.jpg)
HSDF THE PODCAST
The Homeland Security and Defense Forum proudly presents HSDF THE PODCAST, an engaging series of policy discussions with senior government and industry experts on technology and innovation in government. HSDF THE PODCAST looks at how emerging technology - such Artificial Intelligence, cloud computing, 5G, and cybersecurity - is being used to support government missions and secure U.S. national interests.
HSDF THE PODCAST
Foundations for Innovation & Security at DHS 2 of 2
Welcome to “HSDF THE PODCAST,” a collection of policy discussions on government technology and homeland security brought to you by the Homeland Security and Defense Forum.
Discover how AI is not just a buzzword but a transformative force in training asylum officers and enhancing FEMA's grant applications. We tackle the intricate world of government-wide acquisition contracts (GWACs), exploring the challenges of delays and protests, and the pursuit of experts who bridge the gap between traditional and non-traditional defense domains.
Featuring:
- David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security
- Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security
- Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security
- Reshea Deloatch, Executive Director, Solutions Development Directorate, Office of the CIO, Department of Homeland Security
- Daniel Carroll, Field CTO for Cybersecurity, US Federal at Dell Technologies
- Rear Admiral Christopher Bartz, Deputy CIO, Department of Homeland Security (moderator)
This discussion took place at the HSDF’s Technology Innovation in Government Symposium on September 26th, 2024.
Follow HSDF THE PODCAST and never miss latest insider talk on government technology, innovation, and security. Visit the HSDF YouTube channel to view hours of insightful policy discussion. For more information about the Homeland Security & Defense Forum (HSDF), visit hsdf.org.
Any other questions out there? A whole bunch.
Audience:Hi Ashley Nichols from Highlight Technologies and around acquisitions. I think my question is really around. We've seen a lot of delays in our big GWACs, that DHS even has historically used A lot of protests that slow down the procurement process. I know there's a lot of DHS specific smaller vehicles coming out but I'm interested in how you are using or what acquisition levers you're using to keep up with the pace of technology. You know SIBRS, otas all of this.
Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security:That's the next panel, isn't it? Not to cut you off, but I think your procurement folks are next. But continue with the question.
Audience:Well, I'm interested from the program side too, like how you guys engage and what levers you pull to get what you need.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:I don't know who to go to on that.
Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security:I can go forward.
Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security:Well, I mean we use the vehicles that are out there right. It's easier from my perspective to use the GUX that are out there. You know some of the protests. That hurts us all. We had 256 days of protests, I believe, on our EAS contract and some of the contracts we expect to be protested. So that's a challenge. I'd ask industry to kind of take a look at that and there are some mistakes and I don't want to bash our procurement folks, but there are some mistakes that we make on the government side as well. That causes those challenges. But using the vehicles that are out there, the NASA suits. If we use FedSim for two big contracts that we use in it, they've done a great job for us. So does our procurement folks.
Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security:Mike, yeah, done a great job for us.
Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security:So does our procurement folks, mike, yeah, that's so.
Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security:For my side of the house, I think, where we've seen the difficulty is trying to find the specific, the hyper-specific subject matter expert that toes the line between a traditional DOD style subject matter expert and a non-DOD style expert.
Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security:I've been out on a few industry trips recently and you know the response is very, very DOD style contracting vehicles and taking the civil route where things in the data world get very, very complicated with the different. Then we get into the data rights conversation, which is we could probably have a whole I could probably have a whole panel on data rights, which I don't want to start up right now, but I do think we do explore. And in my side of the house apologies is the looking for that kind of availability of that subject matter expert across the board and being able to bring in that wide scope of resources, because I do have to support the entire nine operating law enforcement components, including the Coast Guard, and that's where the complexity comes in, at least from a contracting standpoint, and that's where I do have to surf the aisle on all the vehicles we have and that's where the complexity is found. But I'll leave the procurement folks to answer the rest of that.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:Thanks, okay, okay, oh, great. Thanks for that, and I saw some other hands up, ma'am.
