DOD Helps Lead the Way on Cybersecurity Automation
Wendi Whitmore, vice president of IBM X-Force, which focuses on incident response and threat intelligence, tells Nextgov that although the costs of data breaches in the U.S. public sector is likely higher than average, federal agencies are leading the way on cybersecurity automation and orchestration.
“Anything working under U.S. Cyber Command, which is much of the military, is a fantastic example,” Whitmore says.
The Defense Department and military branches have worked hard to develop security automation best practices, Whitmore says.
This year’s version of IBM’s annual “Cost of a Data Breach Report,” released July 29,
was the first time the study could analyze how cybersecurity automation tools affect the cost of data breaches, Whitmore tells Nextgov. Up until now, such tools were not widely deployed enough to observe their impact.
The DOD is looking to continue its use of cybersecurity automation technology. The Defense Innovation Unit in July issued another transaction agreement for a new prototype that will bring an “intelligent decision automation platform” to the Air Force Network, FedScoop reports.
The tool uses an older form of artificial intelligence, and “instead of creating large neural networks based on data, uses advanced probability-based mathematics that simulates decision-making,” FedScoop reports. The publication adds that if the pilot is successful in the Air Force, it could be scaled across the military.
The Benefits of Cybersecurity Automation in Government
Experts outside the government are lobbying for increased investments in cybersecurity automation. Brandon Shopp, vice president of product strategy at SolarWinds, argues that leveraging AI and machine learning tools can help agencies mature their approach to cybersecurity.
“AI and ML allow security teams to be more effective with the resources they have,” he writes in GCN. “Next-generation automated security technologies can complete tasks such as identifying potential threats, detecting unauthorized behaviors, applying intelligence to qualify incidents, countering and blocking attacks before execution, stopping unauthorized movement of data and more. As AI and ML become more prevalent in the security marketplace, agencies can evolve their cybersecurity architecture to respond to changing digital threats.”
Organizations that have invested in automation and orchestration have much lower costs for data breaches: $2.45 million versus over $6 million for those that did not, Whitmore tells Government Technology.
“And from that perspective, you can very easily map out to government and the federal sector in terms of them, probably outside of maybe the financial services industry, “ Whitmore says, “certainly they’ve made the most investments in cybersecurity and in technologies that allow them to orchestrate the protection and defense of their environment and then certainly automate the technologies they’re using to do just that.”