Artificial Intelligence Archives - Page 13 of 15 - | ̽��Ƶ| ̽��Ƶ

Revolutionizing Communication with 5G

Posted on by Mark DeMerse

As technology progresses, communication is revolutionized worldwide. To maintain pace with cybersecurity and technology standards, the United States Government can utilize the transformative features of 5G, the fifth-generation global wireless technology standard for cellular networks.

Transforming Network Standards with O-RAN

With the development of Open Radio Access Networks (O-RAN,) a feature that allows interoperability between cellular network equipment providers, the development and integration of 5G has greatly expanded. The role of O-RAN has important applications in the Department of Defense (DoD), whose goal is to promote national and economic security. By integrating 5G networks into the defense sector, different departments can quickly communicate with each other. With the usage of O-RAN and 5G combined, agencies have a much larger, diverse ecosystem of vendors to choose from.

As with any new feature, there are costs to the implementation process. In the 2021 National Defense Authorization Act, Congress put aside $1.5 billion dollars which is being utilized to develop a unified vision and strategy towards O-RAN and 5G. The congressional statutory language calls out seven big-picture objectives, most of which are centered around promoting the deployment of 5G. These are to:

Add network virtualization
Authorize new security features
Accelerate the development of technology
Promoting the deployment of 5G within the DoD
Develop standards to enable a multi-vendor ecosystem
Create open, interoperable telecommunication networks
Allow interoperability to manage multi-vendor situations

While the act provides ten years to carry out its strategy, these standards should be added as soon as possible due to the fast-paced development of technology.

Aiding the DoD

The DoD and 5G form a mutually beneficial relationship. 5G is created with security built in, so an investment in 5G is an investment in cybersecurity. By utilizing 5G at bases, the DoD can test its capabilities, as well as streamline and amplify the effectiveness of non-combat operations. This can include supply chain efficiency, large scale IoT networks, asset tracking and logistics management all while reducing costs. In return, the DoD tests and further funds 5G. The addition of 5G can provide lower mission costs, enhanced speed and provide higher quality operations. It also factors in risk reduction to each operation, by taking the cumbersome human process out of the equation and making certain operations less complex.

For the DoD, the key motivations in testing and using 5G are threefold. One, it aims to achieve streamlined and functioning interoperability, where individuals can handle operations from a single tablet. Two, it aims to reduce the amount of manual handling in operations. Since 5G has the latency to compute such artificial intelligence (AI) and machine learning (ML) capabilities, it can perform time consuming tasks such as perimeter security. And three, the usage of 5G allows the DoD to gather data about 5G to utilize predictive analytics in the future.

The Future of 5G

There is more that 5G can do for military applications. With the advantage of 5G, there may be a paradigm shift in the usage of private wireless and on-demand communication. One of the biggest advancements of using 5G in a military context is the flexibility that comes with 5G being cloud native. 5G provides more capacity than traditional Wi-Fi or hotspots as it focuses on transport networks. With 5G, international communication could be streamlined, as frequency coordination between departments and consumers would no longer be required. 5G comes with the benefits of mobile edge computing and being O-RAN compliant, meaning it is up to Federal standards. This could even be helpful in residential rural and remote environments, where internet and satellite access is limited. There have been tests across various United States bases, aiming to utilize ML to tailor 5G to each user’s needs. To get these features, consistent testing is vital, even if it is not immediately profitable.

With all the changes to the way combatants use technology, it is important to enable the military to integrate 5G operations. By codifying new strategies and usage methods, agencies can reference, read and follow through with new procurements. With the addition of 5G, communication within the DoD and nation can be revolutionized in nearly unimaginable ways.

Visit ̽��Ƶ’s 5G technology solutions portfolio to learn more about ̽��Ƶ’s 5G Summit event and how we, along with our partners, can leverage the best and most reliable services to support your organization’s 5G mission.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at ̽��Ƶ’s annual 5G Conference.*

AI Paving the Way for New Healthcare Innovations

Posted on by Tim Boltz

With the boom of consumer facing artificial intelligence (AI) through Chat GPT and other tools, the discussion of AI applications within healthcare has also become a priority with exciting new developments. Pre-COVID, there was some hesitancy with telehealth, whereas now it has become a highly valued, main offering within the healthcare ecosystem. Similarly, AI is becoming a key mobilizer for improved patient outcomes and more efficient provider processes. Through the power of the cloud and supercomputing, AI is opening doors for transformational results throughout all aspects of healthcare including personalized medicine, medical research and trials, treatment efficacy and more. Once healthcare organizations better understand the benefits that AI unlocks for all stakeholders, they can take the next steps to apply it to their individual health networks.

Benefits of AI in Healthcare

Patients

The potential uses for AI in the medical field are endless and apply to all levels of healthcare with improvements for patients, healthcare providers and healthcare administrators. When organizations invest in AI, it decreases wait times for patients, optimizes appointment availabilities and increases overall access. AI can also interpret imaging and detect illnesses faster which minimizes treatment delays. Through wearable technology and personalized medicine, AI is enabling patients to gather health data and manage treatment from home. This customizable capability is especially valuable for rural or low-income patients to level out the social determinants of health and offer treatment through telehealth while saving on costs for all involved.

