Anne Neuberger on AI: ‘We have to challenge ourselves to be first’

The Click Here podcast caught up with Anne Neuberger, the former White House deputy national security advisor for cyber and emerging technologies, on the sidelines of this year’s Munich Security Conference. 

Neuberger helped set cyber policy for four years during the Biden administration — everything from helping hospitals beset by ransomware attacks to setting up a kind of good housekeeping seal for cyber secure products. In Munich, we focused on artificial intelligence, including China’s DeepSeek surprise and how AI will play a role in the future world order.

The interview has been edited for length and clarity.

CLICK HERE: Back in January, U.S. financial markets took a big dive after China’s DeepSeek announced that it had built one of the world’s most powerful AI systems using a fraction of the specialized chips that AI companies typically do. It was a bit of a hair-on-fire moment for a lot of people. Do you think that was overdone?

ANNE NEUBERGER: I think DeepSeek showed a very powerful lesson in that they innovated a great deal practically and technically in the way they generated the outcomes and in the cost of that. And I think that U.S. AI companies will be adopting some of those innovations. And adopting them potentially in places that can make a huge difference. 

CH: Some experts say that by restricting China's access to advanced chips, the U.S. ended up simply accelerating China’s incentive to innovate. Do you think that’s true?

AN: I think there's some nuance there in that we know that the export controls on chips certainly have made it harder for China to make advancements. We also know that when there are constraints, constraints often lead to innovation.

So we certainly know that, as a result, China has had to be more creative with regard to how they build more efficient models and how they generate the outcomes they're looking for with the computing constraint. And frankly, I think we really need to focus on something else… the role data, specifically high value data — training sets — in particular fields that lead to significant advancements.

What makes China so capable in AI goes beyond the compute. It goes to, for example, the data they get from millions of Hikvision cameras around the world, generating images that can be used to train facial recognition models. While that can be used domestically in China, we know Chinese tech is deployed around the world as part of China's approach to strategic competition in tech. We have to think about things like that.

CH: And what about the use of AI in cyberattacks? How concerned are you that AI models, particularly those developed outside the U.S., could be used to conduct sophisticated operations against things like American infrastructure? 

AN: So certainly as you think about the steps needed to design and conduct a cyberattack — finding vulnerabilities in code, identifying a target, seeing where that target is vulnerable, and then conducting the attack — whether that's a country, whether that's a criminal for financial gain, AI definitely accelerates any number of those steps. And we're seeing various adversaries do things like build a customized spearphish email. So, certainly, AI makes a big difference on offense.

I personally think, given the delta between offense and defense, it's so much easier to attack than to defend. AI can make a bigger difference on helping cyber defenders if we move out quickly in using AI for the cybersecurity mission.

 CH: So AI can be used to help find patterns that can help tell you something has been generated by AI. Is that what you mean?

AN: I'll give a practical example, and that could apply to text that could apply to images.

So when you think about missile launches and the need to detect a missile launch quickly in order to alert missile defense, one of the hardest parts of that is missile launches are often mobile. They're moved around to be stored and hidden. There are patterns that AI can use to help find where a launch might be, who are the individuals who work on this mission, to help missile defense systems.

So each goes against the other, but certainly anything that's generated by AI from a pattern perspective can be used on the flip side. 

CH: So if you think about the possibility of conflict between the U.S. and China in the South China Sea, for example, AI could have a profound effect on that fight.

AN: Clearly, advanced AI models that are trained on different kinds of ships, different kinds of military practices, military maneuvers, can make a big difference in being able to detect and conduct military operations. So that's a good example of where we can expect to see China applying AI as part of its strategic military planning. 

CH: So in the summer of 2013, National Security Agency contractor Edward Snowden released a trove of NSA classified documents about government surveillance programs, and you were at the NSA as its first chief risk officer shortly after that. What did you learn from that experience that you can apply to the technological advances we’re seeing now?

AN: I saw firsthand the loss of trust by the American people and the divisiveness [that developed] between the government and the U.S. tech sector. That came because technology moved far faster than policy and law — than transparency about how we were using powerful technologies in ways that really mattered to American citizens and ways that mattered to partners around the world. So, I walked away believing that was avoidable and that we had to find a way to work together.

And I think given that in AI the engine really is the private sector, this is upon us as a country to really consider that, from the outset, in the way we deploy AI in the most sensitive domains.

CH: So let me ask you how soon do you think we'll see AI actually playing a decisive role in military strategy, whether through autonomous weapons, cyber operations, battlefield decision making? I know it's starting, but is the U.S. prepared for that shift?

