AI Has Lowered the Bar for Cyberattacks. Are Agencies Ready?

Artificial Intelligence (AI) has accelerated the pace of change in cybersecurity. Attacks are easier to create, faster to execute, and harder to spot. For public sector agencies already operating within tight resource constraints, that shift has real consequences.

We’re seeing it play out every day. Phishing emails used to be formatted a little weird. You didn’t recognize the voice in a scam call. All that goes away with AI. The bar is lower for attackers, while many organizations continue to rely on assumptions and habits that can make them more vulnerable.

Everyone Uses AI — Offense Always Has the Advantage

In cybersecurity, the bad actors who are on offense always have the advantage. They’re a step ahead because they know what they’re planning on doing. Even with their own AI-powered tools to monitor traffic and identify potential threats, an organization’s defense is always lagging. You’re playing a catch-up game.

While phishing and ransomware attacks are key risks that all agencies face now, AI is also speeding up the ability of attackers to find and exploit so-called “zero-day vulnerabilities” or “zero-day threats.” Offense and defense teams are looking for these vulnerabilities and threats because they’re a way of breaking down a system. It can be challenging, as no one may know about them until something unexpected occurs. This makes finding, tracking, and resolving these vulnerabilities imperative.

Security in the Cloud Requires a Different Mindset

A big change in cybersecurity is everything moving to the cloud. You no longer have a physical perimeter defense where systems are stored in-house. When everyone can access systems from anywhere, multifactor authentication (MFA) and monitoring are essential. You have to be able to flag when someone’s account is logging in from Guam today when they were in Maine yesterday.

Similarly, with AI helping attackers look for gaps, the urgency of keeping systems up to date has increased. Agencies need to keep current on trends in the software they use and make sure they are on top of patching. Fortunately, that’s easier to do in the cloud than with on-premises solutions.

Ensuring teams stay up to date with training is another key. Security for the cloud is slightly different from on-premises. It’s the same concepts, but a different mindset and different skill set.

AI and the New Cybersecurity Landscape

Listen to this episode of the Tyler Tech Podcast to discover how AI is transforming cybersecurity and what it means for public sector resilience.

Strengthen the Weakest Point of Defense — Your People

People are the biggest strength of any organization. Unfortunately, in cybersecurity, they can also be the weakest point of attack. Team members have to be on guard at all times against attempts to take advantage of them. In response, the organization needs to help team members be aware of what to think of and look for. If they receive a call that sounds like it’s from a coworker, but the coworker is asking for an iTunes card, they should know that’s suspicious and what steps to take. It might be as simple as using an internal, secured system to verify the request. Always encourage and equip staff to follow approved procedures and avoid shortcuts.

Leadership plays a key role in modern cybersecurity. Showing their support for changes like adding multifactor authentications makes adoption easier. Leaders can also reinforce secure practices with the entire agency. Clear processes that are followed by everyone dramatically strengthen the people aspect of cybersecurity.

Steps to Reduce Risk in an AI-Driven World

Agencies looking to improve their security posture should begin with conversations and a self-assessment. Before you start mapping out a framework, you want to know what your risks are, so you can take a look at how you can improve in those areas.

We recommend the following steps:

• Assess and document. Define what your processes actually are today — not what they’re supposed to be. Learn where teams rely on habit, trust, or workarounds to get things done.
• Identify risk areas. What are your concerns? Look for known gaps and likely weak points across systems, processes, and people. Legacy technology and skipped verification steps are common places where risk accumulates. Identify areas in your systems where there could be single points of failure.
• Set priorities. Secure critical services first. Focus on safety and the things that agencies and residents need to keep online 24/7.
• Use frameworks as guides.The National Institute of Standards and Technology Cybersecurity Framework and the Center for Internet Security controls are widely used to inform decisions and can provide resources to guide projects.
• Engage leadership. Security improvements stall without visible support. Leaders need to reinforce expectations and back new security steps.
• Invest in people. Technology can’t catch every threat. Ongoing training helps staff recognize risk and act before small issues become larger ones.

Last, remember that no organization will ever eliminate every weakness. And there could be a thousand things that you need to do to keep your systems 99% safe. The good news is that addressing just a few of them might get you to 95% safe. Taking the right steps can significantly improve overall security in an AI-driven world.

About the Authors

Ryan Jacobson

Ryan Jacobson is manager of software engineering at Tyler Technologies. He works closely with cybersecurity and product teams to help public sector organizations strengthen system security.

Sonya Newell

Sonya Newell is manager of cybersecurity at Tyler Technologies. She helps clients manage information security risk, regulatory compliance, and technology governance.