Google Cloud Security’s AI Assisted SecOPS Enables Analysts to Holistically Address Cyberthreats

With foreign adversaries using AI in their attacks on the government, cyber defenders can’t get caught flat-footed.

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies.

Google Cloud Security provides federal cybersecurity analysts ready access to some of the latest artificial intelligence capabilities for detecting the increasing volume of AI-enabled threats and responding automatically.

AI helps protect government systems and sensitive information by automating threat detection, analyzing massive amounts of data and responding to incidents quickly. Cyber analysts can proactively respond to incidents with AI when the technology is built into platforms like Google Cloud which are already approved by the Federal Risk and Authorization Management Program.

Government systems protect personally identifiable information, financial records, critical infrastructure and national security, which foreign adversaries — who have their own AI toolsets — want to access or damage.

“Whether it’s the DOD, intelligence or civilian, a lot of federal agencies have been trying to defend our nation’s security with antiquated systems,” says Pete Burke, federal field CISO at CDW Government. “And with legacy ways of vetting technology, it can take a long time to introduce new solutions into their environments.”

SUPPORT: Your agency's cyber analysts deserve the latest AI from Google Cloud.

The Double-Edged Sword That Is AI in Cybersecurity

AI has emerged as both a best friend and archnemesis to cyber analysts, who need to understand how modern tools can assist their work.

Historically, cyber defenders could easily identify the region where an attack originated by spotting patterns such as work schedules, which gave them an edge over their adversaries. That’s not the case with AI-supported attacks.

“The threat actors are getting smarter,” Burke says. “They are utilizing AI tools to scale their attacks and to automate a lot of what they’re doing.”

Bad actors use AI to mask activity, cover their tracks and execute attacks more quickly.

“You’re not limited by a human’s ability to put in commands,” Burke says.

Click the banner below to dive into CDW's latest cloud research.

On the flip side, AI is great at helping cyber analysts make sense of large data sets.

“In the past, it’s been a very manual process to go through logs and do investigations,” Burke says. “AI can look for keywords, look for activities and string together different behaviors. That becomes a force multiplier.”

Google Cloud’s AI Assistant Is Customized for Cyberdefense

Google Cloud puts the power of AI into the hands of government cyber teams. What’s more the platform is cloud-agnostic, meaning it functions in all major cloud environments.

A large language model supports Google’s AI assistant, Gemini, which has been customized for cyber use cases.

“Gemini can look through different records, things like log data,” Burke says. “It can automate a lot of those manual tasks.”

Gemini can look through different records, things like log data. It can automate a lot of those manual tasks.”

Pete Burke Federal Field CISO, CDW Government

Putting security information in a data lake makes this process easier for agencies.

“That changes the game for cyber because it takes your visibility from 30% or 40% closer to 90%.”

In addition to these custom-built uses, Google Cloud’s AI includes tools for managing security validations; security information and event management; and security orchestration, automation and response. AI-driven Google SecOps empowers security teams to better detect, investigate and respond to threats, “and the built-in AI assistant is going to tell you if you have misconfigurations or other vulnerabilities within the environment,” Burke says.

By automating the most labor-intensive cyber activities, Google Cloud’s AI drives efficiency and effectiveness, freeing analysts to focus on the most significant threats.

“It used to take hours to go through multiple systems to figure out what was even going on. Google Cloud will take that information and give you a real-time assessment of what’s happening,” Burke says. “It also gives you the ability to go back retrospectively, and if it finds something from an earlier date, it’s able to infer what next steps are needed and to make suggestions about how best to defend against that activity.”

UP NEXT: AI looks backward, so people can look forward.

Brought to you by: