Tag Archives: Generative AI

The Changing Identity of Identity Management

Posted on by

A key element of the move to zero trust is the use of "strong multi-factor authentication (MFA) throughout their enterprise." While identity management has been indicated by many as the "low hanging fruit" of a zero-trust journey, it is by no means easy. In fact, recent guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) called it "notoriously difficult."

Key challenges to implementing MFA include:

  • Lack of standards - the CISA/NSA guidance pointed to confusion over MFA terminology and vague policy instructions as primary challenges to implementing more secure access. A joint committee of European Union (EU) and U.S. experts addressed this same issue in the Digital Identity Mapping Exercise Report, which aimed to define specific digital identity technical terminology. For example, the group found some definitions, such as "authoritative source" and "authentication factor," are identical between the U.S. and EU, whereas others, like "identity" and "signature," remain only partially matched.
  • Phishing - bad actors do not always hack the system; they hack the process, gaining entry through social-engineering tactics that grow more sophisticated by the day. The CISA/NSA report called on the vendor community to provide MFA services with additional investments and greater defenses against sophisticated attacks.
  • Rise of Generative AI - The Department of Homeland Security (DHS) is working to ensure technologies can determine if a submitted image is legitimate or a hacker's spoof. This "liveness detection" is needed to ensure that a submitted selfie is really a photo of a person, not a mask, photo of a photo, or other technique to try to get past the check.

Continue reading

Understanding the State of State-Level IT

Posted on by

The National Association of State Chief Information Officers (NASCIO) annual member survey aimed to get a picture of what is currently happening in IT implementation at the state level. It focused on how states are funding their IT work and how they are implementing key technologies.

Show Me the Money

The survey found that state CIO offices have a median budget of $132 million, with high levels of federal funding resulting from the Coronavirus Aid, Relief and Economic Security Act, the American Rescue Plan, and the Infrastructure Investment and Jobs Act. But with the level of modernization needed to meet citizen expectations of digital government, that frequently is not enough.

States are increasingly moving to a "chargeback" model where IT funding comes from the business unit where it is used. For example, the Human Resources Department would be responsible for paying for the licenses and development costs of their HR information system, rather than that being seen as an overhead expense funded out of IT. This model allows CIOs to use more of their budget for large-scale IT modernization projects that stretch over many years and impact multiple departments. Continue reading

The Government Case for Generative AI

Posted on by

Generative AI is a type of Artificial Intelligence (AI) that produces content. That could be a story, an image, or an audio file, and is a shift from traditional AI usage, which is focused on completing a task based on predefined rules. Generative AI utilizes existing data to produce this new content based on a prompt such as "write a blog post on government use of generative AI." Disclaimer: generative AI was not used in the creation of this blog post.

Balancing Act of Generative AI

Like traditional AI, generative AI holds great promise for automating highly manual tasks in many areas of government. A recent report found that three-fourths of agency leaders said their agencies have already begun establishing teams to assess the impact of generative AI and are planning to implement initial applications in the coming months. Continue reading