Tech Transforms, sponsored by Dynatrace

Dr. Aaron Drew, Technical Director for the Supply Chain Management (SCM) Product Line at the U.S. Department of Veterans Affairs Office of Information and Technology, joins Carolyn to discuss the challenges of supply chain, modernization and risk management. Dr. Drew outlines the steps an organization can take to modernize and maximize applications for end users as well as capitalize on data analytics to better prepare our nation for times of need.

Key Topics

• [01:15] - Scale of Veterans Affairs
• [05:21] - Supply Chain Tools and Challenges
• [13:54] - Advice for Supply Chain Management
• [20:24] - Tech Procurement
• [24:10]- User Acceptance
• [27:37] - Risks of not Modernizing
• [32:29] - Security Requirements
• [36:13] - Steps to Acquisition
• [40:10] - Tech Talk Questions

Quotable Quotes

On identifying a need for a new tool: "If the tools you had before don't address that shift [in business], that change of dynamics, then that's when we have this gap. That's that delta between how you did business then and how I expect to do business tomorrow that will signify or call that ignition of this solution acquisition process." - Dr. Aaron Drew

On understanding user needs: "Either you are meeting them [users] where they are, which is very important, or you've lived it, which allows you to relate and commiserate with those who are working across a day-to-day basis, that's what's going to bring you organically to the problem. That's going to allow both parties then to own the solution." - Dr. Aaron Drew

About Our Guest

Dr. Aaron J. Drew is the Technical Director for the Supply Chain Management (SCM) Product Line at the U.S. Department of Veterans Affairs. Previously, Dr. Drew simultaneously served as the Chief Engineer & Chief Architect for the Financial Management Business Transformation Special Program Office (FMBT-SPO) and the Chief Engineer & Chief Architect for the Supply Chain Modernization Program. 

Episode Links

• MITRE
• Smithsonian Museums
• Holocaust Museum

Tracy Bannon, Senior Principal/Software Architect & DevOps Advisor at MITRE, returns to Tech Transforms for our So What segment to discuss all things generative AI. Following Tracy's presentation at the RSA Conference 2023, she and Carolyn discuss everything from software development lifecycle to the potential that various AI models may have.

Key Topics

• [01:29] - Software Development Lifecycle: RSA Conference Recap
• [04:48] - Generative AI as a Service
• [07:36] - Potential for Disinformation
• [12:04] - Potential of AI for Developers
• [17:15] - Low Code / No Code Capabilities
• [26:14] - Discussion Roundup
• [31:14] - Tech Talk Questions

Quotable Quotes

Definition of generative AI: "Generative AI is under the umbrella of large language models. And a large language model is just that. It is a model where vast amounts of text data have been fed in and it uses statistical analysis to figure out the likelihood that words or phrases go together." - Tracy Bannon

On generative AI models: "It's only as good as the information that's going in, garbage in, garbage out." - Tracy Bannon

Generative AI advice: ''Know that we have to really get focused on the ethics of using these tools. Know that there are big security risks, but get familiar. Get familiar. It isn't going to take your job today. It is going to augment many jobs, but it's not going to take them completely away." - Tracy Bannon

About Our Guest

Tracy Bannon is a Senior Principal with MITRE Lab's Advanced Software Innovation Center. She is an accomplished software architect, engineer and DevSecOps advisor having worked across commercial and government clients. She thrives on understanding complex problems and working to deliver mission/business value at the speed. She’s passionate about mentoring and training, and enjoys community and knowledge building with teams, clients and the next generation. Tracy is a long-time advocate for diversity in technology, helping to narrow the gaps as a mentor, sponsor, volunteer and friend.

Episode Links

• So What? Tech Transforms Federal News Roundup with Katy Craig
• Applying AI to the SDLC New Ideas and Gotchas
• It's 5:05
• The Kill Chain
• Project to Product
• Real Technologists Podcast
• Greenlights

Alan Gross, Solutions Architect & Tech Lead at Sandia National Laboratories, joins Carolyn to talk about how DevOps is being leveraged to support the Department of Energy's contractor operated research lab. Alan dives into some of the initiatives at Sandia National Laboratories, and how he is applying his personal philosophy around user experience ops, or "UX Ops," to support the mission.

Key Topics

• [01:12] About Sandia National Laboratories
• [03:50] Sandia's role in national security
• [06:25] DevOps versus DevSecOps
• [13:45] Department of Energy and Sandia
• [17:40] Sandia initiatives: a year of climate in a day & Hypersonic weapons
• [21:00] Alan's DevOps journey and advice for developers
• [33:55] Tech Talk questions

Quotable Quotes

Alan on DevOps: " DevOps is about trying to deliver quickly and learn from your mistakes as fast as you can. So shifting left is part of that philosophy. If you have security issues with your software, you want to know about that as quickly as possible, because if you've already deployed to production, it's almost too late." - Alan Gross

On what advice Alan would give to new developers: "It's about failing fast and failing forward...How quickly can you learn new things, get new code and new products out in front of your users, and understand how they engaged with that." - Alan Gross

About Our Guest

Alan works as a full stack developer and technical lead at Sandia National Labs, with six years of experience in web technologies development. He develops within Python, Angular and .NET ecosystems, with a focus on enabling the developer experience at Sandia with novel solutions for the labs’ diverse development, software governance, security and business intelligence needs. Alan leads a team that is committed to reducing technical debt by emphasizing DevSecOps, modern application architecture (such as microservices) and data-driven outcomes.

