Federal Tech Podcast: Listen and learn how successful companies get federal contracts

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Brian Funk from Metaphase summarizes his company in one sentence, “It's all about meeting – meeting the mission with the technology.” What makes his company unique is the focus on drawing down costs in an efficient way. That is a great concept and has worked for Metaphase since its founding in 2013, but today we are uncertainly living in a world of policy. The question to ask, how does Metaphase operate in a world where the next six months are almost impossible to predict. Brian Funk's response is that they support over twenty agencies, it has given them a range of experience so they can select from a wide range of solutions. One example he gives includes a rapid response to a DHS RFI. Instead of sketching a possible solution, Metaphase delivered a fully functional application. That in and of itself, is a demonstration of being able to rapidly adapt to unpredictable situations. Funk also discusses the need for guardrails in AI usage and the potential for AI to enhance both efficiency and security in federal IT.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government is releasing so many RFIs and RFQs that it is increasingly challenging to select which ones to respond to. For example, let us say you get 60 requests. You do not have an equal chance to win any of the sixty messages. Do you assign the same amount of time to each one? Do you review each and rank the chances of success? What about the time you used in the ranking process? Remember, you could jeopardize your chances of winning if you do not respond promptly. Deep Water Point & Associates offers one solution to this dilemma. During the interview, Brian Seagraves describes a system called “North Star” that leverages AI to look at an opportunity and give it a grade for your specific company. A ranking of 0—100 means you will not waste time or effort on a proposal that will go nowhere. As a “proof of concept,” John Milward from Axxa painted a picture of a solution. In 2023, he was drowning in responding to opportunities. He started using the North Star system and has experienced drastic improvement. Brian Seagraves reminds the audience that the federal government still awards contracts and sends out RFPs. During stressful times, it is always best to keep a cheerful outlook and increase the number of opportunities for your company.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Artificial Intelligence can be applied to code generation, predictive analytics, and what is called “generative” AI. " Generative means the AI can look at a library of information (Large Language Model) and create text or images that provide some value. Because the results can be so dazzling, many forget to be concerned about some of the ways the starting point, the LLM, can be compromised. Just because LLMs are relatively new does not mean they are not being attacked. Generative AI expands the federal government's attack surface. Malicious actors are trying to poison data, leak data, and even exfiltrate secure information. Today, we sit down with Elad Schulman from Lasso Security to examine ways to ensure the origin of your AI is secure. He begins the interview by outlining the challenges federal agencies face in locking down LLMs. For example, a Generative AI system can produce results, but you may not know their origin. It's like a black box that produces a list, but you have no idea where the list came from. Elad Shulman suggests that observability should be a key element when using Generative AI. In more detail, Elad Shulman details observability from a week ago vs. observability in real-time. What good is a security alert if a federal leader cannot react promptly? Understanding the provenance of data and how Generative AI will be infused into future federal systems means you should realize LLM security practices.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government needs to share information on a wide variety of platforms and must provide methods to ensure this transmission is secure.  Of course, the hard part is the “how” part of this data transfer.  Tim Fuhl from Owl Cyber Defense gives the listener an overview of how Owl Cyber Defense can help federal agencies share information securely. To accomplish this task, he discusses two fundamental concepts: diodes and Cross Domain Solutions. Diodes.  This is a mysterious word that was liberated from electrical engineers. When designing a semiconductor,  one may need to create a one-way path to prevent a signal from returning.  The solution in electronic design is a “diode.”     Owl Cyber Defense took an electrical concept called a diode, which provided “one-way” data transfer. When they combined this one-way street with a data path, they developed a “data diode,” a device that limits data transfer to one direction, protecting the system from a reverse movement.  When it comes to securing federal systems, a “data” diode is a device that restricts data transfer one way, essentially creating a one-way street. Cross Domain Solutions.  One of the newest abbreviations in the world of security is Cross Domain Solution (CDS).  The federal technical world is comprised of levels of protection.  As a result, what is needed is a way for communication between varying security levels. During the interview, Tim Fuhl defines both terms and gives examples of where this innovation can be applied to federal systems.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In traditional commercial selling, a company seeks to understand its business problems and then presents a solution that would save time and money. Understanding federal requirements has a few more barriers than scheduling a meeting with the CIO.   The federal government has security requirements and considerations few commercial companies can even consider. There are no effortless ways to understand system requirements for a company trying to break into the federal marketplace. This has been understood for decades. In fact, Ron Reagan decided to help small businesses understand their needs and provide some assistance. The Small Business Innovation Research (SBIR) program was established in 1982. The concept was simple: an agency would post requirements and look for a small company to get a response. If the proposal was favorable, some steps allowed further development and funding. During today's interview, Tom Ruff updated us on the three phases of SBIR and provided specific examples of companies that have successfully navigated the process.

  Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Most people are so overwhelmed with the dazzle of Artificial Intelligence that they dismiss the power of quantum computing. Reality is the optimized solution for solving some federal problems involving artificial intelligence; other issues need to consider quantum. Today, Murray Thom puts the ability of quantum computing in a better perspective. For example, when it comes to aerospace maintenance, there are so many variables that classical computing is challenged to provide an answer. We all know that a traditional computer would use bits (0s and 1s). Quantum allows an approach that is not as linear and can provide faster answers to many questions. The crus of the interview was not a debate on the origins of quantum and Einstein's remark about God not throwing dice. The debate is over—quantum work. Quantum computing can help the federal government find solutions to public sector challenges like optimizing public services, transportation networks, and defense. The core of this interview is whether your federal agency is looking for a problem that is too expensive or too time-consuming to solve using classical computing. It is possible to use quantum innovation to solve the problem more economically. Look at some success stories from D-Wave; they may provide an economic option for you. Download the D-Wave e-book “Transforming the Public Sector: Quantum-Powered Optimization” on the Carahsoft website.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com It is a challenge for most technology companies to give a three-word summary of what they do, especially with the complexity implied with the phrase “entity resolution.” The CEO of Senzing, Jeff Jonas, gives a three-word summary of the complex issues they manage --  “bad guy hunting.”  OK, what does this mean to federal tech leaders? Today, we sit down with Will Layton to learn how a topic like “entity resolution” can improve federal cybersecurity. During the interview, he gives an overview of how federal systems have evolved over the years and the need to understand the implications of automation. We know federal systems are, in general, moving to the cloud. This may be a private cloud, a public cloud, or even a hybrid cloud. Second, data ingestion has overwhelmed most agencies.  As a result, many large-scale organizations are implementing automated tools, some call “agents” to become more efficient. Will Layton describes how humans need to be identified an automated tool, or entities, need to establish credentials as well. When a malicious actor tries to present like an entity in a complex automated system, Senzing can identify it and save federal leaders from unwanted actio

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com For many, IDEMIA is a relatively unknown company that was recently awarded a 10-year Blanket Purchase Agreement from GSA. The focus is on next-generation identity proofing for login.gov. At first glance, you might say “IDEMIA” is an overnight success. Upon further examination, you will discover that IDEMIA has served federal agencies for over 60 years. During the interview, Donnie Scott gives listeners a complete rundown on the variations on identity, identity proofing, identity management, and identity access management. He reinforces that rigorous identity-proofing can reduce waste, fraud, and abuse of federal systems. This is becoming a more complex problem. For example, technology enthusiasts are experimenting with so-called “agents” to access data, assemble it, and then attempt to draw conclusions. At each step along the way, there are gateways to verify the validity of the person (or non-human entity) requesting data. This interview offers a great perspective from a well-respected company that provides identity proofing to the federal government.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Walking around the Salesforce World Tour DC  can make you dizzy with use cases.  Let's step back and look at underlying principles.  To boil down the massive information overflow, we sat down with Nasi Jazayeri from Salesforce to focus on improving efficiency by taking advantage of Salesforce agents. Automation. Federal employees will obviously be asked to do more with less. One way to accomplish this task is to structure a system where tedious decisions do not have to be made by humans. Tasks can be designed without human oversight to a specific level. Workflows. Salesforce is increasingly becoming a hub for data amalgamation. Integrating API into workflow can improve how systems can manage various dependencies. Compliance. This is one of Salesforce's superpowers. Everyone is trying to figure out where the best application of agents would be. Inevitably, mistakes will be made. Compliance is built into a system like Salesforce. You can evaluate several options without reinventing the wheel for each instance. Salesforce has many use cases for agentic applications, such as citizen service automation, healthcare administration, and interagency collaboration. Sometimes, general value principles can reinforce decisions made regarding agents and Salesforce.