When I began my career as a Special Agent with the Air Force Office of Special Investigations, I witnessed firsthand how policymakers initially approached national security issues related to cyberattacks. They often took an 'as needed' approach to incidents, like ransomware attacks, disrupted public infrastructure, or theft of intellectual property. Fast forward to today – heightened geopolitical tensions, accelerated digitalization, the rapid adoption of AI, and the ubiquity of remote work have exponentially expanded the attack surface. This isn't just an evolution; we’ve been thrust into a new, demanding era of cyberwarfare. Consider this – Palo Alto Networks blocks up to 31 billion cyberattacks daily, with up to nine million of those being novel attacks we've never seen before.
In this challenging new reality, cyberattacks are increasingly central to the prevailing tactics of nation-states determined to harm the United States and our allies. Make no mistake, these adversaries are incredibly advanced. Threat actors are relentlessly on the front foot, constantly innovating. We've seen this in campaigns, like Volt Typhoon and Salt Typhoon, which specifically targeted critical infrastructure. Adversaries are actively leveraging emerging technologies, like AI, to amplify the scale and speed of their attacks – from deepfake-enabled social engineering and enhancing ransomware negotiations, to identifying sensitive credentials and even developing autonomous agentic AI systems capable of independent, multistep operations.
It’s no secret that large enterprises – including government agencies – have historically struggled with the complexity of their IT and security system sprawl when attempting to stay ahead of these increasingly emboldened adversaries. In fact, the federal government holds cybersecurity contracts with over 700 different vendors. This fragmented approach can be challenging for network defenders. Case and point – the 2025 Palo Alto Networks Incident Response Report highlighted that in 70% of cyber incidents we responded to, logs actually existed that could have alerted defenders to the presence of malicious activity, but they simply weren’t discovered before it was too late. We must chart out a better path forward – one that pivots from inefficient, “whack-a-mole” to automated security operations.
Palo Alto Networks — AI Innovation for National Security
That’s precisely why, when the House Homeland Security Committee extended an invitation to Palo Alto Networks to testify on the importance of innovation and partnership in keeping America safe, we were eager to share our unique insights. It was an honor to speak alongside a distinguished panel of witnesses at a field hearing held at Stanford’s Hoover Institution on May 28. During my testimony, I outlined the groundbreaking AI innovations our team has developed. But these aren't just features; they are strategic tools designed to significantly reduce the operational burden on federal agencies and to enhance the protection of our nation's critical infrastructure.
To stay ahead of these mounting and sophisticated threats, Palo Alto Networks is steadfast in our commitment to cyber defense innovation. We are immensely proud to invest an impressive $1.8 billion this year in research and development, as we did last year. We are confident that this innovation – with AI strategically at its core – can fundamentally disrupt the cybersecurity industry's status quo. Our aim is to deliver transformative cybersecurity outcomes, drive much-needed cost efficiency for enterprises, and eliminate cumbersome, inefficient manual processes. This deep innovative spirit is not merely about addressing the threats of today; it's about preparing for and combatting the emerging, complex risks, like encryption-breaking quantum computing, that loom on tomorrow’s horizon.
AI-Driven Defense and Secure AI by Design
To be effective and build a resilient national security posture, public-private cyber collaboration must be a robust two-way street. Given that sophisticated threat actors are relentlessly targeting systems in both sectors, it is imperative that we establish open lines of communication and foster genuinely shared accountability for detecting, understanding and mitigating new types of attacks. This collective effort is crucial for achieving measurable cybersecurity outcomes, particularly improving metrics, like Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), which are currently plagued by overwhelming complexity and manual processes in many security operations centers today.
As AI rapidly proliferates, securing AI itself becomes paramount. AI use is surging in the U.S. federal government – 41 government agencies reported a total of 2,133 AI use cases for the Consolidated 2024 Federal AI Use Case Inventory, up from 710 in 2023. With thousands of AI apps and models in use, this expanded attack surface brings with it expanded data security and network security challenges. We're seeing employees use unauthorized AI apps and models being “jailbroken.” AI for defense is only viable if we also ensure AI itself is a secure foundation.
This demands Secure AI by Design – embedding security from the ground up to ensure resilience. This means organizations must prioritize clear visibility into their AI assets, continuously assess risks across the entire AI supply chain, and proactively protect against emerging threats. These principles are aligned with frameworks, like the NIST AI Risk Management Framework, and our intention to acquire Protect AI underscores our commitment to leading this crucial area.
Partnerships for a Resilient Future
Staying ahead of threats requires that our people, processes and technology are always working in concert. To that end, Palo Alto Networks applauds the reintroduction of the Cyber PIVOTT Act. This visionary bill astutely recognizes the paramount importance of seamless collaboration between the government, community colleges and industry. It robustly backs the power of hands-on, skills-based exercises as essential for building a diverse and capable pipeline of skilled cybersecurity professionals. These individuals are not only ready but eager and capable of protecting our digital way of life.
At Palo Alto Networks, our commitment extends even further, encompassing our vital work with government agencies to broaden access to essential cybersecurity education. Through the Palo Alto Networks Cybersecurity Academy, we proudly offer free and accessible curricula, meticulously aligned to the NIST National Initiative for Cybersecurity Education (NICE) Framework, to academic institutions ranging from middle school all the way through college. Furthermore, our Unit 42 Academy provides job training for early-career professionals, particularly those with university and military backgrounds. As full-time members of our incident response and cyber risk management teams, these individuals spend 15 months developing skills through specialized, instructor-led courses, on-the-job training and mentorship, equipping them with the critical, real-world skills they need to excel in cybersecurity.
Partnership is in our DNA at Palo Alto Networks, and our collective defense depends upon deepening collaboration between industry and government. We continue to see productive collaboration across a range of cybersecurity-focused convening bodies, including CISA’s Joint Cyber Defense Collaborative (JCDC). Additionally, recognizing the importance of bilateral information sharing between the public and private sectors, we fully support reauthorizing the Cyber Information Sharing Act of 2015 – and appreciate the strong bipartisan interest in doing so.
Building a robust and resilient national security framework is essential to safeguarding America’s future – ensuring safety, security and prosperity. Achieving this shared goal demands unwavering commitment from both the government and the private sector. In close coordination and trusted partnership with our federal partners, Palo Alto Networks is proud to do our part, not just today, but for decades to come, in shaping this secure future.