Explore every episode of the podcast Tech Transforms
| Title | Pub. Date | Duration | |
|---|---|---|---|
| Exploring AI Trends and Cybersecurity Evolution in the Federal Tech Landscape with Jason Miller | 10 Apr 2024 | 00:46:04 | |
Jason Miller is the Executive Editor of Federal News Network and has covered the federal technology space over the course of five Presidential administrations. He brings his wealth of knowledge as he joins Tech Transforms to talk about AI, the top things government agencies are working towards this year and his predictions around FedRAMP changes. Jason also pulls on his decades of experience as he discusses events that changed the nation's approach to cybersecurity and the longstanding need to have data that is better, faster and easier to use. Key Topics
Cybersecurity Evolution: Examining Technology's Political Neutrality and AI Commitment Through Administrative ChangesConsistent Focus on Cybersecurity Evolution Across Political Administrations Jason expressed a clear conviction that technology issues are largely immune to political fluctuation and are a continuity in government agendas. Reflecting on his experience across five administrations, he noted that the foundational technological discussions, such as cloud adoption, cybersecurity enhancement and overall IT improvement are fundamentally preserved through transitions in political leadership. He highlighted that the drive to enhance government IT is typically powered by the resilience and dedication of public servants, who generally carry on valuable reforms and initiatives regardless of the sitting administration's politics. These individuals are essential to sustaining progress and ensuring that technology remains a key priority for effective governance. Federal IT Policies Consistency: "No one comes in and says, I'm against AI, or cloud is bad, move back on premise, or cybersecurity, defund cybersecurity. I think those are the issues that stay the same." — Jason MillerExecutive Orders and AI AdoptionAddressing the specifics of executive orders, particularly those influencing the implementation and development of artificial intelligence (AI), Jason examined their historical persistence and their potential to shape operational practices in the government sector. He and Mark discussed how the stability of AI-related orders through various administrations is indicative of a broader governmental consensus on the integral role AI holds in modernizing federal operations. Despite changes in leadership, the incoming officials frequently uphold the momentum established by their predecessors when it comes to leveraging AI. Indicating a shared, bipartisan recognition of its strategic importance to the government's future capabilities and efficiencies. Cybersecurity Evolution: Zero Trust Principles and Network Security Challenges in Federal AgenciesZero Trust and Cybersecurity BudgetingDuring the podcast, Carolyn and Jason delve into the current trends and expectations for federal cybersecurity advancements, with a particular focus on zero trust architecture. Their discussion acknowledged that agencies are on a tight schedule to meet the... | |||
| So What?: Understanding Disinformation and Election Integrity with Hillary Coover | 27 Mar 2024 | 00:40:42 | |
Can you spot a deepfake? Will AI impact the election? What can we do individually to improve election security? Hillary Coover, one of the hosts of the It’s 5:05! Podcast, and Tracy Bannon join for another So What? episode of Tech Transforms to talk about all things election security. Listen in as the trio discusses cybersecurity stress tests, social engineering, combatting disinformation and much more. Key Topics
Navigating the Disinformation QuagmireDissecting Misinformation and Disinformation Hillary Coover brings attention to the pivotal distinction between misinformation and disinformation. Misinformation is the spread of false information without ill intent, often stemming from misunderstandings or mistakes. On the other hand, disinformation is a more insidious tactic involving the intentional fabrication and propagation of false information, aimed at deceiving the public. Hillary emphasizes that recognizing these differences is vital in order to effectively identify and combat these issues. She also warns about the role of external national entities that try to amplify societal divisions by manipulating online conversations to serve their own geopolitical aims. Understanding Disinformation and Misinformation: "Disinformation is is a deliberate attempt to falsify information, whereas misinformation is a little different." — Hillary CooverThe Challenges of Policing Social Media ContentThe episode dives into the complexities of managing content on social media platforms, where Tracy Bannon and Hillary discuss the delicate balance required to combat harmful content without infringing on freedom of speech or accidentally suppressing valuable discourse. As part of this discussion, they mention their intention to revisit and discuss the book "Ministry of the Future," which explores related themes. Suggesting that this novel offers insights that could prove valuable in understanding the intricate challenges of regulating social media. There is a shared concern about the potential for an overly robust censorship approach to hinder the dissemination of truth as much as it limits the spread of falsehoods. The Erosion of Face-to-Face Political DialogueThe conversation transitions to the broader societal implications of digital dependency. Specifically addressing how the diminishment of community engagement has led individuals to increasingly source news and discourse from digital platforms. This shift towards isolationistic tendencies, amplified by the creation of digital echo chambers, results in a decline of in-person political discussions. As a result, there is growing apprehension about the future of political discourse and community bonds, with Hillary and Tracy reflecting on the contemporary rarity of open, face-to-face political conversations that generations past traditionally engaged in. The Shadow of Foreign Influence and Election IntegrityChallenges in India’s Multiparty Electoral SystemIn the course of the discussion, the complexity of India's... | |||
| Patrick Johnson on Unlocking the Potential: Enhancing Cyber Workforce and Technology in the Department of Defense | 29 Nov 2023 | 00:47:01 | |
Have no fear, your new wingman is here! AI is by your side and ready to help you multiply your abilities. Patrick Johnson, Director of the Workforce Innovation Directorate at the DoD CIO discusses how his team is working to further implement AI ethically and safely in areas such as human capital to expedite finding talent. Patrick also shares his passion for building cyclical pipelines to ensure that talent, and ideas, flow seamlessly between the government and private sector. Join us as we dive further into AI’s benefits and how government and industry can be cyber workforce innovation partners. Key Topics
The DoD's Cyber WorkforceCyber Workforce Improvement Is Crucial Patrick states that the Department of Defense's (DoD's) total cyber workforce, comprising military, civilian and industry partner contractors, is around 225,000 people. He notes that the DoD has the biggest gap in the civilian cyber workforce, which makes up about 75,000 people. According to Patrick, one of the key problems when bringing new cybersecurity technologies online is failing to adequately train the existing workforce on how to use and get value from those technologies. Training and Upscaling the Current Cyber WorkforceRather than pursuing full re-skilling of employees which can set them back, Patrick advocates for upskilling the current DoD cyber workforce. This involves assessing talent and capability gaps. Then providing the workforce with the necessary training to perform new technologies appropriately. Patrick states that partnering workforce members with automated processes like AI can help them become more effective by highlighting key info and threats. The Importance of Training and Upscaling in the Cyber Workforce: "Well, it's great to put new technology on the table. But if you don't take the time to train the workforce you have in the programs or the systems you're bringing online, you lose that effectiveness and you don't really gain the efficiencies or the objectives that you need to be."— Patrick JohnsonAutomation and AIAI Is Seen as a Partnership With the Human Cyber WorkforcePatrick views AI as a partnership with the human workforce rather than a threat. He emphasizes that AI should be seen as a "wingman or wingperson" that boosts productivity and acts as a force multiplier. Patrick explains that AI excels at rote, tedious tasks allowing the human workforce to focus more on creativity. AI Helps With Rote and Tedious TasksAccording to Patrick, AI is adept at attention-to-detail tasks that would be tedious for a human to manually perform. He provides the example of a cybersecurity analyst or defender whose productivity can be enhanced by AI highlighting anomalies in data... | |||
| Unraveling SBOM Challenges: AI, Transparency and Policy Perspectives in Software Security | 15 Nov 2023 | 00:46:45 | |
Meet the man on a mission to make software bill of materials (SBOMs) boring. In this So What? episode, Tracy Bannon and Carolyn Ford sit down with Allan Friedman the Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency (CISA). Allan tells us about how he is working to change how all software on the planet is made and sold, no big deal right? Join us as we dive into the world of SBOMs, xBoMs, and Secure by Design. Key Topics
Challenges and Implementation of SBOMsSelf-Attestation for SBOMs Allan Friedman explained that there is currently a self-attestation model for SBOMs, where companies can sign a form stating that they have implemented SBOMs, rather than providing the actual SBOM data. This allows flexibility for organizations that are not yet ready to fully comply. However, it means buyers have to trust the attestation rather than seeing the SBOM details directly. Secure Software Development Model Compliance: "The challenge there is turning the framework back into a compliance model. Because, again, at the end of the day, everyone wants to think about things. Right? Understand your risk, but you still need to make that yes or no decision."— Allan FriedmanTracy Bannon noted some companies have concerns about sharing their SBOM data with customers, worrying that the customer may not have secure enough practices to properly protect the SBOM. Allan Friedman explained SBOMs do not need to be public - they can be shared privately between supplier and customer. Known unknowns in the SBOM can also help address concerns about revealing proprietary information. Debate About the Risk of Sharing SBOMs as a Road Map for AttackersAllan Friedman argued that sophisticated attackers likely do not need the SBOM, as they have other ways to analyze and reverse engineer software. Automated attacks also do not leverage SBOMs. He noted defenders actually need the visibility an SBOM provides into components and dependencies. There may be some risk of exposing attack surface, but the benefits seem to outweigh that. The Importance of SBOM for Product Security: "If we had this, we had SBOM across our products today, it would save us thousands of hours a year Because whenever the next Log4j comes out, if you have a centralized machine readable, scannable system, It's not that hard." — Allan FriedmanAllan Friedman noted there has been some lobbyist pushback against SBOM mandates, often coming from trade associations funded by companies already implementing SBOMs. He said while healthy debate is good, many of the lobbyist complaints seem misguided or overblown. The Potential Role of AI in Creating SBOMs and Its Implications for SecurityCarolyn Ford asked whether AI could help automate SBOM creation, especially for legacy systems. Tracy Bannon cautioned that AI is not yet at the point where it can reliably generate code or understand large complex... | |||
