The TechnologIST | Q&A with Applied Trust and Safety Team on TrustCon
Institute for Security and Technology (IST)
Uniting technology and policy leaders to create actionable solutions to emerging security challenges
Welcome back to The TechnologIST! I'm Sophia Mauro . In this month's edition:?
Spotlight on Trust & Safety: IST at TrustCon
IST’s Applied Trust & Safety Initiative team members?Eric Davis, Senior Vice President for Special Projects, and Fatima Faisal Khan,?Associate for Ecosystem Trust & Safety, headed to TrustCon last week.?What exactly is TrustCon? What were some of?Eric and Fatima's key takeaways from the conference? And what?is IST up to in the?field of trust & safety? In this month’s newsletter, I sit down with Eric and Fatima to learn more.
Eric Davis : “TrustCon is unlike just about any other tech conference (and I’ve been to more than I care to count!). This is the third year of TrustCon, the premiere global conference for Trust & Safety professionals, put on by the Trust & Safety Professional Association (tspa.org). I’m a founding advisor to the TSPA and have participated in the conference each year. In 2022, there were about 35 sessions. This year there were 150 sessions, and, once again, it was a sold out show. An unfortunate conference success metric is the number of times you want to attend multiple panels simultaneously.?
The rapid growth of TrustCon underscores both the need for this type of conference, as well as the great leadership of Charlotte Willner, the TSPA Executive Director, and the rest of the TSPA team. This year felt like a milestone, with Trustcon at an early age on its way to settling in as an institution.
From the time you enter the registration area, you start to pick up on the enthusiasm of conference participants and volunteers. People are happy to be there and are enjoying reconnecting with folks in person, for goodness’ sake. The closest comparisons are probably DEF CON and some of the smaller community-driven security conferences. Like such events, TrustCon is a bit of a release valve, a gathering of like-minded true believers, with a strong community and a “summer camp” sensibility, although the energy is different from my DEF CON experiences.
At first glance, an observer noting people dressed casually and in homemade TrustCon gear, custom bracelets and t-shirts, probably wouldn’t match them with the TrustCon sessions, such as Whole-of-Sector Approaches to Countering Terrorist Use of the Internet; Cross-Sector Collaboration for Tackling Online Child Sexual Exploitation and Abuse; Indirect Swarming & Its Potential Threat to Democracies; The Convergence of Violent Extremism – Facilitators, Manifestations, Threats;?and?The Co-Evolution of Cybercrime and Safe Browsing Over the Last 2 Decades. I think that the dichotomy (which is really not a dichotomy) is as fitting a representation of TrustCon as any.”
Fatima recently joined IST as our Associate for Ecosystem Trust & Safety. Welcome! Can you tell me a little bit more about your background in trust & safety? What led you to IST??
Fatima Faisal Khan : “Thank you! Like many in the trust and safety field, I found my way here somewhat serendipitously. Growing up with the internet, I was academically fascinated by how online communities shape identity through ideological and psychosocial support systems. My curiosity led me to explore these dynamics further, especially as I spent several years working on human rights issues faced by defenders in online spaces during the Covid pandemic. This period underscored the importance of maintaining healthy online spaces as crucial for human rights, akin to our physical world.
This realization propelled me to Notre Dame, where I delved into deliberative technologies and user-first pro-social design approaches for online platforms. My fellowship at Wikimedia allowed me to engage with editor communities on issues of disinformation and electoral propaganda in South and Southeast Asia. IST’s Applied Trust & Safety Initiative offered the perfect marriage of all my research interests. I'm thrilled to be here and eager to connect with the T&S community and engage in meaningful projects. During such a pivotal year due to numerous elections and evolving AI regulations, I'm excited about the impactful work IST has planned in this space!”
After attending TrustCon last week, what are some of the key trends you’re seeing in the trust & safety space? How does your work at IST play into these trends?
Fatima: “There’s no escaping the significant impact that AI, particularly generative AI, has had on the trust and safety field, and this was a recurring theme throughout the panels at TrustCon. Key trends include discussions on elections, combating CSAM (Child Sexual Abuse Material), new tools, and signal sharing. The latter, in particular, stood out to me.?
During one panel I attended, panelists emphasized the importance of making tools accessible across the industry and adapting them to new technological advancements as we move forward. The panel highlighted how fostering a strong open-source culture and well-documented mechanisms can create a space and opportunity to emulate the cybersecurity model.
There are ongoing efforts, such as the Tech Coalition’s Lantern initiative, that also reflect impactful cybersecurity models. Similarly, IST is launching a project to study, plan, and catalyze an operational hub for T&S practitioners to facilitate signal and intelligence sharing and collaboration across the industry, modeled in part on the Information Sharing and Analysis Center (ISAC) approach. This initiative will be crucial in advancing collaborative efforts and enhancing the overall safety of online platforms.”
