ICYMI: Cybersecurity Summit, Keynote Fireside Chat Artwork

The Buzz with ACT-IAC

Welcome to The Buzz with ACT-IAC – your source for the hot topics and top issues affecting the federal technology market. Join us each week to hear insights from government and industry leaders, stay informed on the topics facing government, gain access to thought leadership and valuable reports. Subscribe to follow us on your favorite podcast platform.

All Episodes

The Buzz with ACT-IAC

ICYMI: Cybersecurity Summit, Keynote Fireside Chat

December 18, 2025 • ACT-IAC

Keynote event featuring Dustin Goetz, Acting Chief Information Officer for the US Immigration and Customs Enforcement (ICE). The event covers crucial topics such as modernization strategies, asset inventory, data standardization, and cybersecurity integration. Goetz emphasizes the importance of seamless cybersecurity integration, automating tier one security operations, and preparing for evolving threats, including AI and post-quantum computing. The episode underscores ICE's commitment to modernization and collaboration with industry to enhance cybersecurity capabilities.

Subscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on LinkedIn or visit http://www.actiac.org.

Learn more about membership at https://www.actiac.org/join.
Donate to ACT-IAC at https://actiac.org/donate.

Intro/Outro Music: See a Brighter Day/Gloria Tells
Courtesy of Epidemic Sound

(Episodes 1-159: Intro/Outro Music: Focal Point/Young Community
Courtesy of Epidemic Sound)

Yohanna: [00:00:00] Hey there and welcome back. I'm your host Joanna Baez and I'm super thrilled you're joining us today. A few weeks ago ACT I Act held an amazing cybersecurity event, and for those of you who might have missed it, we've got you covered. In this keynote we have Dustin Goetz, who is the Acting Chief Information Officer for the US Immigration and Customs Enforcement.
Yohanna: He discusses modernization strategies such as asset inventory, data standardization, and cybersecurity integration. This was a really fun talk. I hope you enjoy it.
Pete Tseronis: Alright, everybody, why don't we, um, grab our seats and, uh. We were gonna kick this off. I hope everybody can hear me in the back. Yes. Yes.
Pete Tseronis: Awesome. Promise not to bellow too much. My name is, uh, Pete Seroni, and I am honored to Mc uh, the second time Now, [00:01:00] uh, this summit, that's some background noise, so I don't know if I'm doing something wrong, but is is that mic, that mic is off. So I'm using this. Wonderful thing. We're good. Okay. Um, yes, I used to work in the government.
Pete Tseronis: I did 25 years. I left 10 years ago to start a company that is just me, dots and Bridges, and the goal is to really be a part of this still. Um, I left government as the CTO of Department of Energy. I spent time at the Department of Education as their CTO. Kind of grew up there. Ran a data center, um, well worked with folks who ran a data center, came out of Villanova, Johns Hopkins, four kids.
Pete Tseronis: Uh, blessed. I see so many friends and, uh, it's just, uh, super excited to be here. Shout out to Carol Miller. Uh, Martha, Dorris, Luke McCormack was, was a joy being a part of the team. And, uh, what I'm gonna do today is really introduce our moderators, but in between I'm gonna be listening intently. And I can't help myself 'cause I'll suck the air out of a room, those of you who know me.
Pete Tseronis: But there are gonna be nuggets and [00:02:00] pieces of information that will hopefully just add some more context from today because you're gonna hear from an amazing slate of speakers and industry and government partners. It's really about that government and industry and maybe a little bit of academic, uh, thrown in there.
Pete Tseronis: Um, because that's what makes it work. It's the iron triangle I call of. Of government, right? There's the branches, but then there's the government industry and academia component. We have a incredible panel of our slate, as I said, um, of discussions, data sharing, connectivity, fraud prevention, cyber crime, innovation.
Pete Tseronis: Of course we'll get into and then biometrics, identity, secure service, and a lot of storytelling. So please, while you're looking at email and texting and, you know, it's Friday and the holiday season, really take away something. 'cause the goal here is to walk away wanting to have more conversation with those that are gonna be on stage today.
Pete Tseronis: Um, so to set the tone, um, uh, you know, if, [00:03:00] if you read the Wall Street Journal, if you don't read the Wall Street Journal, I, I like to look at what's current in my. You know, realm of why this summit isn't just gonna be about the importance of AI and cybersecurity and data sharing. I mean, of course we know that in the tech community, but, um, you all probably heard recently that the new national cyber director, Sean Carcross, is saying that the national cyber strategy that's gonna be coming out a little bit of a revamp is gonna focus on being, um, more offensive versus defensive.