| It's Time To Bust the Ghosts in Our Cars with Eric Monterastelli Halloween Series Part III | 31 Oct 2023 | 00:39:22 | |
In the final, crossover episode of our three-part Halloween series, Eric Monterastelli, Public Sector SE at Delinea, Founder, Crew Chief of Gran Touring Motorsports and Host of the Break/Fix Podcast, joins Carolyn Ford and Tracy Bannon to discuss the scary reality of car security. Is your car spying on you? Can a nefarious actor take over your car? Does your car know your deep personal data like your immigration status, race and more? Hint: It can and it does. Key Topics
The Intersection of Cybersecurity, Car Security and the Ghostbusters MissionGhostbusters Mission: Car Security & Car Hacking Eric Monterastelli talks about how cars have evolved to include more computing technology, which opens them up to potential attacks. He gives the example of a Jeep that was hacked to shut off while driving, demonstrating the real dangers. Tracy Bannon contrasts U.S. car manufacturers that use many third-party components versus Tesla's more integrated system. She argues Tesla's approach may lend itself to more car security. The hosts explore different potential attack vectors into vehicles, like Bluetooth connections. Mozilla Participants Share Automotive InfoSec InsightsEric Monterastelli shares findings from a Mozilla report about the wide range of deep personal data that can be collected from cars. Including things like facial expressions, weight, health information and more. The hosts are alarmed by the privacy implications. Tracy Bannon advocates that car manufacturers need to make cybersecurity a priority alongside traditional safety. She indicates cars are data centers on wheels, collecting information that gets sent back to big cloud data centers. They emphasize the need for vigilance from car owners about what information they allow their vehicles to collect. Concerns About Data Collection in Modern VehiclesModern Car Security: Braking, Speed and Steering PatternsEric discusses the extensive data that is now collected by modern vehicles, especially EVs. He notes that information is gathered on things like stopping distances, brake pressure applied, vehicle speed and overall driving habits. This data is no different than the type of driver performance analysis done in race cars. Automakers are collecting real-world usage data from customer vehicles to analyze driving patterns and vehicle responses. Tracy adds that the average new vehicle contains over 100 different computers and millions of lines of code that are all networked together. This networked data covers areas like powertrain functions, safety features and infotainment systems. All of this interconnected data presents opportunities for tracking very detailed driving behaviors. Privacy Risks in Driving: Collecting Personal Data and ConcernsEric cites a concerning report that modern vehicles can potentially collect extremely sensitive personal data simply through normal driving. Including information on immigration status, race, facial expressions, weight,... | |||
| Insider Threats, Critical Infrastructure and Evolving AI, Oh My! with Grant Schneider Halloween Series Part II | 18 Oct 2023 | 00:44:49 | |
In the second episode of our 3-part Halloween series, Grant Schneider, Senior Director of Cybersecurity Services at Venable and former federal CISO, discusses the frightening implications of insider threats, how we are protecting critical infrastructure, and what it was like working on cybersecurity in the White House under both President Obama and President Trump. Key Topics
Introduction to National Cybersecurity Awareness MonthPurpose of Raising Awareness About Cybersecurity Grant explained that one of the great things about National Cybersecurity Awareness Month is exactly raising awareness and providing an opportunity to hopefully spend time thinking about and discussing cybersecurity. He noted that for organizations already focused on cybersecurity daily, the awareness month may not raise their awareness much more. However, many organizations don't constantly think about cybersecurity, so for business leaders and executives who may now recognize the existential threat a cyber incident poses, the awareness month offers a chance to have important conversations they may have previously avoided due to lack of understanding. National Cybersecurity Awareness Month: "You're only one bad kind of cyber incident away from your organization not existing anymore."— Grant SchneiderOpportunities for Organizations to Have Conversations About CybersecurityAccording to Grant, leaders who don't grasp cybersecurity risks may personally fear initiating conversations to ask what the organization needs to do to address risks. National Cybersecurity Awareness Month provides an opportunity for these leaders to have the necessary conversations and gain education. Grant said the awareness month is a chance to discuss basics, like implementing multifactor authentication, patching and updates. He observed that much of the content produced for the awareness month focuses on cybersecurity fundamentals, so it allows organizations to dedicate time to shoring up basic defenses. Overall, Grant emphasized National Cybersecurity Awareness Month facilitates essential cybersecurity conversations for organizations and leaders who otherwise may not prioritize it consistently. Evolution of Insider Threat in the Intelligence CommunityScreening Out Bad Actors During the Hiring ProcessGrant explains that in the early days of his career at the Defense Intelligence Agency (DIA), insider threat mitigation focused on screening out bad actors during the hiring process. The belief was that malicious insiders were either people with concerning backgrounds trying to get hired, or nation-state actors attempting to plant individuals within the intelligence community. The screening process aimed to identify and reject potentially problematic candidates. Nation-State Actors Planting Individuals Within the CommunityHe mentions the... | |||
| Unmasking the Specter: Mr. Egts' Journey into the Impact of Generative AI on Government Transformation | Halloween Series Part I | 04 Oct 2023 | 00:49:59 | |
In the first episode of our 3-part Halloween series, Dave Egts, Mulesoft Public Sector Field CTO at Salesforce, details what's scaring the public sector most and how Salesforce is utilizing - and securing - AI to improve customer experience with their Einstein Trust Layer. Additionally, Carolyn and Dave dive into the spooky worlds of brain cell chips, mind-reading AI and more. Key Topics
Quotable Quotes Considerations for the Public Sector While Using AI: "As you're going on your AI journey, you've got to be looking at the EULA [End User License Agreement] and making sure that, okay, if I give you data, what are you going to do with it?" On Bias & Disinformation in Generative AI: "There were some previous studies that show that people are more likely to go with the generative AI results if they trust the company and they trust the model. So it's like, 'Oh, it came from Google, so how can that be wrong?' Or 'I'm trusting the brand,' or 'I'm trusting the model.'" About Our GuestDavid Egts is MuleSoft’s first-ever Public Sector field CTO. Outside of MuleSoft, David is the founding co-chair of the WashingtonExec CTO Council, where he advises numerous companies on working with the public sector. David has received numerous industry-wide recognitions, including as an FCW Federal 100 winner, a FedScoop 50 Industry Leadership awardee and one of WashingtonExec’s Top Cloud Executives to Watch. He has won multiple employee honors from Red Hat, Silicon Graphics and Concurrent Technologies Corporation. Episode LinksDave & Gunnar Show Episodes
Additional Links | |||
| So What? China's Grip on Telecommunications with Jon Pelson, Author of "Wireless Wars" | 27 Sep 2023 | 00:49:16 | |
In this So What? episode, Jon Pelson, author of the best-selling book "Wireless Wars," discusses China’s impact on the telecommunications space. He also shares the frightening security concerns around Chinese components in 5G networks and discusses why the FCC's ban on these components may not be enough. Key Topics
Quotable Quotes On Huawei's Tower Placement: "Our nuclear missile bases, our special operations command at the nuclear sub base are all served by Huawei cell equipment." I said, 'That's impossible. They have like 0.1% market share. How could they have every nuclear missile site?' I started looking into it. The reason I called the book 'Wireless Wars' is because it's a war that's being fought through what appears to be business means. This is not business." -Jon Pelson On Why We Should Protect Data: "People say, 'I have nothing to hide.' Especially the younger generation says, 'Look, my privacy, in that regard, is not that important.' I was asked at the end of an interview, 'What would happen if China got control over us the way they're trying to?' I said, 'You don't have to scratch your head and do scenario planning. Look at places where China has control over the population.' -Jon Pelson About Our GuestJon Pelson spent nearly 30 years working as a technology executive, including serving as vice president at Lucent Technologies and chief of convergence strategy for British Telecom. His work with China’s telecom industry during this time led Pelson to write his best-selling book "Wireless Wars" China’s Dangerous Domination of 5G and How We’re Fighting Back." Episode Links
| |||
| Insights from the Billington Cybersecurity Summit with Willie Hicks, Federal CTO at Dynatrace | 20 Sep 2023 | 00:22:32 | |
On this special episode, Willie Hicks and Carolyn Ford discuss the Billington Cybersecurity Summit, as well as insights from panels, led by Willie, on workforce automation and zero trust. Key Topics
