Original Broadcast Date: 04/19/2026
Presented by Abnormal AI
Artificial intelligence is rapidly reshaping how federal agencies think about cybersecurity, and John Sourk of Abnormal AI makes it clear that the shift is happening faster than many organizations can keep up with.
Across government, agencies are now using AI in more than twice as many ways as they were just a year ago. But as Sourk explains, adversaries are not waiting. In fact, they are already using AI to their advantage, and in many ways, they are ahead. AI is allowing bad actors to move faster, learn systems more quickly, and lower the barrier to entry for launching cyberattacks. Tasks that once required technical expertise—like writing a convincing spear phishing email—are now much easier to execute with the help of large language models.
This acceleration creates a new challenge for federal agencies. According to Sourk, AI has “compressed the attacker advantage,” meaning threats are not only increasing in number but also becoming more unique. Instead of relying on repeatable patterns, attackers are constantly generating new approaches, making traditional detection methods less effective.
In response, agencies are rethinking how they defend their networks. Sourk emphasizes that if threats are becoming more novel, defenders must shift toward understanding behavior. That means identifying what “normal” looks like within a system and flagging anything that deviates from it. He also points out that, in some cases, agencies may need to remove humans from the loop to keep pace with attacks that are operating at machine speed.
Another growing concern is how attackers are weaponizing trust. Sourk highlights a tactic where bad actors try to move users off secure 
government devices and onto personal phones. From there, they attempt to capture credentials, giving them a foothold into agency systems without directly attacking traditional endpoints. Once inside, they can move through networks more freely.
To address these challenges, federal leaders are focusing on practical, manageable approaches to AI adoption. Sourk notes that many CIOs and CISOs are prioritizing limited, well-defined use cases. By narrowing the scope, agencies can reduce risks such as misuse or unintended outcomes while still gaining value from AI tools. These focused efforts are often defensive in nature and easier to explain across the organization.
At the same time, user awareness remains critical. Sourk underscores that more individuals are now part of the cybersecurity equation, whether they work in IT or not. Ongoing training and awareness efforts are essential to help employees recognize threats and respond appropriately.
Looking ahead, Sourk acknowledges that the full potential of AI is still unknown. As agencies evaluate their options, many are also considering which industry partners are best positioned to support them. He sees strong opportunities for collaboration between government and the private sector, particularly as both sides work to better understand and harness AI’s capabilities.
Overall, Sourk presents a clear picture: AI is changing the cybersecurity landscape in real time. Federal agencies are adapting, but the pace of change requires them to think differently, act faster, and stay focused on strategies that can keep up with an increasingly dynamic threat environment.
