As insider threats and sophisticated attacks increase IT professionals need to manage ever evolving risks to the integrity of their network security.


According to the Australian Cyber Security Centre's Threat Report 2017, (p.16), "malicious cyber activity against Australia's national and economic interests is increasing in frequency, scale, sophistication and severity." The "reach and diversity of cyber adversaries are expanding." The depth and breadth of cyber threats are out-pacing the human's ability to absorb, identify, interdict, and resolve threats. It stands to reason that government agency networks would benefit from employing machine learning, instead of IT professionals, to automate all of its cyber defences. Should government agencies, like Defence, attempt to automate all network security? It would redirect human resources to more abstract, human-focused tasks; it would increase threat detection and prevention rates through its speed and agility; and it would get smarter through each interaction. However, automation set up is a labour intensive endeavour, making choosing the tasks to automate a matter of prioritisation, and therefore, important to how it is employed. The value of the human-in-the-loop in the cyber defence process remains important. In an attempt to balance the two, the author offers four strategies for automating network security within government agencies. Consider the strategies offered here. Noting Air Force is a highly tech-focused fighting force, where would you seek to employ AI in your environment?