Tag Archives: cybersecurity

The Why and How of Federal Event Attendance

Posted on by

Market Connections recently conducted a survey to understand how federal decisions makers view and use events as part of their professional development and daily work. The survey included input from technology decision-makers across defense and civilian agencies and aimed to find out how they make decisions about what events to attend and what they expect when they are there.

The survey found that the topic is the main driver for event attendance with 85% citing that as the key reason they decide whether to attend an event. Price and location also play a big role in the decision to attend an event or not. Interestingly, while the topic is important, who delivers that topic is not as critical. Keynote speakers did not rank high on the list of deciding factors. Similarly, while event planners may push the opportunity for networking, that is a "nice to have" for attendees rather than a reason to spend time and money attending an event.

With the topic being so key to attendance, the survey looked at what people are interested in learning about at events. Cybersecurity was the number one topic of interest in the survey. This mirrors what we see in terms of events on our site; cybersecurity typically has the most events listed year after year. The other topics in the top five were cloud services, digital government, AI/Machine Learning, and budget/cost control/fiscal management. Continue reading

It’s Not Enough to be First, You Have to be Smart – Cloud Smart

Posted on by

Over the past year, there has been a shift in the way government approaches the cloud. No longer are agencies asked to go "cloud first," they are now urged to be "cloud smart." This change is not just a matter of semantics; it is a different way of thinking. Rather than choosing a cloud solution to meet mandates, agencies are examining whether the cloud is the right platform for the application or system in question. Cloud Smart also means picking the right kind of cloud - public, private, or hybrid/multi cloud to meet user, administration, and security needs.

One way to be Cloud Smart is to follow FedRAMP guidance. While this program is not without its challenges (including the speed at which technologies get approval), it is still a valuable tool to ensure that industry standards and security protocols are met. Participation in the program is growing with 150 participating agencies and over 130 FedRAMP-authorized cloud service offerings.

While guidance around how to proceed to the cloud is evolving (along with the cloud technology), agencies are pushing forward and finding their smart path to cloud and, more importantly, creating new ways to interact with their constituents. For example, the U.S. Department of Agriculture's (USDA) Farm Production and Conservation division made the shift to a commercial platform-as-a-service (PaaS) for Farmers.gov. This site "allows farmers, ranchers, foresters and agriculture producers to register their businesses electronically and gain personalized access to the services they need to manage their operations." By using cloud technologies, USDA found they could save their developers time, enabling them to focus on configuring, rather than coding.

There are several events that feature examples of these cloud successes and discuss how to overcome technical, policy, and cultural barriers to smart cloud adoption.

  • DC CloudWeek (June 3-7, 2019; Washington, DC) -- This SXSW-style citywide festival brings together thousands of government and tech leaders from around the nation to share how the cloud is transforming government, academia, nonprofits, and the private sector. It includes dozens of community conferences, events, and parties.
  • AWS Public Sector Summit (June 11-12, 2019; Washington, DC) -- This event brings together innovators who are changing the world with cloud computing to share their successes and lessons learned to guide wider cloud adoption in government. The conference aims to send attendees back to their office with new strategies and techniques for kicking off new projects, maximizing budgets, and achieving mission goals.
  • ATARC Federal Cloud and Infrastructure Summit (June 25, 2019; Washington, DC) -- This educational, one-day symposium will examine the cloud tools and techniques being used by the Federal Government to provide agencies with greater efficiency and cost savings. The morning session will feature speakers and panels with government thought leaders, while the afternoon includes the MITRE-ATARC Cloud Collaboration Symposium, where government, academic, and industry subject matter experts will examine cloud and data center challenge topics.
  • 2019 Cyber Security Brainstorm "Cyber Strong: Cyber's New Frontier" (August 8, 2019; Washington, DC) -- This half-day program will discuss integrating cloud and other next-gen technologies, strategies for building cyber strength, and preparing the workforce for these technological changes.
  • KubeCon | CloudNativeCon (November 18-21, 2019; San Diego, CA) -- The Cloud Native Computing Foundation's flagship conference gathers adopters and technologists from leading open source and cloud native communities to further the education and advancement of cloud

Let us know your go-to events for cloud information with details in the comments.

