00:21,000
Frank Cilluffo [00:08:12]: And you know, there are historical examples along these lines. During World War II, when we weren’t in the cyber world, but we were dealing with radars and jamming and the like, how often did the systems not work? So you just want it to be subtle enough that you think it’s just another glitch, it’s just business as usual, that it’s not working right. But meanwhile you were actually owning the system. And another point that I think you raised that’s really important is we’re never going to have full security. That’s a pipe dream. But if you make it hard enough to go to an easier target, you’re going to get those lazy hackers going to those easier targets. That doesn’t mean exquisite capabilities where you have all sorts of intelligence from Russia, China, Iran, North Korea and others won’t, won’t target you. But, but for the most part that is probably the direction it will go.
22
00:00:21,000 –> 00:00:22,000
Frank Cilluffo [00:09:09]: And you know, the dependence on AI and other technologies. To your point, most people probably trust them more because they’re moving faster and quicker and everything else. But what are some of the concerns there?
23
00:00:22,000 –> 00:00:23,000
Madison Horn [00:09:27]: The cyber industry is moving to a place that is much more mature. While basic security hygiene is like not sexy, it is what’s going to keep you safe. And I think the best way, majority of the time. But where I see it becoming the most mature is kind of this realization that yes, I’m going to get breached and so how do I ensure that I’m just containing that blast radius? I think basic cyber professionals have understood that for a very long time. But where we really have needed that buy in and that sense of understanding is that both the goal post is always moving because of new technology being introduced and, or new infrastructure being introduced, is getting that buy in across organizational teams, but also all the way up to our boards and to our C suite. But I really just wanted to kind of give kudos to the industry in some of the maturity that we’re seeing. And part of that is people starting to become more understanding of their role in cyber and taking their own level of ownership in saying okay, from my day to day responsibilities, what are the vulnerabilities that I introduce as a developer, as a supply chain manager, as an HR individual from a hiring perspective? Maybe I am an AI developer that’s not even worried about cyber. I’m just trying to create a new sexy cool tool to alleviate Jessica’s role in name that department.
24
00:00:23,000 –> 00:00:24,000
Madison Horn [00:11:05]: Exactly. That’s a non technical role.
25
00:00:24,000 –> 00:00:25,000
Frank Cilluffo [00:11:08]: And that is the case in most new technologies. Cybersecurity is an afterthought. And honestly to be able to innovate, you want to be able to try to get out in front of it. But we need to start asking some of those questions. And one of the points you brought, and I found it very insightful, is AI supply chain is going to eclipse zero day exploits. Help me understand that, help our viewers and listeners understand that.
26
00:00:25,000 –> 00:00:26,000
Madison Horn [00:11:36]: So I mean when I think about just the supply chain in general or just the way that I think about the upstream of AI in general, then we gotta define what that is. And that is the data that feeds it, that’s the prompts and the training that we do to help create what is that agent’s responsibility and kind of its thresholds. I don’t think it’s going to necessarily be a zero day that’s created in the wild. It’s going to proliferate across an entire, let’s say, sector because we’re seeing so many organic AI agents being deployed that it’s probably going to be something that an internal AI developer created for a specific, again, kind of function that’s a vulnerability that’s discovered through some of those tactics that we’ve already kind of talked about. Hackers kind of living off the land understanding that internal developers may not have the same level of controls as maybe a sophisticated organization. And so it’s probably going to be some type of like homegrown type of tool.
27
00:00:26,000 –> 00:00:27,000
Frank Cilluffo [00:12:42]: And when you think about it, we have hard enough a time getting our arms around supply chain, just having visibility into our supply chain. And third order, fourth order, fifth order effect is really hard to do. But those same challenges have an AI dimension to it. Right? And that could be a game changer. If it’s, if you’re baking it into the design that you don’t know what the norm looks like and you don’t know what abnormal looks like, you’re potentially in trouble. Which risk worries you most right now? Data poisoning? Model manipulation? Plugins, agent tools, or all of the above?