Pete Tseronis: And, uh, I would suggest you Google and research what the National Cyber Director and that mission is, uh, because that could set the tone for a lot of your go to market. That'll set a lot of perspective for how agencies are gonna be looking at cybersecurity investments. One of his quotes was, um, along with the six pillars, how are we gonna streamline cyber technology adoption across the United States government moving forward?
Pete Tseronis: So that should resonate with a lot. And today you hopefully hear some things that you can map your capabilities [00:04:00] to. Um. I know that I have a little bit more time, but I won't, uh, suck too much of that air. But I do wanna shout out, um, I know our, our host Act, Dak and of course Soff. Thank you. What a, what a wonderful venue.
Pete Tseronis: Um, the US Cyber Challenge. I'll let our, my friend Luke and brother from another mother, as I like to say, 'cause he is, talk a little bit about that, um, because there's an element of that as well. So we hope you're gonna enjoy today. Stick around, wait till the end. I live in Gaithersburg, so I have a long commute home at three o'clock, but it's all good.
Pete Tseronis: My two boys are coming home from college or my two big boys today, so I'm excited about that. Um, the Center for Internet Security and the US Cyber Challenge team, I wanna give again, a shout out. That's a partnership, some of the topics, and Luke will do that, uh, when he, he just, uh, swings up here in a minute.
Pete Tseronis: So Luke, um, with that. Come on up, my man. Um, I don't know how to describe Luke other than Yeah, he used to [00:05:00] work in government. He's the former CIO of Homeland Security. I always say Google these people, but National Director for the US Cyber Challenge. Luke Floor is yours buddy.
Luke McCormack: Appreciate it.
Yeah, man.
Luke McCormack: There we go. You guys hear me? Okay. All right. Well, um, thank you Pete. And, um, and I, I, I did want to also shout out to, uh, it seems like every time I come into this facility it just blings more and more so. Hats off to, to care us off for, for really, uh, continuing to, uh, spice this room up and really make it super functional for us.
Luke McCormack: And most of all for, for act to eye act as well, there's a lot of heavy lifting that goes on behind the scenes to make these things happen and keep them nice and tight, particularly when you have to cancel 'em. Reset. We're glad everyone has hung in there. Uh, and I also wanna thank the sponsors, right? Uh, the reality is, uh, these programs don't work unless we have the sponsorship.[00:06:00]
Luke McCormack: Uh, backing behind that, um, I'm up here to talk about my role, my current role, which is the, the National Director of the US Cyber Challenge. For those that may or may not know what that is, it was actually born, uh, 15 years ago by Karen Evans, who I know most of you know. And, uh, the idea and the. Intent there was to, uh, find a program or create a program where we could reach out to, uh, some talent that's out there, emerging talent, continue to skill them up and, and work their way into the workforce, right?
Luke McCormack: So this is primarily college aged folks, uh, that are, uh, that we're targeting. But there's mid-career folks in there as well, and we reach out to them through a series of, um, uh, efforts. Primarily through the university systems. And we encourage them to come online and take a, essentially it's a test, and if they score well, uh, we know at that point that they're gonna do well in, in these camps that we created.
Luke McCormack: And [00:07:00] we invite 'em to these, uh, these summer boot camps. And these summer boot camps are, are, are hardcore, they're bare metal instruction, uh, they're soft skills. There's ethics, there's CIO, round tables, et cetera. There's a job fair there. There's a resume writing, uh, effort there as well. And we really crash course them over the course of a week to prepare them.
Luke McCormack: For the workforce. Now, what's really important and what my ask to you is that last mile, these folks are coming out where we have thousands of these folks that we reach out to that score in this online contest, and then based on those scores we send them to. These camps. And then based on those camps, there's competition inside of those camps.
Luke McCormack: So unfortunately they're not here today because they came during the, uh, the shutdown just because of the leg legit logistics of it. But we'll have 24 of the best. Of the best of the best. But the reality is we have over 200 of these folks that are competing [00:08:00] in these, uh, uh, events and then coming to these camps.
Luke McCormack: And these are top shelf folks that, uh, we're talking about emerging talent and I would encourage you do your internship programs through your, uh, you know, first. Job type of programs to reach out to these folks and make sure you give 'em a shot because they're, uh, they're top notch and, uh, of course they need a job.
Luke McCormack: At the same time, you all need the skill sets and they're very interested in coming to work for whether it's the federal service working with the federal service or any other kind of sector out there. So, uh, I just wanna make sure that everyone knows that. And I wanted to thank the Center for Internet Security, which is our.
