Tech Trends: Federal Agencies Adopt AI Capabilities for Threat Detection

Government authorities are deploying artificial intelligence for cyberdefense.

Mickey McCarter is managing editor of StateTech magazine.

In a previous role as a federal cyber warfare training systems director, CDW Government Federal CTO Peter Dunn used to dissect malicious code and determine how to manipulate and work with it. Thanks to that experience, Dunn sees significant opportunities for federal agencies to deploy artificial intelligence to detect malicious threats and alert operations to respond to them.

But federal agencies face a significant learning curve when it comes to AI, Dunn says. They must understand what data their organizations possess and how to use AI to manage and protect that data. They must get data fundamentals right before they can truly capitalize on AI advancements.

“At the end of the day, people must know that AI is not there to replace jobs; it is there to aid them. It’s also there to enhance capabilities or take some of the tedious work off people’s plates and allow them to get to important tasks that require their time,” he says.

Click the banner below to begin developing a comprehensive cyber resilience strategy.

x-cyberresillience4-static-2024-na-desktop

x-cyberresillience4-static-2024-na-mobile

Federal security operations centers face a very high volume of threats, and this can make it difficult for government security operations centers to determine which incoming malicious activity truly constitutes a threat and which poses a low risk. And now, just as AI augments SOC capabilities, it also enhances malicious activity.

“Everyone was loving ChatGPT because it was easy. It can make all of our lives easier. But it now has widened the threat landscape,” Dunn says. “You have data that’s out in the wild that shouldn’t be in the wild. Deepfakes may be harder to detect. Generative AI has enhanced things for the good guys and also for the bad guys.”

“AI is only as smart as the person that uses it. AI is no more than a conversation between you and a computer,” he adds.

Build on AI Strengths for Efficiency in Cyberdefenses

Because AI can do repetitive tasks faster than humans, it can scan databases quickly and flag relevant information for threat response, Dunn says.

“In the past, you would have to look across different databases and examine multiple ingest points. You would compare and contrast data intelligence points. But AI can simply do this for you.”

In December, the nonprofit Center for Cybersecurity Policy and Law published a white paper, “Public Sector AI Governance: Build on Existing, Strong Foundations.” For the white paper, the center surveyed government officials to explore how they are using AI systems. In doing so, it identified a few prevalent federal uses of AI cyberdefenses.

Federal agencies must foster interagency AI collaboration.”

Peter Dunn Federal CTO, CDW Government

“The U.S. government is already using off-the-shelf technology integrated with AI tools and systems. A widely used example includes the use of AI-enabled spam filters, which can enhance email security by identifying unwanted emails and protecting users from phishing attempts and other malicious content,” the white paper notes.

The AI-enabled spam filters improve efficiency, conduct high volumes of repetitive tasks on behalf of humans, increase accuracy, pinpoint data through clearly defined criteria and reduce false positives, the report says.

Federal agencies will continue to amplify AI use for threat detection, but agencies aren’t yet ready to harness it for threat response, Dunn says.

“The problem is that there’s too much of a trust factor for allowing automatic response. It’s not like a firewall. A firewall is an open door or a closed door. When you start allowing AI to manipulate systems, you are allowing it to manipulate data. And many organizations do not have mature data management,” he says. “If there’s a threat detected by an AI system, the AI system can perhaps trigger notifications. It can bring people in disparate locations together in a collaborative way in response.”

Upskill Employees and Foster Interagency Cooperation

The biggest things any federal agency can do to improve its capacity to harness AI power is to invest in AI skills and to hold robust AI conversations with other agencies, Dunn recommends.

“Federal agencies must keep investing in AI talent. They’re not going to fully leverage AI-powered systems unless they upskill their workforce, whether that’s internally or externally,” he says.

“Federal agencies must foster interagency AI collaboration. Many government organizations operate in a vacuum. Each organization across the board deploys an individual solution. But shadow IT arises when an organization wants to do something and they cannot wait due to time or money or communications, and so they build it themselves. To avoid some of these historical challenges, federal organizations must foster interagency collaboration.”

The Center for Cybersecurity Policy and Law agrees with Dunn’s outlook. It suggests that one area of interagency cooperation should be agreement and synchronization of the roles and responsibilities of a chief AI officer to help set AI priorities and synchronize AI applications across the federal enterprise.

UP NEXT: Shadow AI presents real threats to agencies.

ATHVisions/Getty Images