HSDF THE PODCAST

Priorities for the CBP Office of Information & Technology Part 1

Homeland Security & Defense Forum

Share episode

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 27:21

Welcome to “HSDF THE PODCAST,” a collection of policy discussions on government technology and homeland security brought to you by the Homeland Security and Defense Forum

 Our panel pulls back the curtain on a playbook that blends five-sigma reliability with bold bets on generative AI, edge computing, and zero trust—so agents get real answers in real time while security stays tight. This is a story about turning policy into operations, reducing tool sprawl with a strong Technical Reference Model, and building an architecture that meets the mission where it lives: at the edge.

Featuring:

 This discussion took place December 12, 2025 at 8th Annual Homeland Security & Defense Forum Border Security Symposium

Follow  HSDF THE PODCAST and never miss latest insider talk on government technology, innovation, and security.  Visit the HSDF YouTube channel to view hours of insightful policy discussion.  For more information about the Homeland Security & Defense Forum (HSDF), visit hsdf.org.

Setting The Mission And Priorities

SPEAKER_01

Good afternoon, everybody. Well, it was really great to have the secretary here this afternoon, and also to be able to take questions, which I think is very rare. She laid out, I thought, a and did a good job with the administration's priorities, strategic plan, and also did the same for the department. And I'm gonna start with you first, Sonny, because I know each year, you know, we we try to work as a CIO towards our goals and objectives in the strategic plan. And obviously that evolves because of technology, because of business needs. And we've had quite a bit of change in 2025. Maybe you can talk to what are some of your key technology priorities and the goals and the objectives that go with those. Yeah, thank you, Barry.