Eric, you moderated the TrustCon panel, “2024 Elections and AI Case Studies: Beware the Six-Fingered Man” with Diane Chang, Alexis Crews, and Swapneel Mehta.?Halfway through 2024, how exactly has AI impacted this “Year of Elections”—and how will it continue to make an impact in the months to come??
Eric: “At present, the impact is unclear. So far, it’s been difficult to distinguish causation from correlation. What we do know is that AI has been embraced, in both conventional and unconventional ways, as a tool for disinformation and propaganda by state actors and others seeking to manipulate election outcomes. Moreover, research increasingly demonstrates the manipulative capabilities of deepfakes.
In addition to the conventional use of deepfakes denigrating candidates, we expect to see the continued use of generative AI to improve the public image of controversial politicians. Some of the latter will be overt, such as using cuddly avatars, while some will be more subtle, involving slightly altered versions of candidates in recorded speeches or wittier versions answering questions online. This area requires further research: at what point does continued exposure, even knowing something is inauthentic, start to influence a person’s sense memory and perception of the actual candidate?
As problematic as deepfakes are, they’re also shiny objects that can distract from other malign uses of AI in elections, such as more sophisticated and distinct content for synthetic news sites and social media account personas. Likewise for emerging issues that aren’t yet on the radar – we’re effectively still in early days.”
In addition to moderating a discussion on the impact of AI on 2024 elections, you also participated in a TrustCon panel on election integrity best practices. What are some of these best practices??
Eric: “A few examples of best practices:
领英推荐
Elsewhere at IST
IST and the Cyber Threat Alliance, along with co-signer Chainalysis, submitted comments this month in response to CISA’s Notice of Proposed Rulemaking on the Cyber Incident Reporting for Critical Infrastructure Act. Our response to the NPRM draws from the Cyber Incident Reporting Framework, a joint effort led by IST and CTA which was submitted to CISA as part of the initial RFP for implementing this legislation and rulemaking.?
On July 19,?Deputy Director for Nuclear Policy Sylvia Mishra and Technology Policy Analyst Christian S. moderated a webinar with the authors of “Improving Nuclear Hotlines: Relevance and Use Cases.” Panelists Dr. Rabia Akhtar , Manpreet Sethi , Dmitry Stefanovich , and Dan Zhukov unpacked their briefs assessing the status of crisis communications in nuclear-armed states and took questions from the audience.?
IST in the News
CyberScoop50 awards nominate IST’s Megan Stifel and Taylor Grossman!
Every year CyberScoop, a leading source of government and cybersecurity news, nominates 50 cybersecurity leaders in government and the private sector to be recognized for their service. This year, two members of the IST team are nominated! Make sure to cast your vote for Deputy Director for Digital Security Taylor Grossman for Most Inspiring Up and Comer, and Chief Strategy Officer Megan S. l for Cybersecurity Visionary.
Megan Stifel on IST’s response to CISA’s proposed cyber reporting rules
As the CIRCIA comment period came to a close, some private companies urged CISA to rethink its proposed reporting rules, citing confusing and overly broad rules. Speaking with the Wall Street Journal, Megan S. reflected on the industry response, drawing from IST’s own interactions with critical infrastructure companies. “I think there’s common ground, and a recognition that we need to have this reporting,” she said.
Conversations on Critical Infrastructure
The latest from Hack the Plan[e]t
Hack the Plan[e]t, hosted by IST Senior Adjunct Advisor Bryson ?? Bort , explores the critical infrastructure systems that we rely on every day, asking whether connecting these systems to the Internet leaves us more vulnerable to attacks by our enemies. In its fourth season, IST is excited to produce the podcast alongside ICS VILLAGE !
Joe Marshall is a Senior IoT Security Strategist at Cisco Talos Intelligence Group. When Russia invaded Ukraine in 2022, Joe helped coordinate a multinational, multi-company coalition of volunteers and experts to find a technological solution. In this episode, Bryson and Joe sit down to discuss Joe’s efforts in Ukraine, how he got the go-ahead from Cisco leadership, and more.
For three years, Mark Montgomery served as Executive Director of the Cyberspace Solarium Commission, created by congressional mandate to develop strategic approaches to defending against cyber attacks. Now, he directs CSC 2.0, an initiative that works to implement the recommendations of the Commission. In this episode, Bryson and Mark talk about Mark’s time at the Commission, his pitch for a Cyber Force, and the politics of cybersecurity and the latest cyber policy.
What We're Reading
Want more tech and security content? Check out some of the ISTeam's favorite pieces from the past month:?
The Institute for Security and Technology designs and advances solutions to the world’s toughest emerging security threats. It is a nonpartisan, nonprofit organization?based in the San Francisco Bay Area dedicated to solving critical international security challenges through better technology and policy. Donate today to support our mission.