Episode Links

• Mollie Rappe
• Planning and Implementation Tool
• Tech Transforms Podcast with Dr. Stephen Magill
• Pattern and Anomaly Detection in UX
• Adam Grant Podcast
• Project Ceti

Paul Scharre, Vice President and Director of Studies, at Center for a New American Security (CNAS), joins Carolyn and Mark to dive into his newest book, Four Battlegrounds: Power in the Age of Artificial Intelligence. From the first time he recognized the power AI could hold, to the ways AI may put us on a path to global peace, Paul offers valuable insight and perspective on the field of artificial intelligence and machine learning.

Key Topics

• [01:44] About Paul Scharre
• [02:50] When Paul Scharre recognized the power of AI
• [07:17] The four Elements of the Battlegrounds
• [12:57] Paul Scharre's take on the technological divide in the United States, and how we can solve it
• [20:10] U.S.'s standing in comparison to Nation-State adversaries
• [26:18] Establishing globally agreed upon AI guardrails
• [31:45] The exponential growth of AI
• [42:12] Top requirements to achieve global peace

Quotable Quotes

On Paul's main focus when working at the Pentagon: "how can we use robotics to help create more distance between our service members and threats?" - Paul Scharre

Role of humans in AI: "Having data and computing hardware, having chips alone, doesn't get you to some meaningful AI tool. You also need the human talent" - Paul Scharre

On adversary AI advancement: "Fundamentally, both the US and China are going to have access to AI technology, to robust AI ecosystems, big tech companies, startups within each country, and the bigger challenge is going to be: How does the military take this technology, work with its civilian AI scientists, and then translate this into useful military applications?" - Paul Scharre

About Our Guest

Paul Scharre is the Vice President and Director of Studies at the Center for a New American Security. Prior to this role and becoming an award-winning author, Scharre worked in the Office of the Secretary of Defense (OSD) where he played a leading role in establishing policies on unmanned and autonomous systems and emerging weapons technologies. He led the Department of Defense (DoD) working group that drafted DoD Directive 3000.09, establishing the department’s policies on autonomy in weapon systems. He also led DoD efforts to establish policies on intelligence, surveillance, and reconnaissance programs and directed energy technologies.

Episode Links

• Project Maven
• Army of None

This week, Michael Edenzon, Co-Founder of Fianu Labs, joins Tech Transforms to talk about why automated governance is so critical to mission success. Michael also provides some great insight into his recently co-authored book Investments Unlimited.

Key Topics

• [02:08] About Fianu Labs
• [04:54] What passes as evidence and how does it play into automated governance?
• [09:29] Michael's book: Investments Unlimited
• [16:50] Automated governance vs. Authority to Operate
• [28:33] Taking software asset inventory
• [35:40] Tech Talk Q&A

Quotable Quotes

On what counts as evidence in the context of software governance: "Our real focus in that regard is trying to get people to realize that evidence isn't just this random metadata that's captured from here and there, but instead it's going through all of the enrichment and providing all of the context that's necessary for an auditor to come and reproduce those results that you're using to base your enforcement off of." - Michael Edenzon

On how automated governance relates to Authority to Operate: "It [automated governance] is a method for achieving the ATO. So it can accelerate your ATO process and it can help you reach it faster, but what automated governance really is, is a means of achieving continuous ATO." - Michael Edenzon

About Our Guest

Michael Edenzon is a senior IT leader and engineer that modernizes and disrupts the technical landscape for highly-regulated organizations. Michael provides technical design, decisioning, and solutioning across complex verticals and leverages continuous learning practices to drive organizational change. He is a fervent advocate for the developer experience and believes that enablement-focused automation is the key to building compliant software at scale.

Episode Links

• Investments Unlimited
• Toyota Kata
• Failure is Not an Option

In this episode of Tech Transforms, Nihal Krishan, tech reporter at FedScoop, discusses how and where the American government is lagging behind in technology, but there is a focus on modernization to improve the situation. We also talk about the need for comprehensive data privacy legislation and how budget caps may impact government agencies' modernization initiatives. Additionally, we explore concerns surrounding TikTok's ownership and data privacy, as well as the addiction and potentially harmful effects of the platform. We also touch on the importance of respecting sources as a journalist and provide a few podcast recommendations. Finally, we look at the challenges in understanding algorithms used by TikTok and how they could be used to promote divisive content. Join us to learn about these transformative topics in the tech world!

Introducing Our Guest, Nihal Krishan

Nihal Krishan is a journalist who has covered the controversies surrounding TikTok. He highlights the privacy violations committed by the company when it accessed journalists' personal information to control their narrative. Krishan also acknowledges the legitimate fears surrounding the app since TikTok's parent company is based in China. However, he notes that there is no objective evidence of the Chinese government misusing American data obtained through TikTok. He raises the question of whether American social media companies are any better at safeguarding data than TikTok. Krishan argues that the debate over TikTok highlights the need for data privacy legislation in Congress.