Medical Providers

AI can significantly reduce the administrative burden for medical providers by automating routine tasks and increasing bandwidth for front line staff to complete other medical duties. A hallmark capability for AI is analyzing data which it can aggregate from wide pools of information to suggest electronic health record (EHR)-based interventions, predict possible future patient ailments and offer a more unified, comprehensive picture. In a post-COVID-19 world, AI healthcare data applications offer the extremely relevant and desired ability of anticipating future public health crises through research and analytics. These AI forecasts can accelerate understanding for policy creation, reinforce healthcare resources and provide precision public health.

Healthcare Administrators

Applying for grants can be a time-consuming process, but with AI evaluating grant proposals, healthcare administrators can quickly identify which grants to apply for and which to pass. AI can also detect potential fraud cases. It is currently being implemented at the Centers for Medicare and Medicaid Services to make sure that applicable citizens receive the proper care and services they deserve, and by the Department of Health and Human Services to analyze counterfeit drugs to prevent fraud and preserve the efficacy of vital medications.^[1]

Making AI a Reality for Individual Healthcare Networks

With these groundbreaking benefits, instituting AI is a clear case. Currently about 98% of healthcare organizations have or are planning to implement an AI strategy.^[2] To make this a reality, healthcare organizations must focus on three main areas:

Understanding the technology capabilities, requirements and use applications
Educating providers and building trust with patients
Instituting privacy and security policies

Understanding what AI can do, which applications to pursue for individual hospitals’ use cases and what it takes to operate the technology, needs to be a collaborative effort between all levels of a hospital system. Many clinicians are burned out and looking for tools that will ease their burden while also improving care. Through proactive conversations with medical providers and C-suite stakeholders, CIOs and management can present the investment benefits and ultimately increase full system buy-in and ability to scale effectively and efficiently.

Educating medical ecosystems and patients with the digital skills and knowledge to utilize the technology resources is also important for proper usage and increased adoption. Once providers understand the potential of AI and the practical ways it can improve their workflows, they can be confident in using the tools and clearly articulating the information to patients. Trust is a huge component of thriving, effective care. Clearly presented information establishes that rapport with patients and clinicians. Overall, training re-establishes for providers and administrators the priorities of patient safety, professional accountability and protection from reputational, legal and financial risk to ensure that the AI technology is used responsibly. Through proper education, patients also feel empowered with how AI is being implemented in their care and the commitment of their medical team to pursue the safest and best outcomes.

The last key element to establishing the use of AI in healthcare and maximizing its benefits is keeping privacy and security top of mind. Hospital management need to consider what policies and procedures they will institute to protect patients’ data and prevent bad actors from exposing personal information or disrupting care. Data integrity is also vital to keep AI algorithms’ predictions and assessments accurate. Healthcare network administrators will need to evaluate the best method to securely store that data whether through a cloud provider or building encrypted data storage on premises using private AI with an internal high computing platform specific to the individual hospital. These management policies and governance frameworks will not only offer standardization, they will also help build trust with patients while providing enough flexibility for AI innovation and growth.

Ultimately the partnership of AI with medical experts enables the perfect balance to deliver rapid, actionable insights and improvements while humans manage the usage of the technology to ensure quality care for each medical case. The future of healthcare is patients being able to take greater ownership of their health through aggregating additional data and applying AI to achieve better treatments. Providers and staff will be able to maximize their time through AI optimizations and provide more proactive care based on AI predictions. These advancements will revolutionize the healthcare industry as we know it and pave the way for a healthier society. Some are calling AI the next quantum leap in technology, and healthcare should be at the forefront of leveraging the resources to drive improvement, accelerate innovation and save lives.

To learn more about how ̽��Ƶ is enabling healthcare organizations to achieve technology innovations such as AI, visit our Healthcare Technology and AI and Machine Learning solutions portfolios and speak to a representative who can help meet your solution needs today.

Resources:

[1] “HHS CIO Karl Mathias Details 3 Promising Applications of AI in Health Care Sector,” GovConWire,

[2] “AI Survey: Health Care Organizations Continue to Adopt Artificial Intelligence to Help Achieve Better, More Equitable and Affordable Patient Outcomes,” Optum,

Adobe Express: The Content Creation Powerhouse

Posted on by Gary Reburn

Adobe Max 2023 has finally arrived, and with it came a slew of intuitive new features and software options. As expected, Adobe’s primary focus this year was on its powerful AI innovations and tools. Unexpectedly however, Adobe Express, an application which previously was focused on social media content creation has received an enormous upgrade. So, let’s talk about these exciting new features and why it’s exciting for the government space.

Adobe Express is a powerful software suite that has gained significant traction in various industries for its user-friendly interface and versatile tools. While it’s widely known for its applications in creative fields such as graphic design, marketing, and content creation, its potential in the government space remains largely untapped and yet to be fully realized. Its adaptability and diverse functionalities make it an asset for government agencies seeking efficient solutions for their content related projects.

One of the primary advantages of Adobe Express in the government sector is its ability to streamline communication. The software allows for the creation of visually engaging documents, presentations, and reports, enabling agencies to convey complex information in a more digestible and visually appealing manner. Whether it’s producing internal reports or communicating with the public, the software’s intuitive design tools aid in crafting impactful visual content, enhancing the effectiveness of government messages.

Adobe Express Content Creation Blog Embedded Image 2023

Furthermore, Adobe Express’s compatibility with various file formats ensures seamless integration with existing government systems. This feature is pivotal in maintaining consistency and compatibility across different departments and agencies, facilitating the exchange of information and collaboration between various governmental bodies. It promotes a standardized approach to document creation, reducing compatibility issues and simplifying the sharing of information.

