Tech Transforms: More Than Meets the Eye. Global technology is changing the way we live. Critical government decisions affect the intersection of technology advancement and human needs. This podcast talks to some of the most prominent influencers shaping the landscape to understand how they are leveraging technology to solve complex challenges while also meeting the needs of today's modern world.
The Speed of the Mission with Bob Stevens
Bob Stevens, AVP Public Sector at GitLab joins Tech Transforms to talk about the imperative mission of DevOps to combine efficiency, speed and security. With emphasis on empowering teams to fail fast, moving security to the left, and a deep dive into Platform 1, you won't want to miss this episode!
Episode Table of Contents[00:27] DevSecOps’ Speed of the Mission
[09:02] The Cultural Shift That Needs to Occur to Upgrade the Speed of the Mission
[19:21] The Future of DevOps
Episode Links and Resources
DevSecOps’ Speed of the MissionCarolyn: This week Bob Stevens, Area Vice President of Public Sector at GitLab is joining me. Bob is a seasoned veteran in public sector technology with over 25 years of experience. As the AVP at GitLab, he is responsible for helping government organizations become more productive, efficient, and effective.
Bob also has experience on both the industry and the government side of things. Prior to industry he served in the United States Air Force as a computer specialist at the White House Communications Agency. I am excited today to dive in and talk about the ways that we can use DevOps to modernize and secure government IT, and what the outlook for DevOps is. How are you doing, Bob?
Bob: I'm doing great. The weather's getting better in DC, so it's good to see the sun from time to time versus what we've had. But yes, doing fantastic.
Carolyn: Well, good to hear it. So let's just dive in. And let's walk through what DevOps is and why implementing these practices is critical to helping modernize and improve government IT?
Bob: Great. So I guess DevOps is combining efficiency, speed, and security all into one. And creating software at what I like to refer to as the speed of the mission for the government. The business side is a little different. But for the government, it's all about the mission and you being able to accomplish the mission faster and stay ahead of our adversaries. In the case of DoD and on the civilian side, it’s to ensure that all of the citizens that any given agency supports gets the best possible support that they can. If you look at the organizations like the Veterans Administration. You can imagine they've got a lot of applications that they've written.
The Platform the Government Is Looking For to Improve the Speed of the MissionBob: To help the vets accomplish what they need to accomplish in a timely manner. So DevOps really will help them to produce the software at speed, more securely, more efficiently, and provide the most or the best service that they possibly can to all of the veterans out there, just as one example.
Carolyn: So, you know Tech Transforms is vendor agnostic. And I would love for you to just take a couple of minutes and talk about how GitLab helps with that. And just what GitLab does. I've read the marketing statements and it's a little nebulous for me. I would love to have you explain what GitLab does and how it's helping agencies achieve this?
Bob: I appreciate that you're letting me do this in a vendor-agnostic community. I mean, there are a lot of tools that are required to produce software. But the way that the industry or the government in particular is heading, and you can see this in some of the articles that DoD has recently released. Is they're looking for one platform that encompasses the entire software development life cycle.
As you can imagine right now, I know agencies that have anywhere from 14 to 20 different tools that they're using. And the issue with that is that there's developers that like the tool that they like. So they bring their own and they develop their portion of the software. Unfortunately, when it all comes together, it doesn't always work because they've used different tools across the development organization.
And so, with the use of a single platform, you can ensure that at the end, everything is going to work. The nice thing is you can continue to bring some of those other tools. Because they integrate...
Observability Explained with Mike Maciag
Mike Maciag, Chief Marketing Officer at Dynatrace joins Tech Transforms to talk about the power of observability. Careful monitoring is of paramount importance for any successful operation, and observability can take your agency to the next level. Listen in as Carolyn and Mark get some tips and tricks for improving cybersecurity posture with the most accurate technology.
