Artificial intelligence has a truly impressive ability to invade agency systems. In just seconds, an AI-empowered malicious actor can break through cyber defenses, steal credentials, and blend into normal network activity using legitimate administrative tools, essentially hiding in plain sight. Traditional security solutions don’t catch the behavior because they look for malicious files that don’t exist. Fragmentation and tool sprawl — common in government networks — increase system complexity and make it hard to see telltale signs of cyberattack.
Defending against these AI-driven threats requires a new model: a single, unified data layer that brings together endpoint, cloud, network and identity telemetry. The approach relies on native AI agents that identify typical network behavior and instantly flag anomalies — then pass the information to humans, giving them context they need to quickly contain problem areas. But don’t chase every potential breach, advises Karan Sondhi, CrowdStrike’s Vice President and Chief Technology Officer for Global Public Sector.
“The folks who are most prepared for attacks are the ones who are saying, ‘Let’s prioritize the attacks that are most relevant to me. Don’t give me a list of thousands of things to go after,’” he says.
In this video interview, Sondhi discusses AI’s growing impact on government cybersecurity operations. Topics include:
- Why accelerated AI adoption creates new cyber threats
- How security operations will evolve over the next several years
- How to adopt AI-driven cybersecurity without ripping and replacing legacy tech
Leave a Reply
You must be logged in to post a comment.