Quotable Quotes On the Human Factor: "I think this is always the case, that the human's usually going to be the weakest link. We're always the weakest link. But that's why that constant reverification is so critical." On Generative AI: "We can't fear these things like generative AI. We've got to embrace it. We've got to use it. We've got to figure out how to use it and use it right and use it appropriately. But we have to figure out how to use it because you know who's using it? Our adversaries." About Our GuestWillie Hicks is the Public Sector Chief Technologist for Dynatrace. Willie has spent over a decade orchestrating solutions for some of the most complex network environments, from cloud to cloud native applications and microservices. He understands tracking and making sense of systems and data that has grown beyond human ability. Working across engineering and product management to ensure continued growth and speed innovation, he has implemented Artificial Intelligence and automation solutions over hundreds of environments to tame and secure their data. Episode Links
| |||
| Keeping Your Eyes Open For Opportunity with Sandi Larsen, Vice President of Global Security Solutions at Dynatrace | 06 Sep 2023 | 00:33:13 | |
Sandi Larsen, Vice President, Global Security Solutions at Dynatrace, joins our host Carolyn Ford to share her perspectives on the relationship between zero trust and defense in depth. She also discusses her storied career, leadership and what it's like to be a woman in technology (although she dislikes the term). Additionally, Sandi shares her advice on identifying mentors, finding your voice and battling imposter syndrome. Key Topics
Quotable Quotes On Finding Inspiration: “You just can't sleep on these pivotal people in your career whether they're ahead of you or beside you or even behind you, I’ve been inspired by people that I am mentoring.” On Having Mentors: “Find mentors, they are just invaluable and will be throughout your whole entire career, no matter what stage you're in. At the beginning, at the middle, later in your career, they will always be indispensable for you.” On Using Your Voice: “Speak up. Just have a voice. And if that voice in your head is planting doubt, don't listen to it. If it's coaching you on what to say and what not to say, and being wise about that, listen to that. But if it's planting seeds of doubt, you've got to you have to push it aside. And you have to take that step. Because if you don't, you might be missing out on the next best thing.” About Our GuestSandi Larsen currently serves as the Vice President of Global Security at Dynatrace. Prior to joining Dynatrace in November 2020, Sandi held various positions, including sales and systems engineering roles in cybersecurity and financial services organizations. Episode Links | |||
| Building a Community of Trust with Tom Billington, CEO of Billington CyberSecurity | 23 Aug 2023 | 00:38:51 | |
Tom Billington, CEO of Billington CyberSecurity and Producer of the Billington CyberSecurity Summit, joins Carolyn and co-host Mark Senell to discuss the upcoming 14th Annual Billington CyberSecurity Summit, what goes into creating a valuable community for both the government and the commercial sector, and the important topics that will be the basis for this year's conference. Key Topics
Quotable Quotes On Founding Billington Cybersecurity Summit: "I really started this business to be distinctly patriotic, to provide a serious dialogue in a way that I felt wasn't really being done at that time...So breaking into the federal cybersecurity community, to be honest, was hard as an entrepreneur. We had to build trusted relationship after trusted relationship. Over the course of 14 years, it's become decidedly easier now, now that we have had the privilege of having those trusted relationships." On Zero Trust: "Many of the areas that zero trust encompasses have been around since the profession has existed in cybersecurity. But at no other time has the U.S. government proclaimed the importance of this overarching field as it has in the last few years. So it becomes important for the government. It becomes important for the industry leaders who serve them." On International Cyber Collaboration: "So it's not just the U.S. team sport. It's an international team sport. The partnership with our international allies is crucially important." About Our GuestBefore launching his company in 2010, Tom Billington spent nearly two decades producing hundreds of events, publications and articles for four of the world’s leading media companies: Reader’s Digest, Phillips Business Information, BNA (now Bloomberg BNA) and Thomson Reuters. Now, Tom is the CEO and Founder of Billington CyberSecurity, a leading independent education company founded in 2010 with an exclusive focus on cybersecurity education. Every year, he hosts the Billington Cybersecurity Summit, which is known as the world's leading government summit on cybersecurity with the unique educational mission of convening the who's who in cybersecurity: the senior leadership from the U.S. government, our allied partners, and their industry and academic partners. Episode Links
| |||
| Developing the Collective Defense with Ann Dunkin, CIO at the U.S. Department of Energy | 09 Aug 2023 | 00:38:25 | |
Ann Dunkin, Chief Information Officer (CIO) at the U.S. Department of Energy (DOE), joins Carolyn and guest host Willie Hicks to discuss the National Cybersecurity Strategy and what it takes to secure a large agency like the DOE, as well as how agencies balance cybersecurity compliance and risk management. She also highlights the DOE's role in the Partnership for Transatlantic Energy and Climate Cooperation (P-TECCC) and the agency's relationship with its industry partners. Key Topics
Quotable Quotes On the Collective Defense: "The principles of collective defense, which underlie the cybersecurity strategy are incredibly important. That concept that we can't individually be safe, we have to work together. Once upon a time, you'd say, oh, if my cybersecurity's better than the guy down the street, they'll go down the street and forget about me. And we just can't do that. We're too interconnected. There's too much work we do together. There's too many interconnections between our systems. We absolutely positively have to develop that collective defense. In addition, part of that collective defense is ensuring that the burden of defense falls to those most able to deliver on that." - Ann Dunkin On balancing risk vs. compliance: "The reality is we can't do all the compliance. And so we absolutely have to look at risk to prioritize it. But I would argue that you should always look at your risk and balance that against your compliance exercises. Because number one, if you do all the compliance and then you start risk mitigation, you may be missing something big. But number two, because you probably don't have enough money to do all the compliance anyway." - Ann Dunkin On workforce development: "I firmly believe that we need pathways to move people in between the private and public sectors. And we need to make it easier for people to cycle between those places over the course of their career to leave government, to come back to government and to learn from each other. And also for the government through DOE and through other places to help build a workforce within the government that looks like America. And then to help the rest of America grow their workforce capabilities." - Ann Dunkin About Our GuestAnn Dunkin serves as the Chief Information Officer at the U.S. Department of Energy, where she manages the Department’s information technology (IT) portfolio and modernization; oversees the Department’s cybersecurity efforts; leads technology innovation and digital transformation; and enables collaboration across the Department. Ms. Dunkin is a published author, most recently of the book Industrial Digital Transformation. Episode Links | |||
| Advancing USPTO's Mission: Insights from Deputy CIO Deborah Stephens | 13 Mar 2024 | 00:45:12 | |
Deborah Stephens, the Deputy Chief Information Officer for the United States Patent and Trademark Office (USPTO), “grew up” so to speak in the USPTO. Deborah led the USPTO on its agile journey. As the agency took on its “New Ways of Working, '' by moving people and resources closer to the work, she helped empower employees to build and deploy software. Deborah shares how she guided the agency through this 4-year change journey, gaining buy-in from the organization, which was proved by an engagement rate increase from 75% to 85%. Deborah also talks about what it means to be a HISP, running USPTO as a business that is entirely self-sustaining, and, in honor of Women’s History Month, the women who have inspired her along the way. Key Topics
Growth in Patent and Trademark RequestsSurge in Applications at USPTO Deborah Stephens highlights a significant increase in the number of patent and trademark applications received by the USPTO over the years. This growth, from approximately 350,000 to 400,000 applications in 2012, with numbers continuing to rise, underscores the vibrant culture of innovation and creativity in the United States. The upward trend of applications is a positive sign of the country's ongoing commitment to innovation. However, it also presents logistical challenges for the USPTO. Including the need to process a higher volume of applications efficiently while ensuring the quality of examination does not diminish. Transition to New Ways of Working in U.S. Patent and Trademark Office: "And so in around late 2018, 19, we began our, what we referred to as our agile journey. We named it our New Ways of Working, which essentially is an entire USPTO effort. Including our business unit with 12 other business units, moving people and the resources closer to the work. Giving them that empowerment, to build, deliver, deploy software, product services for our business stakeholders, and that's both internally and externally." — Deborah StephensUSPTO is Adapting to Increased DemandIn response to the growing demand for intellectual property protection, the USPTO has been proactive in seeking ways to maintain and improve service delivery. Deborah discusses the agency's approach to managing the influx of applications, focusing on scalability and efficiency. Despite the challenges posed by the increase in applications, the USPTO's designation as a High Impact Service Provider (HISP) has had minimal impact on its existing customer experience strategy. The agency's foundational commitment to delivering exceptional service to inventors and entrepreneurs remains steadfast. With an emphasis on continuous improvement and the adoption of new strategies to better meet the needs of the U.S. innovation community. USPTO's Fee-Funded Model and Fiscal StrategyUSPTO’s Fee-Funded OperationsDeborah highlights the United States Patent and Trademark Office's (USPTO) operational model, which is uniquely self-sufficient. Relying entirely on fees collected from patent and trademark applications. | |||
| Supply Chain Meets Modernization with Dr. Aaron Drew | 26 Jul 2023 | 00:51:23 | |
Dr. Aaron Drew, Technical Director for the Supply Chain Management (SCM) Product Line at the U.S. Department of Veterans Affairs Office of Information and Technology, joins Carolyn to discuss the challenges of supply chain, modernization and risk management. Dr. Drew outlines the steps an organization can take to modernize and maximize applications for end users as well as capitalize on data analytics to better prepare our nation for times of need. Key Topics
