Agencies are expected to include more artificial intelligence (AI) applications on their budget “wish lists” this year.
Federal agencies are expected to submit their budget requests to Congress in September, detailing the funding they’ll need to meet their missions for fiscal year 2018. One trend that Congress can expect to see is requests for AI applications to automate cybersecurity processes, according to Thomas Jones, Federal systems engineer at Bay Dynamics.
“You’re going to see a big focus on AI because it reduces overhead and the number of people needed,” Jones said.
Other types of cybersecurity monitoring programs send several alerts whenever they detect dangerous behavior on the network. Often, there are too many alerts for IT professionals to pay close attention to each one. AI applications can learn to detect the most critical alerts and send only those, while taking care of any other minor problems automatically.
The Federal government also needs AI applications because of the shortage of Federal cybersecurity employees.
“There’s just too many cyber jobs in the Federal government and not enough people,” Jones said.
Jones said that President Donald Trump has begun to focus on the IT workforce shortage by discussing how to improve higher education so that more students graduate with technical degrees and the right expertise to work for the Federal government.
“The administration is probably beginning to look at that in terms of investing,” Jones said.
Jones said agencies should ask for cybersecurity resources that will help them manage a risk-based cybersecurity program. For example, agencies should look at what applications are the most critical to achieving their mission, finding out what their risks are, and developing solutions to protect them.
“It’s finding out what your crown jewels and are finding out what the risks are to the crown jewels,” Jones said.
Jones said that the National Institute of Standards and Technology (NIST) is working on a risk management guidance that agencies can use to inform their cybersecurity decisions. Many agencies have begun to form risk-based cybersecurity plans by evaluating their systems.
Jones said legislation like the Modernizing Government Technology (MGT) Act will drive focus toward IT issues within agencies and emphasize the importance of funding these projects.
“Knowing your environment well enough to assess risk tends to involve a lot of heavy lifting,” Jones said.