Feds Cautious Embrace of AI as ML ‘Arms Race’ Looms
Often on the trailing edge of technology adoption, government agencies are slowly embracing artificial intelligence as a way to thwart constant cyber attacks on federal networks.
Paradoxically, cyber experts note that the rise of AI and machine learning could be turned against defenders as hackers use machine learning to thwart detection models.
According to a study underwritten by IBM (NYSE: IBM), just over half of federal IT managers cited cyber defense as the top AI application, followed by data analytics (45 percent) and risk management (26 percent). The survey released earlier this month by MeriTalk, a public-private partnership that promotes federal IT modernization, also found that about half of U.S. agencies are contemplating AI deployments to counter cyber attacks while 41 percent have a “formal AI cyber strategy in place.”
The problem, the IBM-sponsored study notes, is that agencies spearheading AI deployments are reluctant to be the first to roll out their strategies.
If and when they do, government IT managers are prioritizing automated tools for detecting security breaches or hacking attempts. AI tools are also seen as a better way to anticipate and thwart cyber attacks as more government infrastructure moves to the cloud. Meanwhile, 46 percent of respondents said they are using AI technology in their cyber defense training efforts.
“We monitor IT trends like AI and data analytics, to provide us with indicators of where the technology marketplace is investing and can expect significant advancements,” Frank Konieczny, the Air Force’s chief technology officer, told surveyors.
Indeed, the Defense Department along with U.S. intelligence agencies is among the first federal agencies to deploy modern IT infrastructure that can take advantage of emerging technologies like AI. For example, the Pentagon launched an AI effort in April called Project Maven aimed at accelerating DoD’s integration of big data and machine learning into its intelligence operations. The first computer vision algorithms focused on parsing full-motion video are scheduled for release by the end of the year, according to Lt. Gen. John Shanahan, DoD’s director of defense intelligence.
Among the other leading AI applications, the study found, are monitoring online activity and deterring insider threats. Automation tools could be used to detect suspicious activity such as the downloading of large data volumes or analyzing suspicious user behavior.
Along with the updated IT infrastructure needed to support AI and machine learning technologies, federal agencies are also waiting for the bureaucracy to produce guidance or policies on AI adoption and usage, the survey notes. Hence, with the exception of accelerated Pentagon AI effort, most federal agencies are reluctant to take the lead in rolling out AI deployments.
“Agencies are informed” about AI, “but anxious,” the survey concludes.
As federal agencies and large enterprises look to enlist AI and machine learning to counter cyber threats, security firms are predicting an “arms race” between defenders and attackers. Cyber security specialist McAfee Labs this week noted the rise of “adversarial machine learning” as hackers increase efforts to disrupt machine-learning models.
Hackers “will certainly employ machine learning themselves to support their attacks, learning from defensive responses, seeking to disrupt detection models, and exploiting newly discovered vulnerabilities faster than defenders can patch them,” the company noted in a threat prediction report release on Wednesday (Nov. 29).