The panel consisted of industry, government and academic experts, including Rodgers; Jeff Crume, a distinguished engineer at IBM; and Sagar Samtani, director of Kelley’s Data Science and Artificial Intelligence Lab at Indiana University.
The panelists shared their perspectives on the implications of AI and machine learning in cybersecurity, including best practices, vulnerabilities, challenges and opportunities.
To understand the state’s use of AI, Rodgers kicked off the discussion by defining how the state’s overall organization works.
“Florida Digital Service has statewide IT, but we’ve got multiple statewide agencies that all have their own services,” Rodgers said. “Right now, where we stand, there’s not a centralized legislative framework around AI; there was some language in session this year, but for us, statute gets defined by legislators, the governor signs and it becomes law, and then we execute on that in the state government.”
However, Rodgers said, “From our shop, a lot of our folks are using generative AI to help with policy issues, to do analysis and bounce around ideas.”
AI’s use across the state varies depending on the needs of each agency and local government.
As for how recent advancements in AI could play a role in cybersecurity and cyber operations moving forward, the panelists said:
- “AI in cybersecurity has been going on for the last 25 years,” Samtani said. “Right now, we’re at the height of limits, the height of inflated expectations and so on. We’re gonna go down into the trough of disillusionment fairly soon when we realize that a lot of language learning models and generative AI techniques aren’t necessarily going to be able to do all of the magical things that the Wall Street Journal says that it can do and instead ... we’re going to start to identify particular areas of AI, like predictive analytics, descriptive analytics, graph analytics and so on that are going to be really useful for particular use cases in cybersecurity.”
- “If you think about cybersecurity, we’re really concerned with outlier events,” Crume said. “We’re concerned with, why is that guy downloading 10,000 files a day when his peers are downloading 100. I need to investigate that. So, those are the kinds of things machine learning is really good at finding, needles in haystacks.”
- Regarding AI, Crume added, “We’re going to be able to use it to do predictive analysis. We could also use it for other things like threat hunting, where I want to generate a hypothesis and then figure out if that hypothesis is true.”