Episode Table of Contents[00:31] The Vital Role That Observability Plays in IT
[10:40] Observability: When You’re Asking the Systems to Share
[22:48] The President’s Memo on User Experience
[34:01] Let Machines Do the Stuff That Doesn’t Matter
Episode Links and Resources
The Vital Role That Observability Plays in ITCarolyn: Today, we get to welcome Mike Maciag, who is Chief Marketing Officer of Dynatrace. One of our own, one of the clan is here with us today. And as CMO, Mike is responsible for Dynatrace's global marketing organization. We're really excited to hear his expert opinion on observability and the vital role that it plays in IT, and especially the cloud.
Mike: Thank you, Carolyn. Mark, nice to be with you both today. And I know this is a long time in coming, but I'm excited to be sitting down and talking to you today.
Carolyn: We've been able to talk to a few of our guests a little bit about APM. And just recently we talked to a former CIO at VA. He is very bullish on APM, and he talked a lot about the advances that they were able to make in the VA with APM. Just that at least within the VA, APM moved from a nice to have to a must-have. And what I'd really like to hear you talk about, just to dive right in, Mike, is so there's the APM part. But then in my mind and I might be positioning this wrong. In my mind, I think that observability is like APM 2.0. But can you speak to that APM versus observability? What's the difference?
Mike: As long as we're talking about terms, we might want to mix monitoring in there as well. All terms that are thrown around, is it monitoring, is it APM, is it observability? And it's changed, it's changed a lot. Let me start with the simplest definition, then maybe we can unpack it from there. Think of observability as the umbrella term, as the broadest umbrella term that goes above all of this.
Monitoring, APM, ObservabilityMike: Observability fully includes APM, and observability also subsumes monitoring, both of the things that we've been doing. There are kind of two megatrends in the industry that have been driving this move towards observability. One is the move to the cloud.More and more systems are moving to cloud architectures, probably more important digitally native architectures. We're going from monolithic systems that we could understand, that we could see, that we could touch. We could understand what's happening with them into cloud increasingly complex, even multi-cloud architectures that are driven by microservices and the like.
The reason for that movement is it has made digital transformation, application development faster and easier in that regard. Which is this digital transformation fundamentally looking at everything that I've been doing in every aspects of my business. Whether it be on the front end or in the services I provide. Whether it be on the front end or in the backend machine to machine conversations is happening in cloud architectures. And we're trying to figure out how we can automate more of it and things are happening that way.
Does that make sense, just from a starting point, from observability’s umbrella, fully subsumed monitoring, fully subsumed APM, kind of in that the drivers being cloud and digital transformation making that happen. And I can get into more details.
Mark: That absolutely hits the mark. And we also say end-user performance or experience.
Mike: That's right.
Carolyn: Yes, that sets me straight. Because me saying that observability is APM 2.0 is wrong. APM, like you said, it's underneath observability. It might be, I guess, one way into...
Threat Team Purple with Richard Ford
Richard Ford, Chief Technology Officer at Praetorian joins Tech Transforms to talk about the cyber security threat landscape. Red team versus Blue team is a common and effective threat protection practice, but what could cyber security experts gain from team Purple? Listen in as Carolyn and Mark learn about the importance of managing your attack surface, implementing multi-factor authentication, and protecting against cyber phishing attacks.
Episode Table of Contents[00:30] Our Biggest Cybersecurity Threat in the Last Quarter
[07:39] Which Is Easier: Defense or Offense
[16:40] Why Do We Need Single Sign-on
[24:54] The Team Purple Idea
Episode Links and Resources
Our Biggest Cybersecurity Threat in the Last QuarterCarolyn: So today our guest is actually an old friend, https://www.linkedin.com/in/dr-ford/ (Richard Ford), who is https://www.praetorian.com/ (Chief Technology Officer at Praetorian). For over 25 years, Richard has been able to design and implement NextGen product strategies and provide customers with the best threat detection available. Today, we're going to talk to Richard about the cyber threat landscape and what a good defense looks like.
Richard: Hi, it's nice to be back on a call with you Carolyn, and Mark, it's good to see you.
Carolyn: Yes, really good to have you today. So let's just jump right in. I want to know what your view is, what are our biggest cybersecurity threats? What does the cyber security threat landscape look like and how do we defend ourselves from it? So there's like three-part question there.
