• State and local governments’ concern about cybersecurity is very real today. The worries are fundamentally about high-profile challenges as preventing identity theft, securing data and fighting off ransomware. How can government agencies overcome this looming challenge of cybersecurity?
"Don’t build world-class defenses against data sets that are already or should be open to the public and don’t over-classify systems and processes"
Government agencies should start with doing the basic things well. GSA has implemented secure baselines, monitoring and control agents/services that are location independent and protect endpoints from phishing, malware, and ransomware attacks. We utilize strong authentication, host encryption, and active managed defense capabilities to sweep and hunt for malware regardless of host location. Reduce the value of government assets by taking a risk-based approach. Don’t build world-class defenses against data sets that are already or should be open to the public and don’t over-classify systems and processes. Pivot those resources to the parts of your infrastructure and data that truly need protecting. Open source/share as much of your enterprise as possible.
• Incremental adaptation to technical change and disruption is no longer enough. What steps can government agencies take to keep pace with innovation?
When creating modernization and innovation plans, government agencies need to lead with the needs of the business. As the business evolves, specific systems and application requirements may need to change resulting in potential changes to the infrastructure. Invest in minimally viable products (MVPs) and if those show promise, continue to double down on that investment. If a technology doesn’t show value, pivot the work toward better outcomes or kill it immediately. That said, establishing a flexible and resilient infrastructure that stays in lock-step with the business needs is critical. Agencies need to make the business case by showing the business outcomes and value that occurs when spending wisely in IT modernization. They need to show the alternatives that may occur by not investing in IT modernization.
• How can agencies redesign systems and talent to accommodate the increased use of cognitive agents, bots, and other AI-driven technologies? Please elaborate.
Agencies are still at the beginning phases of utilizing automation, AI, and other cognitive technologies. At the same time, working closely with academia, industry partners and private-sector analogs to speed the adoption of these technologies is the right thing to do as they are yielding significant value in pilots and early operations example. At GSA, we’re using commercially-integrated AI solutions as part of its tooling in operations, collaboration, and security. GSA is also heavily exploring robotic process automation (RPA) and has already implemented a variety of pilot programs in multiple domains. One of the bots in our acquisition arm will allow employees to focus on negotiations, customer service, and data analysis while the bot will take care of time consuming administrative tasks at the speed of electrons. That said, effective use of these technologies will indeed highlight target areas for modernization and transformation on both the technology and business process side of the equation. This feedback loop is one of the greatest values of these technologies.
• The combination of augmented reality (AR) and virtual reality (VR) is beginning to move beyond proofs of concept to enterprise implementation. Government use cases might include training for complex tasks and group collaboration. How can these technologies be integrated into existing infrastructures and get advice on navigating evolving technology and governance standards?
Augmented Reality (AR) and Virtual Reality (VR) should initially be built off of the data sets we currently have using locally-driven pilots—that reduces the complexity of what is being evaluated, which should focus specifically on the user impact of the use of the new technology. They are both widely commercially available, keep the costs low and use commodity tools. But government needs to make sure the technology is beneficial to the user.
• Digital innovation has redefined customer experiences— and today, leading organizations are expanding those innovations into back-office and mid-office systems. Starting with areas like finance and supply chain, technologies such as blockchain, machine intelligence, and the Internet of Things are presenting opportunities to modernize the back office and support better constituent-facing innovation and growth. Your views on this trend.
Trends in digital innovation allow GSA and other government agencies to improve and modernize many of its citizen facing services and, most importantly, increase the value of citizens’ interaction with government. For example, citizens should be able to log in once to government and know that the full suite of government services are available to them, regardless of mission area. The Internet of Things is allowing GSA to strive to be a data driven organization, especially when it comes to the Smart Buildings program. To be effective, the approach must permeate all aspects of the business from design and construction to energy and operations, staff development, tenant value creation, capital projects and sustainability. This is the most businesslike, cost-effective, scalable, flexible way to provide economies to the American taxpayers. We are learning a tremendous amount by analyzing the massive tidal wave of data that comes off of the sensors in our buildings in aggregate. This allows us to not only save money, but repair things before they break. This keeps our tenants happy and focused on their mission.
• Application programming interfaces (APIs) have long been key building blocks to system and application integration, interoperability, and modularity. Now organizations are making data more accessible by treating APIs not as data integration mechanisms, but as products. How can government agencies take advantage?
As governments, one of the most wasteful and risky, from a security and privacy perspective, things we can do is build massive data lakes as a way to integrate various disparate data sets. Using APIs to exploit data sets in-situ is a markedly better design that allows government to present complex structured and unstructured data with best of breed presentation and data analytics/sciences tools while obviating many classic data stewardship, chain-of-custody and governance issues. The increasing business logic contained in APIs allow us to bring improving transparency into these data sets, especially on the unstructured side. As an aside, the GSA open-source framework allows us to expose those APIs for use and re-use, maximizing the value of the APIs but also allowing multiple stakeholders to provide input so that they bring the best visibility into the data they integrate.