28
00:00:27,000 –> 00:00:28,000
Madison Horn [00:13:22]: Yeah, I’m going to say agent tools because they’re built on top of each other. Right? And so when I think about the ability again in the access they’re going to have and the ability for them to create new users and create new identities and the workflows that they’re going to create and the access that that requires, that’s what scares me. You know, it’s, it’s very, it’s fine for AI to hallucinate. We almost expect it to do so. But it’s totally…
29
00:00:28,000 –> 00:00:29,000
Frank Cilluffo [00:13:54]: People do too.
30
00:00:29,000 –> 00:00:30,000
Madison Horn [00:13:54]: Yeah, people do too. But when the AI says, hey, here’s a cool piece of candy that I’ve poisoned. Would you like to have it? I would never poison you, Frank. But that’s what I worry about is just people assuming and trusting that AI tool is doing what it’s supposed to and not necessarily understanding or being able to detect that it’s doing something malicious.
31
00:00:30,000 –> 00:00:31,000
Frank Cilluffo [00:14:17]: When thinking about AI, let’s unpack what all those elements are for some of our viewers and listeners that aren’t thinking about it technically every day. But what does that look like?
32
00:00:31,000 –> 00:00:32,000
Madison Horn [00:14:29]: Sure. You know, I think that when folks play with AI, then they’re like, oh, ChatGPT is awesome, but they don’t necessarily understand, like, the entire AI supply chain and how you get to, you know, Claude or how you get to an agent. And so, you know, how do we get there? You have these back end databases with all this data tagging saying, hey, this is the data that I have given the agent. That is the access to all the information around Skittles and that is your data tagging, Skittles. The other data tagging is this is Hershey’s chocolate. Okay, great, Hershey’s chocolate. We are building an agent for candy, by the way.
33
00:00:32,000 –> 00:00:33,000
Frank Cilluffo [00:15:10]: Sounds good.
34
00:00:33,000 –> 00:00:34,000
Madison Horn [00:15:10]: The other piece of it…
35
00:00:34,000 –> 00:00:35,000
Frank Cilluffo [00:15:11]: Literally and figuratively.
36
00:00:35,000 –> 00:00:36,000
Madison Horn [00:15:12]: Literally, exactly. The other layer of that is going to be. Okay, what are your rules and your thresholds? Okay, well, is chocolate red? No, that’s my Skittles. And so that’s your data tagging, that’s your classification. Now we’re learning our boundaries and some of the details around it. So when you think about the supply chain of AI potentially getting manipulated, then think about it for an asset inventory, for critical infrastructure. So if you’re leveraging AI for inventory, and we go to our basic little analogy here about candy and we say, hey, AI agent, I need you, you manage all of these routers and we have classified them as critical. All right, let’s go back to our candy. Candy is red. And our permissions and the rules in our tuning have said, okay, if it’s red, that’s a Skittle and it tastes like cherry. Okay.
37
00:00:36,000 –> 00:00:37,000
Frank Cilluffo [00:16:11]: And from a scaling perspective, I think back to poisoning of Halloween candy. Literally.
38
00:00:37,000 –> 00:00:38,000
Madison Horn [00:16:16]: Yeah, yeah, yeah.
39
00:00:38,000 –> 00:00:39,000
Frank Cilluffo [00:16:17]: Real or perceived.
40
00:00:39,000 –> 00:00:40,000
Madison Horn [00:16:18]: I’ve already poisoned you today. Ok.
41
00:00:40,000 –> 00:00:41,000
Frank Cilluffo [00:16:19]: Exactly. So here you have the ability to do it at scale, right?
42
00:00:41,000 –> 00:00:42,000
Madison Horn [00:16:23]: So if you change something in that model or if you give it information that’s incorrect, then that agent is going to act differently within that environment.
43
00:00:42,000 –> 00:00:43,000
Frank Cilluffo [00:16:30]: And it’s trusted.
44
00:00:43,000 –> 00:00:44,000
Madison Horn [00:16:31]: Exactly. It’s a trust agent. It’s going to perform a different action, but the human behind it is going to assume that it’s normal. And going back to like, you know, when we said, hey, what are you scared of? Or you know, your question around do I think that, why do I think that an attack in 2026 is going to look like business as usual and, or it’s not gonna look like a cyber attack. It’s because of those little simple changes of saying, hey, the variant of red is just slightly different. Right? That’s gonna cause crazy downstream impacts long term.