Strategic Transformation And New Tech Bets

Ops Excellence And Team Wins

Innovation At Mission Speed: GenAI And Edge

SPEAKER_02

Uh well, first of all, I think uh as the secretary and everyone else been uh knows, uh this has been one heck of a year. Would everyone agree with that? We've really worked hard, and uh I'm exhausted, and uh and I'm gonna take leave starting next Monday after a thousand hours of leave. So I can only carry over 720. But anyhow, uh did I just said that this outside voice? Oh, anyway, sorry. Um I feel I feel much better now. Uh I I just want to just say uh I've done this for now, this is my 41st year working. This is the most uh amazing terms of just sheer work that our entire workforce and contractors and vendors, everyone together, you know, to a common mission and common goal. To answer your question, Dr. Beck, Dr. West, I think the key is that uh, you know, administration policy, they set the policy which drives the mission stakeholders, which are agents and officers, then supported by technology, implemented through technology, right? So that's really what's been going on. So we have really three things that we do strategic transformation, which is really setting up for newer technologies. Sunil will talk about that. Some of the things, as an engineer, he and I have set up the technology direction as to go forward. And uh, I don't want to steal all his thunder, otherwise he really starts coming back and asking the questions, you know. But uh but we we think uh there's obviously that strategic transformation is very key. So there we're gonna be investing in a lot of new things. You'll hear about generative AI, quantum, you'll be hearing about PQC, you'll be hearing about edge computing, you'll hear about certain things that we're doing with OTIT integration, and all of that stuff is gonna be very, very key in terms of how we go forward, right? The second thing we use tactical ops excellence. We've really focused on the fact that our stuff needs to be five, six sigma operational so the lights stay on, so that that is not the thing that we're distracted by. We're not just firefighting all the time, right? So I think that is something that we've really improved on. We've set up measures, we've set up all these sort of things. So everyone is really focused on that. My entire organization, I was there at the Homeland Security, Homeland Heroes thing yesterday. Dak Mays won the sort of executive of the year. Uh I've got Niall Sama, one also for Mission. I've got uh, you know, Tyson Walker, the deputy CTO, one as well. She Lou Patel, one for OTIT. This is something, and I was taking pictures like a fan, you know, just like, you know, and there so they took a picture of the CIO taking a picture of the team. Uh they said, You look like a proud papa. It's like I'm really proud of the team, you know. But I think what that means is that the technical ops excellence, we really worked and made that uh so successful that right now that is working, so we can focus on strategic transformation. But the third one is innovation at the speed of mission. We're bringing out new technology so that Sunil will talk about running generative AI that we'd got done our first chat to all of the organization, and all 67,000 people now are using a very, very, very safe and secure tool. So we're not just going after shiny objects, we're making sure that these models are very, very carefully thought through, and cybersecurity is sort of uh woven into the uh into the process. Our new thing is uh zero trust, which is uh you know, never trust, always verify. And so we we are really kind of making a lot of effort into this area. The supply chain and data security is a key challenge for us. So I just put that out there, and we're very interested in industry uh focusing on that, and OTIT integration. So you'll see the whole world change where operational technology and information technology will merge at some point so that the planes, boats, drones, vehicles, wall, IoT, all these things, that you will have uh sort of a thing where voice prompt, through voice prompt, an agent and officer out in the field will be able to integrate, launch a prompt, get an answer, make things happen, search across uh, you know, with an edge device that'll be more not going back to a tier four data center, or we'll we'll have the cloud and we're going to be the first agency going to the cloud in two years, fully all done at a large agency, but all that process out at the edge. So these are the sort of things that we're doing is really, really important. We're also looking at SATCOM so that we can now, we are the first agency to be 18 months ahead of schedule on EIS, completely done. And now we're ready for the next generation of 6G. And and we just saw the thing that China is a little bit ahead of the United States in this area. Well, we can't let that happen. We gotta we gotta get going. So leveraging those contracts and also getting SATCOM directly to across all the border uh elements. So we've we have tested that out, by the way. Uh there are two or three constellations. I think you know what they are. You I know you all know that. Uh, we are looking at all three so that we can have not only the Starlink, and now I think I've solved one of the equations, so you can solve the other two. Uh uh, someone got the joke here, good. Uh uh so uh uh those all available. So an agent and officer never has to worry. We've got another device called mobile wireless where uh multicellular coverage. So my point is that infrastructure under Dak Mays, under Dr. Mays can really work anywhere, anytime at the speed of mission. The software under DACJ can start delivering. We're also doing AI code assist, where now AI is going to do some code generation, and we're checking that. Uh Sunil started this effort, been very, very successful. We've realized a couple of million dollars already in avoidance and savings. So anyway, I can go on and on. I think I may have gone on my script a little bit, but uh but this was more fun. Uh I just want to let you know I'm very excited. The reason I bring this passion in is because I'm really proud of the team, but I'm also proud of all of you, how you've supported us. But I think now we're ready to go to the next generation. There is a tremendous amount of funding coming in, and we are all set to kind of uh, you know, with equity and process, really start developing and deploying anything with the from the towers to bringing stuff in uh with OTIT integration and to a mobile device and to more devices where even with uh hopefully some glasses, uh uh uh by the way, we we haven't decided on that yet. So uh we're gonna we're still working from that issue. But uh we're gonna make sure that from voice, video, text, translation, all this stuff is made available to an agent and officer where AI is the assist and the human is in charge. So I think with that, uh those are some of the things that we're going in. So again, applications, infrastructure, cybersecurity, OTIT integration, better spend on the money. Uh clearly the white White House, I've talked to the DHS CIO, I talked to him all the time. He's talked to the federal CIO. There's I've just talked to the GSA CFO just at another event right before this uh with Namisha Agarwal. But I think the key thing is that uh there's gonna be a lot of effort where savings across so that there's common solutions and those sort of things are deployed out and make it more affordable and more automation. I believe that's gonna be the order of the day. But other than that, nothing much to do.

SPEAKER_01

No, that's a great opening, uh, Sunny. Sunil, taking that a step further and drilling down, how are we really adopting a lot of these new technologies uh into the actual CV bision space? I know a lot of organizations get involved, probably enterprise architecture, infrastructure, obviously business. How are we governing that and how how's that coming along?