Data security and compliance are of utmost importance in the government sector, and Adobe Express offers robust security features to ensure the protection of sensitive information. With encryption, user authentication, and secure cloud storage options, the software provides a level of security essential for government use.

Another aspect worth highlighting is the software’s ability to handle a wide variety of tasks within government operations. From creating visually rich training materials for employees to designing public awareness campaigns, Adobe Express caters to a wide range of needs. Its features enable the development of interactive forms, streamlined workflows, and the creation of accessible content, ensuring inclusivity within government initiatives.

In addition, the software’s capacity for analytics and data visualization aids in the communication and presentation of complex information. This capability is invaluable in governmental decision-making processes, enabling officials to comprehend data more effectively and communicate insights to stakeholders and the public.

The use of Adobe Express can also lead to cost and time efficiencies within government departments. The software’s user-friendly interface reduces the need for extensive training, allowing employees to quickly grasp its functionalities. Its cloud-based solutions minimize the need for extensive physical infrastructure, reducing costs related to storage and maintenance.

As the digital landscape continues to evolve, the implementation of Adobe Express in government operations becomes increasingly relevant. However, its adoption may require tailored training programs and guidelines to ensure its optimal use and adherence to government protocols and standards.

In conclusion, Adobe Express offers a variety of tools and features that can significantly benefit government agencies. From enhancing communication and data security to fostering efficiency and innovation, its application in the government space holds immense potential, paving the way for more effective and visually compelling government initiatives.

Contact our team today to learn more about the latest trends discussed at Adobe MAX 2023 and how ̽��Ƶ’s Adobe experts can support your organization.

DevSecOps: Achieving Efficiency and Scale with Automation and Software Factories

Posted on by Rich Savage

In today’s rapidly evolving digital landscape, Government agencies face many challenges in delivering modern, secure software applications to the end-user. DevSecOps is a methodology that combines development, security and operations to create a more streamlined and secure software development process. This concept has emerged as a transformative approach that integrates security practices, automation and software factories into the software development lifecycles from its inception. At the industry experts and innovators shared their knowledge of emerging tools, effective strategies and methodologies in software engineering through several educational sessions.

Unlocking Efficiency: The Power of Automation and AI/ML

Automation helps developers improve the efficiency and quality of code, reduce risk and combat security vulnerabilities. As a key component of DevSecOps, automation allows developers to simplify many of the tasks involved in software development, such as testing, deployment and monitoring. Once automated, developers can focus on writing high-quality code and addressing security vulnerabilities, rather than spending time on redundant manual tasks.

The use of AI has transformed the way developers work, compared to 20 years ago when code was primarily written from scratch. Today, external libraries — software code written by a third-party source — are used frequently which introduces a new set of risks and benefits. The benefits include making software development faster and more efficient as developers use pre-existing code to build their applications. However, if a third-party library has a security vulnerability, it can be exploited by malicious actors to gain access to sensitive data. If not maintained properly, the third-party library can become outdated and incompatible with other software components.

Software Factories

Software development has become an essential part of today’s business operations, and Government agencies are constantly seeking ways to improve their processes. Recently, the concept of the software factory—a structured approach to software development that emphasizes standardization, automation and collaboration—has gained popularity. It establishes a set of tools, processes and best practices that enable teams to develop software more efficiently and effectively. The goal of a software factory is to create a repeatable and scalable process for software development that can be applied across different projects and teams. By implementing this strategy, agencies can improve the quality, speed and consistency of their software development efforts.

One of those best practices, Continuous Integration and Continuous Deployment, are combined in a single process known as CI/CD. CI is the practice of frequently merging code changes from multiple developers into a shared repository, where automated tests are run to address integration issues early in the development cycle. This ensures the code is always in a releasable state and reduces the risk of conflicts and errors when changes are merged. CD, on the other hand, is the practice of automatically deploying code changes to production as soon as they pass the necessary tests and checks. Thus, enabling teams to release software changes quickly and frequently. By utilizing CI/CD, teams can achieve a continuous flow of code changes from development to production, which is imperative for modern software development.

Elevating DevSecOps: A Blueprint for Integrating Early Software Security Measures

Securing software in a containerized environment presents unique challenges due to the dynamic nature of containers and the distributed nature of container orchestration platforms like Kubernetes. Government agencies must ensure that containers are properly configured and secured, as misconfigurations can lead to vulnerabilities that can be exploited by attackers. Another difficulty is detecting and responding to security incidents in a timely manner, as containers can be spun up and down quickly and may be spread across multiple nodes in a cluster. Securing software early can help agencies reduce risk, lower costs, deliver software faster and improve collaboration between development and security teams.

Another crucial component of DevSecOps—continuous delivery—enables teams to deliver software changes quickly, safely and sustainably. This means that teams can release software changes frequently and with confidence, knowing that the changes have been thoroughly tested and are ready for production. Through a combination of automation, collaboration and feedback loops, continuous delivery helps reduce the time and effort required to release software changes.

Agencies can adopt a DevSecOps approach that integrates security into the software development lifecycle from the beginning. This involves using tools and processes to automate security testing and validation, as well as incorporating security requirements into the development process. For instance, agencies can use tools like vulnerability scanners and security-focused container images to detect and remediate vulnerabilities in containers. They can also use automation to validate security requirements and ensure that containers are properly configured and secured.