45
00:00:44,000 –> 00:00:45,000
Frank Cilluffo [00:17:07]: And how do you discern? How do you, so I have a soundbite that I constantly go to. There’s certain decisions I only want someone who swore to the US Constitution to make that a human being with responsibility and accountability and allegiance has to make. How do you get out in front of this and make sure that certain decisions that are critical to our economy, our public safety, our national security, how do we get our arms around that?
46
00:00:45,000 –> 00:00:46,000
Madison Horn [00:17:41]: You’re asking me a philosophical question.
47
00:00:46,000 –> 00:00:47,000
Frank Cilluffo [00:17:42]: And that’s a $64,000 philosophical as well as technical discussion.
48
00:00:47,000 –> 00:00:48,000
Madison Horn [00:17:47]: We’ll answer it here and then we’ll have a drink downstairs and finish it.
49
00:00:48,000 –> 00:00:49,000
Frank Cilluffo [00:17:50]: Sounds good.
50
00:00:49,000 –> 00:00:50,000
Madison Horn [00:17:51]: So, I mean, it’s so silly and people at home are probably going to roll their eyes about two things because, yes, fast pace wins all races, but I would say with AI adoption, especially in the world of critical infrastructure, then slow and pacing yourself is going to win the race, from my perspective. There are so many organizations that are more funded. They’re not necessarily defined as critical assets that we can learn as far as lessons learned. And I would say the tech community, the cyber community aren’t, they’re used to the technology hype cycle, right? And they understand…
51
00:00:50,000 –> 00:00:51,000
Frank Cilluffo [00:18:33]: And doomsday and everything, seems to always go to these.
52
00:00:51,000 –> 00:00:52,000
Madison Horn [00:18:38]: And so I think that we really do need to trust our cyber professionals. And I say that word trust because I think that we’re seen as individuals who are kind of like these doomsdayers because we’re like, hey, I know she wants her PO when really like, no, we’re just wildly passionate about preserving these communities who are very, very, very susceptible and, or understanding that critical infrastructure is the new frontier of warfare. But what is the leave behind? Slow and steady wins the race. Keeping a human in the loop and ensuring that, you know, our developers and anyone involved in that process is documenting to a point where we’re understanding that it can be audited. You know, we’re going to experience, you know, a regulatory like whiplash in the AI space. And so while right now then it’s, you know, it’s in its infancy stage, you know, I would go to an extreme and say just make the assumption that the regulation is coming and that will help kind of get our arms around like what are the do’s and the don’ts that we’re learning in real time.
53
00:00:52,000 –> 00:00:53,000
Frank Cilluffo [00:19:54]: Yeah, no, that’s, that’s thoughtful. And we tend to, you name the topic. Not just cyber, not just critical infrastructure, not just AI. But it’s normally something really bad happens, then we fix that. We base all of our strategy and policy on that. And quite honestly the world has already taken, has moved on from, from what that is. How, how do we, what do you think the right, so there is a balance between regulation, non regulation because I mean we also want to out innovate everyone in this space. What do you think that looks like? So what does thoughtful discussion, what should that entail here?
54
00:00:53,000 –> 00:00:54,000
Madison Horn [00:20:38]: The basics. Someone from every part of that value chain sitting at the table. You know, I think that it’s, we are very privileged to be able to sit here in D.C. You know, we have so many intellectual people that sit here and have conversations and want to solve these wicked problems, but there’s always someone missing in the room. And what do I mean by that? Just was at an amazing event that is our community. Our community, the cyber nerds, the policymakers, the think tanks and the research institutions and some of the product vendors. But operators are missing from the room and that’s because they are hella busy trying to keep the grid up. Right?
55
00:00:54,000 –> 00:00:55,000
Madison Horn [00:21:20]: But at the same time, how are we closing the gap in ensuring that policy regulation is right sized and new regulation can be brought in, old regulation can be pushed out. It can actually be, it actually can be applicable in some of the environments in which the regulation is intended to be applied. And so my first is ensuring that everyone has the room to solve that problem.