Audience:Thanks, mojgan Pedun, ecs. There's a lot of talk about AI, ethical AI and responsible AI and going toward using AI generative AI a lot more. Just wanted to know what kind of policies DHS is putting in place to enforce that you know regarding data governance or anything from related to that. Again, as we're approaching the next few years and growing of it.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:Thank you, you're in luck because Mr AI is here. That's a softball, dave Lerner.
Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security:He's going to hit that one out of the park, my goodness my goodness, how much time do we have?
Rear Admiral Christopher Bartz, Deputy CIO, DHS:He lives and breathes this all day, all night.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:How much time do we have? He lives and breathes this all day, all night. Last year DHS and listen the general counsel folks said we couldn't say we were the first, but we were most certainly one of the first to actually put out a comprehensive program for the use of commercial generative AI tools. We've shared that publicly and we know some other organizations have leveraged it. We have, for a year, allowed select employees or eligible employees to use approved commercial generative AI tools. Right, and we've got four or five of those tools have been approved. Now they have to take training that we have designed and implemented compliance training. They have to sign a rules of behavior with their supervisor. We have very, very strong lines around privacy, around the types of information you can put in there, the types of things you can do in there. Right, you cannot use degenerative AI tools, for you know law enforcement, decision making or you know benefits adjudication. It is, and so that's where we started, right, and that's the first layer of our like our layer cake of generative AI. Secondly, earlier this year we announced our generative AI pilot. So we're actually taking our first step into integrating generative AI into mission use cases. Uscis has an incredible pilot that they're running around using generative AI for training asylum officers, right. So where it used to be or continues to be, you know actual in-person interviewers and actors we now have the ability to emulate individuals using generative AI so that those trainees can actually use this as another way to train. On the FEMA side, which is our, we're really excited because it's our sort of like first external use case. For those of you who are aware, you know FEMA and FEMA grants. They have a process around resiliency grants and in order to for a locality to be eligible for a grant, they have to complete a very, very long form prescriptive subjective plan Very, very long document that takes experts that some localities don't have. So we're looking at using generative AI to assist state, local tribal organizations to actually create those plans so they can get access to the resiliency grants they need.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:Last but not least, we're also looking into the law enforcement use of generative AI to help law enforcement officers summarize information in their case files. We're also looking at it from a semantic search perspective. So we have a lot of officers that sort of perceive law enforcement engagement situations differently. One officer may say a red truck, another officer may say a Toyota, tacoma, etc. And so prior to generative AI, we didn't really have that strong connective tissue of our language so that those two reports may be related to the same vehicle. So, using generative AI and all of that vector databases etc. We actually have the ability to get that technology into the hands of investigators to assist them, to be a tool amongst their toolbox.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:That's the second layer of the cake and I'll try to be fast, I promise the third layer of the cake is sort of general purpose AI, right? So when we start talking about what would it take for DHS to take FOUO information and be able to use generative AI across a broad set of use cases, so we're currently working on sort of getting feedback on the last year of individuals who have been opted into our commercial generative AI tool policy and we're looking at sort of what would it take for DHS to have a general-purpose generative AI solution. And it's really more of a discussion with civil rights and civil liberties, with the privacy community, to understand, sort of like, how would we even look at monitoring that environment without, at the same time, also monitoring our employees, right? That's not what we're trying to do here. We're trying to provide a tool for them to be effective in their job, but we also want to understand if that technology is helping them and actually helping to solve a problem.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:The idea is if we can solve those three unique cases. That handles a lot of things we need to understand about sort of technology and vendors and access. It handles a lot of things we need to understand around rules of behavior with employees and how to implement that effectively. It also goes into understanding the government-friendly terms of service right. A lot of these AI companies have very, very unique terms of service on how third parties use their models. So we're trying to understand sort of how does that impact our operations and how we interact with these tools. And I'm done, I swear, Thanks, Dave.