Luke McCormack: Sort of mothership, if you will. Uh, that's, uh, based up in New York that really underwrites and supports this program. Without their support, this program wouldn't exist, and the sponsors that we have. On that side of the house as well that help us [00:09:00] support this program and all of you that participate, there's a lot of folks out here that I've had pull into the various panels, et cetera, et cetera.
Luke McCormack: I also wanna recognize Martha. Uh, Martha is an icon. She's my deputy on this program. She's the one, the machinery behind the scenes. That is getting a lot of the, uh, the logistics, the marketing, the outreach to make this program work. So thank you Martha, for all that you do with that, I think I'm introducing Martha.
Martha Dorris: Good job.
Martha Dorris: Thanks Luke. Um, I'm gonna go a little bit off script here and say, um, if you are interested in participating in any kind of virtual job fair or interested in any of these students, um, email us at info@uscyberchallenge.org because we do plan on doing some virtual events around. Uh, connecting some of these students with job opportunities and, and as Luke said, it's the last [00:10:00] mile.
Martha Dorris: And of course the, we did have when they came into town, um, when they were. During, when this was originally scheduled, we did have a job fair as part of that, um, that time. So, um, those who have participated, thank you. And, uh, I, as Luke said, thanks to all the sponsors of both the US Cyber Challenge Program and today, um, I'm the official logistics person here, so I really, um.
Martha Dorris: That's the most meaningful thing here. The restrooms are out past the el or by the elevators. No. Um, thank you again. Everybody's talked about carahsoft, so thank you for the, for using this facility. They've done, they have done an amazing job at continuing to upgrade and, and, uh, make this a, a, a facility that everybody's been using and thank.
Martha Dorris: To have one thing about the sponsors, a lot of, a lot of people participate, and as Luke mentioned, behind the scenes in creating this program. So that's how we come up with speakers, ideas, recommendations on what should be covered, um, in an event like this. Um, in [00:11:00] terms of housekeeping, it's a vendor neutral event.
Martha Dorris: The press is here, so everything's on the record. Stop by the exhibit tables in the back. If you wanna tag us on, um, on X or use at ACT IAC or any posts, um, there will be a survey coming out that will, you can, you can provide your feedback afterwards. There's continuing. To continuous learning points three for this event.
Martha Dorris: And if you want that, send an email to training@actiact.org for a certificate. And that's the end of my job. So, um, I will send it right back to Pete. Thank you.
Pete Tseronis: Thank you Martha. I think I was supposed to interview, introduce Martha and read a little bit of her bio. So if I can just give a little bit of a, a shout out. Uh, I, Martha, Dorris is amazing. She is a, an icon living legend, uh, miss CX in government, so it was awesome working with you and [00:12:00] Luke on this. So big fan.
Pete Tseronis: Um, okay, we're gonna kick this off. Jennifer's gonna come on over here, but I'm gonna say a few words about Jennifer Ferrera, the Vice President of National Security at Maximus. I am working a little purple here today, so lots of love for, for Maximus, but uh, it just happened to go with my orange shoelaces today.
Pete Tseronis: Um, recently named, um. As one of the top national security executives to watch. Congratulations. Jennifer serves on the board of Directors of the Border Patrol Foundation. Um, let's see here. Leading contract teams across various DHS components, ice, C-B-P-I-N-A, fema, TSA and csa. So many great things inside of her bio.
Pete Tseronis: It's, it's just so excited to have you, but this is important. She's a Boston College Eagle. I was a villain of a wildcat. Still always am, but uh, big East, back in the day. Welcome Jennifer. Who's gonna introduce Dustin? All
Jennifer: right, dust. Thank you. Alright,
Jennifer: we're gonna sit here.[00:13:00]
Jennifer: Thanks for that. All right. Good morning everybody. How's everybody doing? Great. Excellent. Excellent. All right, great. So, um, I'm very excited today I get to introduce Mr. Dustin, uh, Goetz. He is, this is actually his first speaking appearance as the official CIO of ice. So let's give him a round of applause for that because that is no small challenge.
Jennifer: Um. And Mr. Goetz brings more than 25 years of leadership experience across federal service and industry, and also comes to us as a proud Navy veteran. Um, he's also served as a senior executive across DHS, and before becoming the CIO, he was the executive director for IT operations at DHS headquarters, where he oversaw enterprise modernization and strengthen the department's operational resilience.
Jennifer: Mr. Goetz is widely recognized for driving implementation for the DHS Headquarters Network Operations Security [00:14:00] Center, and the noss first major pressure test came during the SolarWinds incident, which I'm sure many people here, uh, recall. And, uh, that was definitely one of the most significant cyber events in recent history.
