DISA integrates AI tactics to bolster defense cybersecurity – SatNews

In a bid to fortify the United States Department of Defense’s cybersecurity infrastructure, the Defense Information Systems Agency is harnessing the power of artificial intelligence (AI) through strategic integration.

DISA Chief Technology Officer Steve Wallace shed light on the agency’s initiatives during a recent interview.

“We are actively collaborating with industry and within the department to seamlessly integrate AI into our defensive posture. This involves ensuring the department’s evolving needs are met by leveraging AI capabilities.”

Wallace applauded the longstanding relationship between DISA and industry, noting the ongoing integration of AI capabilities into various offerings.

“Industry has been incorporating AI in different forms for many years, and now, with the emergence of large language models, we’re witnessing even more integration points and opportunities.”

In addition to industry collaboration, DISA is partnering with organizations like the Defense Advanced Research Projects Agency (DARPA) to test trained models on cyber data for detecting anomalous behavior. This proactive approach underscores DISA’s commitment to staying ahead of emerging cybersecurity threats.

When asked about the adversarial use of AI, Wallace highlighted the refinement of tactics such as phishing emails and social engineering, stressing the importance of vigilance among all stakeholders.

“Adversaries are leveraging AI techniques to craft more convincing phishing emails and manipulate AI systems to achieve nefarious outcomes.”

Regarding AI tools currently employed by IT service members, Wallace pointed to the widespread adoption of AI capabilities by [security information and event management] vendors. These tools enhance efficiency and enable defenders to adapt to the adversary’s growing sophistication.

DISA’s collaboration with industry extends to the development of cyber defense tools incorporating generative AI.

“We provide feedback on existing capabilities and work with industry to enhance their offerings. This partnership allows us to leverage cyber-specific models that significantly enhance the effectiveness of our defenders.”

Looking toward the future, Wallace highlighted the inevitability of AI integration in cybersecurity while emphasizing the criticality of security around AI models and data integrity.

“As tactics evolve, AI models must remain relevant and refreshed with current datasets to ensure sustained effectiveness.”

Wallace also hinted at future opportunities for AI to enhance Zero Trust and DISA’s security and network architecture, Thunderdome.

“Our [endpoint detection and response] solution already uses AI for attack analysis and response. Additionally, we’re exploring AI integration for log analytics and a potential risk scoring system.”

As DISA continues to navigate the ever changing cybersecurity landscape, its strategic integration of AI promises to bolster defense capabilities against emerging threats, safeguarding national security interests.

Author: By Marco Antonio Villasana Jr. / Office of Strategic Communication and Public Affairs