Audience:Another question Sir, thank you. Glenn Fusen from LexisNexis Just had a question on how is best for us to engage with you in this collaborative environment to talk about our technology, so we can come in and we can give a demo, but that's not really the engagement and collaboration that I think we need to be having at this level to really see how we can help advance your priorities and what we can be developing. So what's the best way to engage with you? Talk about that.
Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security:Maybe Chris Granger. So we well, dave has an office that you can engage with. We haven't used it in a while. We haven't, I think, because you know your office is busy. I haven't, maybe I'm just not paying attention. So there's a forum where you guys can come and brief us, and the XDs and my staff and our staffs will come and listen and then we may engage with you separately. If there's something we're interested in, I'm also. I have he's sitting there in the back. Dr Mark Lucas does my future state technologies. We were just talking about a plan that he wrote, which is outstanding, and how we're going to look at vendors and really focus operationally looking at the different vendors that we have and the capabilities out there and kind of do some analysis on them and then bake-offs at the end and then we kind of score it and then look across there. So he will be reaching out as we look at the various tool sets and cyber security stuff like that. So that's maybe us reaching to you and then you to come to us.
Reshea Deloatch, Executive Director, Solutions Development Directorate, Office of the CIO, Department of Homeland Security:Just to add on. I think it's pretty effective. I don't discount how effective a demo is. Some of these things I mean we have so much on our plate. Maybe we haven't seen the technology that you're talking about. One thing that's probably not known openly about DHS is we have a. We have a library community like we have the DHS enterprise library and it's electronic, and we have some actual brick and mortar libraries across DHS as well and there's a lot of licensing that comes with those products and products that people need to utilize and medical community that utilizes those libraries as well. So don't assume that we know about your product and there's vehicles through CTO.
Daniel Carroll, Field CTO for Cybersecurity, US Federal at Dell Technologies:I apologize, I was going to add on there as well Collaboration with the federal government is. There's so many pathways to do it too. Nist has their Cybersecurity Center of Excellence. We've done a lot of great collaboration with that organization for things around hybrid crowd, around secure 5G, those type of capabilities. And then industry also has the capability at least we do it a lot in the DOD with collaborative research and all that.
Daniel Carroll, Field CTO for Cybersecurity, US Federal at Dell Technologies:Agreements where we'll come in and work with an organization, we'll figure out what is the mission outcome they're looking for and then you build a whole plan and capability around that that works both for that organization but then can go wider from those learnings. Right. Usually you come into it with an agreement that you wanna share it across the government. Right, to drive better practice because, to the previous question too, around AI and its adoption, practice standards are going to be critical and there's still a lot of work being done in that area. But there's also a lot of standards that exist today around how information can be handled and things like that Again I'll point back to NIST that need to be leveraged in a lot of the AI development going forward.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:Thanks, dan. Ocio vendor engagement at hqdhsgov is that group and we handle all of those engagements. Can I do something that you're probably going to hate me for later by a show of hands, would anyone? We used to do this back in the day in OCIO and a lot of folks have reached out to me. Would you be interested in a speed dating style demo session? Because you know, honestly, I was taking phone calls back here. I got phone calls all the time bringing things together. Would actually anybody be interested in being a part of the solution here and being part of a session to bring your product? Give you 15-20 minutes to demonstrate it, give us exposure and then let us decide sort of how we want to go from there. By a show of hands, honestly.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:I don't hate you, I'm just going to assign it to you.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:Well, we're in the middle of FY25 planning right now.
Reshea Deloatch, Executive Director, Solutions Development Directorate, Office of the CIO, Department of Homeland Security:And fun fact. Dave we've done that internally. We called it a demo expo, just in terms of products and solutions that we have internally that we want to make sure our community of developers and engineers get to see, just to inspire other developers. Cool, good idea.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:I saw a hand over there, ma'am.
Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security:I think she's been waiting.