56
00:00:55,000 –> 00:00:56,000
Frank Cilluffo [00:21:50]: And that gets hard though because everyone is impacted. And what is common sense is not always common either. Right? So I do worry a little bit that we had well intended cybersecurity professionals pop up and you had a patchwork of different regulations. So at some point we need to get it all together. And I’m not sure what that looks like and I’m not asking you to answer that here now, but I don’t even know who should set that table to make sure everyone has a seat at it. Is it the White House? Is it executive branch agencies? Is it state and local? What are your thoughts on that?
57
00:00:56,000 –> 00:00:57,000
Madison Horn [00:22:32]: Oh, my God.
58
00:00:57,000 –> 00:00:58,000
Frank Cilluffo [00:22:32]: Or all of the above.
59
00:00:58,000 –> 00:00:59,000
Madison Horn [00:22:33]: Yeah. I mean, you know, going back to everyone has a seat at the table. You know, obviously CISA was stood up ideally to kind of be that orchestrator for the critical infrastructure space. I think there are, you know, I don’t think that anyone is malicious with an idea. It’s the execution of that idea.
60
00:00:59,000 –> 00:01:00,000
Frank Cilluffo [00:22:55]: Exactly.
61
00:01:00,000 –> 00:01:01,000
Madison Horn [00:22:56]: And then it’s…
62
00:01:01,000 –> 00:01:02,000
Frank Cilluffo [00:22:56]: I share that.
63
00:01:02,000 –> 00:01:03,000
Madison Horn [00:22:57]: Yeah. And then it’s the unfortunate reality of like, egos can kind of get in the way or everyone wanting to have their idea kind of adopted. And so I guess my call to action is like, be okay if your idea is not adopted. Be excited that you’re part of the table or you’re at the table. But who and how? I do just for the sake that we don’t have patchwork regulation across the United States, I don’t think…
64
00:01:03,000 –> 00:01:04,000
Frank Cilluffo [00:23:26]: Which we’ve seen in other, including cyber.
65
00:01:04,000 –> 00:01:05,000
Madison Horn [00:23:29]: Cyber, data policies, you name it, then we see it. Even to, you know, social things. Right? Whether that be health care, et cetera. I think the way that it should work is state and local level. Right? They’re the ones that are with their operators or their rural utilities should be bubbling things up to a centralized point. And that’s a bidirectional communication.
66
00:01:05,000 –> 00:01:06,000
Madison Horn [00:23:52]: So it’s like, hey, here’s an idea. Does that, is that an outlier or is that something that we’re seeing across all 50, 51 states around the United States? Or is this just, you know, a weird, quirky thing in Oklahoma? Right? And then vice versa. What are we seeing? What’s the feedback that we’re hearing from operators and the things that they need? That’s the way I would handle it.
67
00:01:06,000 –> 00:01:07,000
Frank Cilluffo [00:24:15]: And you also write about the invisible plumbing, which, and the hidden layers which we discussed here. And beneath the apps, beneath all the tools, even the cloud itself. What should we be paying attention to there?
68
00:01:07,000 –> 00:01:08,000
Madison Horn [00:24:32]: Oh, my God. Went from regulation to state structures. Yeah, no, I like it. I like it.
69
00:01:08,000 –> 00:01:09,000
Frank Cilluffo [00:24:38]: But they all come together. Or they should.
70
00:01:09,000 –> 00:01:10,000
Madison Horn [00:24:39]: They do to save the world.
71
00:01:10,000 –> 00:01:11,000
Frank Cilluffo [00:24:41]: Unified. Yeah. Unified theories.
72
00:01:11,000 –> 00:01:12,000
Madison Horn [00:24:43]: Yeah. It’s so funny. I don’t know if you’ve talked to Rob Joyce, but him and I were…
73
00:01:12,000 –> 00:01:13,000
Frank Cilluffo [00:24:47]: We’ve had Rob on. Yes.
