Automation technologies have helped the Department of Veterans Affairs (VA) stop more than 800 cyberattacks this fiscal year, a VA cybersecurity official said today during the ServiceNow Federal Forum – powered by MeriTalk – in National Harbor, Md.
Bob Cunningham, the executive director for enterprise command operations at the VA, said that leveraging automation has allowed the agency to intercept the attacks before they cause network outages at VA clinics and negatively impact customers.
“When I first started in this position, we had over 1,000 high priority incidents a year,” Cunningham said. “I’m proud to say that from this fiscal year to the end of February, we’ve actually conducted over 800 what we call near misses – that’s catching an event before it had customer impact.”
“We didn’t have that just a couple of years ago. [We’re] maturing that process. That’s 800 less outages that are going to impact the customer,” he continued, adding, “They come to work in the morning, the clinic comes open, they’re able to see the veterans, they’re able to log into their systems and be able to work … The more automation they have the more forthcoming they are.”
“More automation is driving your mean time to detect down,” Cunningham said. “You’re going to have issues no matter what, but the sooner you can find those issues, the sooner they percolate up, the sooner you get the teams working together to fix them.”
Automation helps the Consumer Financial Protection Bureau (CFPB) protect against 10 million targeted threats a day, according to CFPB Chief Information Security Officer (CISO) Tiina Rodrigue.
“By having our aspects all feed into a single pane of glass, we’re able to have full visibility from the procurement front all the way through policy and compliance zone through to the cyber operations,” Rodrigue said. “By having that consolidation, we get away from the fragmented areas of information to truly executable information that we can then orchestrate and automate, and it’s through those integrations that we’re able to consistently, reliably protect.”
Automation, the CISO said, helps agencies identify patterns more quickly and eradicate anomalies.
“The best part about automation is that if it’s a clear, defined, repeatable pattern, you’re able to elevate that into orchestration,” Rodrigue said. “And if it’s something where you need our big, beautiful brains in order to discern what is the next step, you can get to that step fast.”
At the Department of Education, the key to automating tools is data, according to the agency’s CISO within the Technology Directorate Office of Federal Student Aid, Davon Tyler.
“Before we got into the how, we really tried to center on … why do we need to automate,” Tyler said. “And one of the things that we constantly speak to each other about is what data do we have?”
“One of the things that we worked on is really truly integration,” Tyler said. “How do we take the data in other environments and integrate it into a holistic environment so that we can make better decisions so that we can power tools that have AI and automation and really drive forward?”
The Pentagon is focused on the warfighter, and understanding automation is key, the Department of Defense’s Customer Experience Officer Savanrith “Savan” Kong said today. The Pentagon launched this new CX Office in January with an aim to boost customer experience across its broad information technology enterprise.
“The key for us is really understanding where we want to automate and scale things so that we can expedite our ability to deploy new technologies, but also know what that customer workflow is so that we can make the right decisions on what to automate, what to improve, and then what to scale back,” Kong said.
Richard Driggers, the cyber practice lead at Accenture Federal Services, explained several steps agencies need to take to induce not only operational change but also cultural change when it comes to AI and automation.
On the operational side of things, Driggers said organizations need to start investing in AI.
“I also think investing and integrating AI into your workflows is going to be important so start that out, whether it’s an MVP or whether it’s a pilot, but get started now because AI is here – it’s not coming,” he said. “There’s a lot of attention about whether we’re behind the power curve or whether we’re in front of it – we’re certainly not in front of it, so I would get started immediately.”
From a cultural perspective, the cybersecurity expert said agencies need to embrace innovation and promote collaboration. He also noted the importance of taking risks – the theme of ServiceNow Federal Forum keynote Retired Adm. William McRaven’s speech earlier in the day.
“Another very important thing is rewarding risk. Don’t be risk averse,” Driggers said. “You have to be able to take risks. You need to fail, learn fast, and move forward because a lot of this is going to be unknown – the power and the innovation that AI is going to bring to all your mission areas.”