Quotable Quotes On identifying a need for a new tool: "If the tools you had before don't address that shift [in business], that change of dynamics, then that's when we have this gap. That's that delta between how you did business then and how I expect to do business tomorrow that will signify or call that ignition of this solution acquisition process." - Dr. Aaron Drew On understanding user needs: "Either you are meeting them [users] where they are, which is very important, or you've lived it, which allows you to relate and commiserate with those who are working across a day-to-day basis, that's what's going to bring you organically to the problem. That's going to allow both parties then to own the solution." - Dr. Aaron Drew About Our GuestDr. Aaron J. Drew is the Technical Director for the Supply Chain Management (SCM) Product Line at the U.S. Department of Veterans Affairs. Previously, Dr. Drew simultaneously served as the Chief Engineer & Chief Architect for the Financial Management Business Transformation Special Program Office (FMBT-SPO) and the Chief Engineer & Chief Architect for the Supply Chain Modernization Program. Episode Links | |||
| So What? Generative AI with Tracy Bannon | 12 Jul 2023 | 00:35:18 | |
Tracy Bannon, Senior Principal/Software Architect & DevOps Advisor at MITRE, returns to Tech Transforms for our So What segment to discuss all things generative AI. Following Tracy's presentation at the RSA Conference 2023, she and Carolyn discuss everything from software development lifecycle to the potential that various AI models may have. Key Topics
Quotable Quotes Definition of generative AI: "Generative AI is under the umbrella of large language models. And a large language model is just that. It is a model where vast amounts of text data have been fed in and it uses statistical analysis to figure out the likelihood that words or phrases go together." - Tracy Bannon On generative AI models: "It's only as good as the information that's going in, garbage in, garbage out." - Tracy Bannon Generative AI advice: ''Know that we have to really get focused on the ethics of using these tools. Know that there are big security risks, but get familiar. Get familiar. It isn't going to take your job today. It is going to augment many jobs, but it's not going to take them completely away." - Tracy Bannon About Our GuestTracy Bannon is a Senior Principal with MITRE Lab's Advanced Software Innovation Center. She is an accomplished software architect, engineer and DevSecOps advisor having worked across commercial and government clients. She thrives on understanding complex problems and working to deliver mission/business value at the speed. She’s passionate about mentoring and training, and enjoys community and knowledge building with teams, clients and the next generation. Tracy is a long-time advocate for diversity in technology, helping to narrow the gaps as a mentor, sponsor, volunteer and friend. Episode Links
| |||
| Developer User Experience With Alan Gross | 21 Jun 2023 | 00:44:21 | |
Alan Gross, Solutions Architect & Tech Lead at Sandia National Laboratories, joins Carolyn to talk about how DevOps is being leveraged to support the Department of Energy's contractor operated research lab. Alan dives into some of the initiatives at Sandia National Laboratories, and how he is applying his personal philosophy around user experience ops, or "UX Ops," to support the mission. Key Topics
Quotable Quotes Alan on DevOps: " DevOps is about trying to deliver quickly and learn from your mistakes as fast as you can. So shifting left is part of that philosophy. If you have security issues with your software, you want to know about that as quickly as possible, because if you've already deployed to production, it's almost too late." - Alan Gross On what advice Alan would give to new developers: "It's about failing fast and failing forward...How quickly can you learn new things, get new code and new products out in front of your users, and understand how they engaged with that." - Alan Gross About Our GuestAlan works as a full stack developer and technical lead at Sandia National Labs, with six years of experience in web technologies development. He develops within Python, Angular and .NET ecosystems, with a focus on enabling the developer experience at Sandia with novel solutions for the labs’ diverse development, software governance, security and business intelligence needs. Alan leads a team that is committed to reducing technical debt by emphasizing DevSecOps, modern application architecture (such as microservices) and data-driven outcomes. Episode Links
| |||
| Power in the Age of AI with Author Paul Scharre | 07 Jun 2023 | 00:47:20 | |
Paul Scharre, Vice President and Director of Studies, at Center for a New American Security (CNAS), joins Carolyn and Mark to dive into his newest book, Four Battlegrounds: Power in the Age of Artificial Intelligence. From the first time he recognized the power AI could hold, to the ways AI may put us on a path to global peace, Paul offers valuable insight and perspective on the field of artificial intelligence and machine learning. Key Topics
Quotable Quotes On Paul's main focus when working at the Pentagon: "How can we use robotics to help create more distance between our service members and threats?" - Paul Scharre Role of humans in AI: "Having data and computing hardware, having chips alone, doesn't get you to some meaningful AI tool. You also need the human talent" - Paul Scharre On adversary AI advancement: "Fundamentally, both the US and China are going to have access to AI technology, to robust AI ecosystems, big tech companies, startups within each country, and the bigger challenge is going to be: How does the military take this technology, work with its civilian AI scientists, and then translate this into useful military applications?" - Paul Scharre About Our GuestPaul Scharre is the Vice President and Director of Studies at the Center for a New American Security. Prior to this role and becoming an award-winning author, Scharre worked in the Office of the Secretary of Defense (OSD) where he played a leading role in establishing policies on unmanned and autonomous systems and emerging weapons technologies. He led the Department of Defense (DoD) working group that drafted DoD Directive 3000.09, establishing the department’s policies on autonomy in weapon systems. He also led DoD efforts to establish policies on intelligence, surveillance, and reconnaissance programs and directed energy technologies. Episode Links | |||
| Automated Governance with Michael Edenzon | 25 May 2023 | 00:38:44 | |
This week, Michael Edenzon, Co-Founder of Fianu Labs, joins Tech Transforms to talk about why automated governance is so critical to mission success. Michael also provides some great insight into his recently co-authored book Investments Unlimited. Key Topics
Quotable Quotes On what counts as evidence in the context of software governance: "Our real focus in that regard is trying to get people to realize that evidence isn't just this random metadata that's captured from here and there, but instead it's going through all of the enrichment and providing all of the context that's necessary for an auditor to come and reproduce those results that you're using to base your enforcement off of." - Michael Edenzon On how automated governance relates to Authority to Operate: "It [automated governance] is a method for achieving the ATO. So it can accelerate your ATO process and it can help you reach it faster, but what automated governance really is, is a means of achieving continuous ATO." - Michael Edenzon About Our GuestMichael Edenzon is a senior IT leader and engineer that modernizes and disrupts the technical landscape for highly-regulated organizations. Michael provides technical design, decisioning, and solutioning across complex verticals and leverages continuous learning practices to drive organizational change. He is a fervent advocate for the developer experience and believes that enablement-focused automation is the key to building compliant software at scale. Episode Links | |||
| The Scoop with Nihal Krishan Part 2: TikTok | 11 May 2023 | 00:35:34 | |
In this episode of Tech Transforms, Nihal Krishan, tech reporter at FedScoop, discusses how and where the American government is lagging behind in technology, but there is a focus on modernization to improve the situation. We also talk about the need for comprehensive data privacy legislation and how budget caps may impact government agencies' modernization initiatives. Additionally, we explore concerns surrounding TikTok's ownership and data privacy, as well as the addiction and potentially harmful effects of the platform. We also touch on the importance of respecting sources as a journalist and provide a few podcast recommendations. Finally, we look at the challenges in understanding algorithms used by TikTok and how they could be used to promote divisive content. Join us to learn about these transformative topics in the tech world! Introducing Our Guest, Nihal KrishanNihal Krishan is a journalist who has covered the controversies surrounding TikTok. He highlights the privacy violations committed by the company when it accessed journalists' personal information to control their narrative. Krishan also acknowledges the legitimate fears surrounding the app since TikTok's parent company is based in China. However, he notes that there is no objective evidence of the Chinese government misusing American data obtained through TikTok. He raises the question of whether American social media companies are any better at safeguarding data than TikTok. Krishan argues that the debate over TikTok highlights the need for data privacy legislation in Congress. Key Topics:
Episode Highlights:
| |||
| The Scoop with Nihal Krishan Part 1: ChatGPT | 09 May 2023 | 00:28:45 | |
Nihal Krishan, Tech Reporter at FedScoop joins Carolyn for a special two-part episode to talk about some of the hottest topics in government tech. In Part 1, Nihal gives some eye-opening insight on all things ChatGPT including security, privacy, and national bans. Episode Table of Contents
Episode Links and Resources | |||
| Baked-In Security with Col. Frost at U.S. Cyber Command | 26 Apr 2023 | 00:50:42 | |
Col. Candice Frost, JIOC Commander at United States Cyber Command joins Carolyn and Mark to talk about her journey as a lifelong-learner, and how she is applying her skills to the innovative work at Cyber Command. From the importance of public-private partnerships, to teaching our kids healthy cyber security habits, Col. Frost offers her valuable insights on how we can all think innovatively and better secure our nation. Episode Table of Contents
Episode Links and Resources
| |||
| Design, Build, Deploy, and Maintain with Commander Jonathan White at U.S. Coast Guard | 12 Apr 2023 | 00:50:09 | |
