“The threat now is a different spot. These new AI capabilities [are] lowering the barrier of entry and exposing more of our attack service,” David Markowitz, deputy chief information officer and chief data and analytics officer for the Army, said at the TechNet Cyber conference in Baltimore today.
David Markowitz on AI-driven risk
At a public session at the TechNet Cyber conference, Markowitz framed the arrival of artificial intelligence tools as a qualitative change in the Army’s risk landscape. He said the new capabilities are “lowering the barrier of entry,” meaning techniques that once required specialized skill or effort can now be scaled more easily by attackers. That shift, he warned, increases the surface area an adversary can probe and potentially exploit inside the service’s information environment.
The Army’s unified network (2021 decision)
Markowitz tied the risk to a prior modernization choice: in 2021 the Army pursued what it called a unified network, consolidating data and services that had previously been split between enterprise systems at static locations and tactical, expeditionary systems used on the battlefield. With “all data under now under a single architecture,” he said, the service must gain a more detailed understanding of the “ins and outs of the network” because a flaw or exploitation point in one place can now have broader consequences across the unified architecture.
Rapid detection, ingestion, and response as the operational imperative
The central technical challenge Markowitz described is not discovery alone but speed. “We really need to better understand our unified network, rapidly understand where those attacks may be coming in … and be able to ingest the threat and act faster than any adversary,” he said. He repeatedly emphasized the need to convert detection into action: “The ability to see a threat very rapidly and make a change and say, ‘That’s got to go off right now, it’s got to be patched, we’re going to do something very different because of threats in our knickers,’” he told the conference.
Markowitz framed that capability as new to the Army’s operating environment. “We have not had that type of challenge. It is before us, and we need to be able to adapt rapidly, so that we can move faster than any adversary,” he said, identifying both the tactical requirement and the gap the service must close.
Cultural and training barriers inside the service
Beyond architecture and tools, Markowitz named culture and bureaucracy as likely the largest remaining obstacles. He described an institutional posture oriented around compliance and checklists rather than an “operational mindset.” Addressing the AI-driven threat, he said, will require reskilling personnel and adjusting bureaucratic processes so that teams can act quickly when intelligence or telemetry indicates an active attack vector.
That emphasis on people and process—training the workforce and reshaping decision pathways—figures prominently in his assessment of what the Army must change to match the speed of evolving threats.
What this means for technologists, policymakers, and end users
- Technologists and security teams: Markowitz’s remarks put a premium on tooling and telemetry that support rapid threat ingestion, analysis, and automated or near-automated response across a consolidated architecture. Teams will need to prioritize visibility across the unified network and mechanisms that can quickly isolate or patch compromised elements.
- Policymakers and procurement leaders: The shift to a single network architecture creates dependencies that procurement and policy choices must reflect. Decisions about interoperability, patch windows, and prioritized protections will matter because a single vulnerable component can affect broader mission systems.
- End users and the force: Increasingly interconnected services mean that end users—whether at fixed installations or in expeditionary contexts—may see changes to operational procedures and access policies as defenders move more quickly to isolate threats or deploy defensive changes.
Markowitz’s remarks at TechNet Cyber focused not on a single vulnerability or incident but on a systemic tension: the Army has consolidated its networks to gain shared capability, and that consolidation now requires a new tempo of defense to keep pace with capabilities unlocked by AI. His prescription centers on better visibility, faster action, and cultural change to make speed the norm rather than theexception.