SPEAKER_00

Sure. Thank you, Dr. West. Uh my my boss, just to make sure, my boss I've only had one pin here, he has three, so he's the boss. So to make sure that that's what people understand that. I just had my review yesterday, so I need to be in the best behavior.

SPEAKER_02

And uh He did well yesterday, so it's still been great.

Connectivity, SATCOM, And 6G Readiness

AI Code Assist And Savings

Governance, TRM, And Security By Design

SPEAKER_00

So no, thank you, AC. So, first of all, thank you for having us. I really appreciate it. This these forums are very critical for us. Uh uh, like AC said, it's 24 by 7 for us as to what we do on a daily basis at CVP. I I came from the tech industry myself. I tell you, there's there is no other job like CVP job. I can tell you that. Nothing, not even close. I worked with the tech industry for 30 years, and uh this is the most fulfilling and uh I would say uh exciting job I've had in my in my career. It's uh very excited to be here, work for the AC here. And the thing which is we talk AC gave you like a whole kind of list of things and kind of vision of what he thinks where we are going and what we need to do. And uh so I'm one of his direct reports along with uh both the DAX and the CISO. And what we are trying to do is to figure out what's the best way. See, the thing is what generally happens, especially some of the agencies or some of the other companies, we try and boil the ocean. When we try and boil the ocean, kind of the concept really what it means is things don't work the way it's supposed to. I'm telling you, it doesn't work. But what is happening now is I think we are at a transformational age. We every conference that we talk to, we talk about transformation, but we truly are at the space right now within within our lifetime. I wish I was a little younger because these are very exciting times, especially in the technology space. And uh I came from Silicon Valley, so I've worked there for a while, and and uh some of the some of the folks uh who work there, um, they are working on some stuff which is you know which is going to transform what we are doing every day. Uh, we had we met a CEO of a very large uh company uh um six, eight months ago, and the gentleman I asked, I told him, so what do you think uh where we are? We had the dot com. And dot com was a you know, dot com was a bubble and a bust, people thought, but it gave us a whole new technologies to work on in the in you know from 2000 on late 90s to 2000 onwards, right? Because all the foundation is built on that right now, right? So we are, he said, no, no, we're not transformation. This is industrial revolution kind of changes we are going through right now. So that so the partners here were sitting here, I think you heard me speak before, right? It is we have to change how we do business. We really, we really do. Things are no longer like Secretary Noam said, right? It's no longer delivering stuff on a slower basis. Everything is due yesterday. It's really a fact. It's no longer, so we talked about code assist, I'll talk a little bit more about some of those things. So what we are doing is we're dividing the whole architecture in like I would say like two or three areas. Let's say three areas. One is the traditional making thing very, very efficient for our for our for our uh uh for our all our law enforcement and all the employees, all the contractors who work for us. That's one area. Make it more efficient. How do you get your job done faster? So you'll be hearing a thing called chat CVP. That's really helping, and we are getting a lot of information out. It's a it's a it's a it's kind of an interactive LLM-based chat. We do stuff in there and it supports various type forms, like you know, text, audio, video, and that and and and uh full motion kind of uh video also. It supports that. So that's becoming becoming making people very, very efficient. That's one area we're working on. The second area I would say is is the application development. Dak J, absolutely amazing. Dak WTC IO we have and his team, some of the folks will talk talk to you guys after us here. They are doing an amazing job taking these technologies, incorporating within these applications. Right? It's it's no longer building the application the old way anymore. So that's the other area to adapt very quickly, and we can go a little bit more in depth with that as to where where that is going. The third area with the AC mentioned, I think massive, massive, massive work is going on in this area is the operational technology area, which is operational. That means you're looking at for us, our whole border is operational for us, right? Not only that, you you have you have global entry, right? You guys come in, you go to a device, and something happened to the device, it says green check mark, and you go. That's an edge for you. That's the edge device, you can say, right? That work also is going on, especially how to make it more efficient from that perspective. Those are three silos I would say we are concentrating on. Then on top layer, you can put some of the areas we talked about. AC mentioned security is everywhere, horizontal and vertical security for every stack what we have. Our CISO we work very closely with. That's a critical part. And if he says no, it ain't happening. So whatever architecture, whatever products or services you're bringing to us, please keep that in mind. It is critical. We are very flexible. We do have SaaS offerings, but in certain areas, we want to keep it closer to our network. As you can imagine, why, right? There's more sprawl we have, the more issues we have. So just keep that in mind. So, second area I would say is from operational technology uh component is that 70% of all the data getting generated is a fact. It's getting generated on the edge. You will hear about NII. I'm sure this morning XD Jordy Harden talked about non-intrusive inspection. All the technology that's uh is being headed by XT uh Devakota and our team, you're doing a phenomenal job there. So all the technologies, what we're working on. So my job is working on the architecture component. And I tell you, I have to give a lot of props to both the DACs. One DAC is not here, Dak Mays. But Dak J, he says if it ain't approved by the CTO office, it ain't happening. We also own what is called the technical reference model. That means all technologies, software, hardware, from plane, drones, you just name it across the board, which hits the network, has to be approved in the TRM, which makes sense, right? You want everything to be secure. So that some of the areas we're looking at, that how exactly we we we we make this work. That I'm not we're not slowing anything down from that perspective. We have to make sure it's secure. We don't want any external components be uh be a uh a leak from somewhere else, which can create problems. That includes data sharing also. We may be very secure. We're sharing with somebody else. If there is a bottleneck or some issue there, guess what? We are also compromised, right? So when you're looking at the holistic architecture, we have to make sure from across the board that we are looking at everything else. And data sharing is phenomenal. We're doing it as you know, you must have heard of UIP, which runs from the X-Tevaker's team. Those are all great examples as at what's really working in a secure way. So we are very excited. Please talk to us. Uh, we'll talk a little bit about business connection moving forward as a portal. And if we don't get back to you, my boss gets mad at me. But I'm just telling you that because we get thousands of requests, right? I'm trying our best to respond to folks. So excellent. If I could just add one thing.