74
00:01:13,000 –> 00:01:14,000
Madison Horn [00:24:48]: We were on a podcast here recently, and he has an absurd or amazing Christmas decorations that he has. And so he was talking about this, like, control system that, that basically orchestrates the whole thing. I would never scan any type of QR code that he has outside of his house, who knows what’s going to happen? But when I think about AI or we’re talking about the hidden layers, then I think about the control layer. And so our management systems, what is in control and how are we giving things access? That’s what I think about as the first. The other is the, our sensor layer and just our data pipelines because that ultimately sets the baseline of what is holding us to truth.
75
00:01:14,000 –> 00:01:15,000
Madison Horn [00:25:38]: Whether that be pressure sensors of saying what’s their temperature and the monitoring that’s going back up. So those are the things that I would be concerned about the most.
76
00:01:15,000 –> 00:01:16,000
Frank Cilluffo [00:25:49]: And when you were at Southern Company, I guess some of this technology was very nascent. But what would you be advising utilities to be thinking about right now in this space?
77
00:01:16,000 –> 00:01:17,000
Madison Horn [00:26:00]: Sure. So loved, loved, loved my time at Southern. Note that I was a contractor there, I wasn’t a full time employee. Loved my team and they taught me so, so much. I mean I was like just getting my feet wet in cyber. With AI specifically, then I’m going to go back to my initial conversation and they kind of, they get it. Slow and steady wins the race. Keeping human in the loop. They’re trying to solve the same wicked problems that other organizations are.
78
00:01:17,000 –> 00:01:18,000
Madison Horn [00:26:33]: And that’s really the way that AI is breaking identity. How do you get your hands wrapped around the fact that AI has the capability of hosting and managing 27 different francs and even redefining what identity means, non human identity and educating people out? Because I think if you go to someone who’s not necessarily a technical asset, then they’re going to say, oh well, I followed the process with my credentials for this set of systems. But they’re going to forget that they created an agent for some automated workflow that had access to whatever file share, and so it’s the identity problem. Socialize it, define it. Also kind of defining what securing AI means. In my mind it’s like four different categories. It’s using AI to defend and then it’s defending AI. Right, exactly.
79
00:01:18,000 –> 00:01:19,000
Madison Horn [00:27:39]: And then how do you actually defend the infrastructure that is AI? And those are very, very important categories because they require their own sets of programs, their own sets of controls, their own stakeholders, etc.
80
00:01:19,000 –> 00:01:20,000
Frank Cilluffo [00:27:57]: Which is hugely complex because I think DC is coming to some awareness in industry and others. To be AI dominant, you need to be energy dominant. The challenges are not just the data centers, but it’s actually securing the AI itself and, and that is a difficult set of issues because it gets into the poisoning you mentioned, it gets into, it gets into a whole lot of different, different layers. And what are one or two things you’d like to see come out of, come out of where we’re starting to sort of get to that? And I know it’s not as simple as a race, because it’s not, but it’s one we cannot afford to lose. And I do worry autocratic regimes, it’s easier to implement some of these things that we struggle as societies trying to figure out what’s the right approach to take. But what are a couple of things you’d like to see the US Government do?
81
00:01:20,000 –> 00:01:21,000
Madison Horn [00:28:56]: Oh, man, you’re going to get me in trouble. What would I like to see the US Government do? You know, we keep, I think, having the conversation about private public partnership, but there’s so much tension between the two and distrust, and it’s not necessarily intentional distrust. Everyone is really trying to move collectively together, but everyone has different responsibilities. And so I would love, love, love to see those two relationships really start functioning and moving together more, especially as we’re starting to see more cyber responsibility with the private sector. And I’m very, very proud of the private sector in the way that they’ve really took ownership. But what would I like to see? I mean, we talked about it just a little bit around like the regulation, harmonization.
82
00:01:21,000 –> 00:01:22,000
Frank Cilluffo [00:29:53]: Synchronize.
83
00:01:22,000 –> 00:01:23,000
Madison Horn [00:29:54]: Yeah, that needs to happen. I think that would be a huge win.