Audience:Hi, my name is Monica. I'm actually at USCIS. I have a question I would say with my kids every time you get a new toy, you have to get rid of a toy. So on the other side of the AI, do you see any decommissioning, do you see decreasing the technical stack? With the AI, the other side of it is helping, improving and faster and da-da-da, what would be the other side of that coin.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:Great, does anybody want to take a shot at that, dave I think the department, just like many other federal agencies and we are now getting tracked from a FITARA perspective have not been consistent across the board or enterprise-wide on sort of taking advantage of the consumption-based aspect of the cloud. I think we are really really good at using their cool, fun, sexy portals and logging in and spinning up new services and then creating credentials and giving folks access to them. But hitting that next level, to where we can actually be more in control of sort of our consumption and use of the cloud, to lower the cost of that cloud Like honestly, that's the only way we can get to that way we can get to that we are moving towards a state where technology is becoming ubiquitous and we are getting better at sort of tearing apart interfaces and back-end databases to allow information sharing to be easier. But at the end of the day, if every single application requires a gigantic instance running full-time in the cloud, we are going to reach a theoretical limit on our ability to continue to grow.
Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security:Let me talk a little bit about that from an operational perspective. So do I want to get rid of people with automated intelligent machine learning? No, I want to be able to react quicker. I want cybersecurity tools that have that built in so that my limited staff right, you never have enough staff to do what you need I can automate some of those processes that I have people looking at now to be analytics, so I can focus on those that I really need to focus on, so that, from an operational perspective, that's what we're. We're looking at, so maybe not getting rid of people, but being able to use the people that we have much more effectively using those technologies.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:Great thanks, More questions.
Audience:Sir, I'm going to ask you, each individual, this one question that my grandkids would ask me. It's a Disney question. If you had a magic wand and could make one thing happen, what would that thing happen for you? What would you execute? What solution you would have for each one of your organizations?
Rear Admiral Christopher Bartz, Deputy CIO, DHS:Let's go with Dan first.
Daniel Carroll, Field CTO for Cybersecurity, US Federal at Dell Technologies:So I don't work at DHS, but I will say, like I mentioned a minute ago, the best thing that you can do is to use that magic wand. Don't think AI or anything else like that is a new journey. It's a continuing journey the federal government has been on for over the last 12 years, at least as it relates to modernization of IT. It's moving. They went from cloud first to now. Understanding multi-cloud and edge is critical. It's moving. They went from cloud first to now. Understanding multi-cloud and edge is critical. So your multi-cloud edge, zero trust goals they all have got to unify for you to get that magic solution that's going to come out the other side to provide you a more robust IT architecture and probably answer most of the responses here. In my opinion.
Reshea Deloatch, Executive Director, Solutions Development Directorate, Office of the CIO, Department of Homeland Security:Money Give me the money. Money Give me the money. The only reason I say that not as literal, but just meaning that there's so much that can be done. Dave mentioned the whole compute thing and with the DHS Enterprise Cloud, I am concerned that as we continue to modernize, and especially regarding AI, it's going to cost more money to maintain, to even ramp up some of these solutions. So without money, how are we going to get there?
Chris Granger, Executive Director, IT Operations, Office of the CIO, Department of Homeland Security:So that would make me happy, I think. On that note, I would say I need maybe a magic bubble that I can put over top of all these great ideas from a cybersecurity perspective and prevent our friends from the many countries that you could name that are after it all day long. So from an operational perspective, that's what I'm seeing all day long. So if I could put kind of like Israelis have over that to protect us, that would be what I'd look for over that to protect us.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:That would be what I'd look for. I would take care of all of our technical debt and make our technical debt go away. In my job, I own the technical reference manual, which has tens of thousands of records of all the technology that are approved across the department. We have technology that we should not even be looking at anymore and we have huge disparity on what people are using across the department.
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:I have been trying my best to go forth on reducing duplication and increasing reuse of technologies and, ultimately, the vast array of duplicative, overlapping, similar technologies that have been implemented at components is the one thing that keeps me from doing all the AI stuff all the time. Right, because, ultimately, to the question before about what do we get rid of, we need the organization moving to a place where we get all of those old technologies and old software licenses, the things that are causing hament, stress, the things that make acquisition challenging. We need to make those not a big problem that take time and energy and blood and sweat so that we can actually work on doing the new things that we need to do that we can actually work on doing the new things that we need to do.
Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security:I'm going to answer with fully automated border security. Right now, we have tools upon tools upon tools in law enforcement that are fantastic. They solve fantastically specific things. Some of them integrate well with others that we have. We have a ton of swivel chair problems still that we need to integrate.
Michael Weissman, Chief Data Officer, Office of the CIO, Department of Homeland Security:We have some tools that are new that can't plug into other new tools, and my fantasy in this world would be that we can fully automate our border security problem that we are trying to solve with the technology so that it's streamlined, and then to piggyback on my somewhat parabolic fantasy would be to get rid of all the paper that we need, because the amount of burden that we have on our law enforcement officers already and what we're trying to do to reduce that burden by using technology, shouldn't be made worse by them saying okay, we're making it better with technology. Now you need to learn 15 different tools and here's five laptops and you're gonna need to swivel between these seven different screens to do it, but we'll eventually get you down to one. So that's my fantasy in that regard.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:I think for me. I once heard Admiral Gilday speak when he was the chief of naval operations and he said the one good thing about conflict that conflict brings is clarity of purpose. And so I would wave my magic wand and have that clarity of purpose without the conflict. Just, you know, having an understanding of what our focus is and the world is so complex that changes from day to day, and so that's the genesis of my stress is kind of reacting to that and just having the clarity of purpose, I think would be welcome from my perspective. So we have time for one more question. So whoever gets their hand up fastest, or we take no questions, oh, we got one right there.
Audience:Post-quantum computing Matt Schneider with Palo Alto Networks. I know you guys are working very planning with NIST and collaborating with them. Are you pleased with where you guys are working very planning with NIST and collaborating with them? Are you pleased with where you guys are now on this post-quantum computing effort?
Daniel Carroll, Field CTO for Cybersecurity, US Federal at Dell Technologies:I'll be honest with you. So I think NIST does an amazing job but, just like has been shared up here, funding and resources are a challenge. So the biggest challenge I'm going to see with post-quantum computing is they've already developed the strategy. Those strategies, when vendors bring them to them, are going to have to go through certification. I have a concern that the funnel that they're dumping them in is the same one that they've been dumping the previous crypto validations in for FIPS and stuff like that, and getting them through quickly and effectively and properly to meet the industry and government needs is going to be that's my concern. So I think the collaboration is great, like they've done a wonderful job bringing industry and government together to talk about the problem and divide the strategy. But how do you effectively get solutions through the pipe?
Rear Admiral Christopher Bartz, Deputy CIO, DHS:anyone else?
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:Anyone else I have?
Rear Admiral Christopher Bartz, Deputy CIO, DHS:a lot of opinions. Dave, why don't you just give us 30 seconds?
David Larrimore, Chief Technology Officer, Office of the CIO, Department of Homeland Security:Give us an opinion. I'm close to your opinions. I think post-quantum is a boogeyman in the future, and we are losing sight of today's cybersecurity problems, where we're already losing data and we don't have end-to-end encryption on all of our core services and we haven't implemented zero trust anywhere, everywhere, and so that is where we need to focus on. We know that post-quantum is going to be a significant problem from a defense perspective, from an adversarial perspective. It's also going to be a phenomenal opportunity from a mission perspective. But at the end of the day, we have a lot of cleanup work that we need to do before we can really devise a strategy that we can implement centrally, right. So we look at sort of IPv6 and how fun is IPv6? So like that's still a thing, right? We're still figuring out sort of how to do that and adhere to those standards which are, in my mind, sort of like core foundation for getting to a place where we can say that we truly confidently are prepared for post-quantum encryption.
Rear Admiral Christopher Bartz, Deputy CIO, DHS:Great. Thank you for that. So I think time is up, Thank you.