The key to enhancing cybersecurity lies in leveraging AI and machine learning as force multipliers

As cyber threats grow more advanced and government agencies navigate workforce shortages, artificial intelligence shows promise in filling the gaps.

Presented by GDIT | Splunk's logo

The pace of digital innovation is rapidly increasing, and emerging technologies powered by artificial intelligence and machine learning are changing the digital landscape. Alongside advancements, however, come increasingly sophisticated threats. Public sector organizations face a precarious balancing act between embracing new capabilities and defending against evolving cyber threats, all while the nation’s cybersecurity workforce grapples with a shortage of 500,000 vacancies.

The key to enhancing cybersecurity lies in leveraging AI and machine learning as force multipliers. By integrating these capabilities, agencies can improve the speed, accuracy, and efficiency of their cyber defenses, reducing the burden on their workforce. At the core of these defenses are foundation capabilities, including cyber threat intelligence, network detection and intrusion prevention, security incident event management, and vulnerability management. These bedrock defenses work together to help agencies detect, prevent, and respond to threats in real-time, forming a resilient shield against evolving cyber adversaries. 

Leveraging technology as a co-pilot

According to a Gartner estimate, “by 2025, lack of talent or human failure will be responsible for more than half of significant cybersecurity incidents.” And among the 200 federal government leaders across defense, civilian, intelligence and homeland security agencies who were surveyed for the Bedrock Defenses report, 42% highlighted “misconfigurations and human errors” as a significant cyber threat, the highest percentage of all threats. 

While a cybersecurity workforce shortage is a global issue and not exclusive to government, the sensitivity and criticality of government data make it a particularly prime target for cyberattack. Even a limitless talent pool would not resolve shortages, because public sector budgets will always be limited. Instead, agencies can turn to technology to serve as a co-pilot and force multiplier for their human workforces. 

Expanding threat landscapes and attack surfaces increase the burden of defense on cyber analysts and experts, but automation and AI can help provide relief and enable near real-time threat response. As a result, the government cyber workforce can shift from a reactive to a proactive approach, identifying potential attacks before they occur. AI-powered solutions are able to sift through far more data in search of anomalies than human analysts and identify the slightest nuances. 

“It's not like finding a needle in a haystack. It's like looking for a magenta-colored needle in a stack of needles that range from Barbie-doll pink to brick red. And people aren't great at seeing that, but machines are,” said John Sahlin, vice president of cyber solutions at General Dynamics Information Technology, during a GovExecTV event about bedrock defenses. 

Once those nuances are identified, it’s up to the analysts to decide whether they’re concerning enough to follow up or harmless anomalies. The key is creating human-machine relationships where the machines are highly trained to succeed at the right tasks, enabling the analysts to focus on the more complex tasks requiring human intellect.

The impact of AI and automation 

Federal agencies are recognizing the potential of AI and automation as force multipliers, facilitating real-time threat detection and mitigation, network monitoring and defense, and more. While automation supports rote tasks, AI enhances predictive analytics and proactive threat detection. 

Among those surveyed for the Bedrock Defenses report, respondents highlighted the following as most impactful:

Graph showing the impact of AI and automation in cyber defense

Beyond direct cybersecurity management and operations, AI and automation offer other ways to save time and reduce the burden of tedious, time-consuming tasks. Any time savings and relief from mundane administrative work means more time to focus on mission-critical responsibilities. 

AI products are available to summarize large amounts of materials, for example, which can help the existing government workforce absorb new information and bring new staff up to speed. Sometimes the most essential force multiplier is ensuring all personnel are trained on and understand the most up-to-date information as quickly as possible. 

“Thinking about how you can accelerate understanding and searching vast amounts of data and summarizing it very, very quickly into the salient points saves a whole ton of time,” said Paul Kurtz, Splunk’s chief cybersecurity advisor and field chief technology officer, at the bedrock defenses event. 

While agencies begin to embrace the full range of capabilities AI offers, however, they must ensure they don’t forget the other side of the equation: as the U.S. government’s abilities evolve, so do its adversaries. It all comes back to a solid foundation of cybersecurity, the bedrock of defense. Read the full research report to learn more about the greatest challenges in government cybersecurity and the defenses agencies can leverage to mitigate them. 

Learn more about how Splunk is working with defense and intelligence agencies to enhance mission-readiness. 

This content is made possible by our sponsors; it is not written by and does not necessarily reflect the views of GovExec's editorial staff. 

NEXT STORY: GAIN 2024