Jennifer: Mr. Goetz led DH S'S response coordinating, enterprise detection, containment, and remediation efforts during a very rapidly evolving and highly sensitive national security crisis. His leadership during that event became a defining moment for the department's ability to respond to complex, multi-layered cyber threats.
Jennifer: Um, so his, his, uh, job is pretty, uh, busy these days. But I thought we maybe come on over. We'll start some discussion here and I'll sit down with you if that's okay. All right. Come on over.
Dustin Goetz: Good morning, by the way.[00:15:00]
Jennifer: Good morning. All right. Making sure these things work. We are the first ones to do this up here this morning, so, uh, glad our mics are working and we're ready to go. So, um, so now that you're in your new role, uh, you definitely came in during a wild time. I don't think you can turn on the news these days without seeing something happening at ice and, um, you know, you walked into an environment that's very hectic and busy and trying to secure that environment that you're in right now.
Jennifer: You know, CIOs talk a lot about zero trust as if it kind of solves everything, and you stepped into ice with thousands of systems, apps, and all kinds of field technologies. How are you figuring out. What you actually have and how you can secure that.
Dustin Goetz: Oh, thank you. And yes, ICE has an immense asset portfolio.
Dustin Goetz: Um, and the, my predecessors hats off to them 'cause they had started some great initiatives within ice, uh, the prior CIOs and the [00:16:00] different program groups to wrap their arms around it. But it changes every day. So, um, if zero trust could solve everything, my seat would be a lot less stressful. I wouldn't have a CIO who's going to speak later.
Dustin Goetz: I'm trying to grease him up a little bit to be kind to me. Um, and in general, life for CIOs would just be a little more relaxed. Unfortunately, that's not the case. So a lot of our initiatives right now are being spent just trying to understand what we have in our, uh, ecosystems, uh, as they change That is hard.
Dustin Goetz: So we have to rely on tools like Splunk, uh, exons and other asset inventory tools to kind of automate that process so we can wrap our arms around it. Unfortunately, there are legacy systems out there, um, uh, legacy systems and systems that haven't really been registered with CIOs. Uh, so they don't have awareness on it, and they are also, there's also that evil term out there called Shadow it.
Dustin Goetz: So the, um, you know, that's been grown out of necessity. So there's, there's [00:17:00] nothing really wrong with where shadow it came from, but now that we're recognizing it is becoming one of our major pain points. So I hate the cliche of what keeps me up at night, but there is some applicable applicability to it now.
Dustin Goetz: Um, and what keeps me up at night is the things that I don't know. So we support with support from our CISO and our program offices. We're writing, um, some internal policy that's going to require all of our IT offices to register their applications, their assets out there, uh, regardless of where they sit, so that we at least have some awareness on what we have and then start focusing on how to reduce that risk, um, by chipping away at Legacy IT and modernizing it.
Dustin Goetz: Uh, registering shadow IT and trying to migrate them into a greater fold within, uh, OCIO. And there's different, uh, techniques, but, um, asset management is gonna be probably one of the first things that we try to tackle within, uh, FY 26. Okay.
Jennifer: Okay, good. And [00:18:00] within that, kind of the data silos, uh, for ai, and you know, AI is everywhere, but most agencies really can't unify their data.
Jennifer: And obviously ICE has investigative immigration, legal, biometric, and field data that you're managing and trying to break down. How do you break down those silos so that the AI is really actionable and stuff that you can use.
Dustin Goetz: Yeah, our, our data sets are, I would say, probably some of the more diverse data sets in DHS.
Dustin Goetz: Uh, we rely heavily on U-S-C-I-S-C-V-P, uh, department of State, department of Justice, and we bring all that data and correlate all that data together to make actionable decisions. Mm-hmm. Uh, they're in disparate data sets. Uh, they're not all structured the same, so on and so forth, and everyone here knows those problems exist.
Dustin Goetz: So we are making major strides again, this is our second priority in 2026, is to develop that data [00:19:00] architecture and start leveraging technology so that our application owners and data owners aren't adhering to a rigid data architecture. Set. More, uh, more along the lines of just, uh, registering the data that they have into a data fabric, and then data mesh, uh, infrastructure and kind of more of a, a, uh, information highway, if you will.
Dustin Goetz: Mm-hmm. In doing so that'll make the information, uh, easier to consume by our customers and our operational elements. And it will also, uh, help us leverage zero trust all the way down to the data element level. Uh, so again, we have to understand what we have. We have to standardize it through a data mesh or data, um, uh, d different data schemes, um, implementing Zero Trust, and then.
