Tag Archives: Generative AI

Building AI Knowledge = Building Your Career

Posted on by

Artificial intelligence (AI) is becoming a key element in every workplace. More than a tool, AI is a colleague, helping us work more efficiently and providing better access to data. While AI is not being built and implemented to replace humans, some people may find their roles greatly altered by its use. While AI itself will not replace an employee, a person who cannot work with AI may find themselves replaced by a person who can. Ensuring you understand how to use AI in your daily work is critical to ongoing career growth.

Understanding AI does not mean having to become a programmer, a software engineer, or a data scientist, and a deep dive into its technical workings is not necessary. What will help is a hands-on understanding of how to utilize AI for tasks, as well as how to interpret and use the data AI generates. Continue reading

How Agencies are Building Experience and Trust with AI

Posted on by

State and local agencies are looking for ways to incorporate artificial intelligence (AI), and specifically generative AI, into their operations. While the promise of increased efficiency is a driving force in AI adoption, there is considerable resistance to implementing this technology when it remains largely untested in government settings. Additionally, states and localities lack the personnel and infrastructure to manage and effectively use some of the more advanced AI solutions now available.

The adoption and success of AI in state and local government requires an open mind and a measured approach. Agencies are looking for low-risk, high-reward opportunities to begin testing out AI effectiveness. A recent report from the National Association of State Chief Information Officers found that transcribing meetings, managing and generating documents, and generating software code were some of the top processes for which state CIOs reported currently using generative AI. Continue reading

FedRAMP’s Ongoing Evolution

Posted on by

The Federal Risk and Authorization Management Program (FedRAMP) is entering its teen years, having been established in 2011. Just as age 13 brings a host of changes for humans, it's also proving to be just as momentous for the program that provides a standardized, government-wide approach to security assessment, authorization, and continuous monitoring for cloud products.

FedRAMP has evolved to meet the growing importance of cloud services to the daily operations of the government. However, the speed at which FedRAMP grants cloud service status has consistently been an issue. In 2022, Congress enacted the FedRAMP Authorization Act, making FedRAMP law. The bill included a laundry list of modernization steps for the program to speed up its work and expand its capacity, including through the use of more automation technologies. There have been a number of modernization efforts this year, implemented to help FedRAMP meet the demands of agencies and live up to its promise as a secure way to deploy cloud in government. Continue reading

Developing an AI Training Plan for the Government Workforce

Posted on by

In talking about AI, there is a lot of discussion about "training the models"--feeding large amounts of data into an algorithm and then examining the results to ensure they are accurate. Once the models are deployed, the training does not stop for the models, and even more importantly, for its users.

A study from Deloitte estimates that generative AI could help boost productivity tenfold. However, this jump in efficiency will only be realized if AI and its outputs are being used correctly. Working with AI and AI-generated content requires a different set of skills that include critical thinking, algorithmic understanding, data analysis, deeper domain knowledge, cyber/data hygiene, and more. Continue reading

The Changing Identity of Identity Management

Posted on by

A key element of the move to zero trust is the use of "strong multi-factor authentication (MFA) throughout their enterprise." While identity management has been indicated by many as the "low hanging fruit" of a zero-trust journey, it is by no means easy. In fact, recent guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) called it "notoriously difficult."

Key challenges to implementing MFA include:

  • Lack of standards - the CISA/NSA guidance pointed to confusion over MFA terminology and vague policy instructions as primary challenges to implementing more secure access. A joint committee of European Union (EU) and U.S. experts addressed this same issue in the Digital Identity Mapping Exercise Report, which aimed to define specific digital identity technical terminology. For example, the group found some definitions, such as "authoritative source" and "authentication factor," are identical between the U.S. and EU, whereas others, like "identity" and "signature," remain only partially matched.
  • Phishing - bad actors do not always hack the system; they hack the process, gaining entry through social-engineering tactics that grow more sophisticated by the day. The CISA/NSA report called on the vendor community to provide MFA services with additional investments and greater defenses against sophisticated attacks.
  • Rise of Generative AI - The Department of Homeland Security (DHS) is working to ensure technologies can determine if a submitted image is legitimate or a hacker's spoof. This "liveness detection" is needed to ensure that a submitted selfie is really a photo of a person, not a mask, photo of a photo, or other technique to try to get past the check.

Continue reading