Department of Defense leaders are facing a tsunami of data and wrestling with the question of how exactly to best use and harness it. As the data influx continues to swell, government and industry executives are working to identify areas for improvement within their organizations.
“We’re in a world where the sensors far outnumber our ability to manage. So it really is a data science problem,” asserted James Wolff, chief information officer for the National Nuclear Security Administration, during a panel discussion at the Potomac Officers Club’s 4th Annual CIO Summit.
Wolff said although the NNSA is not one of the largest DOD components, it still has “millions of sensors that are feeding information to monitoring capabilities, and we have to have the capacity to understand that data quickly, to build those alerts and reporting, and to do that in a way that is actionable.”
The urgency behind this issue lies in NNSA’s need to be able to work with partners like the Cybersecurity and Infrastructure Security Agency and the U.S. Cyber Command.
“We have to be able to expose certain pieces of that data to partner organizations, and there’s a real big challenge there on how do we manage things appropriately? How do we expose it in a way that they can consume it? We can’t push all this data around our networks, we have finite bend, especially unclassified networks. So how do we do that in the best way? And we need real data scientists to come to that challenge and help us solve it,” Wolff explained.
When asked their opinion on how to tackle the data problem, CYBERCOM CIO Col. Kenneth Carmichael and CISA Chief Data Officer Preston Werntz honed in on governance, data tagging and how data plays into cybersecurity.
“We’ve got to start with data governance,” said Col. Carmichael, describing how CYBERCOM owns its mission data and has begun marking and tagging it. “How you mark and tag is how you federate use in real time,” he added.
Werntz concurred that labeling and tagging data is important — “The more metadata you can collect, the better,” he said. “But really this comes down to identification of your high value assets. What do you really want to protect? You can’t protect everything, you have to prioritize.”
“In a lot of cases, more data doesn’t make things better if you don’t understand where the data’s coming from, the sensitivities in it, what you can do with it. You have to be very purposeful and thoughtful about what data you are bringing in to help solve your cybersecurity problem,” said Werntz.
Panelists Werntz and Juliana Vida, chief strategy advisor for Splunk’s public sector business, agreed that in addition to governance and data tagging, a part of the data conversation that should be highlighted more is the culture and education component.
“I think it’s broader and deeper education and awareness across everyone in the workforce to understand the tools at their disposal and their responsibility as users to use them,” Vida urged.
However, the Splunk executive noted that this education shouldn’t necessarily come to users as “training,” which can be somewhat repelling to employees and organizational leaders alike.
“Maybe we need to stop calling it training. When you say training, that connotes a whole other level of funding required. Let’s call it enlightenment. In the software world, we don’t call it training, we call it enablement. Let’s call it something else that doesn’t elicit an allergic reaction in people when we say education,” Vida suggested.
As the panel conversation continued, Cloudera Government Solutions President Rob Carey, who moderated the discussion, asked panelists to share their thoughts on emerging technologies like artificial intelligence and machine learning, which have made headlines in recent months.
Werntz noted that in the sea of acronyms like AI/ML, what organizations should be focusing on is not necessarily the specific technology, but what works for their business. Once that’s identified and organizations put the technology into practice, Werntz said “tread carefully.”
“These are new technologies that are game-changing in a lot of ways, and we have to figure out how to use them and embrace them without getting too far ahead. There are a lot of questions and concerns… you have to be really careful,” warned Werntz.
Col. Carmichael took the opportunity to point out the importance of the workforce in adopting and implementing new technologies. “We can’t talk about the benefits of AI, machine learning and automation technology in general without talking about the workforce coming along with us,” he said.
Interested in the intersection between data, cyber and emerging technologies? You won’t want to miss the Potomac Officers Club’s 2023 Cyber Summit on June 8! Hear from top public and private sector cyber experts in person next month as they convene to discuss the nation’s most pressing cyber needs and priorities. Register here.