Dustin Goetz: Once we get that completed, we'll be able to start really seeing the power of ai. And, uh, AI to me is only as good as the data set that it sits on. And if we're not doing a good job at being data stewards, then our AI is not gonna go anywhere. We [00:20:00] had two proof of concepts that we ran recently, and most everyone here knows that ICE is in a major hiring sprint.
Dustin Goetz: So shameless plug for ice. If anyone's here and start, wanna start their second career, ICE is hiring, please come in. Um, but. We had an overwhelming response. Uh, we've had, I think around, initially it was 35,000 applicants, and now that's grown up to around six, uh, 60,000 applicants. And if we did this, the tried and, uh, traditional way, we would see that that would take us years to go through those resumes.
Dustin Goetz: So we pulled together what I call a strike team. Uh, their job is to focus on, uh, well-defined issues within the, uh, environment. This being one of them, and they were able to standardize the data sets that we had to pull from USA jobs and a number of other sources, and put AI into the mix to help solve these problems.
Dustin Goetz: The result was we were able to go through a huge amount of resumes in a matter of probably three or four days [00:21:00] saving us approximately two man years worth of labor. Um, that, that's monumental. Mm-hmm. Especially with this administration who wants to see as many boots on the ground as possible. Mm-hmm. So we also, uh, doubled down on this capability and are leveraging that same type of approach with our OPR folks in screening the candidates.
Dustin Goetz: For OPR and background checks, um, which again, expedites the process. Um, now I'm not saying that AI solves everything. It's not a silver bullet. We have human intervention at all checkpoints, and they're validating what ai, uh, is doing for us. So we're not looking to automate everything. We're just looking to FCI or use AI to facilitate qualification, and then we still have that human factor in there.
Dustin Goetz: So, um, data standardization is absolutely key for everything that we have moving forward.
Jennifer: Definitely. And to kind of pull the thread a little bit on the workforce piece of it, um, you know, you've got folks all over the country, all over the globe. Um, [00:22:00] you know, you have a very mobile workforce. How does cybersecurity support your agents and officers that are kind of operating throughout the globe?
Dustin Goetz: Well, I'll give you the tagline up front. If they don't know that they're using it and cybersecurity is embedded in the applications and their operations, we win. Right? Because, uh, that to them means that it is seamless. So the challenge really is, is enabling it in, or cybersecurity in a way that the users don't know, but ensuring that I don't have Nate Fontaine breathing down my neck every time we roll out a new application.
Dustin Goetz: So hardening the endpoint is, um, probably the principle cybersecurity aspect that we'll have to tackle, which we have, right? Uh, but there is still some old school philosophy where they look at mobile devices and laptops and consider them two separate entities. They're not, they're really, really close together.
Dustin Goetz: And the quicker that we can start treating them as one technology set, instead of two different [00:23:00] devices, we're gonna start winning bigger battles. Um, for those of you that are tracking. We have also a large number of, um, arrests and de uh, deportations that we have to meet goals that are set up by the administration.
Dustin Goetz: Well, if you do the simple back of the napkin math, it's not going to be possible with the number of officers and agents that we have, even when we hire them. The way that we're going to get there is through the use of technology and how we can push the better, the more that we can push technology out into the hands of the operators so that they can do more.
Dustin Goetz: Aspects of their job in the field, the better off we're going to be. Every time that we've taken an officer and an agent out of the field after they've made an arrest, um, and have to push them back into, uh, a facility to do processing that takes an asset out of the streets. So we're actively working on Eagle, which I'm sure everyone has seen in the news.
Dustin Goetz: That's a, uh, a tool for identification. Uh, we're also putting applications on mobile devices that will allow them to do infield processing. So [00:24:00] all they have to do is, you know, uh. Grab everyone that they detained, put them in a vehicle, move them back to a facility, and they hand 'em off to administrators allowing the officers and the agents to continue to do their job.
Dustin Goetz: Cybersecurity's gonna play an immense role in that, and I think we're getting close, but we're gonna look at industry to try to help bolster that up. We come up with the ideas you guys have to sanity check them to say, yep, they're legit. And then we collectively have to try to figure out how to secure them.
Dustin Goetz: Okay.
Jennifer: And you said you're hiring, so, um, make that plug again. But, uh, but really, like you, you do have to compete with us in industry and others out there. Cyber talent is not always easy to come by. Although, you know, with the cybersecurity summit, the challenge that Luke and Martha have put on, that's probably certainly helping to get the right talent.
Jennifer: But, um, maybe tell us a little bit about how you are really retaining that talent and, and growing the team and, and making sure that you know that ICE is a great place to join if you are looking to grow your cyber career. [00:25:00]
Dustin Goetz: So, yeah, I as if cybersecurity folks aren't hard enough to, to hire, I, I, I saw a post recently that said that cybersecurity experts are like hiring astronauts nowadays.
