Several Defense Department (DoD) officials highlighted the potential impact of artificial intelligence (AI) for cybersecurity efforts on Thursday, starting with the department’s information security chief, who emphasized AI’s ability to enhance threat detection and response capabilities.
During his keynote session on Oct. 24 at the AFCEA Tech Summit in Washington, D.C., DoD Chief Information Security Officer David McKeown emphasized that advanced AI systems, such as large language models (LLMs), could significantly enhance the department’s efforts in threat detection and response in its cyber operations.
“LLMs … can help … [search] through your inventory data, your list of vulnerabilities, and then help pinpoint and take action on things,” McKeown said. “I think that’s a great way ahead.”
McKeown highlighted the Perceptor program as a successful example of how AI can improve cybersecurity and operational efficiency.
The DoD’s Chief Digital and Artificial Intelligence Office (CDAO) developed Perceptor – a government-owned, Booz Allen built AI/ML deployment platform optimized for scalable model inference, model management and orchestration, and robust AI/ML monitoring – originally built for cyber threat monitoring operations.
“The Army has been piloting this program. Bringing in AI training models and dropping them into this scaffolding, and then you connect it up to your data source and connect it up to your scene,” McKeown said. “It did good there [and] we believe that is a good construct.”
But despite CDAO’s initial success with Perceptor, AI for cyber defenses “are still very disparate efforts throughout the department,” he added.
“We need to centralize this in a better way, where we have a center of excellence that’s doing all the model training, keeping the models up to date, removing all the threat, and then pushing those models out … so that they can be implemented in your environments,” McKeown said.
During a separate panel discussion fellow DoD officials echoed McKeown’s comments about leveraging AI to aid in the department’s cyber defenses.
However, Tony Bland, chief engineer for the National Geospatial-Intelligence Agency’s Maven Program, explained that while it may seem exciting, agencies must start small.
“Let’s start with things that are going to save us time. These technologies are proven to help us automate some of those less complex, more time-intensive tasks. Let’s align with that, and then determine how we can use this in more complex areas,” Bland said.
Garrett Berntsen, the DoD deputy CDAO for Mission Analytics, explained that while caution is necessary for any new technology, being overly cautious to the point of lagging in progress on the world stage is problematic.
“We must test and pilot and really need to gain experience using these systems. I’m concerned we will move too slowly, and that risk shouldn’t keep us from testing and piloting, because that’s how we learn and gain confidence in these systems,” Berntsen said. “My concern is that we assess for too long and don’t start using these things, which means we miss the window to gain experience and improve the way we operate.”