AI’s ability to monitor user characteristics such as gait, keystrokes or work habits so that administrators can be alerted as soon as something out of the ordinary happens, which could signal a breach.
Advances in automation also help agencies make sense of threat intelligence and free the security team to focus its efforts on solving more complex cybersecurity challenges. However, many Americans
are wary about the use of AI and its implications for privacy.
In a survey conducted by the Center for the Governance of AI, researchers wrote that “Americans express mixed support for the development of AI. After reading a short explanation, a substantial minority (41 percent) somewhat support or strongly support the development of AI, while a smaller minority (22 percent) somewhat or strongly opposes it.”
Agencies are taking action to address those concerns in concert with private-sector experts and members of the public. For instance, the National Science Foundation is partnering with Amazon on the Program on Fairness in AI “with the goal of contributing
to trustworthy AI systems that are readily accepted and deployed to tackle grand challenges facing society.”
And the National Institute of Standards and Technology is asking federal agencies, the private sector and academia to weigh in on efforts to formulate technical standards for AI.
Building a more secure workforce
Despite changes in the cybersecurity landscape, users remain a key point of vulnerability. Experts cite the proliferation of unapproved devices connecting to agency networks and the increasing sophistication of phishing attempts as vectors for attack
— not to mention the boom in internet-of- things devices that lack built-in security features.
“Hackers are able to get past military- grade firewalls since they no longer have to battle their way through the network,” according to an article published in Forbes earlier this year. “Instead, they find it much easier to detect a poorly protected or managed endpoint device.”
Therefore, it is essential that agencies
have comprehensive visibility into their networks (whether on-premises or in
the cloud) so that they can manage the performance and security of an increasingly complex IT environment. Zero-trust strategies are one way that agencies can protect resources by limiting user privileges. The goal is to safeguard high-value assets while supporting employee productivity and collaboration, especially as the government workforce becomes more mobile.
The draft Federal Data Strategy recognizes the important role that employees must play in security, and it highlights the need to develop appropriate skills across the federal workforce. “Data- driven decision-making requires not only accessible, high-quality data but also a workforce with adequate knowledge of data security practices and data skills...
to leverage insights from data while also safeguarding protected information,” according to the action plan for the strategy.
Balancing the need for access with the need for security is an ongoing challenge, and government agencies must continue to use every tool at their disposal.
88%
Public-sector organizations that have experienced at least one cyberattack in the past two years
33%
IT security practitioners
who said their organizations are effective in reducing the risk from unapproved apps and devices
64%
Organizations that experienced successful attacks launched at their endpoints in 2018
$17.4B
Proposed cybersecurity spending in
the Trump  2020 budget request
82%
Survey respondents who believe robots and/or AI should be carefully managed
Sources: Center for the Governance of AI, Ponemon Institute, Tenable, White House
SPONSORED CONTENT S-33