U.S. government agencies, especially those involved in defense and national security, may have a tough time as they modernize their computer systems to be more resilient, allow greater use of
AI, and become more efficient — three qualities that both depend on and complement each other.
That was the overall theme of a recent conference in Washington, D.C., called "
The Future of Government Data, AI Automation, & Mission-Ready Modernization."
- Recordings of "The Future of Government Data, AI Automation, & Mission-Ready Modernization" conference can be viewed here.
Hosted by the Institute for Critical Infrastructure Technology (ICIT), the conference featured current and former leaders in the defense-focused public and private sectors, and was co-sponsored by
Rocket Software and MFGS, Inc.
Not how we do things
One obstacle is that government agencies, which are mission-driven instead of profit-driven, have processes and goals that just don't apply to the private sector, said Michael "Mick" McCabe, Chief Data and AI Officer in the Office of the Undersecretary of Intelligence & Security in the Department of Defense.
"The technology really isn't the problem," said McCabe. "The problem is we do things a certain way. The first thing we're trying to do now is digitize an analog process. That's not a bad first step, [but] we're doing this now so that we can enable a new process down the road. Something faster, something more agile, something that brings us value and answers our questions in a different way."
Another obstacle is the need for operational capacity in less-than-ideal conditions where communications and computing power may not always be available — a "denied environment," in McCabe's words.
"We ran the War on Terror for the last 10 years out of the Amazon Eastern cloud region, AWS East," said McCabe. "The next time we go to war with a near-peer competitor, that will not be sufficient for a battlefield commander."
Because forces overseas will not be able to rely on communications with
cloud service providers, McCabe said, "we have to be able to deploy a robust network forward that would allow that commander to continue operations even if they're in a denied environment."
A Space Force cybersecurity planner asked
Doug Johnson, Vice President of Product Management at Rocket Software, if future AI models might need less computing power. That would make them more feasible for independently powered, intermittently connected, on-premises computers — such as aboard an orbiting platform.
Johnson replied that yes, models meeting those criteria were indeed in development and might be able to run on a CPU instead of a GPU.
"We're seeing a lot of small language models be effective," said Johnson. "There are ways of sending less data to the
LLM, asking it to do less work. You actually get more better insights, but interestingly enough, it's faster latency, cheaper."
Can AI ever explain itself?
Among the unique government requirements is a need for "explainable AI," or an AI model that can document and show the process whereby it arrived at a conclusion — a concept alien to the "black box" AI model the private sector seems happy to accept.
"We want to integrate AI across all of our intelligence operations. We want to integrate it right now," McCabe said. "The challenge there is the validation. That is not the easiest thing to do. Our intelligence process is very analog. Going through it and saying, 'Okay, this AI is doing this, and I can trust it as an intelligence product,' is going to require explainable AI."
In other words, McCabe says, "we need the LLM to be able to come back and explain to us in a very clear way, 'This is what the machine did, and this is why the machine is giving you this information.' The more we can do that, the faster we can adopt AI."
It's not yet clear if an explainable AI is even possible. If so, it would go a long way toward being able to verify and validate AI outputs — something that McCabe says the DoD is already working towards.
"We use the AI to do subroutines, and what I mean by that is the very tedious things that a lot of analysts do," he said. "Once we validate the process, we have a good model for it, we have a good, documented model card that we can monitor, we can monitor for drift."
"We have to get our subprocesses validated. We have to get the compilation processes validated. Then we must have a way to monitor that those things are working properly," McCabe added. "If we can get those three things done and we can explain it to the decision-maker, we're ready to take the next step. And that's where we really need to drive this."
McCabe stressed that if the military can get AI to work reliably and transparently, then it would become a game-changer across the board in terms of battlefield
cyber resilience.
"We get the talent to do that, we get the
networks to do that, we build our networks to be more resilient. What I mean by that is data orchestration," he said.
In other, McCabe explained, "have the AI help us figure out that. 'Okay, here's your total bandwidth. These pieces are down right now or degraded. I'm going to route everything this way. Here's your most important data. I'm only going to send that because that's all I have the room to send.'"
Kevin Hansen, Chief Technology Officer at MFGS, pointed out that AI would help tremendously in planning and forecasting, not just for the military but for all government agencies.
"AI can contribute when it comes to performance-based metrics and prediction analysis around feature capability," Hansen said.
"Your operational data has a lot of intelligence in it, if you can make sense of it," he added. "As it's generated, being able to not only monitor but being able to predict where the impact of change is going to be. All of those things can affect your ability to actually get it out to production and in use by the workforce."
Keeping everything in line
The last part of the conference was spent in small table discussions among the attendees, at the end of which table leaders summarized the gist of the dialogues.
John Crossno, Director of Product Management at Rocket Software, led a discussion about cyber resilience in the government sector and went over what the participants stressed as important issues.
"What are the first steps that an agency really should take to build real resilience?" Crossno asked. "It's really understanding your architecture in general, your network architecture, and really understanding what that is. And then defining your priorities, which is typically going to be starting with what your more critical systems are."
"You can't do it all," he added. "Start small and work your way through, starting with what's critical."
But, as before, there are issues, especially when it involves complex systems scattered among different platforms.
"What are the gaps in strategies today when it comes to securing complex environments, like hybrid,
cloud and AI-powered systems?" Crossno wondered. "Visibility seems to be a big gap, not just in federal agencies but just across the industry, in general. And then data orchestration in the hybrid cloud environments."
Every organization has some system vulnerabilities, but Crossno emphasized that vulnerabilities in government systems might have especially large impacts.
"One of the scariest things there in the gaps around the vulnerabilities isn't as much that they [attackers] steal the data, while that's on there, is that they might change the data," he said.
"When you think in terms of from a federal agency standpoint," Crossno pointed out, "somebody could be going in and changing the data so that what's coming out in the systems on the other end is fake information, bad information."
Overall, however, the primary obstacle may be how to handle the massive amount of data that government agencies ingest and store.
"We need help managing data at scale," said McCabe. "I mean, that's plain and simple. There's no guile in that at all. Data at scale for us is a big challenge, and it becomes an even bigger challenge when you look at our architectures."
