AI Technology in National Security Initiatives

Why collaboration is key—and how to make it happen now and in the future

October 12, 2021

Presidio Federal Top 9 Moments of 2021

December 22, 2021

November 11, 2021

High-Ranking Military Man holds a Briefing to a Team of Government Agents and Politicians, Shows Satellite Surveillance Footage.

Clark Anderson, Presidio Federal Security Solutions Architect, recently spoke as part of the GovernmentCIO AI National Security series, providing an industry perspective. His remarks covered the potential threats from artificial intelligence to information systems. He highlighted the coming threats to keeping data confidential (especially with legacy systems) and the relentless and well-funded attempts by hackers to infiltrate and access data. Integrity of communications can also be distorted to an adversary’s advantage with Deepfake tools. Not surprisingly, the same AI techniques used to penetrate government information systems can also be used to degrade and disrupt accessibility to mission critical systems.

Machine Learning is Maturing

The AI subset of machine learning for security is benefiting from heavy industry investment and is maturing rapidly. Machine learning can distill the few significant events in a sea of unimportant alerts by finding subtle patterns that would be missed using existing log analysis techniques. However, machine learning systems take some time to be configured to your specific environment. ML also needs vast data sets to learn from, and the set of log data available at individual agencies may not be large enough for ML to be effective. The recent Executive Order to expand the type and amount of data logs collected and sharing these logs with CISA to create a larger data set may improve this situation for federal customers. When discussing AI-based security tools, Clark acknowledged the issues that large and small government agencies have with budgets and staffing.

Planning Ahead is Possible

Machine Learning tools to defend the future federal network are seeing rapid maturity and new innovative approaches. While it is hard to plan for the types of threats AI brings given future unknowns, fundamental network redesign is needed to meet both today’s threats and the challenges of a future AI-enabled attack. Agencies need to transform their networks to create a harden environment by vastly shrinking the ability for an intruder to get in, move around, and get anything out. Planning for cloud adoption is an ideal time for this re-design and the tools to support this re-design are available today. If those steps are taken, as future AI threats emerge, agencies will be prepared with networks designed to adopt new AI capabilities that counter threats.

Changes to Make Now:

Embrace the principles of Zero Trust, Micro Segmentation, and limiting access to only what is required. Protect data by assuming all requests for access to anything is an intrusion attempt until proven wrong. And remove all passwords for users, admins, and software and require secured access. Eliminate ANY way for data to leave your cloud or prem without explicit permission.
Improve your code pipeline beginning with acquisition. Insist any software entering your environment has been designed with security baked in and know where it came from.
Realize your legacy applications may not adapt to newer security requirements. Plan for a tech refresh.
Plan and budget for future security costs. A typical federal budget for security is only 4% of the IT budget and that is not close to what is needed to protect from an AI future.