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Federal leaders are walking a tightrope. They want to leverage the promise of AI; however, they are responsible for making federal data secure. Beyond that, these AI “experiments” should not negatively impact the larger systems and must have a detached view of practical applications. During today's conversation, Paul Tatum gives his view on accomplishing this balance. He illustrates the idea of experimenting with AI through, of all things, avocados. For example, he acts as if he must document the process behind importing avocados. He shows how an AI agent can be used safely and provides practical information. The key here is “safely.”  People working on federal systems are jumping into AI agents without concern for compliance or security. They run into the phrase “unintended consequences” when they access data sloppily, which can lead to sensitive information leaks. Rather than detailing potential abuse, Paul Tatum outlines the Salesforce approach. This allows experimentation with specific guidelines as well as for compliance and controls for autonomous agents. This way, the data to be accessed will be cleaned and not subject to misinformation and duplication problems. Further, because you are acting in the functional equivalent of a “sandbox,” you can be assured that information assembled from AI experiments will be placed in areas where they are safe and secure. Learn how to leverage AI, but learn in an environment where mistakes will not come back to haunt you.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Most people know Cloudflare from federal or commercial experience. They have been around since 2009, and some will estimate that around 20% of all websites use Cloudflare for web security services. The listener's question is simple: can one apply this commercial success to improving federal network security? During today's interview, Anish Patel from Cloudflare answered that question by directing his comments to   Zero Trust, User experience, and automation. Zero Trust is a federal initiative that cuts across civilian and military agencies. Cloudflare can assist by providing access to applications and data by verifying every user and device before granting access. Because of their commercial success, Cloudflare realizes that an end-user experience can impact security at many levels. Simplifying the remote user experience will bolster security for everyone. With today's massive data increase and constant attacks, users can get alert fatigue and not be as responsive to threats as in an earlier age. During the interview, Anish Patel details how automation from Cloudflare can reduce the amount of vigilance needed by end users to accomplish network security goals.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Once the transition to the cloud became dominant, the importance of identity was placed ahead of permission to access apps and data. When data centers were down the hall, one could have physical access to a room and sign-on permission. The hybrid cloud, private clouds, and an interest in “alternative clouds” make identity the keystone of modern computing. Companies like Okta, Ping, and SailPoint work with identity and access management but rely on services that can provide a federated identity service. Today, we sit down with Dr. John Pritchard, the CEO of Radiant Logic, and learn that Radiant does not compete with these well-known vendors but provides the backbone for their service. Dr. Pritchard uses an interesting phrase: “continuous identity hygiene.”  This means that although a person's biology will not change, he can compromise essential elements of his identity. This must be a continuous process. This fact has been recognized by CISA and DoD's 2027 Zero Trust Goals and can be identified as Identity Security Posture Management. In this thorough discussion, Dr. Pritchard presents a 30-year framework for network identity and includes comments on a unified data layer, data staging, and how to select a reference architecture for using a federated identity service.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Many people deceive themselves when moving systems to the cloud, thinking the same precautions used for an on-premises system can be used in the cloud. Neil Carpenter from Orca Security dispels that notion right out of the box. He details that when a system is moved to the cloud, it operates under a shared responsibility model.  While the Cloud Service Provider may be able to serve a solid infrastructure, that does not mean the applications and data are protected as well. Further, the popularity of virtual systems means that workloads can spin up and down rapidly. This means a one-time scan is just that: a photograph of a moment; only continuous monitoring can provide the reassurance that federal systems managers demand. While we know that cloud systems can scale rapidly, many do not understand that scaling also widens the attack surface. Michael Hylton from Orca Security recommends investing in a system that can provide continuous scanning in a dynamic environment. How is this accomplished? During the interview, Neil Carpenter defines agent vs. agent-less systems. When Orca Security established an agent-less system, it allows them to scan, speeding deployment and reducing the risk of coverage gaps.