Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government needs to share information on a wide variety of platforms and must provide methods to ensure this transmission is secure.  Of course, the hard part is the “how” part of this data transfer.  Tim Fuhl from Owl Cyber Defense gives the listener an overview of how Owl Cyber Defense can help federal agencies share information securely. To accomplish this task, he discusses two fundamental concepts: diodes and Cross Domain Solutions. Diodes.  This is a mysterious word that was liberated from electrical engineers. When designing a semiconductor,  one may need to create a one-way path to prevent a signal from returning.  The solution in electronic design is a “diode.”     Owl Cyber Defense took an electrical concept called a diode, which provided “one-way” data transfer. When they combined this one-way street with a data path, they developed a “data diode,” a device that limits data transfer to one direction, protecting the system from a reverse movement.  When it comes to securing federal systems, a “data” diode is a device that restricts data transfer one way, essentially creating a one-way street. Cross Domain Solutions.  One of the newest abbreviations in the world of security is Cross Domain Solution (CDS).  The federal technical world is comprised of levels of protection.  As a result, what is needed is a way for communication between varying security levels. During the interview, Tim Fuhl defines both terms and gives examples of where this innovation can be applied to federal systems.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In traditional commercial selling, a company seeks to understand its business problems and then presents a solution that would save time and money. Understanding federal requirements has a few more barriers than scheduling a meeting with the CIO.   The federal government has security requirements and considerations few commercial companies can even consider. There are no effortless ways to understand system requirements for a company trying to break into the federal marketplace. This has been understood for decades. In fact, Ron Reagan decided to help small businesses understand their needs and provide some assistance. The Small Business Innovation Research (SBIR) program was established in 1982. The concept was simple: an agency would post requirements and look for a small company to get a response. If the proposal was favorable, some steps allowed further development and funding. During today’s interview, Tom Ruff updated us on the three phases of SBIR and provided specific examples of companies that have successfully navigated the process.

  Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Most people are so overwhelmed with the dazzle of Artificial Intelligence that they dismiss the power of quantum computing. Reality is the optimized solution for solving some federal problems involving artificial intelligence; other issues need to consider quantum. Today, Murray Thom puts the ability of quantum computing in a better perspective. For example, when it comes to aerospace maintenance, there are so many variables that classical computing is challenged to provide an answer. We all know that a traditional computer would use bits (0s and 1s). Quantum allows an approach that is not as linear and can provide faster answers to many questions. The crus of the interview was not a debate on the origins of quantum and Einstein’s remark about God not throwing dice. The debate is over—quantum work. Quantum computing can help the federal government find solutions to public sector challenges like optimizing public services, transportation networks, and defense. The core of this interview is whether your federal agency is looking for a problem that is too expensive or too time-consuming to solve using classical computing. It is possible to use quantum innovation to solve the problem more economically. Look at some success stories from D-Wave; they may provide an economic option for you. Download the D-Wave e-book “Transforming the Public Sector: Quantum-Powered Optimization” on the Carahsoft website.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com It is a challenge for most technology companies to give a three-word summary of what they do, especially with the complexity implied with the phrase “entity resolution.” The CEO of Senzing, Jeff Jonas, gives a three-word summary of the complex issues they manage --  “bad guy hunting.”  OK, what does this mean to federal tech leaders? Today, we sit down with Will Layton to learn how a topic like “entity resolution” can improve federal cybersecurity. During the interview, he gives an overview of how federal systems have evolved over the years and the need to understand the implications of automation. We know federal systems are, in general, moving to the cloud. This may be a private cloud, a public cloud, or even a hybrid cloud. Second, data ingestion has overwhelmed most agencies.  As a result, many large-scale organizations are implementing automated tools, some call “agents” to become more efficient. Will Layton describes how humans need to be identified an automated tool, or entities, need to establish credentials as well. When a malicious actor tries to present like an entity in a complex automated system, Senzing can identify it and save federal leaders from unwanted actio

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com For many, IDEMIA is a relatively unknown company that was recently awarded a 10-year Blanket Purchase Agreement from GSA. The focus is on next-generation identity proofing for login.gov. At first glance, you might say “IDEMIA” is an overnight success. Upon further examination, you will discover that IDEMIA has served federal agencies for over 60 years. During the interview, Donnie Scott gives listeners a complete rundown on the variations on identity, identity proofing, identity management, and identity access management. He reinforces that rigorous identity-proofing can reduce waste, fraud, and abuse of federal systems. This is becoming a more complex problem. For example, technology enthusiasts are experimenting with so-called “agents” to access data, assemble it, and then attempt to draw conclusions. At each step along the way, there are gateways to verify the validity of the person (or non-human entity) requesting data. This interview offers a great perspective from a well-respected company that provides identity proofing to the federal government.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Walking around the Salesforce World Tour DC  can make you dizzy with use cases.  Let’s step back and look at underlying principles.  To boil down the massive information overflow, we sat down with Nasi Jazayeri from Salesforce to focus on improving efficiency by taking advantage of Salesforce agents. Automation. Federal employees will obviously be asked to do more with less. One way to accomplish this task is to structure a system where tedious decisions do not have to be made by humans. Tasks can be designed without human oversight to a specific level. Workflows. Salesforce is increasingly becoming a hub for data amalgamation. Integrating API into workflow can improve how systems can manage various dependencies. Compliance. This is one of Salesforce's superpowers. Everyone is trying to figure out where the best application of agents would be. Inevitably, mistakes will be made. Compliance is built into a system like Salesforce. You can evaluate several options without reinventing the wheel for each instance. Salesforce has many use cases for agentic applications, such as citizen service automation, healthcare administration, and interagency collaboration. Sometimes, general value principles can reinforce decisions made regarding agents and Salesforce.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Federal leaders are walking a tightrope. They want to leverage the promise of AI; however, they are responsible for making federal data secure. Beyond that, these AI “experiments” should not negatively impact the larger systems and must have a detached view of practical applications. During today’s conversation, Paul Tatum gives his view on accomplishing this balance. He illustrates the idea of experimenting with AI through, of all things, avocados. For example, he acts as if he must document the process behind importing avocados. He shows how an AI agent can be used safely and provides practical information. The key here is “safely.”  People working on federal systems are jumping into AI agents without concern for compliance or security. They run into the phrase “unintended consequences” when they access data sloppily, which can lead to sensitive information leaks. Rather than detailing potential abuse, Paul Tatum outlines the Salesforce approach. This allows experimentation with specific guidelines as well as for compliance and controls for autonomous agents. This way, the data to be accessed will be cleaned and not subject to misinformation and duplication problems. Further, because you are acting in the functional equivalent of a “sandbox,” you can be assured that information assembled from AI experiments will be placed in areas where they are safe and secure. Learn how to leverage AI, but learn in an environment where mistakes will not come back to haunt you.  

Anish Patel, Head of Sales at Cloudflare, delves into federal network security and Zero Trust initiatives. He discusses how Cloudflare's commercial success can enhance security in federal networks by simplifying user experiences. The conversation highlights the importance of transitioning to Zero Trust architecture and the need for innovation within organizations. Anish also emphasizes automation's role in reducing the burden of constant vigilance among users, thus improving overall cybersecurity. Additionally, he touches on future-ready features like post-quantum encryption.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Once the transition to the cloud became dominant, the importance of identity was placed ahead of permission to access apps and data. When data centers were down the hall, one could have physical access to a room and sign-on permission. The hybrid cloud, private clouds, and an interest in “alternative clouds” make identity the keystone of modern computing. Companies like Okta, Ping, and SailPoint work with identity and access management but rely on services that can provide a federated identity service. Today, we sit down with Dr. John Pritchard, the CEO of Radiant Logic, and learn that Radiant does not compete with these well-known vendors but provides the backbone for their service. Dr. Pritchard uses an interesting phrase: “continuous identity hygiene.”  This means that although a person’s biology will not change, he can compromise essential elements of his identity. This must be a continuous process. This fact has been recognized by CISA and DoD’s 2027 Zero Trust Goals and can be identified as Identity Security Posture Management. In this thorough discussion, Dr. Pritchard presents a 30-year framework for network identity and includes comments on a unified data layer, data staging, and how to select a reference architecture for using a federated identity service.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Many people deceive themselves when moving systems to the cloud, thinking the same precautions used for an on-premises system can be used in the cloud. Neil Carpenter from Orca Security dispels that notion right out of the box. He details that when a system is moved to the cloud, it operates under a shared responsibility model.  While the Cloud Service Provider may be able to serve a solid infrastructure, that does not mean the applications and data are protected as well. Further, the popularity of virtual systems means that workloads can spin up and down rapidly. This means a one-time scan is just that: a photograph of a moment; only continuous monitoring can provide the reassurance that federal systems managers demand. While we know that cloud systems can scale rapidly, many do not understand that scaling also widens the attack surface. Michael Hylton from Orca Security recommends investing in a system that can provide continuous scanning in a dynamic environment. How is this accomplished? During the interview, Neil Carpenter defines agent vs. agent-less systems. When Orca Security established an agent-less system, it allows them to scan, speeding deployment and reducing the risk of coverage gaps.