84
00:01:23,000 –> 00:01:24,000
Madison Horn [00:29:58]: And I think that given the amount of individuals that have come out of the US Government and that are coming into the private sector, then we’re in a really cool, sweet space to solve this just because of the collaboration and the weirdly natural way that, again, kind of the public sector is bleeding into the private sector, that’s going to educate the private sector in a different way.
85
00:01:24,000 –> 00:01:25,000
Frank Cilluffo [00:30:21]: Well said. I like to call it moving from information sharing to operational collaboration because I don’t know where one stops and the other begins and vice versa. And for the average citizen, it shouldn’t matter. They need the lights on. They need to make sure that the economy continues to flow as it should, that our public safety systems are working as they should, that our hospitals and EMS and everything to get to that is operating as it should. But easier said than done, obviously. But you also write, and I know we’re coming near the end of our time, but quantum. So we threw AI out there, had a great discussion around that.
86
00:01:25,000 –> 00:01:26,000
Frank Cilluffo [00:31:02]: You also sort of foot stomped and put a very strong statement in your piece to Nextgov on post quantum encryption. And by the time people realize it may be too late. I don’t want to put words in your mouth, but talk quantum for a second.
87
00:01:26,000 –> 00:01:27,000
Madison Horn [00:31:19]: Yeah, I mean, I guess I didn’t say it out loud, but I did put it in words, so you’re not putting words in my mouth. That’s okay. You know, I don’t say that again to kind of be the cyber professional that’s like, if you don’t do it, we’re all doomed.
88
00:01:27,000 –> 00:01:28,000
Frank Cilluffo [00:31:33]: Actually this one, if we lose, we are doomed.
89
00:01:28,000 –> 00:01:29,000
Madison Horn [00:31:36]: We are kind of doomed. Yeah. But I hate to come from that place because I think with every single technology revolution, then that’s kind of like the hype cycle that we go on.
90
00:01:29,000 –> 00:01:30,000
Frank Cilluffo [00:31:48]: You’re right.
91
00:01:30,000 –> 00:01:31,000
Madison Horn [00:31:48]: And so that warning is just say, hey, let’s pay attention. Right? And if we know that the day is coming, that let’s not, it’s that silly, funny, Mike Tyson quote that everyone has a plan until they get punched in the face. Right? And so if you have a plan, we’ve got to kind of start that planning process. And I think that we’re kind of still recoiling or trying to understand AI, and so I just don’t want quantum to get lost into the AI conversation.
92
00:01:31,000 –> 00:01:32,000
Madison Horn [00:32:20]: And so, and people are trying to do the predictions like, when is Q Day coming? And I love that we’re calling it Q Day because it’s, you know, 20 or it’s 2035. I heard 2028, which is only a couple years down the road. And we’re still trying to figure out and get our hands wrapped around inventory. We’re trying to get our hands wrapped around, you know, identity. And so, you know, as we’re going through understanding the way that we’re leveraging AI, then I think there’s some of those basic type of audit processes that we’re doing that we could almost do, like, quantum readiness assessments throughout that same process. We don’t necessarily have to have the solution today to understand what ready may look like. And so that’s why I made the statement is I just don’t want to get lost.
93
00:01:32,000 –> 00:01:33,000
Frank Cilluffo [00:33:09]: And we can’t take any of this for granted. We have to continue to invest and think, and, and I mean, I go back to 9/11. Many would say it was a failure of imagination. It wasn’t, we didn’t see what was coming. And this one, we know it’s coming. The question is, are we ready for it or can we shape it? And in very simplistic terms, what do you think the implications could be if we’re not ready?
94
00:01:33,000 –> 00:01:34,000
Madison Horn [00:33:40]: You know, I liked the statement. And you gave me a really, really nice visual when you say people take critical infrastructure for granted. You know, when I wake up in the morning, I drink my coffee and then I brush my teeth or sometimes I forget to brush my teeth, but I still make my coffee, I still have to turn the water on. And I think that we forget that behind that water faucet and behind the infrastructure in our home, that’s the piping, that there are a number of people behind that to ensure that one, the water gets to my house, that water is clean, or it’s been purified and tested, et cetera. And so if we get it wrong, which is the reason that we are so passionate about this specific area, is that it could cause widespread chaos. And I don’t mean chaos in the sense that oh, no, my Twitter account doesn’t work. Or like, oh, Instagram went down today, that sucks. Or you know, name that app that makes my life convenient.