Richard: So, we're starting with an easy question. I think the threat landscape is incredibly messy and I think that the most important part to think about is change. So if you think about just the last quarter or two that we've gone through you had, like log4shell someone we're all running around looking for log4j vulnerabilities. Then it's Spring4Shell, which wasn't as serious, but was still pretty nasty if you were impacted.
The problem, we have this tremendous rate of change so the thing that was important to you yesterday may not be the thing that's important to you today. It's unlikely to be the thing that's most important for you tomorrow. So when we think about the threat landscape, the first thing to say is, if I give you an answer, it's like looking at a single, still image from a movie and telling you've watched the movie, right?Cyber Security Threat LandscapeRichard: Then as soon as we go click, you know that threat landscape will change. With that said, I do think there are some common themes that keep coming back, right? So there's a threat we have around being desperately short of people. There's a threat around, we don't know what assets we have. Even if we did know what assets we have, we don't know what they're running.
Then the business conditions are driving us forward so quickly that it's difficult to keep security on the front burner. It sometimes drops to the back burner so we don't think about security as much. Perhaps, as how do I meet these business objectives that we have. I think this has created this sort of very unpleasant, perfect storm that will keep us well on our toes. I don't know, for the next couple of decades, it feels like.
Carolyn: So when you say that we're constantly moving forward, changing, at the same time, I mean, are we still dealing with like SolarWinds? So as we're having to look to the future, we're still dealing with all the shit that's happened even a year, two years ago. Is that true, or like, are we good? We took care of it?
Richard: No, it's definitely correct right, so all vulnerabilities never really go away. So you have all those things sort of trailing behind you like the comet has a tail, and new stuff coming at you.
I think to be a successful CISO or to operate the business successfully, what you need to be really good at is prioritization. So it's about dealing with what is the biggest risk for you right now....
So What? Tech Transforms Federal News Round-up with Katy Craig
Join us on Tech Transforms Federal News Round-up segment, So What? Hosted by Carolyn Ford and Tracy Bannon. This week, we talk to Katy Craig, retired Navy Chief, now Adjunct Faculty at National University, and Director, Security Architecture at Aquia, Inc. about some of the biggest news in the federal space. Listen in to hear her thoughts around deep fakes, non-traditional warfare, and President Biden's recently released announcement to protect against cyber attacks.
Episode Table of Contents[00:25] Monthly Federal News Roundup
[02:20] Federal News #1: President Biden’s Cyber Security Fact Sheet
[10:12] The Catalyst
[14:24] Federal News #2: Zelenskyy’s Deepfake
[20:55] Federal News #3: The Threat Model
[25:26] Federal News #4: Russia Is Running Out of Storage Space
Episode Links and Resources
Monthly Federal News Roundup Carolyn: This week, we are launching our newest series, 'So what?' It is Tech Transforms' federal news roundup. Every month, Tracy Bannon, senior principal at MITRE joins me to unpack some of the biggest trending news topics in federal technology. Tracy, we've been trying to do this, make this happen for a while. I am so happy that this is our inaugural episode.
Tracy: Thank you. I'm really excited because there's so much incredible stuff going on and we keep talking and now we want to talk with others and I'm doubly excited to have a good friend and mentor with us today for our first episode, Katy Craig.
Carolyn: Yes, and Katy is a return guest. We've had her in the past on Tech Transforms and Katy is Acquia's chief of staff, cyber security expert, and retired Navy chief. Today, we're going to talk about, really the number one headline in the news these days.
We keep hearing terms like nontraditional warfare, which is essentially the fifth domain of cyber, and President Biden's recent cyber security fact sheet. And just what it all means, like why is it all happening right now? And I want to just go straight to President Biden's recent announcement, this fact sheet that is. https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/fact-sheet-act-now-to-protect-against-potential-cyberattacks/ (It's titled 'Act Now to Protect Against Potential Cyberattacks'.) I want to go to you Tracy, and just unpack this for us. What does it mean?