Securing software early in the development process can lead to several benefits including:

Reduced risk of security incidents: By identifying and addressing security vulnerabilities early in the development process, agencies can minimize the risk of security incidents and data breaches.
Lower costs: Fixing security issues later in the development process is much more expensive than addressing them early on. By integrating security into the development process from the beginning, agencies can reduce the cost of fixing security issues and avoid costly rework.
Faster time to market: Adopting DevSecOps approach can help agencies to deliver software faster by automating security testing and validation. This decreases the time for manual testing and enables faster release cycles.
Improved collaboration: Agencies can strengthen collaboration between development and security teams to ensure requirements are properly understood and incorporated into the development process. This proactive initiative can help foster a culture of security throughout the agency.

The adoption of DevSecOps, along with its fundamental principles, empowers Government agencies to establish a more efficient and secure software development process. This is achieved through the implementation of automation, the adoption of a software factory approach and the early integration of security measures.

To learn more about DevSecOps best practices and trending innovations, visit ̽��Ƶ’s DevSecOps vertical solutions portfolio.��

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at ̽��Ƶ’s annual DevSecOps Conference.*

Transitioning Towards a Sustainable Healthcare Mindset at DHITS 2023

Posted on by Mike McCalip

Since the Defense Health Agency (DHA) oversees the entire military health system, it knows how important it is for members of the military and their doctors to be able to access medical records quickly and universally. In August 2023, the DHA hosted the Defense Health Information Technology Symposium (DHITS) where military health system (MHS) stakeholders discussed its newest asset– the Military Health System (MHS) Genesis. With the creation of this universal health record database, military members’ health records can easily be accessed, whether they are active-duty or not. Currently being rolled out in waves, the MHS Genesis plans to expand health records accessibility between different military branches.

Benefits from MHS Genesis

While still new, the MHS Genesis already shows improvements in several areas which include:

Enterprise and Cultural Interoperability: Some doctors may have different views or standards than others. This universal system makes patient files easily accessible to any doctor, regardless of military branch or practice. Now, the IT systems and Electronic Health Records (EHR) work together seamlessly. Different military branches will be able to use the same uniform system when it comes to accessing patient files and records, making the job easier for both patients and doctors.
Patient-Centric Care: With the MHS Genesis technology enhancements, it is now easier than ever to meet patients at their home on a Tuesday through telehealth. Telehealth is especially important within the military to give patients flexibility in choosing appointments as well as requesting information or gaining access to their medical records.
System and Process Automation: Medical professionals struggle with the global constraint of time. The MHS enables providers to automate tasks, saving time on things like paperwork and allowing for more one-on-one patient care.

Next Steps for the MHS

Currently, the entire DoD is at an 86% implementation rate for the MHS Genesis. It is actively being used in all DHA locations in the U.S. with plans to incorporate the universal health record system into the remaining treatment facilities outside of the United States by the end of 2023.

As leaders within the MHS continue their journey into modernization and sustainability, it is important that they equip people with the right knowledge and skills to be able to deliver their future vision of what military medicine should look like. The number one purpose of this emerging technology is to ensure the medical readiness of the military. The MHS Genesis will help guarantee that this stays a top priority, as it creates better access to information and helps deliver that information to the decision makers. Using Artificial Intelligence (AI) in medical settings is an exciting development that will help with diagnosing, personal assistants, risk analysis, forecasting and more. Through AI support, doctors will be able to spend more time on their patients and less time on large amounts of paperwork.

While the implementation of the MHS Genesis has been a success, all branches of the DoD must continue to communicate and collaborate openly and effectively. They must also involve other stakeholders by breaking down data silos and sharing freely what does and does not work in an enterprise setting. This will ultimately help with addressing public health challenges, ethically using AI in a medical setting, cybersecurity and more.

The MHS journey coincides with changing the deployment approach to a “sustainment” mentality. A sustainment mindset involves focusing on:

Optimization of user experience: Seeking feedback and continuing to adjust the technology to enhance user experience
Scalability: Scaling the success and implementing the changes across the enterprise if success is found with one configuration setup
Standardization: Creating a standard vocabulary and process for enterprise usage, so people communicate with the same terminology across the MHS

At the end of the day, the most important thing is that patients receive the care they need. Through the MHS Genesis and the IT solutions discussed at DHITS, the MHS hopes to greatly boost patient experiences, increase trust in the military health system, reduce healthcare provider burnout and give patients and clinicians access to data in real-time.

Visit ̽��Ƶ’s Department of Defense and Healthcare solutions portfolios to learn more about DHITS 2023 and how ̽��Ƶ can support your organization in these critical marketplaces.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at DHITS 2023.*

Generative AI, DevSecOps and Cybersecurity Highlighted for the Air Force and Space Force at DAFITC 2023

Posted on by Mike McCalip

Thousands of Space Force and Air Force personnel and industry experts convened to discuss the most current and significant threats confronting global networks and national defense at the 2023 Department of the Air Force Information Technology and Cyberpower Education & Training (DAFITC) Event. Throughout the many educational sessions, thought leaders presented a myriad of topics such as artificial intelligence (AI), DevSecOps solutions and cybersecurity strategies to collaborate on the advancement of public safety.

Leveraging Generative AI in the DoD

At the event, experts outlined three distinct use cases for simplified generative artificial intelligence in military training.

Text to Text: This type of generative AI takes inputted text and outputs written content in a different format. Text to Text is associated with tasks such as content creation, summarization, evaluation, prediction and coding.
Text to Audio: Text to Audio AI can enhance accessibility and inclusion by creating audio content from written materials to support elearning and education and facilitate language translation.
Text to Video: Text to Video AI is primarily geared towards generating video content from a script to aid the military with language learning and training initiatives.