Dustin Goetz: They're just so competitive and they're so hard to find. Mm-hmm. And now we have to compete against industry, right? Mm-hmm. So, um, we are taking different hiring approaches and recruiting new talent by putting a new pay band system out there. Everyone's probably heard of CTMS cyber Talent Management System.
Dustin Goetz: So we're definitely going to exploit that. Uh, that brings in new talent and that definitely pays them what they're worth. Uh, but we also have to manage retaining federal employees. So, uh, we are looking to do upskills within our organization. We're taking those that have an interest in I or cybersecurity that are in the IT field and start training them up and then moving them into cybersecurity.
Dustin Goetz: Um, and also we're not gonna miss the opportunity to really push cybersecurity out outside the traditional boundaries. Of where they, they are right now in soc and we're gonna start pushing that out to the I TFOs [00:26:00] and have our, I TFOs also start to do some aspects of cybersecurity. Um, our push to move EDR out to the, uh, furthest point possible is gonna rely on people like them to make sure that it's installed, they're talking to the people, um, so on and so forth.
Dustin Goetz: So. Upskill is a big one. Um, uh, you're gonna work with other DHS components to hopefully do cross force transition. Uh, give some ICE folks opportunities over in C-B-P-U-S-C-I-S and if they really want to have a lobotomy go up to headquarters, I'm a card carrying member so I can say that I just came from headquarters.
Dustin Goetz: Um, the other thing that we're gonna have to do, and we, we do, we're doing this now and we're gonna continue to do this, is, um, rely on the industry. Uh. Our folks will always be there to oversee and to manage, uh, cybersecurity resources and the mission. Um, but we have to rely on industry to make sure that we're relevant, that we're aware of how the landscape is changing.
Dustin Goetz: And we're going to rely on you guys to [00:27:00] tell us, have you looked at this? Have you considered this? Because some of the big pushes that, uh, we're going to make is in automating some of our cybersecurity function. We don't know where that starts. Well, I know where it starts. We don't know where it's going though.
Dustin Goetz: Right? I know. Building blocks A, B, and C. I'm relying on industry to get me from D all the way to Z. So that's kind of where we're going. Industry's gonna play a key role in that.
Jennifer: Very good. And kind of along the automation line and machine speeds. Cyber defense, everyone says that they want. Better cyber hygiene, but it seems like humans really can't keep up with all these modern threats.
Jennifer: Um, how are you guys using automation to speed up the response and reduce that analyst fatigue?
Dustin Goetz: Yeah. Uh, well, we're definitely combining EDR, our scene and a number of other tools to calm, come into one common collection point, uh, and really rely on machine learning and other technologies out there to weed through all the chaff.
Dustin Goetz: We can't do what we've been doing now, which is [00:28:00] have tier one analysts. We through all these alerts, tune it, tweak it here. Uh, that's very labor intensive. Uh, and it's not, definitely not the future. 'cause the, our adversaries are moving at light speed. So we're going to make some key investments in the future to automate our tier one on the cyber network and service desk fronts.
Dustin Goetz: Let the, um, automation. Take the place of human in, um, sorting through false alarms, uh, and qualifying the event before it ever hits the, uh, analyst. And what that's really going to also do is help the analysts stay relevant. And how they're doing their job. They're no longer going to be bored with mundane activities.
Dustin Goetz: They're actually going to be into the thick of it and working through, um, realtime threats and still building their skills and doing so. So, uh, machine learning automation is going to play
AUDIENCE: a huge,
Dustin Goetz: huge role. And the. The secret that everyone already knows it's going to drive our costs down. So my approach has always been, if I can automate tier one, I'm gonna [00:29:00] keep that cost there.
Dustin Goetz: Uh, and then reinvest that into more senior, uh, capabilities in tier two or working with industry to see if we can't bring on other technologies to start automating other key features, uh, of our, of our environment based on threats. So. I don't want to take money out of the budget. I want to continue to reinvest it in our capabilities.
Dustin Goetz: And again, I have to rely on industry to kind of carry me there.
Jennifer: Hmm. And with that evolving threat landscape, what really concerns you the most there?
Dustin Goetz: Uh, AI is a big one. Uh, there's internal and external. Those are never going to change externally. We have to try to figure out how to fight ai. Uh, that goes into kind of how we're automating a lot of those tier one functions.
Dustin Goetz: Um. But, uh, yeah, the adversaries are getting com very, very sophisticated in how they're doing business. Um, I'm sure that everyone knows that they're leveraging AI for phishing. They're leveraging AI for automated calls and having conversations [00:30:00] doing social engineering. Um, that's not solely our O CIO's responsibility to solve.
