Artificial intelligence (AI) is a top priority for the Department of Defense (DoD), as its data collection, analysis and management capabilities can help U.S. forces maintain an information advantage in the field.
But as with any new technology, AI must be viewed through both the lens of what it can do and what it cannot do. While it is a great tool for sifting through reams of data to identify patterns or information such as what changed over a certain timeframe of reconnaissance photos, it has limitations as a decision-making tool. Setting up parameters for what AI can and cannot do is critical to using it successfully.
“You want to set up your agent to have guardrails where it’s not only do you say ‘this is what you can do’, you also say ‘this is what you can’t do, this is what you’re not allowed to do,’” says David Egts, Field CTO for MuleSoft Global Public Sector at Salesforce. “Having the testing is really important. Generate thousands of test cases to try to break it in very different ways.”
Defense News spoke with Egts to get his insights on how AI is being adopted in the DoD, what it can do, and how to guard against it being used improperly.
This transcript has been edited for length and clarity.
Defense News (DN): What do agencies need to know about preparing for that more widespread adoption of AI? What are the big challenges to implementing it in a way that meets their needs without causing a widespread disruption?
David Egts (DE): Instead of ‘we’re going to adopt AI more,’ I would be looking at ‘what problem we’re trying to solve’ first. Agencies should get away from the mindset of ‘AI is the solution. What’s the problem?’ They need to look at what problems they are trying to solve and then how AI can be used to augment them.
The U.S. does not have a monopoly on AI, and our adversaries are also rapidly adopting AI. Whoever can make the best decisions the fastest will win. So AI is going to go from a “nice-to-have” or “we should look at it someday” to being a strategic necessity.
Decision advantage is not just making faster decisions or the right decisions; it’s both. It’s making the right decisions faster than your adversary can keep up with.
Several challenges hinder faster, better decision making. Number one is data gravity and data silos. The DoD and other agencies have a wealth of data, even if it’s not always readily at their fingertips. This is trapped data, data that is inaccessible. Your AI is only going to be as good as the data that it has access to. Otherwise, it’s going to lead to hallucinations where the AI makes up something that sounds plausible, but it may or may not be grounded in real data.
The second challenge is cultural silos preventing the sharing of data to provide a holistic picture. In the same way we had server huggers who didn’t want to migrate to the cloud, we now have data huggers — ‘that’s my data, you’re not getting access to it.’ There are good reasons why people are unwilling to share their data. They don’t want to share it because the moment that they give up that data and share it with others, they lose control over it, and that could come back to haunt them.
So, they’re going to be very culturally resistant to sharing that data with others. But that will make decision-making slower and less accurate. We need to work on overcoming these cultural silos.
DN: So how do you define “here is what we need AI to do” and also say “it’s not ready to do this yet”?
DE: There’s a framework called jobs to be done. It’s a way to do product design and analysis of what the jobs are that need to be done, whatever the product you’re developing.
How do we look at the jobs to be done for a warfighter, for a logistician, you name it? And instead of ‘I’m going to replace this person with an AI,’ it’s figuring out how to apply AI to augment this person. Let’s take a look at the jobs to be done. What is that person doing in their day-to-day? And then figure out of that catalog of jobs to be done, which of those jobs could be augmented by AI, and which ones can be replaced by AI? And there could be some tedius, low-value, low-risk grunt work that could be completely done by AI. AI-augmentation of these tasks is the low-hanging fruit that’s going to free up the person to work on higher-level things that lead to faster, better decisions overall. These quick wins will also pave the way to grassroots and senior leadership support to handle the next round of more challenging augmentations.
Imagine the satellite analyst. Instead of doing the entire satellite correlation from beginning to end, the AI could say to the analyst, “I just noticed this anomaly,” and then it leaves it up to the expert analyst to figure out what the interpretation of that is.
DN: Everybody says, hey, we’ve got to have a good data model for AI, we’ve got to have good data to train it on, and good data to use. But what does that look like in practice? What does it look like to actually have a good data set?
DE: I’m not a fan of the government training models. It’s expensive, time-consuming, and immediately out of date the moment you stop training the model. Instead, agencies should look at connecting off-the-shelf models with their data. That can be done with Retrieval-Augmented Generation (RAG) to ground prompts with agency data, the Model Context Protocol (MCP) to connect AI agents to systems of record live data, and the Agent2Agent (A2A) Protocol to have agents work together and share data. All of these capabilities rely on unlocking their trapped data and making them available to their AI systems.
DN: As you think about how the government is going to be adopting AI, what are the things that have you excited and then what are the things that keep you up at night?
DE: I’m excited about the future. Five years ago, I wouldn’t have dreamed of the tools we have today, and I can’t wait to see what the next five years of advancement will bring.
As for the things that keep me up at night, AI’s rapid innovation often outpaces its security. The good news is that a lot of the things we learned along the way with Zero Trust, API management, and data protection will help us put guardrails in place to minimize and possibly negate the impact of security vulnerabilities.