Commander Jonathan White, Cloud and Data Branch Chief at the United States Coast Guard joins Carolyn and Mark to talk about the groundbreaking developments his team is doing with C5I. Commander White stresses the importance of public-private partnerships, and gives tips on how agencies can better approach the future of technology. Episode Table of Contents
Episode Links and Resources | |||
| Safeguarding Our Most Trusted Software with Open Source Technology with Stephen Magill | 29 Mar 2023 | 00:41:41 | |
Stephen Magill, Vice President, Product Innovation at Sonatype dives into the complexities of open source and software security. Find out how government agencies are utilizing open source, and what Sonatype is doing to help secure our most trusted software. Episode Table of Contents
Episode Links and Resources | |||
| Beyond Compliance: Elevating Cybersecurity Practices with Travis Rosiek | 28 Feb 2024 | 00:42:26 | |
As technology rapidly evolves we as a nation need to anticipate the attacks that may come about as a result of that innovation. Travis Rosiek, the Public Sector CTO at Rubrik and former Leader at the Defense Information Systems Agency (DISA), joins Tech Transforms to talk about how the government’s approach to technology and relationship with industry has evolved over the last twenty years. He also discusses compliance, including FedRAMP compliance, managing the vast amount of data that is generated daily across the government and industry, and the importance of the U.S. Government building cyber resilient systems. Catch all this and more on this episode of Tech Transforms. Key Topics
Evolving Cybersecurity Practices: A Shift to 'Cloud Smart' StrategiesTravis's Perspective on Cloud Misconceptions Travis discusses the early days of cloud adoption, which were often fueled by misconceptions about its benefits. The migration toward cloud computing was commonly believed to be a cost-effective solution that would reduce expenses and simultaneously enhance security. However, he points out that this was not always the case. Many organizations have since realized that the initial cost of moving to the cloud can vary greatly based on specific use cases and applications. This realization has led to a strategic shift toward what Travis refers to as a "cloud smart" approach. Highlighting the need for a more discerning and tailored evaluation of how cloud resources are utilized. The Role of Commercial Companies vs. Government in Problem-Solving: "Industry is great about solving problems. You know, driving that capitalism type of culture, building capabilities, selling solutions. And they're quicker to implement, adapt and deploy capabilities where the government is very slow in implementation of these you know, they can figure out the problem." — Travis RosiekThe 'Cloud Smart' Strategic ApproachTaking a "cloud smart" approach indicates a maturation in the perception of cloud services by government agencies and businesses alike. Rather than a blanket strategy of cloud-first, Travis indicates that there is now a more nuanced consideration of when and how to use cloud services. He underscores the importance of aligning cloud adoption with an organization's unique needs. Including the potential scalability, security and cost implications. This approach suggests a collaborative and informed decision-making process. Recognizing that the cloud offers a variety of solutions, each with different features, advantages and trade-offs that must be carefully weighed against organizational goals and objectives. Navigating Cybersecurity Practices in Cloud MigrationThe Balance of Technical and Non-Technical Implications in Cloud MigrationTravis discusses the intricacies involved in organizational cloud migrations. Emphasizing that these undertakings are not solely about technological transitions but... | |||
| The Scoop on Federal Technology with Billy Mitchell | 15 Mar 2023 | 00:43:49 | |
Billy Mitchell, Editor-in-Chief at FedScoop joins Carolyn to discuss surveillance, national intelligence, the benefit of partnerships, and more. Billy gives his perspective on today's hot topics in federal technology, and what he thinks may be coming next. Episode Table of Contents
Episode Links and Resources | |||
| Veterans Affairs: Better, Faster, Safer with Dan McCune, Deputy Chief Information Officer | 01 Mar 2023 | 00:45:04 | |
Dan McCune, Deputy Chief Information Officer at U.S. Department of Veterans Affairs joins Carolyn and Mark to discuss the transformative work happening at the VA. With millions of end users, Dan explains how his dedicated teams are working to make the VA better, faster, and safer for our veterans. Episode Table of Contents
Episode Links and Resources
| |||
| UK Home Office: Metrics Meets Service with Dimitris Perdikou | 08 Feb 2023 | 00:36:54 | |
Dimitris Perdikou, Head of Engineering at the UK Home Office, Migration and Borders joins Carolyn and Mark to discuss the innovative undertakings of one of the largest and most successful cloud platforms in the UK. With over 3,000 technical users, and millions of end users, Dimitris sheds some light on his experience with SRE, User Experience, and Service Monitoring. Episode Table of Contents
Episode Links and Resources | |||
| N.W.O.W. with Jamie Holcombe, Chief Information Officer at USPTO | 25 Jan 2023 | 00:45:56 | |
Jamie Holcombe, Chief Information Officer at USPTO joins Carolyn and special guest host Willie Hicks to talk about Zero Trust, PMO, encryption and more. Listen in to learn about the innovative steps USPTO has taken to develop New Ways of Working. Episode Table of Contents
Episode Links and Resources | |||
| Feed Drop: Willie Hicks On Federal Tech Podcast | 05 Jan 2023 | 00:28:57 | |
Willie Hicks, Dynatrace’s Federal Chief Technologist recently appeared on the Federal Tech Podcast. It is such a great interview we wanted to make sure our Tech Transforms audience got to listen. Enjoy this crossover episode with Federal Tech Podcast! Episode Links and Resources | |||
| So What? Taking A Closer Look with Nicolas Chaillan, Former Air Force Chief Software Officer | 21 Dec 2022 | 00:52:05 | |
Nicolas Chaillan joins Carolyn and Tracy to shed some light on his experience in the Air Force and gives his thoughts on government movement in the past year. Nicolas talks about the importance of social media privacy and protection. Episode Table of Contents
Episode Links and Resources
| |||
| Armchair Quarterback: Tech Trends with John Curran | 14 Dec 2022 | 00:33:24 | |
John Curran, Executive Editor at MeriTalk joins Carolyn to discuss 2022 technology trends and shares his predictions for federal technology in 2023. Episode Table of Contents
Episode Links and Resources | |||
| Application Management for Federal Government | 16 Nov 2022 | 00:40:32 | |
Andrey Zhuk, Federal Security Architect at CTG joins Tech Transforms to unpack the topic every agency is talking about: cybersecurity mandates. Listen in to learn more about Andrey's recent eBook breaking down who mandates affect, why they are important, and how agencies can successfully meet requirements. Episode Table of Contents
Episode Links and Resources
| |||
| So What? Federal News Roundup on Psychological Safety | 02 Nov 2022 | 00:56:35 | |
Duong Hang, Deputy Director at the Department of Defense Platform One joins Tech Transforms to address a topic that's been circulating recent headlines: Psychological Safety. Listen live as Carolyn and Tracy learn how agencies and organizations can implement psychological safety to improve retention and operations. Episode Table of Contents
Episode Links and Resources | |||
| So What? Federal News Roundup on Zero Trust with Paul Puckett, Director of the Army’s Enterprise Cloud Management Agency | 28 Sep 2022 | 00:56:33 | |
Paul Puckett, Director of the Army’s Enterprise Cloud Management Agency joins Tech Transforms to shed some light on one of government technology's most used buzzwords: Zero Trust. Listen in as Carolyn and Tracy learn what it really means to remove implicit trust and how agencies are prioritizing user experience and data protection. Episode Table of Contents
Episode Links and Resources | |||
| From Special Ops to Cybersecurity: A Veteran's Journey in National Security | 14 Feb 2024 | 00:50:48 | |
Sebastian Taphanel has spent his life on the cutting edge of technology and innovation. This week on Tech Transforms, Sebastian is sharing tales and lessons learned from his 20 years in DoD Special Ops and intelligence and 20 years implementing sound security engineering practices focused on implementing zero trust and highly resilient environments. Join Sebastian as he recounts his time in Special Forces taking his units out of the dark ages from secure fax communications to setting up an intranet, and how he continued with that innovative spirit through his 40-year career. He also shares his new passion, encouraging the industry to utilize disabled veterans to help fill both the cybersecurity and AI workforce gaps. They, after all, already have a call for the mission. Key Topics
Enhancing Secure Communication and Cloud Environments in Special OpsSpecial Ops Agility: Adapting to Remote Collaboration with Secure Cloud-Based Workspaces Sebastian Taphanel’s experience spans twenty years in DOD Special Ops and Intelligence, followed by consulting in security engineering. The focal point of this episode is his role in advancing cybersecurity practices at the ODNI. Particularly emphasizing resilient cloud-based environments. Sebastian describes the quick adaptation during the pandemic which led to the rollout of an ad hoc cloud-based workspace to ensure the ODNI's mission could endure despite the workforce being remote. GCC High, or Government Commercial Cloud High as conceived by Microsoft, is revealed as the successor to the initial setup. Providing a more secure platform managed strictly by U.S. persons. The approach highlighted the agility of cloud technology for remote collaboration within federal agencies. Cybersecurity in Intelligence Sharing: "Essentially, reciprocity is a process and also a culture of accepting each other's risks. And that's really the bottom line on all that." — Sebastian TaphanelUnfolding the GCC High EnvironmentThe intricacies of implementing Microsoft Azure and M365 (Office 365) are detailed as Sebastian underlines their pivotal use in creating an intranet with controlled document sharing and editing. These implementations include robust Mobile Device Management. Then a BYOD Mobile Application Management system that protects sensitive data in government and personal devices. Thereby, ensuring operational security and flexibility. Special Ops Communication EvolutionSebastian advanced from using secure faxes for interstate communication within military units to establishing a multi-state secure WAN. This resulted in a significant leap in communication efficacy for special operations. Sebastian shared the... | |||
| Government Technology News: Funding, Contracting and Defense with Ross Wilkers | 21 Sep 2022 | 00:47:48 | |