Federal News #1: President Biden’s Cyber Security Fact SheetTracy: So I believe it was March 21st, the White House released this set of guidance and it is really practical, general guidance. And it really is focused on two different areas. It's kind of like for everybody, for corporate America back up your data, use multifactor authentication, encrypt your data. There's also a call to arms, to tech companies and software organizations that says, you know what, there's a NIST standard and we have an order out here, it's order 14028. We can provide all the links later.
But those two things, they're saying we got to get real about this. And the reason that it came out now is that we need to hear it now with all of the things that are going on in the Ukraine. It was an opportune time. We've had all kinds of security incidents and breaches and other things over the last year or two, but there are some shockers that are coming to the surface that made this very timely for the White House to release this guidance.Carolyn: So you really feel like this guidance came out because of the war in Ukraine?
Tracy: I think it was probably teed up before that, probably for quite a while. None of goes very quickly. Any kind of guidance that comes out in this way has good generalized information. I would've put it out a year or two ago at least, if not before that. So for me, a little late to the game, but I'll take late because it's there and we've got to have a full-court press around this.
A Call to Federal Agencies, Industry, and CommercialTracy: I'll say the one thing that I found super curious in the entire set of materials was that there is a call that
Women in Tech Part 2 with Space Force's Jazmin Furtado and U.S. Army's Kris Saling
Listen in for part 2 of our women's panel with Kris Saling, Chief Analytics Officer for the Army Talent Management Task Force and Director of People Analytics in the office of the Assistant Secretary of the Army (Manpower and Reserve Affairs), and Jazmin Furtado, Liaison at AI Accelerator and Data Strategy Lead at US Space Force. In this episode, Carolyn, Kris, and Jazmin get real about the power of the collective, emerging solutions, and the importance to assess and provide within federal government technology.
Episode Table of Contents[00:31] Meditation Is Really Good
[07:40] Where Are We Going With AI
[13:14] Are Women in Tech Paid Equal Like Their Male Counterparts
[20:40] Tell People How Much You’re Making
Episode Links and Resources
Meditation Is Really GoodCarolyn: We are in part two of our women in technology panel, with Kris Saling, Deputy Director of Army People Analytics, and Captain Jazmin Furtado a Data Strategy Lead at the US Space Force and Space Force Liaison at the MIT AI Accelerator.
On today's episode, we're going to dive more into government technology in general. I get Kris and Jazmin to do a little fortune-telling on where tech is headed. What advancements they've seen in their careers. And we get real with some salary talk. Just a little reminder, the views of Kris and Jazmin are their own and do not necessarily reflect the views of their agencies. Now let's get to it on Tech Transforms with our women panel.
I know that meditation is really good for the monks that live in caves in India. And I know that I should probably do it. Until I saw the science behind it and what it can really do for my brain. I dabbled in it. I never fully embraced it. And once I started understanding why it was working and that there was true science behind it, man, I'm all in. I'm just thinking of just one example of things that are good for me in my life, that I've been able to embrace and bring into my life because I understand them. I understand how they work rather than like you said, Kris, the leadership saying, "No, we don't give a shit about how you got there. Just give us the answer."
Make The Process More EfficientCarolyn: But now you're getting people who really want to understand why. I would imagine that the program for the answers that you've been spoonfeeding them. The programs are becoming a lot more powerful and effective. Because the people who are taking those in the past spoonfed answers. Now really understanding them can truly implement them at a level that is a lot more powerful. Is that true?
Kris: I would say that's definitely true because we're working on a couple of projects right now where we are trying to integrate machine learning into promotions and selections as a decision support tool. I'd never in a million years, would've thought we'd get a chance to work on that data and introduce something that is an algorithm into a just intrinsically human process.
But we have enough people thinking along this vein. We have enough people looking at the data we've collected about how we read records and how we read files. And they're like, "There's got to be an easier way to do this. There's got to be something we can do to support the board, to pull out the key insights. To package them differently, to display them differently, to sort." And they came to us with the question of how can we make this process more efficient?
