Identity Security in the Age of AI
As AI becomes more integrated into federal IT and attacker toolsets, government agencies will need to focus their resources on regulating and monitoring the identities that access their network, according to Nick Polk, branch director for federal cybersecurity in the Executive Office of the President.
Polk stated that while AI models will present unique threats to federal networks, they will still generally require trusted access first, something defenders can use to their advantage. Trusted access is often obtained by exploiting the access an employee, contractor, or third-party vendor has to systems and data.
Network Security Boundary
Even in an AI-powered future, the network security boundary still matters, providing organizations with meaningful control over who gets access to their systems and data and how. Strong identity is critical in order to repel attempted exploitation before it can happen or identify quickly that a person or machine shouldn't be on the network or is behaving anomalously.
Justin Ubert, director of cyber protection at the Department of Transportation, noted that AI tools have given malicious hackers advantages like obviating the need for stealth.
Now, you can have a smash-and-grab of your network that's faster than you can respond to because…there's no need to be quiet: just go in, grab and go [home],said Ubert.
Insider Threats and AI
AI tools can also easily become insider threats. Even when users restrict their ability to perform sensitive actions like downloading or exfiltrating data without human input, models have bypassed those guardrails by exploiting obscure technical loopholes. Research released by the University of California-Riverside found that automated AI agents can become dangerously fixated on completing assignments without recognizing when their actions are harmful, contradictory, or simply irrational.
Anna Libkhen, acting CISO for the Bureau of Economic Analysis at the Department of Commerce, stated that AI has become much more clever in hiding how it managed to penetrate and attack and come through as a trustworthy source. When asked how the federal government was working to address current gaps in identity security that are increasingly being exploited by AI systems, Libkhen said federal leaders are aware of the vulnerability.
Planning for Agent Failure
Libkhen compared the use of AI agents to teaching a child to ice skate: the first thing you teach them is how to handle a fall and recover. Likewise, organizations will need to plan for when their agents fail and quickly recover lost assets. Our agents will go wrong, they will do things we don't expect them to. How do we get up? said Libkhen.
- Do we have that third set of data because that agent erased the database and the backup?
- Is it safe elsewhere?
- What kind of holes can you anticipate and what will it take for us to recover from those holes?
As AI integration increases, the importance of regulating and monitoring identities accessing federal networks will become more critical. Federal agencies must focus on strong identity security to prevent AI-powered threats and protect their systems and data.
Source: CyberScoop