From state and local systems to the FBI, government officials said Wednesday that fragmented systems remain one of the biggest obstacles to effective cybersecurity, but unified, artificial intelligence (AI)-powered systems are beginning to change that.
“The problem really is fragmentation where we’re trying to solve modern threats with technologies that are … multiple decades old,” said Gene Meltser, the chief information security officer for the State of Connecticut, at the Google Public Sector Summit in Washington.
Meltser, along with other officials, said that disjointed operating systems, inconsistent patch levels, and separate system logs have limited how their agencies defend against cyber threats.
“We had a small team of five members, including the leadership, and it was a lot of manual processes … You get the alert, and you have to do the research, you have to do the analysis, all of … that manual work that goes on behind the scenes,” said Justin Ross, major for the Pasco Sheriff’s Office.
“That led to long days, many hours, and just kind of a disjointed approach to security operations,” added Ross.
At the FBI, David Waters, the unit chief of the agency’s Mobility Program Office, said similar challenges led the bureau to adopt a unified Android-based system to simplify updates and close vulnerabilities.
In fact, all of the officials said they have moved toward AI-enabled platforms that have reduced tool sprawl, led to faster threat validation and containment, dramatically lowered false positives, and cut threat investigation time from days to hours.
“We’re seeing significant efficiencies created through the use of SecOps (security operations), and that allows us now to put our analysts on the tasks that you need analysts, you need people to do,” said Ross.
Waters said that for the FBI’s tens of thousands of field devices, a unified approach has made it easier to vet applications that could be securely used by FBI personnel.
Specifically, Waters pointed to Google’s security offerings that cover the chain custody for devices, saying that “all the app scanning that we needed on our devices and all the app integration just felt like that put us in a better position and a better security posture to be able to provide that secure device to our … operational staffs that are out there needing to get access to information.”
Unified and automated platforms have also helped Connecticut scale its cyber defenses. Meltser said the state now supports about 40,000 endpoint users, calling it “a massive win for us to address the risks at the scale.”
For those looking to start simplifying their systems and deploying automation, Meltser said that cybersecurity efforts succeed when leaders communicate risk in clear, outcome-focused terms rather than technical metrics, using concise dashboards that tie security actions to business results. “Communicating risk is fundamental,” he said.