Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness

Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Everyone likes to hit the “Easy” button, especially software developers. Rather than laboriously generate code line-by-line, today’s software professionals may just grab code from a repository and re-purpose it. Why reinvent the wheel? Malicious actors have noticed this process and have inserted code into many libraries, acting like a like Trojan Horse. As a result, some organizations are offering codes that have been inspected. They look at known vulnerability lists and see if the code includes any of them. If not, it is given a seal of approval. Frequently, this is called a “Software Bill of Materials.” A convenient solution: however, upon inspection, SBOMs can be problematic. The weakness of SBOM During today’s interview, Joel Krooswik, Federal CTO for Gitlab, described in detail some of the ways software must be continuously protected. According to the SBOM folks, the code is clean when leaves the “shelf.” However, due to continuous improvement code changes hourly. All an SBOM provides is a certification at a specific point in time for known vulnerabilities. Joel Krooswik gives listeners an enterprise architect’s perspective. He indicates that digital transition introduces new code, new architectures, and innovative approaches. At any step along the way, security can be compromised. The unknown unknown Donald Rumsfeld famously said, “There are unknown unknowns.”  This can be directly applied to what GitLab calls “fuzz” testing. This allows professionals to throw random inputs into a system to see what happens. Finally, you get a view of a potential possibilities that are not obvious.   Joel Krooswik presents many insights when it comes to protecting software. He states that just because a system is identified as needing a patch, it does not mean it will be done in a flash. Understanding all the risk factors will allow a federal leader to make a prudent choice when it comes to protecting software systems. .  

All the headlines would make you think the federal government is spending millions of dollars on bleeding-edge innovative technologies. However, a detached perspective shows when looking at funding one can conclude that 80% of technology spent is on operations and maintenance. If we continue this, then will have unreliable systems that are not effective at managing the current volume of data. Today, we sit down with Badri Sriraman, the Senior Vice President of Karsun Solutions. He has years of experience helping federal agencies make this important strategic transition. He has a deep and thorough understanding of many federal systems including records, engagement, and intelligence. Badri suggests that one potential use of artificial intelligence is to apply it to gain a better understanding of existing legacy systems. You may realize what data is duplicative or useless and what serious dependencies the existing system has built in. From there, a plan can be devised where a segment of the legacy system is transitioned and evaluated. One tool that has been successfully used by Karsun Solutions is called “goredux.ai” This was designed to provide an enterprise architect with an idea of how to make a strategic transition. The interview ends on a serious note. Legacy systems are more likely to have known vulnerabilities. There are increased costs inherent in older systems. Older systems may not allow federal leaders to reach agency goals. Finally, if all the budget is assigned to operations and maintenance you can paint yourself in a corner without a budget for modernization.   Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

The federal government purchases over $90 billion a year in information technology porductds and services.  The purpose of the Federal Tech Podcast is to listen to strategies and tactics for untapping that market for your company.   Each week we sit down with technology leaders to hear how their solution fits in the complex federal technology world. For more information on Federal Tech Podcast     Follow John Gilroy on LinkedIn  

Every technology has a maturation cycle; today we see Artificial Intelligence transitioning from being a parlor trick to being considered for serious applications. The federal government wants secure and reliable solutions to solve problems in the military and healthcare. Our guest today is Dr. Ellison Anne Williams, she has a PhD in mathematics and is the founder of Enveil. She provides an overview of AI security by suggesting it is only as good as the data over which you train and use it. AI is exposed to large data sets and models are encoded with the data with which they were trained. This process can leave the model vulnerable and open to attack, she describes one attack called a “model inversion.” This is a machine learning technique that examines a model’s output and infers personal information about its data subject. Dr. Ellison suggests a group of technologies called “Privacy Enhancing Technology.” During the interview, she gives an overview of how it can securely and privately train a model to produce richer insights. PET allows leaders to secure the use of a wider range of data sources. You can use homomorphic encryption to safely train your model over sensitive data. This interview is an overview of a technology that can allow federal agencies that must deal with sensitive information to be able to leverage the speed and insights that AI can provide.  Want to leverage you next podcast appearance?  Take the quiz. https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

Years ago, people would laboriously code character by character. This tedious process would take hours and would include errors. Over the years, libraries of prewritten code have evolved that allow software developers to “grab” some code, modify it, and finish a project earlier. Malicious actors have taken advantage of this short cut and have injected code into these software libraries that get taken along for the ride. One proposed solution is something borrowed from the shipping industry. A commercial invoice may be packaged with a bill of lading to indicate the contents of the package. This “assurance” has been transferred to the world of pre-written code and is now called a “Software Bill of Materials,” or SBOM. In a world where you are shipping a ton of Portland Type II cement overseas, this bill of lading works finds; it has some challenges being transferred to the dynamic world of software. In a typical federal environment, there is continuous change in the code itself. It would be difficult to change on ton of a manufactured product like Portland Type II Cement. However, the once approved software package may have so many changes that the Software Bill of Materials may not have any validity. During the interview today, David Jurkiewicz unpacks the concept of an initial SBOM and then how software packages can evolve over time and still retain compliance. His company can take this basic guarantee and examine the software for many concerns, including. ·       Vulnerabilities ·       Dependencies ·       Integrity ·       Malware ·       Foreign presence ·       License David Jurkiewicz provides details on how companies can resolve vulnerabilities and ensure safe operations in a world where code is grabbed off the shelf and slipped into a package.   Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

One of the most practical applications of Artificial Intelligence (AI) is to assist in network observability. The big move to Zero Trust is predicated on the ability to have a thorough understanding of network assets. This is a significant issue for federal information technology. We have legacy systems, shadow IT, and a deluge of data in addition to the confusion that a hybrid network can bring. Riverbed takes a phrase from science, telemetry. Initially, it was used to troubleshoot the original network: the power grid. Since then, the term has been modified to apply to a standard data collection system for analyzing information on a digital network. The fact that 98% of the Fortune 100 uses Riverbed for determining network status means that they are the de facto leaders in the market. Today, we sat down with Jeff Waters to help us understand how Riverbed can be applied to federal systems. You would expect Jeff to emphasize network management, however, he shows how the basic “telemetry” approach can be used for improving user experience. The approach is simple:  if a technology can look at movement on a network, it can be applied to understanding how federal sites are used by citizens. We move from DevOps to Artificial Intelligence Ops, or AI Ops at the end of the interview. This concept allows Riverbed to be able to understand a situation and offer remediation. Because the network is so well understood, the solution is effectuated quickly. Telemetry – from old-school electrical troubleshooting to helping with user experience on a federal website. = = = Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com      

In 1848 they found gold at Sutter’s Mill in California. According to the CEO of Cohesity, data is the new gold. Today, we sit down with David Kushner from Cohesity to unpack what this “gold” reference means for federal technology leaders. This has always been the case. Today, we see cheap storage, fast Internet, and Generative AI producing an overwhelming amount of data sets. The challenge is how to protect them. This “perfect storm” has not gone unnoticed by federal leaders. If you casually look at a few recent federal mandates, you constantly see a reference to “security” and Artificial Intelligence. ·       White House: President Biden issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence ·       Homeland Security:  Promoting AI Safety and Security ·       OMB:  Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence Cohesity has been in business for over a decade and has garnered a reputation for efficient management of critical assets. We sit down with David Kushner to unpack what these innovations mean for the federal government. For example, we all know that the federal government gets attacked thousands of times a day. We all know the “usual suspects,” but what is starting to happen is malicious code is being injected into backups. It is conceivable that a systems manager could reach for the backups and introduce compromised data into a sensitive data set. During the discussion, David mentions that Cohesity has worked with over three hundred federal agencies in a wide variety of services. In February of 2024, Cohesity launched a search assistant called Gaia. This allows enterprise-level organizations to use Large Language Models and Retrieval Augmented Generation in a manner that complies with compliance mandates. Listen to learn about Gais, backups, and a new world where the data is the gold that is being exfiltrated.   = = = Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com      

We are at the point where Artificial Intelligence is splitting into several capabilities. These include Generative, Natural Language Processing, Computer Vision, Predictive, and Deep Learning to name a few. Today, we sit down with Melisa Bardhi from Excella and look at one aspect of AI, Generative AI, and examine how it can be used responsibly for federal applications. In a short 25 minutes, she covers ·       Definitions ·       Beginnings ·       Security ·       Existing models ·       AI training Melisa begins by admitting that one must be cautious about data that is used to feed AI.  All humans have biases, whether intentional or not. One document she would like to share with the audience is Excella’s Generative AI Use Policy.  Rather than starting with a major tech overhaul, it is suggested that an agency looks at a pilot with well-defined outcomes.  Generally, Generative AI should be deployed in a controlled environment. Security is foremost in the minds of all federal employees. The challenge is that many of the recommendations from laudable organizations like NIST can be hard to understand.  As a result, Excella has unpacked many security concepts in several blogs. A reference is Decoding Artificial Intelligence: A Simplified Guide to Key Terminology.   https://www.excella.com/insights/decoding-artificial-intelligence-a-simplified-guide-to-key-terminology When you read about ChatGPT producing summaries, this is an example of a model that is used in a wide-open environment.  Melisa suggests agencies test out pre-trained models through cloud platforms like Azure ML, AWS Sagemaker, and GCP AI Platform. Fortunately, we are bombarded with places to learn more about Generative AI.  During the interview, Melisa mentioned agencies should consider partnering with research institutions and groups like ACT-IAC. For example, you can start your Generative AI journey with an article titled “AI Understanding in the Federal Government.”  https://www.actiac.org/documents/ai-understanding-us-federal-government = = = Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com      

Sometimes, we must look at literature to get an understanding of the current situation for federal GWAC contractors. Let us look back to Charles Dickens with, “It was the best of times, it was the worst of times.” Here is the scenario: your company spends a ton of time and money to get a spot on a GWAC contract. never to win any work. All your hopes and dreams of increasing business have been crushed. Today, we sit down with Brian Seagraves from Deep Point Water & Associates to take a detached view of this GWAC process and provide some suggestions. We begin with some shocking numbers. We all know that federal organizations working under GWAC send out notifications regularly. In a perfect world, a resolute employee shows up for work at 9 AM, sees a notification, and then begins the filtering process. In the real world, companies are overwhelmed by notifications and end up working to dead ends. For example, one organization gave 27,450 announcements annually. Simple math indicates, that with 250 workdays, this is 100+ notifications a day. Mere humans cannot keep up. Inevitably, their companies may pursue bad fits or even miss excellent opportunities. During the interview, Brian suggested a solution from Deep Water Point & Associates that can assist in this complex filtering work. His company has managed to combine a strong knowledge of keywords and human understanding of culture to assist in the selection of which announcements to pursue. He details how they developed GWAC NorthStar. This is a “as-a-service” offering and a company can be set up with a free 30-day trial. GWAC NorthStar is a good example of how Artificial Intelligence can be combined with human “know-how” to speed up the proposal process. = = = Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com      

We are in a whirlwind of change. Data is pouring into federal agencies. A recent report indicated that data was growing at 25% a year; cloud usage at a rate of 61%; and Software as A Service an astounding 200%. Oh, did I forget to mention that Generative AI is also increasing data exploding? It is one thing to worry about data from John’s Doughnuts, and quite another to worry about sensitive military, financial, and health information that the federal government is charged to protect. Data. gov estimates that 250 million data sets are being used by the public sector. This increase in data has not been missed by the White House. On February 28, 2024, an Executive Order called “Protecting America’s Sensitive Data” was issued. Today, we sat down with Adam Costello to have him share some of his practical knowledge of securing data. Adam begins by suggesting federal agencies start by figuring out where these data sets are stored. Humans make mistakes, humans jump into shadow IT and create ghost data, and people do not understand retention protocols. Adam suggests that an Asset Management Database can establish a baseline for documenting data. From there, we can get a better perspective on concerns like encryption, micro-segmentation, time-based retention methods like records management, and establishing a Recovery Point Objective. If you look at your network configuration and blink an eye, it has changed. Listen to the interview to gather best practices from a data management specialist with decades of experience. = = = Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com