Ross Wilkers, Senior Staff Reporter at Washington Technology talks to Carolyn and Mark about some of the hottest topics in government technology news. With insight on the 2023 Defense Funding Bill, government contracting and Alliant 3, Ross provides a unique perspective on what defense IT teams may see in the coming months. Episode Table of Contents
Episode Links and Resources | |||
| The Power of Partnerships: Bringing Speed and Security with Amy Belcher | 14 Sep 2022 | 00:27:57 | |
Amy Belcher, Independent Software Vender Sales and Go To Market Leader at Amazon Web Services joins Tech Transforms to talk about her team's mission to satisfy compliance for agencies across the globe. With speed to deployment, flexibility and security, Amy and her team support organizations maximizing local control and global reach. Episode Table of Contents
Episode Links and Resources | |||
| The Scoop on Defense with Colin Demarest | 31 Aug 2022 | 00:36:09 | |
Colin Demarest, Defense Networks and Cyber Reporter at C4ISRNET joins Tech Transforms to talk about some of his recent articles focused on 5G, aerial networks, and upcoming Capability Sets. Listen in as Carolyn and Mark learn about the ever-evolving field of defense and what emerging technology can do to support the mission. Episode Table of Contents
Episode Links and Resources | |||
| AI: Success is in the Research with Daniel Chenok | 24 Aug 2022 | 00:47:17 | |
Daniel Chenok, Executive Director at IBM Center for The Business of Government joins Carolyn and Mark to talk about the importance of AI in the field. From democratizing data to improving office operations, application research is a key component for any government agency looking to integrate artificial intelligence into their mission. Episode Table of Contents
Episode Links and Resources
| |||
| Security Metrics: Measure Twice, Cut Once with Rick Stewart | 22 Jun 2022 | 00:45:30 | |
Rick Stewart, Chief Software Technologist at DLT Solutions joins Tech Transforms to give insight on Open Source, Platform One, and DORA initiatives. Listen in as Carolyn and Mark learn about the importance of focusing on the right metrics when managing security bottlenecks. Episode Table of Contents
Episode Links and Resources Old Ways of Doing Things Carolyn: Today, we get to talk to Rick Stewart, a good friend. Rick Stewart is a Chief Software Technologist at DLT for more than 34 years. Do you really want me to tell people that Rick? That makes you sound super old? Rick: No, it has some relation to the old way of doing things, traditional ways. Carolyn: He knows the old stuff and the new stuff with 34 years of diverse experience in the IT industry. He’s progressing through technical and leadership roles in telecommunications, mobile entertainment, the federal government, and the manufacturing industries. Today, Rick is joining us to talk about DevOps research and assessments, or DORA, a term that is new to me. He’ll also talk about the four key metrics for increasing efficiency and delivering service. He will discuss how Platform One has advanced the cultural transformation to DevOps. Mark: Welcome Rick. By the way, Rick started this when he was six. Carolyn: That's right. I'm going, to be honest. I've been in the industry for a while, and I have never heard the term DORA. DevOps Research and Assessments make sense. I just haven't heard the acronym. They have four key metrics for increasing efficiency in delivering service. Those metrics are deployment frequency, lead time for changes, change failure rate, and time to restore to service. Will you unpack those for us? Rick: It's interesting that you say that because I attend several different events and conferences where we have, especially in the public sector, astute people that have lots of experience. Security Metrics As a First-Class CitizenRick: They're on this journey of DevOps or in the public sector. It's more DevSecOps, bringing security up as a first-class citizen. They were talking about the things that they capture, the journey that they're on, and their improvements. On one of these occasions, DORA was brought up. I think it may be a Q&A panel. It was surprising that a lot of them didn't know what this organization does, especially being so well versed in the cultural transformation, not knowing some of the things to focus on. I thought it was really important to shine a light on. Carolyn: Is it a federal organization? Rick: No, it's more of a community-based organization, an industry-based organization. We've got people like Jez Humble and Gene Kim and others that are involved with this. What they do is, they go out and they do surveys of not just the public sector, but the private sector, all organizations globally. They basically give them surveys and they talk about their... | |||
| Improving the User Experience in a Zero Trust World: Event Recap with Willie Hicks | 15 Jun 2022 | 00:29:59 | |
Willie Hicks, CTO of Public Sector at Dynatrace joins Carolyn and Mark to unpack the recent ATARC event: Improving the User Experience in a Zero Trust World. At this federal breakfast summit, sponsored by Dynatrace and Amazon Web Services, we heard from some of the most prominent technology leaders focused on Zero Trust including Nicole Willis, Jamie Holcombe, Mickey Iqbal, and more. Listen in as Mark and Willie give highlights and takeaways from the event. Be sure to follow the link in the show notes to see the full event On-demand! Episode Table of Contents
Episode Links and Resources Guest Speakers at the ATARC Event: Improving the User Experience in a Zero Trust World Carolyn: So today we're reviewing top takeaways from ATARC 's Federal Breakfast Summit, Improving the User Experience in a Zero Trust World. Which those two things, user experience, and zero trust, are kind of a direct conflict for me, but we'll get to that. The conference was sponsored by AWS and Dynatrace, and it's available on-demand for our listeners at ATARC.org. Also, we have Willie Hicks, our Federal Chief Technologist at Dynatrace. Willie, you were a keynote speaker at the event. I'm too biased to say you were my favorite so I won't say that. I mean, everybody was really good. Jamie was super exciting. Let me just review who our speakers were. So our keynote speaker around zero trust was Grant Schneider. He brought a really interesting perspective because he's former white house. So he was the senior director of cybersecurity services. So former federal CISO, and now he's in industry at Venable. Then we had our next keynote around the user experience was the very entertaining Jamie Holcomb. He's the CIO at U.S. Patent and Trademark office. And then my favorite, Willie, Federal Chief Technology Officer here at Dynatrace. Then we had a panel that brought the user experience and zero trust together and how we reconcile those two and how they work together. And on that panel, we had Nicole Willis, Chief Technology Officer, OIG, at the U.S. Department of Health and Human Services. Is User Experience Unrelated to Zero Trust?Carolyn: Jamie came back on the panel. We had Mickey Iqbal, he's the Public Sector Solution Architect and Chief Technologist at Amazon Web Services. Willie on the panel. And then we had our moderator, Tom Suder, who's fantastic. He's been in this business so long that he had a lot of really good insights too. Now that I've given our listeners the overview of who participated, first of all, I was thrilled to see that we had a packed room. We had a standing room only, and that was really, really nice to see. It was lovely to have people in person and to be able to interact with one another personally.... | |||
| Hyperautomation with Bob Stevens | 08 Jun 2022 | 00:16:40 | |
This week, Carolyn is joined again by Bob Stevens, AVP Public Sector at GitLab, this time to talk about the power of hyperautomation. Listen in as Carolyn learns what can be gained through fast, accurate application security. Episode Table of Contents
Episode Links and Resources What is Hyperautomation Carolyn: I'm excited to welcome back Bob Stevens, Area Vice President of Public Sector at GitLab. Bob is a seasoned veteran in public sector technology with over 36 years of experience. As the AVP at GitLab, he is responsible for helping government organizations become more productive, efficient, and effective. Bob has experience on both the industry and the government side of things. Prior to industry, he served in the United States Air Force as a computer specialist at the White House Communications Agency. Today, we are going to talk about artificial intelligence, machine learning, and what hyperautomation is exactly. Why Bob thinks it will be 2022's biggest trend. Bob, welcome back to Tech Transforms. Bob: I'm happy to be here. Thank you. Appreciate it. Carolyn: I'd like to talk about an episode that you just did with GovExec Daily. And on this episode, you mentioned that hyperautomation will be 2022's biggest trend. I'm going to be honest. I haven't really heard hyperautomation. And I get automation. I can deduce what hyperautomation is, but I would love for you to explain it to me. What's the difference between automation, hyperautomation, DevOps, all of that? Bob: Yes, I mean, it's the strict definition of the word. It's rapidly identifying, vetting in automated processes in order to produce whatever it is that you're working on as fast as you possibly can. And it trends today because if you think about the government space, they have a lot of compliance issues that they need to deal with. The Benefits of HyperautomationBob: If they can automate those compliance processes and ensure that when they build software, in the end it's going to be compliant and they don't have to go back and vet it. I mean, that's going to save them a world of time. Carolyn: Are you talking about missed compliances, automating some of those missed controls? There's 300 of them, I think. Bob: Yes, those. I think you're talking about FedRAMP. Carolyn: Yes. One of. Or authority to operate has all of those. Right? I mean, I don't know all the details. Bob: Yes, no. There's the STIGs. That the government has to put all software through and that's all about compliance. The government has to get the authority to operate, ATOs, for everything that they run. Carolyn: And renew them every two or three years. Bob: Or sooner. It depends on how much of a change occurred in the application. If you can hyperautomate all of that by the use of AI or machine learning. Again, and so by the time you produced that software, all those compliance issues are addressed. You know they're addressed because you've got confidence in the system and the way that it was done. It didn't require as little human intervention as possible, which is unfortunately, where some mistakes are injected. Then you've saved a world of time and you've made life really, really easy for the folks that are doing the development. As well as the folks that are using the applications in the end. Because they don't have to sit and wait to get the authority to operate, which sometimes can take a year.The Bad News: We Haven’t Tried... | |||
| A Company Culture We Can Trust with Sara Jones | 01 Jun 2022 | 00:46:48 | |