AI is Ready for Prime Time

Posted on by

Artificial Intelligence (AI) is a hot buzzword being thrown around in technical as well as business circles as a way to increase the efficiency of organizations. More than just a buzzword or "next big thing," it is now official policy of the United States. This February the President issued an executive order directing federal agencies to invest more money and resources into the development of artificial intelligence technologies to ensure the U.S. keeps pace with the world in using AI (and related technology) for business, innovation, and defense.

On the heels of the executive order, the DoD outlined its AI plans which include using AI technology to improve situational awareness and decision-making, increasing the safety of operating vehicles in rapidly changing situations, implementing predictive maintenance, and streamlining business processes.

But with all of this focus and excitement around AI, there are many groups raising concerns. Paramount is the federal workforce who sees AI technology potentially taking over their work. A recent survey found that while 50 percent of workers were optimistic that AI would have a positive impact, 29 percent said they could see new technologies being implemented "without regard for how they will benefit employees' current responsibilities." Across government, technology leaders are working to ease fears, stating that technology will take on the rote, manual tasks that humans tend to dread, freeing up people to spend additional time on more strategic, meaningful work.

Another group wary of AI's broad impact are security experts who say that with new, more advanced technologies come new, more advanced threats. In an effort to get in front of these threats, DARPA has launched the Guaranteeing AI Robustness against Deception (GARD) program. This program aims to develop theories, algorithms, and testbeds to aid in the creation of ML models that will defend against a wide range of attacks. Continue reading

Is IoT a Superhero or Villain?

Posted on by

The Internet of Things (IoT) is made up of webcams, sensors, thermostats, microphones, speakers, cars, and even stuffed animals. All of these connected devices can help individuals and organizations stay connected across geographic distances, keeping tabs on and managing assets from miles away. The data they collect can be combined with other data sets to create actionable advice for better management and service.

This holds incredible promise for local governments and federal agencies charged with maintaining safe operating fleets and facilities. There's also the application for improving the routing of field technicians as well as traffic flow in general. But, as every superhero knows, with great power comes great responsibility.

As with any technology, IoT standards need to be developed for effective and safe use as well as to enable interoperability. NIST has been working on defining standards and recently released Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks, but no federal agency is currently claiming jurisdiction over IoT policy and rule-making. In this vacuum, the legislative branch is getting involved. This past November, the House passed the SMART IoT Act that tasks the Department of Commerce with studying the current U.S. IoT industry. A Senate bill was introduced to manage what types of IoT devices the government can purchase, ensuring that all IoT tech in government is patchable and has changeable passwords. Finally, states are even weighing in on the proper use of IoT in government. California passed the first IoT cybersecurity law, making device manufacturers ensure their devices have "reasonable" security features. Continue reading

The Face in the Machine: Facial Recognition Application in Government

Posted on by

When your grandma is using her face to unlock her iPhone, you know a technology has gone mainstream. Facial Recognition "is a biometric software application capable of uniquely identifying or verifying a person by comparing and analyzing patterns based on the person's facial contours." In the last four years, there has been a jump in the use of the technology as vendors have begun to use convolutional neural networks (CNN), a deep learning methodology and algorithms, for model training. A National Institute of Standards and Technology test of vendors in 2018 showed a 95% reduction in error rate compared to a similar test completed in 2014. Applications of facial recognition in government include security (access to devices, data, and physical locations), law enforcement (matching video footage of a crime to a database of suspects), and identity verification for travel.

While the technology has come a long way, many argue it still has a way to go before it can be used widely in areas as critical as criminal justice and security. There are calls for regulation by the FTC and other federal entities. While there are accuracy benchmarks that vendors must pass to be used in government, in many cases, the groups used in benchmarks are not as diverse as those that the system will interact with once fielded. Regulation proponents argue that much of the facial recognition technology was designed with the majority of subjects being white males. When the system faces (pun intended) women with dark skin, the accuracy they promise plummets significantly.

With these challenges both in technology and policy, there are a number of events to help sort out the next steps in introducing facial recognition. Continue reading