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Today, we sit down with Karthik Natarajan, Solutions Engineering Manager, U.S. Public Sector, for SNYK. SNYK has garnered a formidable reputation in the commercial sector by helping to identify and fix vulnerabilities in code, open-source dependencies, and container images. Karthik Natarajan acknowledges that no code can be 100% secure; however, one way to improve by a magnitude is to incorporate the “Shift Left” approach. This phrase has been around for twenty years but has recently gained momentum. The concept of shift left moves testing and performance evaluation to an earlier part of the software development lifecycle. But SNYK goes further by applying AI to look at open-source dependencies. When infrastructure transitions to “infrastructure as code,” vulnerabilities may be included. SNYK also looks for vulnerabilities in infrastructure code. The interview ends with Karthik explaining that SNYK's success is due to it being written for cloud applications- it is cloud native.  Also, they judiciously use AI and rigorously check corrections to code that may introduce trouble.    

The federal government is transforming from on-premises and private cloud systems to a hybrid cloud. What most listeners do not realize is that the linchpin to this transition is the Application Program Interface (API). It has been hiding under the radar for so many years that malicious actors use this perspective to attack the API. Info Security Magazine reports that 99% of organizations struggle with API security. Where to start? First, get an inventory of how many APIs you are dealing with. Stephen Ringo emphasizes the need for discovery tools to identify rogue and shadow APIs, noting that passive discovery methods are preferred to avoid network disruptions. He also points out that API security is often overlooked, even in cloud-native solutions, and that misuse, rather than malformation, is the primary threat. Ringo advocates initiative-taking measures to secure APIs and prevent data breaches. Three main ways to protect APIs: Educate and raise awareness about API security risks among federal CIOs and IT leaders. Discover and inventory all APIs, including rogue or shadow APIs, within the organization. Evaluate API security capabilities of cloud providers and ensure proper security controls are in place.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com We all know the quote from Peter Drucker, "If you can measure it, you can manage it."   It's pretty easy to apply when throwing a javelin but difficult when measuring success in complex software development projects. Today, we sat down with Jeff Gallimore, Chief Technology and Innovation Officer and founder of Excella. He brings with him decades of experience collaborating with teams on successful federal projects. We start by noting the fallacy of using one metric to measure success. While completing the initiative on time might make an agency administrator happy, that will change rapidly if compliance is not achieved, and scaling will break the system into pieces. Jeff has seen breakthroughs using a framework called DORA, DevOps Research and Assessment). The key metrics are deployment frequency, lead time for changes, change failure rate, and failed deployment recovery time.  These metrics, now part of Google, are research-based and predictive of IT and organizational outcomes. They emphasize the importance of a holistic approach, avoiding single-metric focus, and the role of leadership and culture in fostering high-performing teams

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The Partnership for Public Service recently conducted a poll, and just 23% of Americans believe federal services are easy to navigate. Today, we will examine the importance of User Experience and how to overcome some of the challenges federal agencies face when attempting to improve. Lisa Hoover is the Head of Experience and Design at Karsun Solutions. In that role, she has experienced all aspects of federal design. She begins by observing that customer challenges may be recognized but not remediated.  