Bobbie Stempfley, former chief information officer of the Defense Information Systems Agency and managing director of the CERT division at the Software Engineering Institute, discusses how artificial intelligence and automation can improve government cybersecurity.
Artificial Intelligence and automation could be revolutionary for securing government agencies, but they don’t exist in a vacuum. The tools need to be developed and deployed securely as well. Bobbie Stempfley, former chief information officer of the Defense Information Systems Agency and managing director of the CERT division at the Software Engineering Institute, says that AI can solve some major cybersecurity issues. “Think about cyber security is a problem of speed and scale. When you automate, you can solve both of problems or at least whittle them down. You can operate at faster speeds because the machines can oftentimes move in repetitive things at faster speeds and you can operate across a broader dimension,” Stempfley said. Stempfley told Government Matters that AI is developed differently than other software, and it brings along a host of unique challenges. “Many of the same [security] steps are applicable, best practice by design should be followed. Are they sufficient? The answer to that question is we’re not sure yet,” said Stempfley. “There’s a whole range of engineering discipline that must be developed. Ensuring that you are producing robust artificial intelligence, transforms the way you understand how to test at something, it has to transform the way we understand how to validate something, how to recognize that it is secure and it transforms what we think about as threat vulnerability.”