Sara Jones, CEO of InclusionPro joins Carolyn and Mark to talk about all things diversity, equity, and inclusion. Sara explains gaps in authenticity and perception and gives tech leaders everywhere new goals to strive for when it comes to company culture. Episode Table of Contents
Episode Links and Resources
Why We Always Go Back to Company Culture Carolyn: Today I am really happy to have Sara Jones with us. Sara's a friend and we've spoken before. Almost all of our guests, even though we're talking about tech, they always go back to culture. We're going to talk about that with Sara today. Sara Jones is the CEO of InclusionPro. She has over 20 years of experience in technology, business development, law, and leadership. You were a practicing attorney, right Sara? Sara: For 10 years. I'm still recovering. Carolyn: So as the CEO of InclusionPro, her mission is to guide leaders in building inclusive company culture that promotes team performance and team innovation. She's written a book recently called Inclusive Leadership and the Authenticity Gap, that we get to talk about today. Sara: Thank you. And this is a fun opportunity for me to merge my love of technology with diversity, equity, and inclusion. As most folks know, it is pretty hard to do. I've had a couple of decades talking about this, so hopefully, we can share some really great learnings. Most importantly, I think for the folks listening that might be thinking "DEI again." Carolyn: Which stands for? Sara: Diversity, Equity, and Inclusion. A lot of things have shifted. I think a lot of folks come to this type of conversation with the old thinking in mind. I'd just like to invite listeners to get rid of what you know. Just be open to hearing some new thoughts around diversity, equity, inclusions, and things that we're able to do now that we weren't able to do even five years ago. That's my little plug for saying, "Open-minded today?" InclusionProCarolyn: That leads really nicely into my first question about being a recovering attorney, your love for tech. What inspired you to create InclusionPro? Sara: InclusionPro is the end of a long 20-year journey having diversity, equity, inclusion as part of my personal career journey. Now, it may not be part of everyone's and a significant part of that is because I did start in patent law. Having an engineering degree and a law degree, put me in an industry that had only 5% women and people of color. I get... | |||
| So What? Federal News Roundup on Remote Work with Elizebeth Varghese | 25 May 2022 | 00:48:31 | |
Join us on Tech Transforms Federal News Round-up segment, So What? Hosted by Carolyn Ford and Tracy Bannon. This week, we talk to Elizebeth Varghese, Global and Americas Leader – HR Transformation Client Offerings at IBM about one of the biggest topics in federal news: remote work. Listen in to find out how agencies can implement a smarter protocol, how remote work impacts the trust equation and the role technology can play in the workforce culture. Episode Table of Contents
Episode Links and Resources
The Future of Work for Federal Employees Carolyn: This month, we're hosting Elizebeth Varghese, Global & America's Leader: Client Offerings in Talent and HR Strategy at IBM. And outside of IBM she's an active board member at South Asian Youth Action, a nonprofit providing after-school programming, education, and college support. She was recognized as Global Top 100 Influencer in HR for 2020. And we are glad to have you joining us today, Elizebeth, to discuss returning to the office, the great resignation, and companies potentially switching to a four-day workweek hybrid, all of that. Welcome Elizebeth, how are you? Elizebeth: Great, thank you so much, Carolyn. Wonderful and delighted to be here. Great to be back on here with Tracy as well, friend from a couple of years ago as we've been going through some of these pandemic podcasts. So thank you for inviting me and I am looking forward to this. Carolyn: Yes, well this one's going to be a fun one and it might get a little heated. I've already seen some stuff on LinkedIn. I'm like, oh, that gets my blood boiling about returning to the office. And I want to start off with a question, there's an article called "Three ways the future of work must change for federal employees." The article states that at the end of the day, we need to have an IT and HR Alliance. This was due to exceptional communication between the agency's chief information officer and HR functions. In | |||
| The Speed of the Mission with Bob Stevens | 18 May 2022 | 00:30:45 | |
Bob Stevens, AVP Public Sector at GitLab joins Tech Transforms to talk about the imperative mission of DevOps to combine efficiency, speed and security. With emphasis on empowering teams to fail fast, moving security to the left, and a deep dive into Platform 1, you won't want to miss this episode! Episode Table of Contents
Episode Links and Resources DevSecOps’ Speed of the Mission Carolyn: This week Bob Stevens, Area Vice President of Public Sector at GitLab is joining me. Bob is a seasoned veteran in public sector technology with over 25 years of experience. As the AVP at GitLab, he is responsible for helping government organizations become more productive, efficient, and effective. Bob also has experience on both the industry and the government side of things. Prior to industry he served in the United States Air Force as a computer specialist at the White House Communications Agency. I am excited today to dive in and talk about the ways that we can use DevOps to modernize and secure government IT, and what the outlook for DevOps is. How are you doing, Bob? Bob: I'm doing great. The weather's getting better in DC, so it's good to see the sun from time to time versus what we've had. But yes, doing fantastic. Carolyn: Well, good to hear it. So let's just dive in. And let's walk through what DevOps is and why implementing these practices is critical to helping modernize and improve government IT? Bob: Great. So I guess DevOps is combining efficiency, speed, and security all into one. And creating software at what I like to refer to as the speed of the mission for the government. The business side is a little different. But for the government, it's all about the mission and you being able to accomplish the mission faster and stay ahead of our adversaries. In the case of DoD and on the civilian side, it’s to ensure that all of the citizens that any given agency supports gets the best possible support that they can. If you look at the organizations like the Veterans Administration. You can imagine they've got a lot of applications that they've written. The Platform the Government Is Looking For to Improve the Speed of the MissionBob: To help the vets accomplish what they need to accomplish in a timely manner. So DevOps really will help them to produce the software at speed, more securely, more efficiently, and provide the most or the best service that they possibly can to all of the veterans out there, just as one example. Carolyn: So, you know Tech Transforms is vendor agnostic. And I would love for you to just take a couple of minutes and talk about how GitLab helps with that. And just what GitLab does. I've read the marketing statements and it's a little nebulous for me. I would love to have you explain what GitLab does and how it's helping agencies achieve this? Bob: I appreciate that you're letting me do this... | |||
| Harnessing AI for Cyber Innovation: Insights from Dr. Amy Hamilton at National Defense University | 31 Jan 2024 | 00:45:13 | |
The real question is, what doesn’t Dr. Amy Hamilton do? She’s currently the visiting Faculty Chair for the Department of Energy (DOE) at National Defense University and the DOE Senior Advisor for National Cybersecurity Policy and Programs, and has had previous stops in the U.S. Army Reserves, NORAD and U.S. European Command, just to name a few. At National Defense University, Amy draws on all of this expertise to educate the workforce on AI and finding the right balance between automation and workforce training. Amy also explores how she teaches her students that cybersecurity has to be more than a 9-5 job, the balance of security vs. convenience, and how it will take the entire country getting on board to make the implementation of cybersecurity best practices truly possible. In this episode, we also dive into the realm of operational technology and the need to look to zero trust as we allow more smart devices into our lives and government ecosystems. Key Topics
Leveraging AI and Automation for Cyber InnovationEmphasizing Efficiency in the Generation of Abstracts Dr. Amy Hamilton underlines the capabilities of artificial intelligence to streamline time-consuming processes, specifically the creation of abstracts. This innovation allows for a transition from mundane, repetitive tasks to pursuits that require a deeper cognitive investment. Therefore, elevating the nature of the workforce's endeavors. Dr. Hamilton's discussion focuses on the practical applications of this technology, and she cites an instance from the National Defense University's annual Cyber Beacon Conference. Here, participants were challenged to distinguish between AI-generated and human-generated abstracts, often finding it challenging to tell them apart. This exercise not only highlighted AI's proficiency but also introduced the workforce to the safe and practical application of this emergent technology. How do we use AI in a way that goes from low-value to high-value work? If I'm not doing abstract, what other things could I be doing and spending my brain calories towards? - Dr. Amy HamiltonPreparing the Workforce for Cyber InnovationDr. Hamilton stresses the necessity for workforce education in the context of AI and automation. Aiming for a future where employees are neither intimidated by nor unfamiliar with the advancing technological landscape. She illustrates the Department of Energy's proactive role in integrating AI into its training programs. Thus, ensuring that employees are well-acquainted with both the operational and potential ethical dimensions of AI deployment. Acknowledging the diverse range of operations within the DOE, including nuclear and environmental management, Dr. Hamilton notes that the appropriateness of AI application varies by context. Signifying the... | |||
| Observability Explained with Mike Maciag | 11 May 2022 | 00:46:23 | |
Mike Maciag, Chief Marketing Officer at Dynatrace joins Tech Transforms to talk about the power of observability. Careful monitoring is of paramount importance for any successful operation, and observability can take your agency to the next level. Listen in as Carolyn and Mark get some tips and tricks for improving cybersecurity posture with the most accurate technology. Episode Table of Contents