Dustin Goetz: Ish. Uh, it is our responsibility to make sure that they have access to the material to train them, that these are the new, that's the new threat landscape, so mm-hmm. And that they are an absolute target. This is cold war type of mentality, right? Where there is such thing as social engineering, loose lips, do sink ships and just keep your mouth shut and don't share your credentials.
Dustin Goetz: Right? Yeah. Um. But post quantum computing is another big thing that we're concerned about and we're trying to get ahead of, I think all government's trying to get ahead of that and making sure that we're prepared for it. And, and there are a number of other things, but yeah, our developing and maturing our security stack is, is absolutely key.
Dustin Goetz: So.
Jennifer: Mm-hmm. Yep. And that post quantum is, I know all of us in industry are trying to learn more and, and make sure that we're ready to support you guys, um, as we get into that,
Dustin Goetz: well, if you're new at that, do not. YouTube, that stuff because your mind will spin out of control. You have to have someone come and explain it to you.
Dustin Goetz: Barney style, because when I [00:31:00] tried to understand it the first time mm-hmm. I don't do it while you're, uh, commuting too, because that'll put you to sleep danger.
Jennifer: Excellent. Uh, so my last question really is to kind of, you know, wrap this up with you as far as, you know, the story that you're writing as the ice CIO, what, what is your vision?
Jennifer: Where, where do you. Wanna see things go over the next several years and, um, you know, what will be your legacy?
Dustin Goetz: Well, I, again, I mentioned this early on, what I'm trying to do is actually build upon some of the work that my predecessors have done. Um, and I cannot speak enough about the foundation that the prior CIOs have done, uh, with.
Dustin Goetz: Ice, CIO. A lot of my time and attention that, uh, that I'm taking now is only because of the, the mature model that they have been developing and is developed right now. So I can take my eye off the ball and start focusing in on other things. Mm-hmm. So huge kudos to our workforce in ice, [00:32:00] those that came before me.
Dustin Goetz: And also the leadership. 'cause they. I, you know, when I first got into the job, I was like, well, they're not talking to me that much. And I come to realize they're not talking to me because I, they don't have anything to talk to me about. I'm, we're actually doing the right stuff to keep them off the radar so that they can focus on hiring and buying vehicles and buying facilities.
Dustin Goetz: So it is working well there. So in focusing on the future, it's going to be three pronged. It's going to, um. Wrap our arms around inventory to understand what OCIO really has in the environment so that I can start to secure shadow IT and legacy systems. Again, that keeps me up at night. Um, data modernization and making sure that our data is structured and available for consumption across or within ICE and across DHS.
Dustin Goetz: Mm-hmm. Uh, that's going to enable operations, um, and allow us to build ai. Mm-hmm. And then the last item is making sure that security is baked into everything. Um, I know that we go through, uh, cycles where we have. Uh, it is really important. Cybersecurity is [00:33:00] really important. AI is really important. And, and I'm saying all, all of those are equally important.
Dustin Goetz: Cybersecurity is not going anywhere. I, I see cyber security being baked further and further into it. Mm-hmm. Um, and I see that as being what's really going to enable the mission. Mm-hmm.
Jennifer: Well, excellent. Well, thank you. Do we have time for a couple of questions? Yes.
Dustin Goetz: Alright. By the way, we planned this so that there was only 30 seconds left, so there's only one question.
Jennifer: Any softball questions? No. Just kidding. Um, come on, you gotta have questions for the ICI. Come on, wait. In the back you get a free cup of coffee if you ask a question today.
AUDIENCE: Hey Dustin. How's it going? Um, Sully Vickers with Leidos. Um, you mentioned that you're looking at automating tier one SOC functions, however, you're also, um, having issues in sourcing cyber talent. Um, what is ICE doing to, um, to [00:34:00] get these new cyber professionals experience like they would in a tier one setting?
Dustin Goetz: Well, CTMS is our hiring capability and uh, for those of you that have sat through the CTMS exam, you're gonna know that by the time you make it on the back end of that exam, you're well qualified. So we're starting there. And making sure that we're hiring some of the best and the brightest. Uh, after that it is going to take a good mentor, supervisor and a clear understanding from my perspective, down to them on where cybersecurity is going so that they can pick one of the three or four fields that we're developing and they can focus on it.
Dustin Goetz: For instance, um, cloud environments, uh, threat hunting, forensics, you know, those are all very. Clear defined career paths so that they can, that can go down. So it's, it's mentoring, it's discussions, um, but it all starts with getting the best and brightest in at the ground floor and then working them up.
