The cyber landscape is constantly evolving and changing as new threats, technologies and advancements emerge. Executive Mosaic sat down with Accenture Federal Services Managing Director Bill Marion, chair of Executive Mosaic’s 4×24 Leadership Group 3, to learn how artificial intelligence, machine learning, cloud and zero trust are changing the cyber environment across the federal landscape and what we can expect next.
Prior to joining Accenture, Marion served for 28 years in the U.S. Air Force. During his time with the Air Force, Marion served as the senior Air Force cyber civilian and chief intelligence officer, leading two directorates with a portfolio valued at $17 billion. He also held roles such as chief technology officer of the Air Combat Command and the Air Force Space Command.
Read below for Bill Marion’s full Executive Spotlight interview.
Tell me about the current state of the artificial intelligence market. Where are you seeing new opportunities in AI, and where do you think the market is heading?
People are starting to invest in AI, but what’s really grabbing most of the attention within the AI space are the data mesh, data analytics environment, and ethics surrounding AI. Our Department of Defense data is all over the place; we have so much of it and we’re still learning what’s important. The leap to AI/machine learning is being done in some cases, but it’s not the norm yet.
Right now, there’s more focus on getting data and analytics foundationally cemented. In fact, one of Accenture Federal Services’ priorities in our tech vision is empowering federal agencies to use generative AI to make their enterprise data more accessible and discoverable, which can unlock decades of embedded/trapped value. In fact, in April, Accenture Federal Services launched a Federal Generative AI Center of Excellence where we are helping federal agencies explore use cases and design prototypes to apply gen AI to real-world needs.
Think about enterprise resource planning data, cyber data, and the different permutations of how you bring all that data together. Just moving data to ADVANA or ELICSAR is insufficient and expensive. Cleaning that data, managing it, getting it organized and orchestrating it is where we see a lot of traction. There’s still movement in the AI/ML world. But in the DOD space, it’s the data environment people are focused on.
The other item continuously trending and maturing inside the DOD spaces is ethics and AI. Everything revolves around these large language models and their transparency of rules and data. Ethical considerations originate at the core; do you trust your data?
Having a trusted foundry underneath the hood is critical. Our AI vision at Accenture Federal Services is to put trustworthy and responsible use of AI as a first-order federal requirement. As a result, we’ve delivered custom, text-based generative AI solutions to our federal and intelligence community clients since 2019. Our FedGPT solution adapts generative large language models and foundation models to fit federal use cases for on-prem, sensitive data and external data streams.
Bill, how exactly do you think we can use large language models and generative AI in a secure space, and how will cybersecurity need to evolve to keep up with these new technologies?
Accenture Federal Services is ahead of the pack here. We’ve developed secure, custom, text-based generative AI solutions, and we’re performing them, along with air-gapped capabilities and accredited cloud configurations for key clients right now. I think many others are trying to catch up. We’ve been laser focused on security from the ground up and continually investing to help our clients be more secure and resilient. Last month, Accenture Federal Services and Google Public Sector launched a Cybersecurity Center of Excellence to help federal agencies rapidly detect and respond to increasingly sophisticated cyberattacks.
Another consideration is marrying open AI architectures with the DOD’s nuanced cybersecurity requirements. We want to maximize the openness of the language models as much as possible, but we also need to keep them secure. Accenture Federal Services is taking a more agnostic and open-minded approach — in contrast to other providers who are either too focused on public models or too bespoke. We’re trying to strike a balance between the two.
Another major technology making waves within the government is cloud. What opportunities do you think can be unlocked with the cloud, and how do you think those opportunities will impact the federal landscape?
I’ve always believed in digital platforms for the DOD space. They enable business process, customer relations and workflow transformation in a no/low code approach. We’re now in the digital platform era, which is hyper-accelerating to enable business processes. In some ways, data platforms are surpassing software factories with respect to rapid business transformation without a heavy set of developers.
What’s really cool is if you can generate the Air Force’s software factory mindset via a digital platform approach, you can bring a faster, more agile approach to DevSecOps. The platform approach facilitates bringing your data and processes together, which is better than building applications one by one.
Platforms natively bring business processes and workflows together because they’re SaaS solutions. They guide you into a model that incorporates more standardization of business flow. Traditional software development often allows too much customization which creates future pains when you scale up for enterprise business operations.
How will these factors we just discussed — AI, ML, cloud and cybersecurity — reshape the public sector cyber environment? What are the top challenges and priorities that you’re seeing emerge from the combination of these technologies?
The public sector cyber landscape is going zero trust. But the real issue is peeling back the zero trust onion. We need to think differently about zero trust; we’re focusing too much on the technologies when we should be focusing on the data and the process re-engineering that’s required.
We need to push zero trust into a data discussion rather than perimeter defense and signatures. Writing signatures on firewalls to try and block people is the old way of fighting. To understand the good guys from the bad guys, we need to leverage user behavior and insider threat-like data analysis.
From there, we sensor and remediate cyberattacks by operationalizing those findings and data feeds rather than simply putting data in a big pool on the side and hope to correlate it later. It needs to be ingrained into the operational flow.
Zero trust is a data issue, more than a tech one. Linking the core data into our continuous monitoring approach means we can reduce much of the paperwork. By making the zero trust transition and truly reforming the risk management framework, we’ll see more meaningful changes in our cyber posture. This end-to-end capability will be key in the zero trust transformation.
Making this transition is going to be a huge change management issue across the defense space. It’s like legacy software development to DevSecOps. And as with every DOD project in my experience, we need to continue to stress the human-centered change enablers first, not last. That’s how programs such as AI/ML, data mesh, zero trust, cloud and others become successful transformations.