Why Federal Agencies Need Artificial Intelligence Based Security

And Three Key Security Questions Every Agency Should Ask


Federal agencies face many of the same cybersecurity challenges as private-sector organizations. These include malware, phishing emails used to spread malware or steal credentials, and distributed denial of service (DDOS) attacks that can be generated by malware-infected systems elsewhere.

Agencies also must deal with issues that businesses typically will not encounter, however, and those issues require a new approach to protecting data assets. For example, many agencies need to protect themselves against nation state actors who are specifically targeting them with malware built solely for that purpose, and nation states continue to recruit highly skilled people who are dedicated to carrying out attacks.

Another distinct challenge federal agencies face is the presence of air-gapped networks. Some government organizations with high security requirements run air-gapped networks, which are completely disconnected from the Internet. They do this as a precautionary measure to isolate their networks and the systems connected to them from Internet-based threats. The lack of connectivity renders traditional security products far less useful and effective for the agencies that have air-gapped networks in place. Government agencies would have to manually provide the updates at the endpoints for protection against new malware in air-gapped environments, which is not practical when traditional anti-malware solutions require multiple signature updates in a single day.

Moreover, federal agencies face an ever-growing volume of signature files generated by anti-malware products. Many agencies operate networks with many systems connected, and the distribution of signature file updates to all these systems several times a day can consume considerable network capacity, especially given how large the signature files often are.

Artificial Intelligence and Machine Learning

A better approach to federal security involves the strategy of predicting and preventing—as opposed to merely detecting and responding to—the various types of malware (Read more...)

This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog