Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Every software developer knows about the meeting in February 2011 at a skiing lodge in Utah. Seventeen people met to produce the "Agile Software Manifesto." Large software projects were falling left and right. This was a group of experienced developers who thought interaction and flexibility were keys to producing complex code effectively. They introduce concepts like iteration and technical debt to the general audience. Twenty- three years later we see a distortion of these concepts in the federal government's approach to software development. They may launch an application quickly and suboptimal, and then expect to iterate. However, this process has been distorted to a point where 70% of the federal IT budget is spent on this "iteration" under the guise of Operations and Maintenance. Today, we sat down with Sonny Hashimi, the Head of Global Sector for Unquirky. He has experience in the commercial world as well as the federal government. His last federal title was Commissioner, Federal Acquisition Service for the GSA. He has seen this flawed software development strategy from many angles. He suggests that proprietary software should be replaced by open-source methods that will allow for rapid change in code. That way, patches, and changes in direction of application development can be accomplished in a timely manner. This change would free up millions of dollars to accomplish improvements in federal systems. Listen to hear his diagnosis of the problem and the options he provides.

https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Forrester is well-known for conducting surveys with technology leaders and releasing conclusions. Today, we sat down with Sam Higgins, a Principal Analyst for Forrester, and looked at several studies he has participated in regarding the public sector and Artificial Intelligence. We begin with some findings showing that 35% of global public sector organizations indicate an interest in implementing AI. Reduced cost, improved security, and automation are general benefits that have been reported. This global view has been reinforced in the federal government with several programs including the AI test beds at the Department of Energy, Project Linchpin from the Army, and even the Air Force designating a Chief Data and AI Office. During the interview, you will hear some surprising findings. One study shows that the responsibility for AI Strategy most often resides in the technology department, not official leadership. Forrester is well-known for conducting surveys with technology leaders and releasing conclusions. Today, we sat down with Sam Higgins, a Principal Analyst for Forrester, and looked at several studies he has participated in regarding the public sector and Artificial Intelligence. We begin with some findings showing that 35% of global public sector organizations indicate an interest in implementing AI. Reduced cost, improved security, and automation are general benefits that have been reported. This global view has been reinforced in the federal government with several programs including the AI test beds at the Department of Energy, Project Linchpin from the Army, and even the Air Force designating a Chief Data and AI Office. During the interview, you will hear some surprising findings. One study shows that the responsibility for AI Strategy most often resides in the technology department, not official leadership.

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Our guest today is a grizzled veteran of the cyber wars. Chuck Herrin from F5 Networks has considerable experience in commercial and federal networks to see trends. For example, years ago one could diagram a network easily. Today, we have complex systems that are bombarded with data. Virtual systems are allowing for databases to be created on the fly. Combine that with storage being split between in-house systems and many clouds, you get a situation difficult to understand. Some hark back to 1970 when the Temptations released a song called "Ball of Confusion." Chuck has seen systems that can be appropriately titled a ball of confusion. The solution? Understand your architecture. This way, you know all your endpoints and realize that the architecture is, in effect, your attack surface. From there, take a close look at your Application Program Interfaces. Traditionally, one attack vector was the application itself. However, new cloud-based systems mean a process of distributed applications. As a result, the new attack point may be the API. We have a new term called a "leaky" API. Chuck Herrin will share with listeners his experience and give you a deeper understanding of the role of protection of the API as part of a full orb strategy to protect vital federal data.

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com It seems like everyone is testing AI options; however, when it comes to technology like Quantum, people seem to shy away. Today, we will attempt to clear up some of the questions listeners have about how to apply Quantum to federal problems. Our guest Murray Thom has been working with Quantum for years. Further, his company, D-Wave, has been in business for 25 years, has two hundred patents, and employs over two hundred subject matter experts. So, D-Wave is not a startup without any proven record. Murray sets the stage by setting up a contrast: classical computing compared to quantum computing. Traditional computers allow for a limited number of answers, while a quantum computer is not limited to the binary nature of the way we have been using computers. Rather than diving into the philosophy and mathematics behind quantum, Murray looks at applications that can be boiled down to use cases. If you look at the millions of containers that enter the United States each year, you can understand the complex nature of logistics. Effective use of quantum can allow for reduced fuel consumption, faster delivery times, and happier customers. The federal government can apply this technology to areas like weather forecasting and even managing the 30,000 satellites that are projected to be circling the earth by 2030.

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com = = = Fortinet's Jim Richberg is a battle-tested veteran. His opinions are sought out in Congress and all over the world. Today, we sat down with Jim to assess the implications of the federal government using AI when it comes to cybersecurity. Jim likes to distinguish between two broad categories of AI: discriminative AI and Generative AI. Discriminative: AI that can classify data but cannot generate it. From a cyber perspective, it can assess sentiment and image classification. It can alert when there is a potential threat. Generative AI: produces results based on amalgamation of existing data. This can be text, music, and even designing images. There is a possibility that a Generative AI application can look at a network and generate a report finding vulnerabilities. So far, these have been defined, but the results have been few. Jim Richberg thinks federal organizations are being limited to not having standards in contract terms as they procure AI. One topic that many seem to overlook is the power requirement for AI. Some solutions include modifying chip design. But Jim cautions that it can take as long as five years to get a data center up and running while energy concerns are building daily. This is a fascinating discussion that includes Jim's delineation of MDM of Misinformation, Disinformation, and Malinformation.

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com = = Some estimates are that the federal government will have spent one trillion dollars before the end of September 2024. Federal contractors will be bombarded with opportunities; your bidding selection can make or break your company. The issue is balance. If you respond to every solicitation, you won't get to them all and the ones you complete may not be thorough enough to be the winner. One can always throw humans at the problem, but nobody has the staff to even read the solicitations. Today, Brooke Smith from Deep Water Point & Associates presents an option. He talks about the right way to bid and the wrong way to do it. Of course, a year you should have been ahead of the RFP process. However, some funding hasn't been approved until late in the process. As a result, you will see new opportunities popping up. In order to eliminate contested awards, we may see task orders, GWACs, IDIQ, and even OTAs just to get work under contract before the end of the year. During this discussion, Brooke Smith details the role of automation that can help federal contractors use their limited time properly. They combine human experience with analysis of a company's capabilities to help them select the projects that can yield the best results. This is a "must listen" to learn how to optimize how your company can respond to year end offerings.

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com = = Congressman Gerry Connely maintains that that the platform is the solution; today, we discuss the topic of data strategy with Rob Carey of Cloudera. Rob begins by stating that when it comes to managing data, you need to consider what the outcome may be. For example, if you are assembling data on nuclear weapons, you need much more care than putting together traffic information. Some would say that this is the difference between serious data and a newly coined phrase "Everyday AI." In other words, negligible risk decisions. This differentiation can assist in making budget decisions. Rob goes on to discuss the expanded attack surface. With all of today's sensors and data centers, many agencies are starting to use "petabytes" to describe the amount of information they are ingesting. Companies like Cloudera can assist federal tech leaders by giving them a system where they can provide governance. For example, he describes an offering called Cloudera Security Governance Lineage. This provides a view of data from "soup to nuts." Allowing managers to profile data, clean the data, and provide lineage tracking. Federal agencies must not treat all data as being equal. Limited resources force systems administrators to view data from legacy systems, the hybrid cloud, and new sensors as part of a priority.