Dr. Lynne Graves, representative of the Department of the Air Force Chief Data and Artificial Intelligence Office (CDAO), provided attendees with a brief timeline of how the USAF will fully adopt artificial intelligence. The overarching aim for AI integration is to make it an integral part of everyday training, exercises and operations within the Department of Defense (DoD).

In FY23, the DoD is focusing on pipeline assessment. Using red teaming where ethical hackers run simulations to identify weaknesses in the system, internal military personnel target improvement of their infrastructure and mitigation of the vulnerabilities in the different stages of the pipeline.
In FY24, the emphasis will be on the Red Force Migration policy, which involves developing, funding and scaling the necessary strategies.
In FY25, the goal is for the department to become AI-ready. This entails preparing for AI adoption at all agency levels, establishing a standard model card that explains context for the model’s intended use and other important information, creating a comprehensive repository of data and implementing tools for extensive testing, evaluation and verification.

USSF Supra Coders Utilize DevSecOps for Innovation

The current operations of United States Space Force (USSF) Supra Coders involve a range of activities that combine modeling, simulation and expertise in replicating threats. These operations are conducted globally, and currently include orbit-related activities, replication of DA ASAT (Direct Ascent Anti-Satellite) capabilities and the reproduction of adversarial Space Domain Awareness (SDA).

The USSF Supra Coders have encountered limitations with software solutions, including restrictions tied to standalone systems, licensing structures with associated costs and limited adaptability to meet the specific needs of aggressors and USSF requirements. DevSecOps presents a multifaceted strategy for mitigating the identified capability gaps noted by the USSF Supra Coders. It can help create more effective and efficient software solutions through seamless integration of security protocols, streamlining system integration processes, optimizing costs and enhancing customizability.

Cybersecurity Within the Space Force

Cybersecurity is a shared responsibility across the DoD but is especially relevant for the U.S. Space Force. As a relatively newly emerging branch of the military, the Space Force is still developing its cyber strategies. Due to its completely virtual link to its capabilities, the USSF must prioritize secure practices from the outset and make informed decisions to protect its networks and data.

Currently, the Space Force is engaged in the initial phases of pre-mission analysis for its cyber component which serves as a critical element for establishing and maintaining infrastructure through the integration of command and control (C2). These cyber capabilities encounter a series of complex challenges, which necessitate a multifaceted approach including the following solutions:

Enforcing Consistent Cybersecurity Compliance
Developing Secure Methods to Safely Retire Old Technology
Enhancing Cryptography Visibility
Understanding Security Certificate Complexity
Identifying Vulnerabilities and Mitigating Unknown Cyber Risks

While the Space Force faces a uniquely heightened imperative to bolster its cybersecurity capabilities with its inherent reliance on information technology and networks in the space domain, the entire community must collaborate effectively to achieve military leaders’ targeted cybersecurity capabilities by the goal in 2027.

The integration of generative AI in military training, innovations through DevSecOps by the USSF Supra Coders and cybersecurity initiatives of the Space Force collectively highlight the evolving landscape of advanced technologies within the Department of Defense. Technology providers can come alongside the military to support these efforts with new solutions that enhance the DoD’s capabilities and security.

Visit ̽��Ƶ’s Department of Defense market and DevSecOps vertical solutions portfolios to learn more about DAFITC 2023 and how ̽��Ƶ can support your organization in these critical areas.��

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at DAFITC 2023.*

Software, AI, Cloud and Zero Trust as Top Priorities for the Army and DoD at Large at TechNet Augusta 2023

Posted on by Mike McCalip

Many of the major cybersecurity, data, DevSecOps and other trends from the past couple of years continue to grow and be top priorities for every segment of the Department of Defense (DoD). At TechNet Augusta 2023, Government and industry experts shared the specific needs of their organizations across those areas and solutions to help achieve their goals. The main theme of the event was “Enabling a Data-Centric Army” and expanding those principles and their mobilizing technologies to the entire DoD. For the Army in particular, the shift from hardware to software, the use of artificial intelligence (AI), cloud capabilities and Zero Trust were headlining topics at the conference.

Shifting from Hardware to Software

In an effort to increase agility and expand access to resources, the Army is transitioning its equipment from hardware to software. Amending its materiel release process to decouple software from hardware allows the Army to deploy software outside of the long hardware acquisition cycle. To mobilize this endeavor, the Army Futures Command (AFC), is modifying its software requirements to focus on high-level overviews that are then refined by operators. Alongside this shift, the Army and other departments requested that technology providers ensure that their software solutions integrate with each other. Going forward, the Army also asked industry to provide software that is not tied to specific hardware. This separation will be key to establishing data-centricity. Nearly every speaker echoed the importance of this shift for their departments.

Utilizing AI

With this major transition to a software-heavy environment, Army Chief Data and Analytics Officer David Markowitz believes it will be an ideal use case for generative AI in software development. Having a controlled environment in software development would make it easier to properly govern compared to the complexity of some of the other uses. As AI usage increases across the DoD, military leaders requested industry create AI platforms with layered complexity of features enabling users of any skill level to utilize the technology effectively. In regard to AI applications for data, Army CIO Leonel Garciga stated that additional guidance on “Data Use on Public/Commercial Platforms” would be released soon to clarify its policy. Overall, officials concurred that the DoD is not looking to become 100% reliant on AI aid but instead maximize AI’s strengths to augment human critical thinking and empower commanders to make data-driven decisions.

