AI and Automation Are Vital to Navy’s Cyber Readiness

The Department of the Navy (DON) looks to artificial intelligence (AI) and automation to help them respond faster to cyberattacks and prioritize network fixes, making AI critical to the department’s cyber readiness vision, according to Acting CISO Tony Plater.

“At maturity, it [AI] will impact vulnerability management, threat hunting and boost network security,” Plater said during GovCIO Media & Research’s CyberScape: Data & Automation Security event Thursday. “It’s become trendier to use it to track transactions, logs, real-time data to detect threats. So AI is highly sought after to help us secure our cloud services.”

Another factor contributing to the DON’s cyber readiness is implementing zero trust principles. The DON has been working with the DOD zero trust portfolio management office, looking closely at how the department is architecting and laying out a roadmap for the future.

As the DON moves away from legacy IT and modernizes its network, a zero trust approach becomes more necessary.

“As we talk about modernizing the networks, we want to make sure we’re doing it in such a way that implements zero trust principles. One stellar example of that is our flank speed initiative, which is a 365-based cloud implementation,” Plater said. “And the impact not only from a security and from a zero trust perspective but also from the user experience [perspective]. So in both areas … the flank speed environment has improved our ability to understand what’s happening on the network, and you can have near real-time awareness of our security posture.”

Improving cybersecurity efforts also relies on culture and raising cybersecurity awareness within the department.

“We didn’t have enough appreciation for that threat,” Plater said. “What I mean by that is ensuring that everyone understands that threat and that all of us, from the senior leadership down to the most junior person, whether it’s government, civilian contractor, or other, all working together to address that threat. We have been working very deliberately on changing our culture to a culture of cybersecurity.”

One of Plater’s priorities as CISO is moving from a cyber compliance to a cyber readiness state. Checking a box on a cybersecurity requirements list is not enough.

“It’s not enough to say we implemented all the cybersecurity requirements; we must move to a state of readiness. That means testing those requirements, understanding from an adversarial perspective the tactics, procedures and techniques, how our networks actually respond,” Plater said.

Fostering an agile cybersecurity culture is also critical as new methods of software development create new cyber environments.

“Moving from traditional development of software, right from a waterfall method to DevSecOps, which is embraced by an industry — that takes change, that’s doing things differently in many different areas,” Plater said. “Not only do we want to promote a culture of cybersecurity, we want to promote a culture of change and agility, agility and accepting new methods, new methodologies of how we do business, new approaches to cybersecurity and new approaches to how we get added protecting our networks.”