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com John Kindervag is the father of Zero Trust; Greg Touhill is the general of Zero Trust; today, we sit down with Dr. Zero Trust, Chase Cunningham. Dr. Chase Cunningham has a solid background for his opinions. He served in the military, has a PhD., five patents, and has written five books. We begin the discussion with praise from Randy Resnick, the Director of the DoD Zero Tryst Portfolio Management Office. The DoD is not the only federal area with large systems to concern themselves with. The challenge in making a transition to Zero Trust is extant in the civilian agencies. For example, LaMonte Yarborough from the HHS indicated he must manage systems to try to make a transition to Zero Trust. His Cunninham experience includes running a red team, so we pivoted the conversation about AI. Malicious actors or red teams can use AI-based tools like Dork GPT to create new ways to attack systems. Today's far-ranging discussion oversees many topics that federal leaders would be interested in., including cybersecurity skills, compliance, and managing legacy systems. Technology periodicals all have headline articles on the lack of talent in the world of cyber security. Chase mentioned a school in Virginia called CyberNow Labs. It is a "trade" school that can prepare individuals quickly for a job stopping malicious actors. He mentioned several students are getting job offers before they leave. When the topic of quantum was introduced, comments were made that, from a cybersecurity perspective, it is wiser to concern yourself with basics like identity and patching rather than worrying about a future quantum event

Data Destruction? Find out more about data destruction best practices for federal agencies here. https://securis.com/government-agencies/ Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com What happens to sensitive information on electronics when they are replaced? Most tech conversations today focus on the feats of Artificial Intelligence. Reports are generated, software is written, and predictions are made. However, few understand the e-waste implications of this tidal wave. To start with, AI requires an incredible amount of computational power. If you combine that fact with the typical computer refresh cycles then we have a growing situation where federal agencies hard drives and SSDs with sensitive information that must be disposed of properly. Sensitive information is not just stored on computers and networking equipment in data centers, we have it dispersed on tablets, mobile phones, laptops and even Navy ships. You may ask – how often does sensitive information get out? A recent study has shown that 40% of used computers purchased on popular ecommerce sites had personally identifiable information on them. Governments and financial institutions have been embarrassed or fined for data breaches. Our conversation today is with "Sal" Salvetti from Securis. His company provides a service that can take end of life computers, phones and tablets and dispose of them in a secure and sustainable manner. Federal agencies have to comply with directives from GSA, DLA, NSA and NIST (800-88) around the proper disposal of end of life electronic devices. In the interview, we learn how Certified Secure Data Destruction Specialists (CSDS) from Securis can help your agencies comply with federal guidelines and protect national security. Many federal managers don't understand the full asset management lifecycle of hardware and the cyber security risks. Don't treat old computers like trash. The conversation provides best practices concerning when software can be used to wipe data and when devices or drives should be shredded. You will also learn why certifications from the National Association of Information Destruction (NAID AAA) R2 are critical for ITAD (IT Asset Disposal) providers.

Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn \https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Donald Rumsfeld is famous for talking about the "unknown unknowns." Well, today we will be a little more specific and focus on some "knowns." Most listeners know that cyber threat companies regularly list vulnerabilities. Jay Wallace estimates VulnCheck alone has a list of 300,000 known threats. The Cybersecurity & Infrastructure Security Agency (CISA) decided to help federal agencies narrow down this list. They put together a list of vulnerabilities that were specific to federal networks. For example, if no federal agency ever uses "XYZ" software, why should a federal information professional care about it? It is not and will never be on their systems. The key to understanding the KVE is that CISA will not just put a vulnerability on a list and say, "Good luck." They will post a patch to remediate the problem. VulnCheck helps federal agencies with prioritization, proof of concept, and a community. Prioritization For example, VulnCheck can assist in setting up priorities or these varying threats. Proof of Concept For example, during the interview, Jay Wallace mentions something called a Proof of Concept (PoC). VulnCheck can look like software combinations and determine if they can be a threat. Community Also, VulnCheck has an active community where these threats are discussed. Just this year, the VulnCheck community has been active in many areas, including making information about vulnerabilities consumed in a more palatable manner. Malicious actors know about vulnerabilities, and a responsible federal manager should become familiar with how to manage this vulnerability list.