AN: So I want to answer that in the context of the question you asked me earlier about the race and competition between China and the U.S., between authoritarian countries and democratic ones. I think we in the U.S. and other democracies have to ensure that we deploy in a way that retains the trust of our citizens and our allies as a democracy. 

We are in a competition for the future of the world order. And a part of that is who we are and our values as a democracy, as the United States, the home of innovation and someplace that people prize for the combination of that — our values, who we are as a democracy, as well as the power of our country as a home for the most creative work.

CH: And do you think we’ve been creative enough?

AN: Some of the toughest calls I would get in my prior role in the White House was about a hospital being shut down by criminal ransomware actors around the world. And the set of tools we had to fight that, as the United States, had to be rethought, right? The traditional way of looking at cybersecurity, let's be very candid, wasn't working. 

And I think as we look at that and we say, what are the creative approaches we need to do? How do we approach this with the key partners, which are both private sector, both the entities that need to be protected, hospitals, the companies that produce the tech, and then other countries? And how do we do it in the context of the actors involved? 

The set of policy approaches ranged from helping to make hospitals harder targets, helping to ensure that companies who build technology build more secure tech from the outset, so it's easier for hospitals to deploy it. And then saying how do you take down adversaries’ infrastructure? How do you freeze and seize cryptocurrency which is often used to make those payments, and frankly how do you work with governments around the world, because we were all dealing with this?

CH: So you started focusing on the ransomware infrastructure — the choke points?

AN: This is a financially driven problem, and it's a problem of a foreign government giving a web of protection. What are the tools and levers we have there, and then let's move out and try it, and then assess again if needed.

CH: And the financial piece is something law enforcement has been very good at when it comes to traditional crimes. They're just new methods now. Is that the idea? 

AN: You know very well that countering terror financing was a space that the U.S. worked hard, doubled down, and then really had an impact. Cryptocurrency has become the new hawala. It funds all kinds of transnational crime. It is the way that countries launder money, whether it's terror financing, whether it's weapons profiteering, etc. Focusing and doubling down and saying, okay, how do we get better visibility?

How do we work with virtual asset service providers to ensure that, at the very least, funds can be frozen, share bad wallet information, work with foreign governments around the world to help train them in understanding how to do blockchain analysis? All of that work was underway. A big part of it happened under the Counter Ransomware Initiative, which brought together 71 countries to do capacity building and blockchain analysis to put in place anti-money laundering in cryptocurrency, all in parallel to doing that strategic work, practical efforts to put pressure on the really small set of actors doing this work needed to move far faster. 

I view ransomware as closely tied to Russia's hybrid warfare. Russia's creative ways of putting pressure on countries it views as competitors or enemies. That goes from the rise in undersea cable cuts, many of which appear to have been mistakes, to arson and other activity. 

And it certainly goes to the rise in cyberattacks by criminals based in Russia, who have at least been given somewhat of a protective sphere. So, thinking about the continuum of how we defend, how we lock down the most sensitive parts of our country and economy to make them harder targets.

But then also, how do we disable the infrastructure? How do we put pressure on the individuals? How do we look at this in the larger context of country-to-country competition. 

CH: One final question: you've had a little time away. Some time to reflect on all these things you've been working on for so many years. What's your sort of big takeaway now?

AN: So as we think about the larger strategic competition for the future of world order, the competition between the U.S. and China, Russia — an increasingly troubling bad actor in a number of hybrid ways — technology underpins our economies, it underpins our national security, everything we do rides on digital infrastructure. And as we think about that, there's a continuum of how we do whatever we're doing in that space, whether it's using AI for drug discovery or using AI to help drive more efficient, rapid, relevant intelligence collection and analysis for policy makers. 

And I think sometimes we're far more prepared to use advanced technology for our national security missions versus to defend against adversary use of it. We need to be far more agile and quick in trying new policy and defensive approaches, particularly as a democracy, where much of that ends up being a partnership between government and the private sector, because both the space we want to protect and the tech is coming out of the private sector.

So, being far faster in trying new approaches, in policy, is very much needed. And that's really reflecting on that. It’s a call to action for us to be willing to try things, take a pause, explain why, take a pause, see what we learn, and move forward. Versus sometimes carefully deliberating on all of the puts and takes to where it takes us far longer to protect ourselves from an either country or criminal use of advanced technology that impacts companies and that impacts governments in a way we shouldn't be tolerating.

CH: It seems like you're saying we're letting the perfect be the enemy of the good. 

AN: That's a good summary. Sometimes. And reflecting on it, sometimes good enough, with a preparation to always go back and assess and review and consider and do it transparently to explain.