Key Topics:

• Government Budget and IT Modernization
• Privacy and Security on TikTok
• Social Media and Data Privacy

Episode Highlights:

• [00:00:57] TikTok has been criticized for invading journalists' privacy to control their perceptions of the app, but the evidence for harm is primarily based on perception and politics. There are concerns about Chinese government access to American data, but it has not been proven yet. The issue of data privacy is a larger problem for social media companies in general and calls for legislation.
• [00:06:04] TikTok is a popular Chinese-owned social media platform with almost a billion users, mainly Gen Z, and its popularity has caused concerns about national security and data privacy in the US.
• [00:10:13] Understanding TikTok's algorithms is like understanding Facebook and Google's algorithms. The government is concerned that TikTok could sow seeds of discord like how Russians did in 2016 on Facebook. It's a complicated problem faced by all social media platforms.
• [00:12:29] TikTok is highly addictive and has a powerful algorithm that tailors to a user's preferences. Instagram and other apps are trying to copy its success. Concerns arise over its safety and effects on users, especially children and those with attention issues, requiring regulations.
• [00:14:57] Data privacy laws are crucial for people who don't have time to limit their phone and social media use. Bipartisan support exists for Children's data and app time protection, but comprehensive legislation is still needed.
• [00:18:54] US government lags behind in technology; modernization is a key issue for federal agencies and Congress has formed an IT Modernization Committee to improve it, but bureaucracy and political battles affect appropriations for IT modernization.
• [00:22:31] Caps on spending for agencies may hamper modernization efforts.
• [00:24:18] Budget cuts expected on unspecified agencies and programs; impact and details unknown. Reporting on changes to come. Cybersecurity noted.
• [00:25:50] Journalists rely on trust to get information and protect sources. Most people's comments are not newsworthy, and journalists don't report everything they hear. Building relationships and protecting sources is important for breaking good...

Nihal Krishan, Tech Reporter at FedScoop joins Carolyn for a special two-part episode to talk about some of the hottest topics in government tech. In Part 1, Nihal gives some eye-opening insight on all things ChatGPT including security, privacy, and national bans.

Episode Table of Contents

• [0:25] Introducing Our Guest, Nihal Krishan
• [7:39] We Need to Upskill
• [15:45] How the U.S. Government Is Dealing With ChatGPT
• [23:00] Stanford University Human Center Artificial Intelligence Index Report of 2023
• Episode Links and Resources

Episode Links and Resources

• Nihal Krishan
• FedScoop
• Stanford University Human Centered Artificial Intelligence Index Report

Col. Candice Frost, JIOC Commander at United States Cyber Command joins Carolyn and Mark to talk about her journey as a lifelong-learner, and how she is applying her skills to the innovative work at Cyber Command. From the importance of public-private partnerships, to teaching our kids healthy cyber security habits, Col. Frost offers her valuable insights on how we can all think innovatively and better secure our nation.

Episode Table of Contents

• [0:29] Col. Frost’s Journey to Being the JIOC Commander at US Cyber Command
• [8:04] How US Cyber Command Came to Be
• [16:04] Understanding the Nature and Psychology of War
• [23:35] The Parts Played by US Cyber Command in Our Security
• [30:46] The Thrill of Working at US Cyber Command
• [37:55] How US Cyber Command Keeps Everyone Safe
• [44:31] Nothing is True and Everything is Possible

Episode Links and Resources

• Col. Frost LinkedIn
• U.S. Cyber Command
• Afternoon Cyber Tea
• Click Here Podcast
• Spies Lies and Algorithms
• Nothing is True and Everything is Possible
• The Wires of War

Commander Jonathan White, Cloud and Data Branch Chief at the United States Coast Guard joins Carolyn and Mark to talk about the groundbreaking developments his team is doing with C5I. Commander White stresses the importance of public-private partnerships, and gives tips on how agencies can better approach the future of technology.

Episode Table of Contents

• [0:33] What Is C5I?
• [7:54] What Are the Goals of C5I
• [15:12] What the Future Holds for C5I
• [22:35] Commander White’s Favorite Project Pre C5I
• [29:39] What Role Has Industry Played for C5I
• [35:14] Pieces of Advice
• [40:23] From the First Piece of Technology to C5I
• [45:16] Introduction to AI
• Episode Links and Resources

Episode Links and Resources

• Commander White
• USCG
• Hack Your Bureaucracy

Stephen Magill, Vice President, Product Innovation at Sonatype dives into the complexities of open source and software security. Find out how government agencies are utilizing open source, and what Sonatype is doing to help secure our most trusted software.

Episode Table of Contents

• [0:23] The Core Focus Area of Open Source Technology
• [7:24] The Security Measures Open Source Implements
• [14:32] A Vulnerability in the Open Source
• [21:42] The Vulnerability Log4j Poses in the Open Source
• [29:06] Identifying the Root of the Problem
• [36:01] Watching Out for Malicious Code

Episode Links and Resources

• Stephen Magill
• Sonatype
• Sonatype Safety Rating
• Maven Central