Department Spotlight: The Department of Energy

The mission of the Department of Energy (DOE) is "to ensure America's security and prosperity by addressing its energy, environmental, and nuclear challenges through transformative science and technology solutions." Technology plays a huge role in both the research surrounding and protection of energy resources.

The DOE may lead the government in their use of supercomputer technology. In fact, supercomputering is one of the key focus areas in the agency's budget. This spring the DOE issued a contract that will allow them to build the world's most powerful computer with a performance greater than 1.5 exaflops. Supercomputers, like the one being built, provide researchers with the needed speed and scale to conduct scientific modeling and simulations as well as utilize AI and analytics for activities as diverse as manufacturing and public health.

Of course, the security of the data running through these supercomputers, as well as the national power grid itself is of paramount focus for the DOE. To support these growing needs, the DOE is looking to blockchain as a way to secure energy delivery and more.

We've pulled together a list of upcoming events that will help the DOE, as well as the companies that serve it, better understand the technologies that can ensure our energy supply remains secure and efficient.

Continue reading

Insider Threat Goes Mobile

Insider Threat has been a recognized attack and vulnerability vector for some time. In fact, one survey found that government IT professionals report that insider threats are at an all-time high. One source of this increase may be the rise in the use of mobile devices to access government systems. The main challenge in securing mobile access is ensuring that the person who owns the device is the one actually using it and the apps that reside on it. The portability and ease with which devices are lost and misplaced complicate security authentication efforts. But there are ways to mitigate this risk.

Agencies have looked to multi-factor identification to confirm the person accessing the system is who they say they are. This process includes combining two or more credentials. Typically this is something a person knows (a password), and something they have (an access card or a fingerprint). A practice growing in popularity as part of multi-factor identification is behavioral analytics (BA). This looks at how users typically interact with an application or device analyzing things like browsing habits, message syntax, even how they hold the device. If the behavior is out of the realm of normal, the system can lock that user out until they prove their identity another way.

Implementing these types of identity tracking and management is, of course, not without issue. The Department of Homeland Security is being challenged to put more procedures and policies in place to ensure its insider threat program doesn't violate employees' Fourth Amendment rights (protection against unreasonable searches and seizure).

There are many events in the coming months that include a deep look at insider threat and identity management to help navigate these security challenges.

Continue reading

Getting on the (Block) Chain Gang

We've been watching the use of blockchain growing in the government space as agencies look for ways to more efficiently and securely share their data. A Congressional Resolution was introduced to tout the promise of blockchain saying that, "blockchain has incredible potential that must be nurtured through support for research and development and a thoughtful and innovation-friendly regulatory approach." Following this encouragement from congress, it seems like each day there is a new application of the technology being tried and evaluated.

We've gathered a couple applications that we found interesting to help illustrate what blockchain is and what it can do.

  • Supply Chain - The Navy is looking to use blockchain to track aviation parts throughout their lifecycles, helping them better manage their supply chain. Similarly, the FDA is looking at how blockchain can better track the chain of custody of prescription drugs. In a related application, blockchain is also being considered as a solution for better tracking digital evidence in criminal cases.
  • Managing Public Records - State and local organizations are using blockchain to digitally distribute records, including marriage certificates, property titles, and business registrations.
  • Voting - Blockchain is being tested as a way to make it easier for service members and overseas citizens to vote. Last fall, 144 West Virginia voters living abroad were able to vote through their mobile phones via an app. Identities were confirmed by scanning a valid U.S. ID along with a selfie. Once the identity was confirmed, voters made their selections based on the ballot they would have used at their local precinct. Voters were then given a unique ID or hash that, once the vote was cast, allowed them to write on to the blockchain. Each submission was encrypted to the blockchain ledger, which gave election clerks the ability to conduct post-election audits.
  • Public Health - Blockchain can also speed the delivery of information as it relates to public health crises. The Food and Drug Administration is looking at how to use blockchain to share health care data securely and effectively in real time when epidemics like the swine flu threaten the health of the nation.

Continue reading

AI is Ready for Prime Time

Artificial Intelligence (AI) is a hot buzzword being thrown around in technical as well as business circles as a way to increase the efficiency of organizations. More than just a buzzword or "next big thing," it is now official policy of the United States. This February the President issued an executive order directing federal agencies to invest more money and resources into the development of artificial intelligence technologies to ensure the U.S. keeps pace with the world in using AI (and related technology) for business, innovation, and defense.

On the heels of the executive order, the DoD outlined its AI plans which include using AI technology to improve situational awareness and decision-making, increasing the safety of operating vehicles in rapidly changing situations, implementing predictive maintenance, and streamlining business processes.

But with all of this focus and excitement around AI, there are many groups raising concerns. Paramount is the federal workforce who sees AI technology potentially taking over their work. A recent survey found that while 50 percent of workers were optimistic that AI would have a positive impact, 29 percent said they could see new technologies being implemented "without regard for how they will benefit employees' current responsibilities." Across government, technology leaders are working to ease fears, stating that technology will take on the rote, manual tasks that humans tend to dread, freeing up people to spend additional time on more strategic, meaningful work.

Another group wary of AI's broad impact are security experts who say that with new, more advanced technologies come new, more advanced threats. In an effort to get in front of these threats, DARPA has launched the Guaranteeing AI Robustness against Deception (GARD) program. This program aims to develop theories, algorithms, and testbeds to aid in the creation of ML models that will defend against a wide range of attacks. Continue reading

The Next Step in Data Center Consolidation

Data center consolidation has been a mandated goal in the federal government for a number of years. The introduction of cloud, virtualization, and shared services means the government can run more efficiently with less hardware that no longer requires huge, physical servers to sit in buildings. Many of which were built for the sole purpose of housing servers. Consolidation saves money on technology, the support of that technology and also reduces agency real estate footprints and needs. While agencies have made some strides, the OMB sees the progress to date as going after low hanging fruit and is now challenging agencies to think bigger.

According to a drafted policy issued in November, OMB stated, "Agencies have seen little real savings from the consolidation of non-tiered facilities, small server closets, telecom closets, individual print and file servers, and single computers acting as servers." The push now should be in moving to the cloud and shared services, and looking to commercial third parties to host government data.

More than moving servers and workloads, data center consolidation relies on changing the way agencies manage data. The Data Accountability and Transparency Act was enacted to make information on government spending more transparent. Doing so requires agencies to agree to and implement data standards so that information can be shared across government and openly with the public. This implementation of standards has been a stumbling block for compliance. Continue reading