Congressional hearings on artificial intelligence and machine learning in cyberspace quietly took place in the U.S.\u00a0Senate Armed Forces Committee\u2019s Subcommittee on Cyber in early May 2022. The committee discussed the topic with representatives from Google, Microsoft and the Center for Security and Emerging Technology at Georgetown University. While work has begun in earnest within industry and government, it is clear that much still needs to be done.The hearing chair, Senator Joe Manchin (D-WV), articulated the importance of AI and machine learning to the armed forces of the United States. Additionally, the committee highlighted the \u201cshortfall of technically trained cybersecurity personnel across the country in government and industry alike.\u201d This perspective aligns with the Solarium Commission report, which was subsequently released in early-June 2022.Google: 3 reasons machine learning, AI matter to cybersecurityWithin the context of the Department of Defense, Dr. Andrew Moore, director of Google Cloud Artificial Intelligence noted, the importance of using AI in three ways. The first is the use of AI to defend against adversary attacks, the second and third are how to organize data and people. He continued how AI is able to process millions of attacks every second looking out for these attacks to take place, something that far outstrips the capability of a human to process.With respect to the human side of the equation, Moore emphasized how with \u201cemerging attacks, people ingeniously coming up with new methods, and AI\u2019s coming up with new methods, so you have to learn new patterns or detecting whole new kinds of attacks in real-time.\u201d He shifted to the insider threat issue and highlighted the importance of AI in the implementation of zero trust, where, with AI, human patterns are discernible. Moore clarified that AI without data is \u201cpretty worthless.\u201d He highlighted how siloed data was the nemesis of AI and full interchange of disparate data sets was required for the more complete picture to evolve.\u00a0Microsoft: Cybersecurity personnel shortage troublesome Eric Horvitz, Microsoft\u2019s chief scientific officer, shared information from the company\u2019s October 2021 Digital Defense Report and highlighted its efforts to engage in accordance with President Biden\u2019s Improving the Nation\u2019s Cybersecurity executive order, EO 14028. In his opening statement, he noted, \u201cThe value of harnessing AI in cybersecurity applications is becoming increasingly clear. Amongst many capabilities, AI technologies can provide automated interpretation of signals generated during attacks, effective threat incident prioritization, and adaptive responses to address the speed and scale of adversarial actions. The methods show great promise for swiftly analyzing and correlating patterns across billions of data points to track down a wide variety of cyber threats of the order of seconds.\u201dHorvitz emphasized that the shortage of cybersecurity personnel was troublesome, citing the 2021 Cybersecurity Workforce Study, placing the global number at 2.72 million cybersecurity positions that are going unfilled. Even when operations teams are running 24\/7, there are far more alerts to handle than personnel, leading to the very real threat of teams being overwhelmed. AI, according to Horvitz, \u201cenables defenders to effectively scale their protection capabilities, orchestrate and automate time-consuming, repetitive, and complicated response actions.\u201dThe utility of AI on the security side of the equation can, according to Horvitz, be divided into four groupings: prevention, detection, investigation and remediation, and threat intelligence. While AI-powered cyberattacks are also a reality. With criminal\/nation-state adversaries using basic automation, authentication-based attacks, an AI-powered social engineering. His discussion on \u201cadversarial AI\u201d served to highlight the need to continue to invest in R&D which raises the level of robustness of systems. He continued, with emphasis, on the importance of red-team exercises.Center for Security and Emerging Technology: Focus on AI system trustworthinessGeorgetown\u2019s CSET was represented by Dr. Andrew Lohn, who is the senior fellow on the CyberAI Project at CSET. He touched on three areas of AI importance:AI promises to improve cyber defenses.AI may improve offensive cyber operations.AI itself is vulnerable.Within his opening statement, Lohn touched on the trustworthiness of systems with, \u201cThe United States is among those deploying autonomously capable systems, but our adversaries may not wait to subvert them. There are plenty of opportunities for interference throughout the design process. AI can be very expensive to train, so rather than starting from scratch, a system is often adapted from existing systems that may or may not be trustworthy. And the data used to train or adapt the systems may or may not be trustworthy, too.\u201dAdvice to industry\/government Horvitz\u2019s advice is to \u201cdouble-down with our attention and investments on threats and opportunities at the convergence of AI and cybersecurity. Significant investments in workforce training, monitoring, engineering, and core R&D will be needed to understand, develop and operationalize defenses for the breadth of risks we can expect with AI-powered attacks.\u201dMoore, for his part, highlighted the need for continued investments in \u201ctraining, technology and management.\u201d He called out how \u201cWe all have a role to play to prevent and detect threats online. Being transparent with governments, customers, and government entities when it comes to cyberattacks is one of our key principles and is critically important when responding to incidents at scale.\u201dLohn noted how, \u201cCyber operations are still human-intensive both on offense and on defense. And there are few openly reported cases outside of a laboratory environment where AI algorithms were attacked directly.\u201d He continued how the potential of attacks directly on AI systems is not a secret and the reality may be just over the horizon.In sum, CSO\/CISO\/CIO if they are not already engaged in AI cybersecurity discussions at the \u201cunderstanding level\u201d then they should make an adjustment and become engaged. For those who understand and are engaged, then the advice and highlights provided at this hearing have earmarked where you need to ensure your knowledge\/capability are aligned and that the pipeline on new techniques, experiences, and most of all compromises is wide open in receive mode.