Agencies aim to harness AI for cyber defense

Staff Editor 2026-03-02
Agencies aim to harness AI for cyber defense

Agencies aim to harness AI for cyber defense

https://federalnewsnetwork.com/federal-insights/2026/03/agencies-aim-to-harness-ai-for-cyber-defense/

Publish Date: 2026-03-02 14:00:00

Source Domain: federalnewsnetwork.com

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.

The Trump administration’s national cyber strategy is likely to put a premium on using artificial intelligence to better secure federal networks.
National Cyber Director Sean Cairncross and other officials from his office have emphasized how AI is a key facet of the forthcoming strategy, including an emphasis on how agencies secure AI use cases and how federal cyber defenders can use AI to improve information security practices across government.
The AI issue has become another major challenge for chief information officers and chief information security officers. The Government Accountability Office already lists “securing federal systems and data” as one of four major cybersecurity challenges facing the government. Over the years, GAO has documented how agencies have struggled to address weaknesses in their cybersecurity programs and improve their response to critical cyber incidents.
Brandon Wales, the former deputy director at the Cybersecurity and Infrastructure Security Agency, said AI is now deepening those challenges in many respects.  Wales is now vice president for cybersecurity strategy at SentinelOne.
“AI has just been layered on top of all this as an accelerant, making all of it harder,” Wales said on Federal News Network. “More demands on CIOs and CISOs to bring in AI tools. At the same time, securing those tools and securing against AI enabled attacks is making that job harder. So all of that sits on the backs of CIOs and CISOs across the government, and it is an immense challenge.”
But Wales said agencies do have resources, such as CISA’s cyber services and the Technology Modernization Fund, to help them modernize legacy systems and update their approach to cybersecurity.
“They need to figure out a strategy for how they’re going to modernize their environments, how they’re going to get to more modern tools, because those are the ones that are going to unlock both the security and productivity benefits they want,” Wales said.
With a persistent gap of cyber talent, Wales said AI technologies will help cybersecurity teams “accomplish more,” in his view.
“We really think that the marriage of technology and automation with human creativity and human ingenuity is a real game changer for the cybersecurity of the future,” Wales said.
Event logging
Federal agencies and industry are actively exploring how AI can improve their cybersecurity practices. Wales discussed the possibility for AI to improve analysis of network activity and potential cyber threats.
Over the last several years, agencies have been working to improve their ability to investigate and remediate cybersecurity incidents through log management.. The Office of Management and Budget directed agencies to adopt more stringent security logging requirements in the aftermath of the SolarWinds hack.
https://www.whitehouse.gov/wp-content/uploads/2021/08/M-21-31-Improving-the-Federal-Governments-Investigative-and-Remediation-Capabilities-Related-to-Cybersecurity-Incidents.pdf
“Coming out of SolarWinds, one of the things we really saw was that the inconsistent logging of security information was one of the reasons why agencies were kind of slow to detect potential challenges, both from SolarWinds and from other incidents,” Wales said. “It hampers your ability to do good forensics, understand where the adversary is, take action. And this is not just a problem in government. This is a problem that affects everyone.”
In the years since the 2021 OMB directive, agencies have made strides in their event logging. But Wales said it is a good time to re-examine those requirements to ensure agencies are getting the best value.
“My understanding is OMB wants to kind of re-examine that, and I think that’s very healthy,” Wales said. “You want to continue to make sure that you are storing the right information, because that comes at a cost. Anytime you’re having to store large amounts of logs, the funding that that requires potentially impacts your ability to put that money elsewhere that could have potentially more security benefits.”
Wales said AI could help cybersecurity analysts “get more out of your security information.”
“This is going to be an ongoing conversation in the cybersecurity community,” he added.
CISA’s role
Wales’ old agency, CISA, will also play a key role in how agencies adopt AI for security purposes. CISA’s Continuous Diagnostics and Mitigation program provides agencies with a uniform set of security tools.
“Before CDM, that didn’t really exist,” Wales said. “You’d have a lot more inconsistency in what federal agencies deployed, less ability to further integrate that information up and and it was just inconsistent security practices. That’s really changed in the in the 15 years since the CDM program has been in place.”
Wales said CISA will “have to adapt the CDM program to make sure it’s continuing to provide the right level of security tooling.”
CISA also provides cybersecurity guidance to federal agencies, as well as state and local governments and critical infrastructure.
“This is their job to look at what’s challenging cybersecurity professionals today and figure out, how do we provide them better information to do their jobs, to get the kind of security outcomes we all want,”  Wales said.
CISA also provides technical support to federal agencies through programs like the “Persistent Access Capability,” which allows CISA to hunt for potential intruders across federal networks.
“CISA has visibility into some of the telemetry coming off of those so that they can actually correlate information that they’re seeing at the boundary of federal agencies from network traffic, that they’re looking at the intelligence picture and coupling that together with what’s happening on agency networks,” Wales said. “Fusing all that information to help identify where there is an incident and where there are potential threats, and ow do you mitigate them very quickly. CISA has an important role, and I think it’s only going to get stronger in the years.”
Copyright
© 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

More Stories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

Staff Editor 2026-06-06

You may have missed

The Quiet Bet Investors Are Making On The Unglamorous Side Of AI

The Quiet Bet Investors Are Making On The Unglamorous Side Of AI

Staff Editor 2026-06-06
The Real Reason AI Doesn’t Show Up In The GDP Statistics

The Real Reason AI Doesn’t Show Up In The GDP Statistics

Staff Editor 2026-06-06
Prediction: This Artificial Intelligence Semiconductor Stock Will Outperform Nvidia Over the Next 5 Years

Prediction: This Artificial Intelligence Semiconductor Stock Will Outperform Nvidia Over the Next 5 Years

Staff Editor 2026-06-06
Watch: AI leaders discuss technology in every day life at Colorado SunFest 2026

Watch: AI leaders discuss technology in every day life at Colorado SunFest 2026

Staff Editor 2026-06-06
How Formula E’s AI Revolution Is Teaching Road Cars To Manage Energy

How Formula E’s AI Revolution Is Teaching Road Cars To Manage Energy

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy