BEYOND THE BUZZWORDS

A PROACTIVE CYBERSECURITY STRATEGY: Organizations must define and understand what correct data and system states look like prior to deploying tools such as firewalls or intrusion detection systems. Cybersecurity measures are used to preserve and protect integrity, ensuring that data remains accurate, complete and unaltered without proper authorization. (Photo by Christina Morillo, Pexels)

A PROACTIVE CYBERSECURITY STRATEGY
Organizations must define and understand what correct data and system states look like prior to deploying tools such as firewalls or intrusion detection systems. Cybersecurity measures are used to preserve and protect integrity, ensuring that data remains accurate, complete and unaltered without proper authorization. (Photo by Christina Morillo, Pexels)

Building integrity into the dawn of AI for foreign military sales.

by Marjorie Bishop

For decades, foreign military sales (FMS) has been the cornerstone of U.S. national security cooperation, fostering alliances and bolstering partner defense capabilities. Now, a new force is entering the equation: artificial intelligence (AI). While the potential benefits—streamlined processes, enhanced analysis and improved decision-making—are tantalizing, the infancy of this technology demands a sober assessment and, crucially, a commitment to integrity from the outset.

This approach to AI is not about fearing “killer robots.” It is about understanding that AI, at its core, reflects the data and the intentions of its creators, and in the complex world of FMS, where trust and accountability are paramount, a flawed or biased AI system could have far-reaching consequences. For this reason, a proactive cybersecurity strategy for AI in FMS is a must.

THE PROMISE FOR FMS: EFFICIENCY AND INSIGHT
AI offers significant benefits to the FMS process by increasing efficiency, enhancing decision-making and reducing operational risks.

For example, through automated case management, AI can handle repetitive tasks such as document review, data entry and case routing, thereby reducing the administrative burden on FMS case managers and accelerating case processing.

In predictive maintenance, AI analyzes data from weapon systems to anticipate maintenance needs, optimizing logistics and minimizing system downtime. AI also plays a crucial role in enhanced threat analysis, quickly processing large volumes of intelligence data to identify potential risks and support strategic security assistance. Additionally, AI-powered training and simulations provide partner nation personnel with highly realistic and adaptive training environments, improving readiness and operational effectiveness.

MORE EFFICIENT FMS: A Bradley M2A2 Infantry Fighting Vehicle in Gasinci, Croatia, on August 26, 2024. Sixty-two Bradleys will be refurbished in Croatia as part of an FMS case with the USASAC. AI can benefit the FMS process by increasing efficiency, enhancing decision-making and reducing operational risks. (Photo by Sarah Zaler, USASAC)

MORE EFFICIENT FMS
A Bradley M2A2 Infantry Fighting Vehicle in Gasinci, Croatia, on August 26, 2024. Sixty-two Bradleys will be refurbished in Croatia as part of an FMS case with the USASAC. AI can benefit the FMS process by increasing efficiency, enhancing decision-making and reducing operational risks. (Photo by Sarah Zaler, USASAC)

When it comes to compliance, AI helps ensure adherence to complex regulatory requirements by automatically verifying documentation and processes, reducing the likelihood of penalties and delays.

Finally, AI-optimized logistics and supply chain management streamline inventory control, transportation routes and resource allocation, cutting costs and ensuring timely delivery of critical equipment and support.

Of course, there is also the broader, more general use of AI that transcends mission-type. Generative AI used in tandem with large language models promote efficient content production across modes such as text, image and video generation using text-based data.

THE INTEGRITY IMPERATIVE: GUARDRAILS FOR A NEW ERA
These benefits, however, come with inherent risks. AI systems are only as good as the data they’re trained on, and biased data can lead to biased outcomes, potentially impacting decisions related to arms transfers, training programs and partner relationships. Furthermore, the “black box” nature of some AI algorithms can make it difficult to understand why a particular decision was made, hindering accountability.

Here is where integrity becomes paramount. Ensuring integrity and embedding safeguards into the development and deployment of AI for FMS is vital to maintaining trust, accountability and operational effectiveness.

High-quality, representative data is the foundation of reliable AI systems, making data validation and bias mitigation essential to preventing discriminatory outcomes and flawed decisions. The ability to understand and explain the reasoning behind an AI model’s predictions, or Explainable AI, should be prioritized, allowing stakeholders to understand how AI-driven conclusions are reached—an important factor in building trust with partner nations and internal decision-makers.

While AI can significantly enhance efficiency, human oversight remains critical—qualified personnel must review all key decisions to ensure sound judgment and accountability. In an era of increasing cyber threats, robust security measures are necessary to protect sensitive FMS data from unauthorized access or manipulation.

Establishing ethical frameworks aligned with U.S. values and international law sets the tone for responsible AI use that upholds shared principles. Continuous monitoring and evaluation of AI systems are needed to track performance, identify emerging issues and ensure that systems remain accurate, fair and effective over time.

A FUTURE BUILT ON TRUST
The integration of AI into FMS is not a question of if, but how. By embracing a proactive and principled approach, prioritizing integrity and acknowledging the limitations of this nascent technology, we can harness the power of AI to strengthen alliances, enhance security cooperation and uphold the values that underpin the FMS program.

The dawn of AI presents both opportunities and challenges. As the Army’s security assistance enterprise moves forward, it is imperative to build a future where AI serves as a force for good, reinforcing the trust and partnership that have defined FMS for decades.

Some key security measures we can focus on include data loss prevention, input validation and output monitoring. These security measures can help monitor and protect sensitive information on premises, in cloud-based locations and on endpoint devices.

THE INSEPARABLE LINK
Integrity and cybersecurity aren’t just related, they’re fundamentally intertwined. Robust cybersecurity does not exist without a strong commitment to data and system integrity, and conversely, maintaining integrity requires robust cybersecurity measures. They operate as a reinforcing cycle, each bolstering the other. Here’s a breakdown of how they work together:

  1. Integrity defines what cybersecurity protects. At its core, cybersecurity is built on the CIA triad—confidentiality, integrity and availability—but in the interest of AI, integrity is a key factor in ensuring that data remains accurate, complete and unaltered without proper authorization. It’s the foundation of trust in any digital system. In the context of FMS, maintaining integrity is critical—altered contract terms or tampered shipment records can result in significant diplomatic and operational consequences. Confidentiality alone is meaningless if the data itself cannot be trusted. Before deploying tools like firewalls or intrusion detection systems, organizations must first define and understand what correct data and system states look like. Cybersecurity measures are then used to preserve and protect that integrity, making it a baseline for all other security efforts.

    2. {line-height: 10px;}

  2. Cybersecurity mechanisms uphold integrity. A range of cybersecurity tools and practices are specifically designed to ensure and maintain integrity. Cryptographic methods such as hashing and digital signatures help verify that data hasn’t been tampered with and that it comes from a trusted source. Access controls, including role-based access and multifactor authentication, restrict who can modify data, reducing the risk of unauthorized changes. Built-in processes like version control and regular backups provide mechanisms to restore data to known-good states if corruption occurs. Meanwhile, intrusion detection and prevention systems, data loss prevention tools and Security Information and Event Management platforms monitor, detect and respond to threats that could compromise data integrity. Vulnerability management ensures that weaknesses are patched before they can be exploited. Collectively, these mechanisms form a layered defense that actively supports the integrity of FMS systems and data.

    3. {line-height: 10px;}

  3. The impact of integrity failures—and cybersecurity’s role in preventing them. Failures in data integrity can have wide-ranging and sometimes devastating effects. Threats like malware and ransomware are designed to encrypt or corrupt data, making it unusable or unreliable. Insider threats, whether malicious or accidental, pose serious risks as they often involve trusted access being misused to alter critical data. Supply chain attacks can introduce compromised components that enable attackers to manipulate systems from within. Even data breaches, typically associated with confidentiality concerns, can lead to the alteration or destruction of data. With the rise of AI and machine learning, the manipulation of training data has become a new frontier for integrity attacks, where poisoned data leads to biased or inaccurate AI outcomes. In all these cases, robust cybersecurity measures—from endpoint protection to monitoring and training—are essential to safeguard integrity and prevent potentially mission-critical failures in FMS operations.

    4. {line-height: 10px;}

  4. Integrity as a cultural component of cybersecurity. Protecting integrity isn’t just a technical task, it’s also a matter of organizational culture. A strong cybersecurity culture places high value on data governance, with clear policies around how data is accessed, modified and stored. Change management ensures that updates to systems or data are controlled and documented, reducing the risk of accidental or unauthorized changes. Audit trails provide transparency and accountability, showing who accessed what data and when. Establishing clear roles and responsibilities helps ensure that individuals are held accountable for data integrity. Finally, organizations committed to integrity must embrace continuous improvement, using lessons learned from audits, incidents and evolving threats to constantly refine their practices. For FMS operations, embedding integrity into the culture ensures that security is proactive, not reactive—anticipating threats and fostering trust among international partners.

While the full scope of AI’s integration into FMS and other aspects of the enterprise is yet to be seen, the U.S. Army Security Assistance Command’s (USASAC) G2/6 division is doing its part to stoke innovation and create a foundation of responsible AI use through two initiatives.

KEEP DOUBLE-CHECKING: While AI can enhance efficiency, qualified personnel must review decisions to ensure sound judgment and accountability. Continuous monitoring and evaluation of AI systems are needed to track performance, identify emerging issues and ensure that systems remain accurate, fair and effective. (Photo by Mikhail Nilov, Pexels)

KEEP DOUBLE-CHECKING
While AI can enhance efficiency, qualified personnel must review decisions to ensure sound judgment and accountability. Continuous monitoring and evaluation of AI systems are needed to track performance, identify emerging issues and ensure that systems remain accurate, fair and effective. (Photo by Mikhail Nilov, Pexels)

The first initiative, a hybrid USASAC Microsoft Copilot sandbox team, serves to guide the strategic and responsible implementation of Generative AI and large language models and assess Microsoft Copilot’s impact on efficiency across existing end-user tools (Excel, Word, PowerPoint) and the potential of integrating it with other supporting applications and capabilities.

Secondly, the G2/6 is hosting a lunch and learn series that aims to position USASAC as early adopters and leaders in leveraging AI for increased efficiency and effectiveness through sessions focused on prompt engineering, identifying use cases, responsible AI usage and future trends and potential.

CONCLUSION
Cybersecurity is the means to protect integrity, and integrity is the goal that gives cybersecurity its purpose. Treating them as separate concerns is a dangerous oversight. A truly secure system is one that not only protects data from unauthorized access but also guarantees its accuracy, completeness and reliability. For FMS, where trust and precision are paramount, this connection is more critical than ever. By prioritizing data quality, cybersecurity and ethical considerations, FMS can unlock the full potential of AI and realize significant cost savings, improved efficiency and enhanced national security.

For more information, go to https://www.army.mil/usasac.

MARJORIE BISHOP is the command information system security manager for USASAC’s G2/6 Cybersecurity Division and has over 18 years of relevant professional experience. She holds a Master of Information Systems from Florida Institute of Technology and a B.S. in business administration from Christian Brothers University. Her certifications include Certified Information Security Manager, Security+CE and Certified Data Privacy Solutions Engineer.