Public Sector Explores How Artificial Intelligence Might Help with Enhancing Cyber Security Efforts

Artificial intelligence (AI) is capturing the imagination of business and technology leaders in virtually every industry. The promise of technology solutions based on AI is certainly compelling, with potential benefits including greater efficiency, reduced errors, cost savings, enhanced customer services, etc.

One area where AI holds particular appeal—but might not be garnering as much attention—is in defending against cyber security threats. Just as AI can deliver powerful insights and automation to support a variety of business processes, it can help organizations outsmart cyber criminals who are becoming ever more sophisticated in their attack methods.

One market segment—the U.S. federal government—is giving AI a lot of thought from a cyber security perspective. A recent report by MeriTalk, a public-private partnership focused on improving the outcomes of government IT, examines how U.S. federal government IT executives foresee using AI to combat cyber threats.

According to the study, “The Federal Cyber AI IQ Test,” underwritten by IBM, federal IT managers see cyber security as the single biggest opportunity for AI in the federal government. That’s quite a notable finding, given all the potential applications of AI within government operations.

MeriTalk in the fall of 2017 conducted an online survey of 150 federal IT managers familiar with their agency’s AI plans and policies. More than half of the federal IT professionals (59%) select cyber as the first AI application for use at their agency, followed by data analytics (45%), fraud detection (31%), and risk management (26%). 

A large majority of those surveyed (90%) said AI could help prepare agencies for real-world cyber attack scenarios, and 87% said it would improve the efficiency of the federal cyber security workforce.

Most of the managers (91%) said their agency could use AI to monitor human activity and deter insider threats. This includes detecting suspicious elements, detecting large amounts of data being downloaded, analyzing risky user behavior, detecting an escalation in privileges, detecting the first time a user accesses a high-value server, and automatically adding suspicious users to a watch list.

Five years from now, the IT managers estimate that AI could help detect an average of 44% of cyber security breaches or hacking attempts. Nearly all expect AI to help reduce breach detection and response times.

Despite all the promise of AI as a valuable cyber security tool, only 21% of the IT managers queried said they are “very comfortable” with the idea of using AI for cyber security today. And many are not willing to lead the pack when it comes to AI deployment, with nearly half expressing concern about being the first to install AI on the front lines. They would prefer to wait for others to adopt and test AI before forging ahead with deployments.

Against this backdrop, the report said, it’s interesting to note that 54% of agencies have begun discussing the use of AI for cyber security. And of that group, 41% have a formal strategy for integrating AI into their cyber security efforts. Another 53% are working to create such a strategy.

Department of Defense and intelligence-related agencies are significantly more likely than civilian agencies to say they have begun discussing the use of AI for cyber security, the report said.

When asked how they might use AI for security purposes, the top response from all the survey respondents was for detecting breaches/hacking attempts (cited by 70%), predicting threats 64%), uncovering new patterns (51%), training/planning for cyber attacks (46%), automating threat response (42%), predicting human behavior (38%), and correlating industry data and research (35%).

As for “human factors”, those surveyed said AI is more likely to add jobs to the workforce than eliminate them. The managers said AI will allow cyber security workers to react to attacks more quickly, allow them more time for advanced investigations, and improve strategic planning and scenario training.

With the advent of cloud computing, the Internet of Things (IoT), and other next-generation technologies, the federal government's digital footprint is growing at an exponential rate, the study noted. “But as the amount of data explodes, so does the number of cyber adversaries and vulnerabilities in our government’s networks,” it says.

Without the proper resources and capabilities to manually defend against this deluge of cyber attacks, the report said, “artificial intelligence could be the missing link in fully securing our government. And though AI still maintains a futuristic connotation, machine learning and cognitive solutions can have an immediate impact on federal cyber intelligence.”