As Federal agencies work to mature zero trust environments and stay ahead of the next big threat, fusing AI with more traditional cybersecurity strategies may be key for progress.
During a May webinar, two NVIDIA computing experts explained how the company has transformed itself in recent years into a full-stack firm, with a range of high-performance software applications. Chief among them, said NVIDIA Solutions Architect Jen Lombardo, is NVIDIA Morpheus, the company’s open-source AI cybersecurity framework, which she said, “harnesses the power of GPU computing to help protect your networks in a way that’s never before been possible.”
Focusing on the Department of Defense (DoD) and intelligence community (IC), Lombardo described how agencies are undergoing a transition similar to the company’s own.
“The DoD and IC have long been oriented towards hardware, chips, planes, and tanks and now, these agencies are trying to make the leap towards becoming software-intensive enterprises,” she said at the webinar, Rethinking Zero-Trust: An AI-Based Approach to Cybersecurity, adding that senior defense officials are emphasizing that “in order to maintain a competitive advantage, our cyber defenses must be top priority.”
There is intense interest in the application of AI for cyber use cases, but at the same time recent MeriTalk research has found that many Federal agencies are struggling to move AI projects beyond the pilot phase.
Lombardo and Killian Sexsmith, NVIDIA’s senior developer relations manager, explained that the Morpheus zero trust platform employs machine learning to identify and act on threats that were previously impossible to identify, including phishing attacks and malware.
Calling the framework “accelerated computing and AI for cybersecurity,” Lombardo and Sexsmith said Morpheus performs all of these functions at exponentially rapid speed – data analysis that is 600 times faster than CPU-based alternatives, with improved accuracy and threat detection.
“New methodologies” and “new frameworks” are needed to meet the Office of Management and Budget’s zero trust implementation guidance issued to Federal civilian agencies in January, Lombardo said. This would require agencies to achieve a specific list of zero trust security goals by the end of FY 2024.
That’s where Morpheus comes in, Sexsmith said.
Diving into the details, he said a key feature that differentiates Morpheus from other platforms is how it confronts phishing attacks. “What if we could analyze the entire raw body of the email?” he said. “What if we could look at both syntax and semantics of the text in analyzing not only the words … an attacker uses, but also how they structure the email? What are the subtle variations from legitimate emails that we could detect?”
That’s exactly what Morpheus can do: analyze the entire body of an email, something that Sexsmith said is out of reach for many systems, primarily because of computing limits. The result, he said, is far more efficient detection of phishing attacks.
The same efficiency extends to Morpheus’s fraud-detection system, which uses AI to better detect patterns across malicious transactions, Sexsmith said. Across the board, he added, the Morpheus framework – which NVIDIA first unveiled last year – detects and reacts faster to cyber threats, all while allowing developers to write “orders of magnitude less code.”
These features, Sexsmith and Lombardo said, are especially needed at a time when the growing threat of increasingly sophisticated cyberattacks makes the transition to zero trust more important than ever.
Access the full presentation here.