The Department of Energy’s Pacific Northwest National Laboratory has transitioned an artificial intelligence-based cybersecurity research effort into operational use to strengthen cyber defense.

Register today for the Potomac Officers Club’s 2026 Cyber Summit on May 21 to join top government and industry leaders addressing escalating cyber threats, zero trust progress ahead of the 2027 deadline and the future of cybersecurity.

How Does the MERU Technology Work?

PNNL said Thursday the new technology, dubbed Multimodal Entity Relationship Unification, or MERU, uses AI and graph theory to connect databases and train the system to extract key information while adapting to new data and environments. Developed by a team of PNNL researchers led by Chief Computer Scientist Mahantesh Halappanavar, MERU creates a “free-flowing stream of data” that connects global threat intelligence with a company’s specific computing setup.

It integrates up-to-date news about cyber attacks with databases such as the National Vulnerability Database, Common Weakness Enumeration, Common Attack Pattern Enumeration and Classification, and MITRE ATT&CK to provide a unified view of risks. This enables security teams to understand how attacks happen and help them identify and stop threats before they cause serious damage.

What Impact Has MERU Shown?

Early implementation by PNNL’s IT operations team has enabled rapid identification of high-priority threats and the creation of roadmaps to halt likely attacks. Joseph Aguayo, PNNL deputy chief information security officer, stated that the program breaks down massive amounts of threat intelligence into actionable insights. The capability is particularly vital for defending against zero-day attacks, where security teams must adapt defenses in real-time before official software patches become available.

A Government Accountability Office review found that most federal agencies are not using the Office of Personnel Management’s Cyber Workforce Dashboard, raising questions about the tool’s effectiveness in addressing governmentwide cyber workforce challenges.

Register today to join the Potomac Officers Club’s 2026 Cyber Summit on May 21 and explore how emerging technologies are redefining cybersecurity strategies amid escalating global threats and to connect with industry leaders.

What Did GAO Find About Agency Use?

GAO reported that five of six agencies reviewed, along with OPM itself, were not using the dashboard designed to support workforce planning. The General Services Administration was the only agency using the tool, primarily to inform staffing decisions. However, all six agencies cited issues with the dashboard’s functionality, access and data usability, while also noting communication challenges with OPM regarding the platform.

Why Is the Cyber Workforce Dashboard Underperforming?

The dashboard, launched in 2023, was designed to provide a government-wide view of federal cybersecurity workforce data and enable agency benchmarking. However, agencies reported issues with functionality, access and data usability, along with communication gaps with OPM. Moreover, OPM has not assessed usage across roughly 20 additional agencies or collected formal feedback to guide improvements. GAO said these challenges have limited its effectiveness in addressing the shortage of skilled IT professionals.

What Actions Did GAO Recommend?

GAO recommended that OPM gather and analyze data on the dashboard’s use, as well as feedback from the agency on its limitations. It also advised OPM to evaluate the costs and make an evidence-based decision on whether to discontinue the dashboard or enhance it to address the identified issues. OPM partially concurred, stating it will work with the Office of the National Cyber Director and the Office of Management and Budget to determine next steps.