Navy promotes AI to strengthen authentication in a zero trust environment
AI agents can create behavioral profiles that can authenticate people to specific devices, not just people and devices.
Daisy Thornton
It's probably not surprising that two biggest buzzwords for cybersecurity (zero trust and artificial intelligence) are coming together. David Voelker, the Navy division's zero trust lead, said he is pushing the agent's threat detection framework as the next step in the Navy's zero trust transformation. He said that AI could enhance user and entities' behavioral analytics and improve authentication.
“Myter [Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)] The framework provides recommended detection, recommended mitigation,” Voelker said. Federal Monthly Insights – Protecting Mobile Collaboration. “And these detection and mitigation can be reduced to artificial neural networks to provide the probability of detecting adversarial threats inherent to the technology implemented in the environment. [security operations center (SOC)] Members who give them a definitive YES or NO based on the probability that there is something we need to pay attention to. ”
This is part of an effort to focus on the ability to combine user authentication with device authentication. Voelker said it's difficult to issue authentication tokens and determine whether the person tied to the device is an actual person running in a cyber environment. It is also particularly important when users are switching between devices, such as booting up on mobile devices in the field or moving to an office laptop or desktop.
User behavior over time becomes more difficult to authenticate by monitoring the possibility of creating behavioral patterns in both individuals and business units. AI agents can flag deviations. For example, are financial people trying to access an engineering environment, or vice versa? That's something the SOC needs to know and investigate further.
At that point there are both automated and human-initiated deployment-able measures. On the automated side, the system may force individuals to re-recognize. At the same time, the SOC may contact a personal supervisor and request more context. This could be as simple as an employee working on a new project using data they have never accessed before. Or maybe it's a bad actor trying to move sideways within the network.
Microsegmentation Prioritization
“So when people come into the network, it's paramount to having that level of control of your data path and what you need to protect,” Voelker said. Federal drive with Terry Garton. “I would recommend it first to anyone implementing zero trust. Identify what needs to be protected, implement microsegmentation immediately, and implement attribute-based access control.”
Volcker implements attribute-based access control, so the first thing agents should think about is what is the most important thing to protect? He said it is likely that every agency has a database filled with sensitive data that needs to be protected. However, every office building may have operational technology such as water, electricity, fire extinguishing systems controlled by IT systems. These systems are often overlooked, providing an easy opportunity for enemies to move in transverse directions.
Copyright©2025 Federal News Network. Unauthorized reproduction is prohibited. This website is not intended for users within the European Economic Area.
