Original Broadcast 4/30/25
Presented by Synack
As artificial intelligence reshapes every aspect of government operations, one truth is emerging: the future of cybersecurity will rely on machine speeds in a battle of AI against AI. Mark Kuhr, Co-Founder and CTO of Synack and former Technical Director at the National Security Agency, joined Fed Gov Today to explain why autonomous AI will soon dominate cybersecurity, and how federal agencies must adapt to this rapid shift.
The New AI Landscape: Opportunity and Risk
Government agencies are quickly adopting generative AI tools to improve efficiency and decision-making. From GSA’s new in-house AI tools to agency-wide experiments with platforms like ChatGPT and Gemini, AI is becoming embedded in everyday workflows. But with these opportunities come enormous risks.
Kuhr pointed out that employees often use AI tools without fully understanding how data is processed — and that free versions of public models, like OpenAI’s, often use input data for model training. This can unintentionally expose sensitive government information. Agencies that proactively deploy secure, internal AI solutions are taking a critical step toward managing this risk and preserving data privacy.
Yet the biggest challenge ahead isn’t just managing human behavior. It’s preparing for a future where cybersecurity attacks and defenses operate entirely at machine speed.
Agentic AI: Teams of Machines Solving Problems
Kuhr highlighted the rise of agentic AI, where multiple AI agents collaborate to solve problems by iterating in conversation, much like human teams. Imagine an AI designer, front-end developer, and back-end engineer all working together to build a web application — without human oversight. This is no longer science fiction. It’s starting to happen today.
Agentic systems will become force multipliers, driving efficiency and innovation. But they will also create new vulnerabilities. Agencies must rethink how they build and secure systems, knowing that autonomous AI — both good and bad — will be the norm.
Cybersecurity at Machine Speed
The cybersecurity environment is about to undergo a seismic transformation. Kuhr warned that adversaries, including nation-states and cybercriminal groups, are already leveraging AI agents to develop polymorphic exploits — rapidly creating new attack methods in minutes rather than days or weeks.
Defending against these threats will require a radical shift. Vulnerability management must move from patching critical flaws in two weeks to doing so in minutes. Asset inventories must be real-time. Response mechanisms must be fully automated.
In short, there will no longer be time for a human in the loop. "It's going to be constant AI-on-AI combat," Kuhr said. "And our defenders must move just as fast — if not faster — than our adversaries."
Reinventing FedRAMP and Zero Trust
To survive this new reality, federal cybersecurity frameworks must evolve. Kuhr emphasized the need for FedRAMP certification to move beyond manual, paper-driven compliance checks. Instead, machine-to-machine verification of cybersecurity controls must become the standard, enabling real-time oversight and faster response.
Zero trust architecture remains critical, ensuring that identity verification and data access are continuously monitored. But Kuhr stressed that modernization must go further — aggressively retiring legacy systems that can't keep pace with AI-driven threats.
The Critical Moment for Action
The future of cybersecurity will not wait for agencies to catch up. Kuhr’s message was clear: the time to act is now. Agencies must embrace AI-driven defense systems, adopt real-time vulnerability management practices, and deploy autonomous agents to counter AI-powered threats.
"It’s a critical time to start adopting the latest technologies before the adversaries do," Kuhr said. "In the world of cybersecurity, it’s now AI vs. AI — and there’s no room for humans in the middle."
As AI technologies continue to evolve, the battlefield will increasingly be populated by autonomous systems. The organizations that prepare for this shift today will be the ones that remain secure tomorrow.
Please fill out the requested information below