AI for ATO: Pentagon seeks AI to streamline cumbersome cybersecurity processes
“Like Frank's Red Hot Sauce, we should be trying to put AI on anything that you can," said David McKeown, a senior cybersecurity official.
“Like Frank's Red Hot Sauce, we should be trying to put AI on anything that you can," said David McKeown, a senior cybersecurity official.
The move comes as the department is pushing to bolster its cybersecurity for weapons systems in other areas, such as establishing zero trust for weapons systems by 2035.
“We've got to think ahead as to what the adversary might be working on and develop algorithms that are there in time to meet the adversary's ability to crack those algorithms,” David McKeown, deputy DoD CIO, said.
CMMC 2.0 introduced a third-party assessment dependent on contractor's CUI capacity.
“We are moving forward, we're hoping by the first quarter of calendar year [2025] we'll be able to start enforcing this and putting this in contracts," Dave McKeown, Deputy CIO for the DoD, said.
“We were very disjointed” in efforts to support contractors, admitted Pentagon CISO Dave McKeown. “We want to make that more streamlined."
“I love AI. I want lots of AI,” Dave McKeown told Breaking Defense. But, so far, neither government nor industry has developed artificial intelligence that can really help with cybersecurity.
The Pentagon has started doing weekly “huddles” and larger monthly meetings with the services and “communities of interest” in an effort to educate them on how to execute the department’s vision outlined in its zero trust strategy.
When it comes to zero trust, there’s “a lot of buzz” on things like secure facilities and networks, but not as much emphasis on “how do we watch and make sure it’s staying that way," one expert said.
The strategy outlines 90 capabilities that will get the Pentagon after what it's calling targeted zero trust and an additional 62 capabilities for a more "advanced" zero trust, David McKeown, DoD CIO for cybersecurity, said.