AI enhances agency threat detection and speeds cyber response

Artificial intelligence is helping federal agencies accelerate threat detection, respond to incidents more precisely and provide new ways to proactively defend against attacks, according to two chief technology officers working in the government marketplace.

For the U.S. Department of State, the success and increasing role of AI is reflected in the extent to which AI and machine learning are being embraced by senior leadership as an essential tool for automating security processes and fostering faster decision-making, said Chief Technology Officer Glen Johnson in a FedScoop interview.

“The good news now is…we’re getting to the point where budgets are now allocated to specifically artificial intelligence. We have a chief AI officer, we have a responsible AI official, and we have a CTO for AI — myself,” said Johnson. “The second thing is that we have sponsorship at the highest level. For AI projects in the department, the Department of State has two deputy secretaries, one for policy, one for management and resources [who] collectively review all the AI cases…and set the priorities to maximize the value,” he said.

One area where “artificial intelligence is making a huge difference right now…is improving the accuracy of [cybersecurity threat] detections,” added Steve Faehl, federal security chief technology officer at Microsoft Federal.

“We’re getting to the point where these AI detections are substantial and accurate to the point where disruptive automation can now be utilized as a part of the artificial intelligence. We recently published information about ransomware campaigns that we have proactively disrupted within moments after the attack, really diminishing and mitigating any possible impact with the organizations that had the ransomware,” said Faehl.

“Because we’re able to have a very high-fidelity detection, with some new advancements in AI, we’re able to feed automation and disrupt those campaigns in real-time. And this really gives the defenders a strategic advantage and asymmetric advantage for the first time in cyber history where attackers have to go hands-on-keyboard, but defenders do not,” he said.

Moving forward with AI will require a greater commitment to employee education, however, said Johnson.

“We have an enormous challenge in terms of education — educating our workforce, particularly our executive leadership, because a lot of these improvements that we can achieve through artificial intelligence require that we do things differently, that we make different judgments, that we accept certain risks,” he said.

Learn more about how Microsoft helps agencies meet federal cyber requirements.

This video panel discussion was produced by Scoop News Group for FedScoop and underwritten by Microsoft.