And I just came back with exactly what the computer is supposed to do. It doesn't get tired, it doesn't get bored. Its attention doesn't wonder, and it can read things a whole heck of a lot faster than we can. So let's see how we can crunch your data a little bit better into more digestible packages for you to review.
A Long Way to Go For AIKris: So we keep the human in the process. We keep that comfort level, but now the humans have enough comfort with the machine process. It's not quite human-machine teaming yet. I'm hoping that we'll get to some true instances of
Women in Tech Part 1 with Space Force's Jazmin Furtado and U.S. Army's Kris Saling
Women in tech unite on this special episode of Tech Transforms featuring Kris Saling, Chief Analytics Officer for the Army Talent Management Task Force and Director of People Analytics in the office of the Assistant Secretary of the Army (Manpower and Reserve Affairs), and Jazmin Furtado, Liaison at AI Accelerator and Data Strategy Lead at US Space Force. Carolyn, Kris and Jazmin discuss the impact of self-awareness and the importance of data education and fostering change when it comes to government technology.
Episode Table of Contents[00:27] Introducing the Women in Tech: Kris Saling and Captain Jazmin Furtado
[10:32 ] Take It From a Human Approach
[17:27] Pulling Other Women in Tech Into the Circle
[24:45] Women in Tech Are Influencing One Another
[30:14] Women in Tech Are Making Sure They’re Helping Everybody
Episode Links and Resources
Introducing the Women in Tech: Kris Saling and Captain Jazmin FurtadoCarolyn: This week we are going full girl power, so Mark got uninvited. Today we have our Women In Tech panel featuring a couple of guests who have previously been on our show, Kris Saling, Deputy Director of Army People Analytics, and Captain Jazmin Furtado, a Data Strategy Lead at the U.S. Space Force and Space Force Liaison at the MIT AI Accelerator. Welcome back Jazmin and Kris to Tech Transforms to talk about your journeys in government technology.
I'm really excited to talk to both of you again, but before we get into that let me do a little housekeeping. So I just want to remind our listeners that the views of both Kris and Jazmin are their own and do not necessarily reflect the views of their agencies. I'm just going to say that for myself, too. Because I warned this, too, before we started. I'm like, "I got some stuff I need to get out." And I want to be able to talk freely today.
Let's start talking about challenges that both of you have faced being a woman in the technology space. The fact that we even have to say, "Being a woman in the government technology space," other than, we're in the technology space and we kick ass. I hate that we have to do that but I still feel like we do. I'm already getting up on my soapbox. But, let's start with you, Kris. Some of the challenges that you've faced.
Kris: So, it's one of those where I don't want to say there aren't any challenges. But I've encountered so many of these challenges throughout my career. I just hit 20 years last summer, I'm going to hit 21 years this coming summer. Yes, it's almost the summer again.
Kris Saling’s Challenges for Being One of the Women in TechKris: So it's been a long time of sitting there with the typical, the anxieties, the imposter anxiety, the "What is my balance between being assertive. And how do I not come off as, "Insert your," kind of "The common anxieties"? It really hasn't been all that different. I've been trying to figure out the right balance of how to present different things. How to present facts so that they are listened to. How to present data to an audience where not only do we have the schism between having an audience that's operational and I'm on the technical side. But sometimes it's very obvious that I know quite a bit more about the subject than the people I'm talking to.
I think one of the biggest challenges is I really didn't get to know myself and how I wanted to present these things. Because I was very much fixed on how to present that particular image until I really got into data education and started teaching people. That really helped me find a balance in how I wanted to talk about very technical subjects, both with a technical and a lay audience.So I won't say it's overcome all the challenges. You still go out a lot of times, still the only woman sitting in the room. I do have a little bit of a reputation now that I can trade on. So I come into the room with a certain amount of that reputation. But I've seen a lot of cases where that hasn't been the case. Where people have come in...
Very insightful podcast
I enjoy listening to this podcast. The topics and content are very relevant and cover the areas most important to government and industry.
Transforming my ideas on gov’t tech!
Excellent show, great topics and guests, love hosts; keep up the great work!
Great podcast, very insightful! Love the guests!