95
00:01:34,000 –> 00:01:35,000
Madison Horn [00:34:43]: We are going to see, unfortunately, communities fail or the loss of life or we are going to see, and you know, I don’t want this to turn into a political conversation, but you know, the activity that we saw in Venezuela was the first time that we saw the United States signal that critical infrastructure was game on for global conflict. Yes, we have seen critical infrastructure being used as global conflict, but as the leader of the free world, for us to signal it, it’s a big deal. And so the things that I worry about is are we ready? And our boards, our executives, really thinking about how susceptible they are, why, and their responsibility as global citizens to protect our communities.
96
00:01:35,000 –> 00:01:36,000
Frank Cilluffo [00:35:39]: Well said. And I just recently testified on Offensive Cyber and I do feel we need to be public about some of our capabilities because that serves as a deterrent.
97
00:01:36,000 –> 00:01:37,000
Madison Horn [00:35:50]: Sure.
98
00:01:37,000 –> 00:01:38,000
Frank Cilluffo [00:35:50]: But if we’re going to punch and I think we have to do some of that, we better be able to absorb punches. And I think that’s a legitimate set of issues and in a national security sense and disagree with me, but if we lose, if we lose out, say China has massive breakthroughs around quantum, basically the SIGINT business, signals intelligence business we know today is OBE. It allows one to crack everyone’s and ensure your own communications are secure. That’s a bad day. So it may not be the end state, but it’s everything that gets to that end state as an enabler that could be frozen or paralyzed. So to me, we need to invest in some of these technologies. And again, I don’t like the simple win, lose, but that’s not a race we can afford to lose.
99
00:01:38,000 –> 00:01:39,000
Frank Cilluffo [00:36:50]: Madison, what questions didn’t I ask that I should have?
100
00:01:39,000 –> 00:01:40,000
Madison Horn [00:36:52]: Wait. I’m trying to figure out what I get to disagree with you on.
101
00:01:40,000 –> 00:01:41,000
Frank Cilluffo [00:36:55]: Please do. Please. I love it.
102
00:01:41,000 –> 00:01:42,000
Madison Horn [00:36:57]: No, I mean, this has been like a, I really appreciate the dialogue and just letting us kind of take the conversation in so many different directions. You know, knowing that your audience is our folks, you know, on the Hill, policymakers, you know, my call to action is like, hey, we’re here to help. We really are. All ego aside, we are here to collaborate. We’re here to act as a conduit and so leverage us, I guess would be like my comment. And it’s going to take individuals showing up again across that entire value chain from the operators that operate the national grid around the United States or the folks that operate the water facilities. Bring them to the table, ensure that they’re a part of that process.
103
00:01:42,000 –> 00:01:43,000
Madison Horn [00:37:50]: And I think us truly understanding that we are here for a single mission and that is one of U.S. security. And I think once we can distill that, then there’s trust automatically built. Egos can be checked at the door and we can get to progress.
104
00:01:43,000 –> 00:01:44,000
Frank Cilluffo [00:38:08]: Madison, very well said. Thank you for spending so much time with us today. Thank you for fighting the good fight. Really appreciate all you do. So let me leave you with the token, figuratively and literally, of our appreciation, our coin. And thank you so much.
105
00:01:44,000 –> 00:01:45,000
Madison Horn [00:38:22]: Yeah, absolutely. Appreciate it.
106
00:01:45,000 –> 00:01:46,000
Frank Cilluffo [00:38:23]: Thank you. Thank you for joining us for this episode of Cyber Focus. If you liked what you heard, please consider subscribing. Your ratings and reviews help us reach more listeners. Drop us a line if you have any ideas in terms of topics, themes, or individuals you’d like for us to host. Until next time, stay safe, stay informed, and stay curious.