State Dept looks to test cyber data automation project by year’s end

The State Department is developing data visualization and artificial intelligence tools meant to help its cyber analysts quickly respond to emerging threats.

Manny Medrano, the director of cyber monitoring and operations at the State Department’s Bureau of Diplomatic Security, said his office plans to develop a minimum viable product by the end of the year for Defense Cyber Operations, a program meant to help analysts process incoming cyber data.

“Right now, we have a lot of data that we’re ingesting, and then we’re trying to work with our different partners within the private sector, our Five Eyes and the interagency as well, to make sure what we’re doing right is making sense of the data — and then also leveraging the great technology capabilities that we have, in order to automate and then give some of that time back to the analyst to do more of that analytical work,” Medrano said Thursday at NextGov/FCW’s Government & AI Summit.

Medrano said his office is also working with the Office of the Chief Data Office to bring all the Security Operations Center’s data sets and identity management solutions into one visualization.

“That’s going to save the team hours, instead of doing those manual checks. Then once we do that, and we get to the point where there’s that visualization where they can take action, then we’re going to look at how we can automate some part of that,” he said.

Medrano said AI and automation tools are going to augment the work that employees already do, but not replace them.

“What it’s going to do is [it’s] going to make us better, so that we can focus on what matters most, the more analytical work,” he said.

The human factor

Even as the department automates more of its cybersecurity work, Medrano said it still needs the “human factor” to validate some security processes.

“Once we’re able to then work better to improve the model, then we would then actually be able to say, ‘OK, maybe this task can be fully automated, with not so much human intervention, but we still need to have some level of validation. That is key,” he said.

Medrano said the State Department is also working with Gartner on setting up a cyber mesh architecture to consolidate the number of dashboards its cyber analysts need to monitor.

“My goal is to be able to go from like 17 different portals that analysts have to access, to maybe two or three,” he said. And then have that analytics layer, the visualization layer, and then AI to help us automate some of those simple tasks, so that we can be able to be more reactive, and also more proactive.”

“We’re on our way to get there. It’s not going to be a sprint, it is a marathon,” he added.

AI and cyber threats

The State Department is also taking steps to defend itself against AI-powered cyber threats.

“When it comes to AI, we’re looking at it as an enabler, because that’s really important for any business processes. But then the other side of it is, how do we then defend against cyber threats now leveraging artificial intelligence, because that’s going to get spicy, and it’s already spicy,” Medrano said.

Medrano said the State Department needs to focus on reskilling and upskilling its workforce, with a focus on developing data skills.

“What skill sets do we have today, what skill sets do we need in the future, and how are we going to start to upskill and train them together?” he said. “That’s not an easy thing. It takes a lot of leadership, and change management, and we often don’t work try to focus on that, because it’s not easy and it’s not the sexy thing to work on, but it is extremely important.

Medrano told Federal News Network on the sidelines of the event that the department is looking to acquire more data scientists and data engineers.

“The key for that is that we don’t just need technical data engineers. We also need data scientists to think of the business, so that they can help us answer those business-related questions. And then you bring in the technical expertise that says, ‘OK, what data is that the business is effectively trying to reach?’” he said.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.