Agencies increasingly dive into AI for cyber defense, acting federal CISO says

Federal agencies are increasingly incorporating artificial intelligence into the cyberdefenses of government networks, and there’s more still to come, acting Federal Chief Information Security Officer Michael Duffy said Thursday.

“We’re at an exciting time in the federal government to see that we’re not only putting AI in production, but we’re finding ways to accelerate emerging technology across the government, across all missions and all angles,” Duffy said at FedTalks, produced by Scoop News Group. In his “role overseeing federal cybersecurity policy,” he said, he is “able to see these at the ground level, as agencies bring excitement and enthusiasm and hope for what they can optimize through artificial intelligence.”

Cyber attackers are moving faster than ever, and on a much larger scale than before, he said. They’re also using technology in new ways. But it’s not all “doom and gloom” when it comes to the cybersecurity of federal networks, especially because of feds’ move toward AI, Duffy said.

“I’m pleased to say that the advancements that we’ve made over the past decade in the federal government have brought us to this point: Agencies are poised now, postured, positioned, to take advantage of new capabilities, bring them into federal agencies and make them work for the mission,” he said.

The next decade is important, and needs a “clear vision” of the available technologies and the threat landscape, “and how AI-interconnected digital ecosystems will both strengthen and strain that defensive posture,” Duffy said.

The focus now is on protecting sensitive information and making sure the government has efficient and secure interactions with the general public, he said. That includes “leveraging AI to identify vulnerabilities at scale,” Duffy said.

He said that will require the government to update a key document on federal information security, the Office of Management and Budget Circular A-130. A Biden administration executive order from January ordered an update within three years, and a June Trump executive order retained that requirement, albeit with fewer specifications about what the update would entail.

But Duffy noted the document had not been updated since the onset of large-scale AI adoption; its last update was in 2016.

In coordination with the federal chief information officer, Duffy said his office was undertaking a review of AI to measure its strengths and limitations. That includes several steps, among them evaluating the best methods of swiftly adopting AI but with safeguards for proper use.

“We’ll assess the existing cyber defense capabilities within agencies and explore cyber-centric AI use cases,” he also said.

“We’re working with CISOs to rationalize their cybersecurity tool stack to ensure individual agencies are well-postured for the evolving threat environment, while identifying opportunities to eliminate redundant and ineffective systems and capabilities to leverage enterprise-wide capabilities and programs — shared services to gain efficiencies and scale, successful AI pilots occurring within agencies,” he said.

And “we’re working with agencies to increase operational resilience as well, and our collective capacity to respond to AI incidents,” Duffy said.