SPEAKER_02

Uh I think the key thing is uh data. We've we've we've we've uh in a lot of the technology architectures, we're already ahead. So what industry, when Silicon Valley and others have come to us, they were kind of shocked that this government agency that's already implemented some of the capabilities that we they're looking at. What we're interested in is there's still an opportunity for data mesh, data uh sharing, which is a clear uh priority of the administration. So there's a tremendous amount of data sharing and everything delivered to a mobile device where, for example, once we do all the national security targeting information, that package is delivered to an agent and officer, and with geospatial coordinates, they can get down to a building, to a room, to an apartment, whatever. And if they find someone one weekend uh through biographics and two levels and maybe even three levels of biometrics, face, touchless fingerprints, and maybe others may come down the line with FIFA 26 coming up and LA 28 coming up, all that ability to basically correlate and corroborate and make sure that is the right person. So we get the right person that needs to leave because they're a threat to the country. That sort of stuff is happening. I believe there'll be additional biometrics and additional need to link all that data together. So I feel like that's really key. Just to give you a mindset of where we are, we are uh a couple of Fortune 20 companies that I keep on saying this all the time, but I have some metrics to prove this. You know, we're talking about 40 to 50 billion data exchanges a day, you know. Uh we've got 10 billion transactions a day, we've got 50 petabytes of information that we're dealing with on a continual basis. So we think in some of the areas we need to do a little bit of better data uh classification and tagging. The main key is we've done our inventory first now. That is very key to enabling of AI. Don't forget that we need to also generate some energy for AI, because it's going to be a big consumer of that, right? So working with the energy department and others, how do we kind of make sure that that computing is made available? And so I think some of those things are really, really, uh, really, really key. We're also the number of attacks on us, uh 2.2 billion uh a month, are growing. So we're seeing quite a lot of threats. You saw the latest anthropic, uh, the Chinese uh uh uh government, I guess, uh were attributed to that. Uh and they tried. Uh we have not, uh we touch wood, are still good, but uh it every day is hand-to-hand combat pretty much. So I think just that vigilance where that whole data lifecycle, what are they really interested in, getting those analytics and seeing how that's really happening? The supply chain, if they can get to us and they can't so far, they're trying to get to a supply chain, where are the weak links, and then make that happen? That's another weakness that I think we should all take a look at together. So I think those are kind of things that uh are part of also the strategy.