Enabling Cloud Capabilities

Over the past year, the Army has exponentially increased its cloud migration and virtualized capabilities. Housing information in the cloud optimizes data storage and simplifies ease of access particularly with the increase in data output, and the push for AI data analytics and data-driven decisions. Hybrid cloud solutions offer the readiness, adaptability and duplication of vital information necessary for military operations to continue smoothly in any situation. Currently, DoD leaders seek industry solutions for modernizing and moving applications to the cloud simultaneously. Acquiring technology with this ability would reduce both the security risk and the work required from the military to implement it.

Expanding Zero Trust

Overarching every aspect of the DoD is the critical need for cybersecurity. Garciga plans to emphasize Zero Trust implementation heavily in conjunction with improving user experience and cyber posture. While multi-factor authentication offers a great starting point, military leaders explained that it is not enough and that they look to partner with industry to close virtualization vulnerabilities through continuous monitoring and regular red teaming. At the conference, the Army Cyber Command (ARCYBER) outlined seven principles for IT providers to follow for all capabilities they deliver:

Rapidly Patch Software
Assess All Production Code for Security Flaws
Improve Security of Development Networks
Isolate Development Environments from the Internet and from the Vendor Business Network
Implement Development Network Security Monitoring
Implement Two-Factor Authentication (2FA) on Development Network and Testing Services
Implement Role-based Permissions on Development Network

Empowering DoD Success

A consistent thread woven throughout the event was the vital nature of open communication and partnership between the DoD and technology companies to achieve the established goals. Within each of these areas including the shift from hardware to software, use of AI, cloud capabilities and Zero Trust, the DoD looks to innovate and explore new methods and solutions to stay ahead on the world platform. Together through collaboration, industry can have a vital role in keeping American citizens safe one technology update at a time.

Explore our Federal Defense Technology Solutions Portfolio to learn how ̽��Ƶ can support your organization through innovative, agile defense resources and IT capabilities.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at TechNet Augusta 2023.*

Innovation in Government: The Future of Technology with Dell

Posted on by Erica Raymond

Advances in communications, data analytics and cloud ecosystems are supercharging efforts to modernize government. Leaders recognize that partnerships with industry are essential to their success with emerging technologies, including groundbreaking tools and techniques that help agencies tackle a wide array of challenges. The government is facing monumental challenges, such as the economy, climate change, public health and military preparedness. These large-scale, broad impact problems require new and innovative ideas to solve. Organizations such as the Computing Technology Industry Association (CompTIA) and the National Institute of Standards and Technology (NIST) have released guidance and strategies for agencies hoping to move past existing restrictions by updated legacy systems. ̽��Ƶ’s most recent Innovation in Government Report includes insights from industry experts at Dell Technologies on how emergent technologies can help government push past those boundaries, with deep dives on 5G, artificial intelligence, digital twins, edge computing and cloud ecosystems.

��A Secure Way to Use AI-Assisted Data Analytics

“Federated learning is becoming increasingly relevant given the emergence of ChatGPT and other AI-based technologies. Industry and government leaders recognize that it is essential to develop AI in an ethical, unbiased way that ensures information privacy and security. The only way to do that is to take a critical look at the technologies that are evolving and shape them in an intentional way. Right now, AI is not as secure as it could be. It is susceptible to the same vulnerabilities that affect other technologies. Therefore, agencies and their industry partners should focus on protecting data where it resides, instituting a zero trust architecture and securing AI algorithms.”

Read more insights from Ed Hicks, business development manager for federal and AI at Dell Technologies.

What the Evolution of 5G Means for Government ��

“5G is the first generation of cellular technology that’s cloud native, which means it has the flexibility to be fully virtualized and deployed in several different architectural designs, hosted on commercial servers. Agencies now have the ability to dynamically scale up or down depending on the network load at the moment. In addition, many large hyper-scaler cloud vendors are exploring ways to provide 5G as a service and combine the virtualized network function with cloud-hosted workloads, integrating the telco workload into the traditional IT stack.”

Read more insights from Greg Burrill, 5G/Networking Alliance Manager at Dell Technologies.

��

Taking Modernization to the Next Level with Digital Twins

“Digital engineering is digital transformation applied to the realm of systems engineering. It is another path to IT modernization. Digital twins require the foundations of a digitally transformed environment and its elements of data management, agile development, DevSecOps and container-based orchestration. Digital twins focus on bringing data from the physical world into the digital arena, gleaning insights through artificial intelligence and then displaying those insights visually for users. Digital twins can deploy those conclusions in the physical world, measure the results of the changes and start the loop over again by feeding that data back into the digital arena.”

Read more insights from Ken Rollins, Technology Architect for Digital Engineering/Edge at Dell Technologies.

How Repatriation Fits into a Broader Cloud Strategy

“When agencies simply lifted and shifted workloads into the cloud, they often experienced inefficiencies and cost overruns. Now that agencies are gaining a better understanding of cloud models and how to adapt their workloads to run efficiently in the cloud, they have begun to more carefully consider when it makes the most sense to put a workload into a public cloud and when it is better to pull it back to run on premises, known as cloud repatriation. Those decisions should be part of a larger strategy for appropriate workload placement.”

Read more insights from Manny Yusuf, Chief Cloud/Edge Architect at Dell Technologies.

