Faced with AI threats, governments rely on partnerships and cyber incident sharing – MeriTalk

As federal agencies seek to protect themselves from AI-powered cyberattacks, state cybersecurity officials said today they are undergoing a mindset shift by forming partnerships and no longer being ashamed to share their incident data.

Today GDIT Emerge: AI at the forefront At an event in Washington, DC, a Treasury Department official said the agency recently launched Project Fortress, a new public-private partnership aimed at “automatically” sharing cybersecurity indicators with financial institutions.

“It’s having a very, very positive effect right now. We’re adding a few more companies and organizations right now, but the idea is to have that automated indicator, any kind of way to share information so we can get the word out,” said Sarah Nur, deputy chief information officer (CIO) and chief information security officer (CISO) at the U.S. Treasury Department.

“Fortunately, we’re not seeing any really aggressive AI attacks right now, but I know that over time, as these tools become more sophisticated, there will be a lot more of that,” she said. “But the goal here is to make sure we have that culture, that mindset change, so that we’re no longer ashamed to share our incident data, but just open and hopefully leverage that.”

Nur said everyone in the federal government needs to change their mindset “to expect an incident.” In the past, federal agencies have not shared this information because they felt “embarrassed” or “wanted to compromise their reputation,” she said.

However, she said it was “okay” to change the mindset and expect “at least two to three per year and even more.”

At the State Department, an official explained a similar initiative for automated information exchange within the federal government.

Gharun Lacy, deputy assistant secretary of state and assistant director of the Diplomatic Security Service for cyber and technology security at the U.S. State Department, said his agency is working with the Cybersecurity and Infrastructure Security Agency (CISA) to automatically exchange phishing emails.

“Every part of a phishing email that comes through and is reported to us is now immediately sent to CISA within minutes, so they see all of our phishing activity,” Lacy said. “It’s one of those nice, easy-to-achieve things we can do to, one, better leverage our technology. And two, facilitate real-time communication.”

“Now it’s up to CISA to sort through all of this with their model, because I know what the volume looks like, but in this case we’re leveraging both collaboration and technology at the same time and developing those relationships across the board,” he added.