SPEAKER_01

Excellent. Sonny, you talked about zero trust here at the beginning. Uh, how is OIT addressing uh some of the other OMB federal and departmental policies and priorities to really still achieve your goals?

Data Mesh, Biometrics, And Scale

Zero Trust, Policy, And Real Operations

SPEAKER_02

Yeah, that's a very good question because I think at some point, uh certain times, I I've again I've been a department CIO twice in previous uh roles. And you know, when you look at it from that perspective, it's really sort of you know, the the I look at the five principles, right? Policy, process, technology, uh, you know, people and governance, right? So it's easy to set a policy, but it's very hard to then implement real operations. So when I'm sitting on this side as a component CIO now, obviously we are really, I mean, we're talking like massive operations, like I said, a couple of Fortune 20s uh in one every day, transacting. I mean, you know, we're talking about 1.2 million uh travelers a day, we're talking millions of cargo elements a day, we're talking about 5. whatever, 7 trillion, the latest numbers came out of imports, exports. We're uh collections are almost at uh uh one quarter of a trillion dollars uh so far, uh on and on and on, right? So uh so some of these systems are really massive. So I think the answer to the question is uh we have looked at the policy and we're having a dialogue with the DHS CIO who's been very good, Antoine McCord, and uh and just telling him, hey, in certain things, you know, like for example, on certain areas of credential and access management, you know, understand the policy, give us a little time because I've got two or three iterations of things that are uh security embedded in application logic. There are certain systems or have two or three systems embedded. Some of these are national security systems, border security systems, or or uh what I call economic security systems. Uh uh, you can't just take an A system and then suddenly uh, you know, because there's a lot of custom code also in there. My goal obviously is to get to uh you know 80 to 85 percent uh cots and 10% configuration and the remaining five percent uh uh custom, but that's Not the case. I would say that it's uh at least 25% custom. And so how do we look at that whole code base? Uh the the AI code assist was a really interesting thing where the policy was, so the policy also, the administration is setting some things up from the federal CIO. Uh so I think the policies seem to be generally speaking as follows. One is uh automate more. Uh so get more automation so that uh and then that's one thing. I think, and get the government folks to do more uh with what they have and be more involved with actual maybe implementation uh as opposed to just oversight. Uh also expecting more from the contractors, better deals. Yeah. So licensing and all that, and the products, like for example, the TRM that uh I asked Sunil to create. Uh I'm a chief architect and chief engineer from before, so obviously he and I can we can talk in technical terms with the team, and we have a very technical team. I think that's one of the secret sauces of OIT's success is that everyone is first of all very driven. You know, Sunil gave a big salary to come over here, you know, for one low price, right? ADR weeks, uh, you know, are you enjoying government so far? Loving it, so he's loving it. See, there you go. It's not about the money, it's all about so uh so my bottom line is all my team would love the mission, and when we see things successful, that really energizes us. So, but for example, so that whole thing with the code assist is another policy that they're implementing. Uh more uh AI. Now there's a lot of concern there. Some people saying may take away jobs, you know, but we are trying to train our workforce that AI is the assist, the human is in charge. But what that means is you also have to change processes. Yeah. You want to you gotta change the processes. You know, IT only automates that inefficient process faster. So you gotta so I think that's another key that we're seeing. I think the other policy that's uh seemed to be coming out is CVP has been left alone. Uh I've said this before when Doge came in and uh they were reporting to Mr. Musk uh regularly, and uh a couple of those gentlemen were billionaires themselves. We came to the meeting, but they're techies. These are