Future-Ready Data Centers for Government Agencies

“A software-defined data center (SDDC) virtualizes all the infrastructure elements that government agencies are using and delivers them in an as-a-service model. Specifically, compute, networking, storage, security and services are abstracted and delivered as automated, policy-driven software. That virtualized, programmatic approach enables SDDCs to break down IT silos and simplify complexities. The benefits include gains in performance and availability and reductions in costs and security risks. An SDDC enables applications to be deployed more quickly and IT resources used more effectively through the use of cloud-based services.”

Read more insights from Manny Yusuf, Chief Cloud/Edge Architect at Dell Technologies.

A Flexible Cost Model for Cloud and Infrastructure

“Maintaining visibility into IT operations is crucial for understanding and mitigating security risks as well as for better managing costs. Agencies might need to achieve a specific return on investment, meet certain efficiencies or comply with unique mission requirements. Regardless of the goal, a simplified cost model provides a comprehensive understanding of what it costs the agency to run workloads on premises, at the edge or in any cloud location. Dell APEX also allows agencies to maintain oversight of their IT environment and expenses when they are running a software factory and pushing out new capabilities on a continuous basis. Anytime something new is put in the cloud, it’s important to have visibility into its long-term costs so that agencies can avoid inefficiencies.”

Read more insights from Manny Yusuf, Chief Cloud/Edge Architect at Dell Technologies.

Download the full Innovation in Government® report for more insights from emerging technology thought leaders and additional industry research from FCW.

Security Protections to Maximize the Utility of Generative AI

Posted on by Tim Balog

Since the introduction of ChatGPT, artificial intelligence (AI) has exponentially expanded. While machine learning has introduced many merits, it also leads to security concerns that can be alleviated through several key strategies.

The Benefits and Risks of Generative AI

The primary focus of AI is to use data and computations to aid in decision-making. Generative AI can create text responses, videos, images, code, 3D products and more. AI as a Service, cloud-based offerings of AI, helps experts get work done more efficiently by advancing infrastructure at a quicker pace. In contrast, AI is also commonly used by the general public as a toy, since its responses can sometimes be entertaining. The comfort users have with AI and wide range of inputs introduces risk, and these risks can proliferate exponentially.

There are several key concerns for Government agencies when utilizing generative AI:

Copyright Complications – AI content comes from many different sources, and that content may be copyrighted. It is difficult to know who owns the words, images or source code that is generated, as the AI’s algorithm is based on derivative information. The data could be open sourced or proprietary information. To combat this, users should modify rather than copy any information gained from AI.
Abuse by Attackers – Bad actors can utilize AI to execute more effective and efficient attacks. While AI is not yet self-sufficient, inexperienced attackers can use AI to make phishing attacks more convincing, personal and effective.
Sensitive Data Loss – Users have, either intentionally or unintentionally, input sensitive data or confidential information into Generative AI systems. It is easier to disclose sensitive information into AI prompts, as users may dissociate the risk from the non-human machine.

The many capabilities of AI entice employees to utilize it to support their daily tasks. However, when this includes introducing sensitive information, such as meeting audios for transcripts or unique program codes, security concerns ensue. Once data is in the AI’s system, it is nearly impossible to have it removed.

To protect themselves from security and copyright issues with AI, several large communications companies and school districts have blocked ChatGPT. However, this still carries risk. Employees or students will find ways around security walls to use AI. Instead of blocking apps, organizations should create a specific policy around generative AI that is communicated to everyone in the company.

Combatting AI Risks

One such policy method includes utilizing a Data Loss Prevention (DLP) solution. The DLP’s purpose is to detect and prevent unauthorized data transmission, and its capabilities can be applied to AI tools to mitigate these concerns. Its security parameters work through three main steps:

Discover – DLPs can detect where data is stored and report on its location to ensure proper storage and accessibility based on its classification.
Monitor – Agencies can oversee data usage to verify that it is being used appropriately.
Protect – By educating employees and enforcing data-loss policies, DLPs can deter hackers from leaking or stealing data.

DLP endpoints can reside on laptops or desktops and provide full security coverage by monitoring data uploads, blocking data copied to removable media, blocking print and fax options and covering cloud-sync applications. For maximum security, agencies should utilize DLPs that cover all types of data storage—data at rest, data in use and data in motion. A unified policy based on detection and response to data leaks will prevent users from misapplying AI and provide balance for secure operation.

While agencies want to stay competitive and benefit from AI, they must also recognize and take steps to reduce the risks involved. Through educating users about the pros and cons of AI and implementing a DLP to prevent accidental data leakages, agencies can achieve their intended results.

Broadcom is a global infrastructure technology leader that aims to enhance excellence in data innovation and collaboration. To learn more about data protection considerations for generative AI, view Broadcom’s webinar on security and AI.

Building a DevSecOps Culture

Posted on by Rich Savage

As software becomes more sophisticated, it plays an increasingly important role in all aspects of government operations. However, given the complexity and intertwined nature of modern software, any vulnerability could have wide-ranging consequences, which makes security of vital importance. The federal government has taken notice. A number of recent policy directives address issues related to the software supply chain, and key agencies are leading a governmentwide effort to promote secure software development, including the Executive Order on Transforming Federal Customer Experience and Service Delivery to Rebuild Trust and the Executive Order on Improving the Nation’s Cybersecurity. Learn how you can implement DevSecOps to support your journey to secure, innovative software in ̽��Ƶ’s Innovation in Government® report.

