Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.
As the FBI looks to move to the cloud and share data more easily, the agency says it has the funding it needs to hire data experts across all 56 of its field offices.
John Adams, the executive assistant director of the FBI’s information technology branch, said the agency has also increased its outreach to students with in-demand IT skills.
“We have secured funding to appropriate positions for data scientists in all of our field offices — something we’ve never done before. We’re really trying to expand that capability out there. Now, that becomes a recruiting challenge, and particularly recruiting to a federal government salary is a challenge, but we’re trying to get creative with that,” Adams said Wednesday at Splunk’s Data-Driven Cyber Security event in Washington.
In April, Howard Marshall, the FBI’s deputy assistant director for its cyber division, said the agency struggles to compete with the private sector’s ability to offer high salaries for top cyber talent.
This summer, the FBI launched a pilot program aimed at recruiting high school students for cybersecurity-focused internships.
“We’ve actually done a big recruiting event, leveraging not only LinkedIn, but having our field offices actually going out to targeted colleges and universities that have strong programs in data science, and going out and getting much more aggressive,” Adams said. “We believe that that is absolutely an area that is holding our organization back, with the amount of data that we are taking in, and the lack of talent to actually help make sense of that vast amount of data.”
Earlier this year, Maria Voreh, the FBI’s chief data officer, said the bureau has so much data that it is “near impossible” for the agency to get value out of it quickly enough.
“Any loss of data is a great concern, but also, as we are sharing more and more PII in order to access different systems, there’s lots of concerns about third parties and their ability to secure that data of our own employees’ PII,” he said. “Privacy is a daily conversation.”
Before accepting his current position in the FBI’s IT branch, Adams previously held leadership positions in the agency’s intelligence and counterterrorism divisions. Based on that background, he said the agency’s workforce needs greater data sharing to prevent a major cyber attack.
“Since 9/11, the huge effort that we have undertaken to collect data and get smarter, identify threats and prevent bad things from happening is very similar, in my perspective, to what I’m seeing on the information technology side, and the cybersecurity to try and protect our enterprises,” he said. “We’re struggling to try and bring all that data that we’re collecting from all of our various datasets and try and get smart and prevent those threats that we face every day from a cybersecurity standpoint.”
FBI using AI tools to monitor insider threats
The FBI has also begun using artificial intelligence tools to help monitor for insider threats.
“For us, AI is a little bit tricky, in the sense that we have to be able to fully explain our methodology. We’re using a little bit of that technology in our insider threat arena, and really building some machine-learning capability there, to really identify anomalous activity and moving into a more proactive program on insider threats,” Adams said.
In order to combat insider threats, the agency has already launched two programs — Javelin, which helps track security violations, internal misconduct and internal espionage, and its Insider Threat Analysis Platform (InTAP), which uses the FBI’s big data analytics tools to flag potential threats.
The FBI also takes what it’s learned from investigating cyber crimes to enhance its own insider threat program.
“A huge part of the organization deals with cyber and external investigations and working with victims of cyber hacking, and that informs us significantly about what our cybersecurity posture should be, based on what we’re seeing from nation-state hackers, criminal attackers, things like that,” Adams said. “That helps us also derive what compliance we need to put in place from an insider threat perspective.”