Episode Links and Resources The Vital Role That Observability Plays in IT Carolyn: Today, we get to welcome Mike Maciag, who is Chief Marketing Officer of Dynatrace. One of our own, one of the clan is here with us today. And as CMO, Mike is responsible for Dynatrace's global marketing organization. We're really excited to hear his expert opinion on observability and the vital role that it plays in IT, and especially the cloud. Mike: Thank you, Carolyn. Mark, nice to be with you both today. And I know this is a long time in coming, but I'm excited to be sitting down and talking to you today. Carolyn: We've been able to talk to a few of our guests a little bit about APM. And just recently we talked to a former CIO at VA. He is very bullish on APM, and he talked a lot about the advances that they were able to make in the VA with APM. Just that at least within the VA, APM moved from a nice to have to a must-have. And what I'd really like to hear you talk about, just to dive right in, Mike, is so there's the APM part. But then in my mind and I might be positioning this wrong. In my mind, I think that observability is like APM 2.0. But can you speak to that APM versus observability? What's the difference? Mike: As long as we're talking about terms, we might want to mix monitoring in there as well. All terms that are thrown around, is it monitoring, is it APM, is it observability? And it's changed, it's changed a lot. Let me start with the simplest definition, then maybe we can unpack it from there. Think of observability as the umbrella term, as the broadest umbrella term that goes above all of this. Monitoring, APM, ObservabilityMike: Observability fully includes APM, and observability also subsumes monitoring, both of the things that we've been doing. There are kind of two megatrends in the industry that have been driving this move towards observability. One is the move to the cloud.More and more systems are moving to cloud architectures, probably more important digitally native architectures. We're going from monolithic systems that we could understand, that we could see, that we could touch. We could understand what's happening with them into cloud increasingly complex, even multi-cloud architectures that are driven by microservices and the like. The reason for that movement is it has made digital transformation, application development faster and easier in that regard. Which is this digital transformation fundamentally looking at everything that I've been doing in every aspects of my business. Whether it be on the front end or in the services I provide. Whether it be on the front end or in the backend machine to machine conversations is happening in cloud architectures. And we're trying to figure out how we can automate more of it and things are happening that... | |||
| Threat Team Purple with Richard Ford | 04 May 2022 | 00:36:11 | |
Richard Ford, Chief Technology Officer at Praetorian joins Tech Transforms to talk about the cyber security threat landscape. Red team versus Blue team is a common and effective threat protection practice, but what could cyber security experts gain from team Purple? Listen in as Carolyn and Mark learn about the importance of managing your attack surface, implementing multi-factor authentication, and protecting against cyber phishing attacks. Episode Table of Contents
Episode Links and Resources
Our Biggest Cybersecurity Threat in the Last Quarter Carolyn: So today our guest is actually an old friend, Richard Ford, who is Chief Technology Officer at Praetorian. For over 25 years, Richard has been able to design and implement NextGen product strategies and provide customers with the best threat detection available. Today, we're going to talk to Richard about the cyber threat landscape and what a good defense looks like. Richard: Hi, it's nice to be back on a call with you Carolyn, and Mark, it's good to see you. Carolyn: Yes, really good to have you today. So let's just jump right in. I want to know what your view is, what are our biggest cybersecurity threats? What does the cyber security threat landscape look like and how do we defend ourselves from it? So there's like three-part question there. Richard: So, we're starting with an easy question. I think the threat landscape is incredibly messy and I think that the most important part to think about is change. So if you think about just the last quarter or two that we've gone through you had, like log4shell someone we're all running around looking for log4j vulnerabilities. Then it's Spring4Shell, which wasn't as serious, but was still pretty nasty if you were impacted. The problem, we have this tremendous rate of change so the thing that was important to you yesterday may not be the thing that's important to you today. It's unlikely to be the thing that's most important for you tomorrow. So when we think about the threat landscape, the first thing to say is, if I give you an answer, it's like looking at a single, still image from a movie and telling you've watched the movie, right?Cyber Security Threat LandscapeRichard: Then as soon as we go click, you know that threat landscape will change. With that said, I do think there are some common themes that keep coming back, right? So there's a threat we have around being desperately short of people. There's a threat around, we don't know what assets we have. Even if we did know what assets we have, we don't know what they're running. Then the business conditions are driving us forward so quickly that... | |||
| So What? Tech Transforms Federal News Round-up with Katy Craig | 27 Apr 2022 | 00:36:12 | |
Join us on Tech Transforms Federal News Round-up segment, So What? Hosted by Carolyn Ford and Tracy Bannon. This week, we talk to Katy Craig, retired Navy Chief, now Adjunct Faculty at National University, & Director, Security Architecture at Aquia, Inc. about some of the biggest news in the federal space. Listen in to hear her thoughts around deep fakes, non-traditional warfare, and President Biden's recently released announcement to protect against cyber attacks. Episode Table of Contents
Episode Links and Resources Monthly Federal News Roundup Carolyn: This week, we are launching our newest series, 'So what?' It is Tech Transforms' federal news roundup. Every month, Tracy Bannon, senior principal at MITRE joins me to unpack some of the biggest trending news topics in federal technology. Tracy, we've been trying to do this, make this happen for a while. I am so happy that this is our inaugural episode. Tracy: Thank you. I'm really excited because there's so much incredible stuff going on and we keep talking and now we want to talk with others and I'm doubly excited to have a good friend and mentor with us today for our first episode, Katy Craig. Carolyn: Yes, and Katy is a return guest. We've had her in the past on Tech Transforms and Katy is Acquia's chief of staff, cyber security expert, and retired Navy chief. Today, we're going to talk about, really the number one headline in the news these days. We keep hearing terms like nontraditional warfare, which is essentially the fifth domain of cyber, and President Biden's recent cyber security fact sheet. And just what it all means, like why is it all happening right now? And I want to just go straight to President Biden's recent announcement, this fact sheet that is. It's titled 'Act Now to Protect Against Potential Cyberattacks'. I want to go to you Tracy, and just unpack this for us. What does it mean? Federal News #1: President Biden’s Cyber Security Fact SheetTracy: So I believe it was March 21st, the White House released this set of guidance and it is really practical, general guidance. And it really is focused on two different areas. It's kind of like for everybody, for corporate America back up your data, use multifactor authentication, encrypt your data. There's also a call to arms, to tech companies and software organizations that says, you know what, there's a NIST standard and we have an order out here, it's order 14028. We can provide all the links later. But those two things, they're saying we got to get real about this. And the reason that it came out now is that we need to hear it now with all of the things that are going on in the Ukraine. It was an opportune time. We've had all kinds of security incidents and breaches and other things over the last year or two, but... | |||
| Women in Tech Part 2 with Space Force's Jazmin Furtado and U.S. Army's Kris Saling | 20 Apr 2022 | 00:26:02 | |
Listen in for part 2 of our women's panel with Kris Saling, Chief Analytics Officer for the Army Talent Management Task Force and Director of People Analytics in the office of the Assistant Secretary of the Army (Manpower & Reserve Affairs), and Jazmin Furtado, Liaison at AI Accelerator and Data Strategy Lead at US Space Force. In this episode, Carolyn, Kris, and Jazmin get real about the power of the collective, emerging solutions, and the importance to assess and provide within federal government technology. Episode Table of Contents
Episode Links and Resources Meditation Is Really Good Carolyn: We are in part two of our women in technology panel, with Kris Saling, Deputy Director of Army People Analytics, and Captain Jazmin Furtado a Data Strategy Lead at the US Space Force and Space Force Liaison at the MIT AI Accelerator. On today's episode, we're going to dive more into government technology in general. I get Kris and Jazmin to do a little fortune-telling on where tech is headed. What advancements they've seen in their careers. And we get real with some salary talk. Just a little reminder, the views of Kris and Jazmin are their own and do not necessarily reflect the views of their agencies. Now let's get to it on Tech Transforms with our women panel. I know that meditation is really good for the monks that live in caves in India. And I know that I should probably do it. Until I saw the science behind it and what it can really do for my brain. I dabbled in it. I never fully embraced it. And once I started understanding why it was working and that there was true science behind it, man, I'm all in. I'm just thinking of just one example of things that are good for me in my life, that I've been able to embrace and bring into my life because I understand them. I understand how they work rather than like you said, Kris, the leadership saying, "No, we don't give a shit about how you got there. Just give us the answer." Make The Process More EfficientCarolyn: But now you're getting people who really want to understand why. I would imagine that the program for the answers that you've been spoonfeeding them. The programs are becoming a lot more powerful and effective. Because the people who are taking those in the past spoonfed answers. Now really understanding them can truly implement them at a level that is a lot more powerful. Is that true? Kris: I would say that's definitely true because we're working on a couple of projects right now where we are trying to integrate machine learning into promotions and selections as a decision support tool. I'd never in a million years, would've thought we'd get a chance to work on that data and introduce something that is an algorithm into a just intrinsically human process. But we have enough people thinking along this vein. We have enough people looking at the data we've collected about how we read records and how we read files. And they're like, "There's got to be an easier way to do this. There's got to be something we can do to support the... | |||