WASHINGTON, D.C. — Today, House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew Garbarino (R-NY) delivered the following opening statement in a hearing to examine the Department of Homeland Security’s (DHS) responsibilities related to the Biden administration’s new Executive Order (EO) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI) through DHS’s Cybersecurity and Infrastructure Security Agency (CISA). Watch full hearing here.

Watch Chairman Garbarino’s opening statement in a Subcommittee on Cybersecurity and Infrastructure Protection hearing entitled, “Considering DHS’ and CISA’s Role in Securing Artificial Intelligence.”

As prepared for delivery:

Thank you to our witnesses for being here to talk about a very important topic: securing artificial intelligence, or AI. I’m proud that this Subcommittee has completed thorough oversight over CISA’s many missions this year from its federal cybersecurity mission to protecting critical infrastructure from threats. Now, as we head into 2024, it’s important that we take a closer look at emerging threats and technologies that CISA must continue to evolve with, including AI.

AI is a hot topic today amongst Members of Congress and Americans in every single one of our districts. AI is a broad umbrella term, encompassing many different technology use cases from predictive maintenance alerts in operational technology to large language models like ChatGPT, making building a common understanding of the issues difficult. As the general curiosity in and strategic application of AI across various sectors continues to develop, it’s vitally important that government and industry work together to build security into the very foundation of the technology regardless of the specific use case.

The Administration’s Executive Order, or EO, is the first step in building that foundation. DHS and CISA are tasked in the EO with (1) ensuring the security of the technology itself and (2) developing cybersecurity use cases for AI. But the effectiveness of this EO will come down to its implementation. DHS and CISA must work with the recipients of the products they develop, like federal agencies and critical infrastructure owners and operators, to ensure the end results meet their needs. This Subcommittee intends to pursue productive oversight over these EO tasks.

The timelines laid out in the EO are ambitious, and it is positive to see CISA’s timely release of their Roadmap for AI and internationally-supported Guidelines for Secure AI System Development. At its core, AI is software and CISA should look to build AI considerations into its existing efforts rather than creating entirely new ones unique to AI. Identifying all future use cases of AI is nearly impossible, and CISA should ensure that its initiatives are iterative, flexible, and continuous, even after the deadlines in the EO pass, to ensure the guidance it provides stands the test of time.

Today, we have four expert witnesses who will help shed light on the potential risks related to the use of AI in critical infrastructure, including how AI may enable malicious cyber actors’ offensive attacks, but also how AI may enable defensive cyber tools for threat detection, prevention, and vulnerability assessments.

As we all learn more about improving the security and secure usage of AI from each of these experts today, I’d like to encourage the witnesses to share questions that they might not have the answer to just yet. With rapidly evolving technology like AI, we should accept that there may be more questions than answers at this stage. The Subcommittee would appreciate any perspectives you might have that could shape our oversight of DHS and CISA as they reach their EO deadlines next year.

I look forward to our witnesses’ testimony and to developing productive questions for DHS and CISA together here today.  

###