the folks who formed Tesla and SpaceX. And they said uh they've never seen a team this good, and they thought we're as good as SpaceX and Tesla employees. I took that as a compliment. Uh and but we met them at 10 o'clock at night. We met them at 11 o'clock at night, we met them at 1 o'clock at night, we got the thing done by 4 o'clock and we were still there. And I told my team, you gotta stay the course right now and fight the good fight to show that we're right there with them and can can you know hang with them blow by blow. And it worked. And it worked. And you know, we've all not had any any any issues here so far. But I think that's because all of our folks with relational database experts, you know, the contractors as well, everyone working together. I think the other policy is security first with uh uh very, very focused on on real-world, not just dashboards where FISMA scorecards are all green and suddenly you're compromised over here. So, what are the metrics that they're they're asking? So had good conversation with Antoine. Now, the thing that I'm also telling uh the DHSCIO is to look at from my standpoint. I'm in the battlefield every day, and there's a lot of complexity in this environment, right? And I gotta tell him, hey, I need some relief over here, you know, you just can't give me a score, which makes me look bad in front of somebody, you know. That, for example, uh, you know, when I was an engineering student, you know, I mean, if you got a 35% in my double E class in electrical engineering, that was a C in the class, right? Right? And nowadays I said you can make it 95, and 95 is a passing grade. So let's just, you know, make sure there's uh context for these questions. So I think those are the things that are, I think, are really important. I think he's listening, uh, and he's a really good CIO. So I think those are the kind of things that are going to be very, very important for our success. Uh, I think the biggest thing that's happening is information sharing. We've been told there should be nobody uh blocking us from sharing information to protect and uh safeguard this country. So protect the American people, safeguard our borders, enhance the nation's economic prosperity. No one should come in the way. In fact, sometimes they ask for names. And we just say, no, no, no, we we got it and we're working there. So I think to me, there is a certain uh, I'll just say, zest and uh and a certain focus that really is energizing the team. Uh so uh, you know, those 250 agile teams is now growing even more, and now they want uh, you know, maybe instead of 100 story points, thousand story points, and maybe 10,000. So we can do that. Uh, and we can do that through some automation, but we got to do it smart. So I think a little bit of planning, and this is where we're asking them to consider the fact that even with vendors and industry, we need a little bit of management and governance as well, in addition to hands-on keyboards. But I think that seems to be some of the things that are going on, and uh uh I think we're making a lot of progress in there, and uh obviously buying good American technology is uh is a key uh aspect as well. And I think you'll see a lot more in this area where savings and uh reduction on the TRM model, because we've got 10,000 products, we can't have that many. I think you'll see some of that coming in. So a lot of efficiencies and effectiveness. I think efficiency and effectiveness is the order of the day and and a certain urgency to national security. I mean, I'll just say that yesterday, for example, uh one of the agents uh uh from ICE was awarded uh uh uh you know for uh, you know, he was he he prevented sexual exploitation of children. Uh and and so who amongst us is not touched by that? You know, when we see that, that immediately connected, right? But some of that, some of the information and our sharing with our people from other national security to even other things, and found that person who was also a criminal, potential security threat to the United States, but also potentially a pedophile. Well, that's great. You found that and they're out of here. Uh, you know, so to me, that kind of thing is uh uh uh, you know, and I'm not saying just all external, I'm saying there's some models here also. But but to me, that's the kind of thing that is really resonating amongst our team, and it's we're working really well.