Cyber Command touts AI-driven gains in cybersecurity, network monitoring – CyberScoop

A top Cyber Command official said the agency has been able to use generative AI tools to dramatically cut down the time spent analyzing network traffic for malicious activity.
Executive Director Morgan Adamski said Wednesday that as Cybercom has worked to build AI capabilities across different missions, the agency is already seeing a return on investment for certain cybersecurity functions.
“Anyone that works in cybersecurity, if you’re working on the manual side, a lot of times will say, ‘hey, it’ll take hours, days, weeks to be able to analyze specific traffic, specific lines of code.’ We have now been able to leverage AI to be able to get through that in minutes and hours,” Adamski said during an event hosted by the Information Technology Industry Council in Washington, D.C.
The agency created an AI roadmap last year that laid out approximately 100 different tasks for integrating AI into logistics, security, and national defense.
Adamski said an AI task force in the Cyber National Mission Force is running 90-day development “sprints” to steadily incorporate large language models and other AI technologies into Cyber Command operations. Members of the task force deploy, test and evaluate whether the tools are successful and worth scaling out more broadly.
Cyber Command is looking at how to deploy AI capabilities enterprise-wide for cybersecurity. Last year, Gen. Timothy Haugh, Cybercom’s commander, said the task force was designed “to move us from opportunistic AI application to systematic adoption” of AI tools.
Through Constellation, a partnership with the Defense Advanced Research Projects Agency, Cybercom works with AI companies to expedite the deployment of new technologies and use cases, including a capability for continuous monitoring of the DoD Information Network (DoDIN), a massive system that routinely handles more than 3 million daily users globally.
The tool “essentially allows us to put it in specific places within DoDIN that essentially has indicators from what we know our adversaries are using,” Adamski said. “We can monitor the traffic that’s going through that specific choke point, and then we’ve been able to determine and identify malicious activity that we haven’t seen before.”
Last year, Adamski said Panoptic Junction, a pilot project undertaken by Army Cyber Command that uses AI to monitor network traffic for system compliance, threat intelligence, streaming cyber event data and detection of malware and other anomalies, was so successful that the agency was looking to expand its use across the DoDIN.
The post Cyber Command touts AI-driven gains in cybersecurity, network monitoring appeared first on CyberScoop.
–
Read More – CyberScoop