The Mindset Shift that Enables DevSecOps

“In an ideal world, technology and processes support team members’ ability to deliver on their particular talents. Before agencies implement DevSecOps methodologies, they should identify where their processes are getting bottlenecked and forcing people to either work around them or fundamentally change their behavior. Instead, we want to make it easy for employees to do the right thing. The goal is to enable people to focus on what they do best — regardless of where they operate in the stack or the tools they are using — so that agencies can build and deploy secure, modern apps.”

Read more insights from Alex Barbato, Public Sector Solutions Engineer at VMware.

How Generative AI Improves Software Security ��

“Generative AI tools are becoming increasingly prevalent, providing interactive experiences that captivate the public’s imagination. These tools are accessible to anyone, offering a unique opportunity to engage and explore the creative possibilities enabled by AI technology. The technology doesn’t just train a model to recognize patterns. It can create things that are easy to understand: images, text, even videos. Sometimes the results are hilariously wrong, but other times the results are quite impressive, such as clear, concise answers to complex questions. Generative pre-trained transformer (GPT) technology, such as ChatGPT, has opened the doors for everyone to be an evaluator because the output is accessible and easy to critique.”

Read more insights from Robert Larkin, Senior Solutions Architect at Veracode.

��

Open Source is at the Heart of Software Innovation

“Embedding security into applications from the start is essential for streamlining and strengthening the entire development life cycle. Securing the software supply chain is a related effort that is of vast importance to government operations. Beyond securing individual applications, the ultimate goal is to build security into the pipeline itself. At each step and every handoff, we must be able to verify who has touched the software and who did what to ensure that the end result is what we intended to build and that nothing malicious has been injected along the way.”

Read more insights from Chris Mays, Staff Specialist Solutions Architect at Red Hat.

DevSecOps Needs Tool Diversity and Collaboration

“As DevSecOps methodologies and software factories grow in prevalence, agencies are recognizing that software development is a team sport — inside the agency, across departments and with external stakeholders. It touches many different teams, but getting everyone on the same page with tooling can be difficult. Different teams prefer different tools, and that makes collaboration hard. Modern software development brings security practices forward in the timeline while reducing duplication of efforts and improving real-time accountability. Success hinges on removing blockers, creating visibility and making sure collaboration is happening at every stage. In addition, encouraging input from different areas of the organization from the beginning and throughout development is vital for innovation.”

Read more insights from Ben Straub, Head of Public Sector at Atlassian.

Observability Speeds Zero Trust and Application Security

“In response to increasing cyberthreats, the government is speeding up the move to zero trust. This security model assumes that every user, request, application and non-human entity is not to be trusted until its identity can be verified. Zero trust principles require a layered defense that is more effective when rooted in observability. To develop an architecture that validates and revalidates every entity on the network, it is necessary to know what those entities are, how they’re communicating and how they typically behave so we can recognize deviations. Zero trust and observability technologies work together to create a more secure and resilient network environment by assuming that all requests for access are untrusted and continuously monitoring the network to detect and respond to potential threats.”

Read more insights from Willie Hicks, Public Sector Chief Technologist at Dynatrace.

The Role of a Service Mesh in Zero Trust Success

“For large companies and government agencies, it’s safe to assume that a committed attacker is already inside their networks. Executive Order 14028 mandates that every federal agency develop a Zero Trust architecture because it is the most effective approach to mitigating what attackers can do once they’ve made their way inside. What does Zero Trust look like at runtime? One of the key considerations is identity-based segmentation, which involves conducting five policy checks for every request in the system: encrypted connection between service endpoints, service authentication, service-to-service authorization, end user authentication, and end user-to-resource authorization.”

Read more insights from Zack Butcher, Founding Engineer at Tetrate and co-author of the NIST SP 800-200 series and SP 800-207A.

AI and the Journey to Secure Software Development

“By automating and optimizing DevSecOps workflows, we can still shift security left while relieving developers from the burden of some complex remediation. It begins with a workflow that leverages fully automated security scanning to rapidly identify vulnerabilities as well as providing suggested remediation for vulnerabilities and on-demand remediation training to educate developers on what they are getting into. The rapid evolution of artificial intelligence is making new advances possible. The opportunities go well beyond AI-assisted code creation. AI features are being expanded across the entire software development life cycle. When it comes to security, having AI assist by making code functionality clear or explaining a vulnerability in detail reduces the time required to remediate risk.”

Read more insights from Joel Krooswyk, Federal CTO at GitLab.

Scaling App Development While Meeting Security Standards

“The dream for any software development team is constant, stable releases. The faster teams get the work they’ve created into production, the faster the agency can derive value from that work. When app development is stymied by cumbersome security reviews and stability testing and by the need to wait for a deployment window, innovation is stifled and the return on investment is delayed. If agencies want to have efficient, value-driving software development teams, those teams must be able to move with agility. A trustworthy, scalable DevOps pipeline that brings together testing and security in a seamless way allows teams to push out new apps and improvements quickly so government employees and citizens can have a seamless digital experience and the most up-to-date tools and information.”

Read more insights from Kyle Tobener, Head of Security and IT at Copado.

—an exciting day of exhibits, speaking sessions, and networking events. We look forward to showcasing new DevSecOps updates from our supporting panels featuring government, systems integrators, and industry thought leaders.

Download the full Innovation in Government® report for more insights from DevSecOps thought leaders and additional industry research from FCW.