Dustin Goetz: One of the other dirty secrets that we learned during [00:35:00] SolarWinds was that while we were all DHS and I was. Leading it from a technical perspective for the department. Uh, when I worked with ICE CBP, US Secret Service, uh, OIG, we all spoke different languages. The culture within the cybersecurity culture within each of the components is drastically different.
Dustin Goetz: Um, at some point in time, we're gonna have to start unifying how we talk because we were talking past each other a lot of times. Um, so we're gonna have to figure that piece out. That's gonna help mature cybersecurity as a whole as well. Did that answer your question? Uh, yes it did.
AUDIENCE: Hey, Dustin, Melvin Brown with CANI.
AUDIENCE: Question about hiring you. You mentioned earlier about having a hiring and the challenges associated with hiring, and I know that ICE had a. Major, you know, backlog of hiring about, you know, a thousand people or several thousand people. What's your strategy for doing skill-based assessments and getting people through the pipeline A lot faster.
Dustin Goetz: Do doing what kind of assessments?
AUDIENCE: Skills-based assessments.
Dustin Goetz: Skills based, well, CTMS are, are you talking cyber security or [00:36:00] in general?
AUDIENCE: Just in general Right now.
Dustin Goetz: General. Well, if you mind, I'll just focus on CIO type hiring priorities. 'cause in general I'm not. Uh, Leo. So, uh, again, CTMS qualifies you right outta the chute.
Dustin Goetz: Um, it's a very, very technical test, and there are several different categories and ranges of, um, talent that you can test towards. And, uh, you know, I, I would, I've talked to several people that have sat through the test and I, I've known them for years. They're extremely smart and talented and they fail.
Dustin Goetz: So that test is doing its job. I would like to have seen them succeed because I really needed them as CTMS, but you know, it's definitely doing its job. Um, if you go outside of CTMS and just talk about OCIO, uh, CTMS is specific for cybersecurity and if you're talking about 2210s, um, CI or IT types, uh, we are trying to.
Dustin Goetz: Um, continue on with direct hiring authority where it makes sense, uh, to expedite some of our hiring [00:37:00] capabilities. Um, because the government process for hiring is, as you well know, very complicated. Um, it's even more complicated when you stack 12 to 13,000 law enforcement officers in front of the IT guys.
Dustin Goetz: So, direct hiring authority is probably gonna be our focus. By the way, I really appreciate those two questions because that means I have two candidates to come into OCIO, right? That's where you're going with that.
AUDIENCE: Alright. Hey, Dustin, Doug Nos from Deloitte. So how are you thinking about the operational technology in the field and securing that?
AUDIENCE: What is your approach to that and, and what's kind of keeping you up at night about the operational technology? In the field.
Dustin Goetz: Uh, going back to what I had said earlier, understanding where the OT is, uh, and then identifying what platform it sits on and how to secure it. Um, I, I have a really good working relationship with the two operational elements in ice.
Dustin Goetz: Well, there's three E-R-O-H-S-I and Ola. Um, for those of you that don't know the way that we kind of structure, um, it [00:38:00] is, I run it as a whole. The requirements come from HSI Innovations Lab and, uh, Lisa over in ERO and I work very well with the two of those leads, and they are to bring me, there's, we're working so that they bring me the requirements and I try to generate capabilities to deploy, um, technology out to them.
Dustin Goetz: That's not how it works right now, by the way. Uh, so O ot, just identifying it. Let them continue to use it, but register it with us so that we can figure out how risky it is. If it's really risky, we're shutting it off. If it's not as risky, we'll work with them to try to tighten it up, migrate it over to OCIO, and then we'll manage it for them moving forward.
Dustin Goetz: Um, as other OTs are brought online, hopefully they align with, uh, the operational requirements and if they come to us and say, Hey, we need to do this, and we'd like for you to consider this, uh, platform, we'll look at that. But we also have an inventory of other capabilities that we would be remiss if we didn't look at as well.
Dustin Goetz: So we need to start [00:39:00] focusing on reuse of current tech technologies and capabilities, making sure that they're, um, cloud services native. That's really where I'd like to see a lot of the stuff go. Um, and then, you know, just work with them and, and develop however they need to be. But, uh, again, cybersecurity is gonna be chief among them.
Dustin Goetz: Okay.
Jennifer: Thank you everybody. And, uh, big round of applause for thank you Mr. Goz. If you're passionate about technology and eager to explore more incredible events, make sure to visit act iac.org/upcoming-events. Keep your curiosity sparked and your calendars marked. Until next time, stay inspired and connected.