She argues that there are several reasons for this standstill. Many federal agencies are dealing with legacy systems, and attempts to improve the CX can have unintended consequences. Further, qualitative improvement is difficult to determine in a world of bits and bytes. Sometimes, the ease of scaling data can make a system so complex that one does not know where to begin. Lisa Hoover recommends looking at Karsun Solutions' ReDuxAI offer. It leverages AI to establish a “blueprint” to see how everything connects, making digital transformation possible. Hoover also addresses the need for efficiency in federal IT, aiming to streamline processes and improve customer satisfaction. The conversation underscores the potential of AI to enhance federal service delivery. https://karsun-llc.com/innovation-center/innovation-center-projects/go-redux-ai/    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Here we are at the beginning of 2025, and Bill Church, F5's CTO, discusses the company's role in helping federal agencies navigate the complexities of multi-cloud environments and cybersecurity threats. F5's strength spans the application portfolio of enterprise organizations. This includes application security, enhancement, quick access, improved availability, and even making them secure. It doesn't end there; they also help with encryption and authentication. Church emphasizes the importance of flexibility and consistency in managing diverse cloud environments. He highlights the challenges of API discovery, noting that many organizations are unaware of the number of APIs in their systems. F5's tools, like the App Study Tool, help identify and manage these APIs. Church also discusses using AI and machine learning in F5's solutions for enhanced security and data protection, including an AI gateway for large language models.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Matt Lembright, Global Lead of Censys Search, discusses the company's role in scanning the entire internet for threats, focusing on frequency, accuracy, and data richness. Censys helps government agencies and private organizations manage their attack surfaces by identifying exposed devices and vulnerabilities. The conversation highlights the challenges of securing operational technology (OT) and Internet of Things (IoT) devices, emphasizing the importance of understanding device protocols and maintaining up-to-date software. Lembright stresses the need for community engagement, local government involvement, and effective communication to protect critical infrastructure. He also mentions Censys' cybersecurity glossary as a resource for understanding key terms and concepts.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com There is an idiomatic expression, “You can't see the forest for the trees.”  Essentially, it means that some people are so focused on the details that they cannot see the bigger picture. Today, Bob Ritchie, SAIC's Chief Technology Officer, takes a step back and examines the evolution of federal technology from a strategic perspective. He argues that because digital transformation is so convoluted, leaders tend to focus on the details of a transition rather than the ultimate objective. He frames this analysis in terms of systems integration vs. mission integration. He explains that while systems integration focuses on integrating technology for better outcomes, mission integration emphasizes achieving specific mission outcomes by iterative learning and adapting to technological changes.  Ritchie highlights the importance of aligning systems with mission goals and maintaining vigilance to ensure technology choices support these objectives. He also discusses the need for a mature approach to technology adoption, including the strategic use of legacy systems like mainframes and the importance of a standard data layer to reduce complexity.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In spy movies, the federal government has unlimited funds for intelligence. In fact, it is always at its fingertips, no matter where it is located. Would it be so? In the real world, agencies have budgets that limit their ability to do everything from reducing fraud to ensuring the safety of a supply chain. One way to leverage the funds allocated for this task is to use Open-Source Intelligence or OSINT. During today's interview, Jason English from Babel Street shares his thoughts on how OSINT should be a part of the matrix where federal agencies can get practical intelligence. He starts by defining OSINT, which includes search engines, social media, public relations, news sources, web scraping, data analysis, and, yes, the dark web. This information is freely available to everyone, which gives it distinctive advantages. First, classified information can be costly to obtain. Rather than limiting your information sources to one area, OSINT will provide a much wider range of sources quickly. Further, transparency is becoming a more prominent theme in technology—by definition, one can review the origin of any piece of information to assure its veracity. When it comes to collecting, analyzing, and disseminating information, OSINT provides benefits that answer many of today's federal agency requirements.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Technology comes and goes; you can call it the cloud, zero trust, or even Artificial intelligence. In early 2025, we see stress that we have not seen before. The GAO has issued a report examining the federal IT Acquisition process and concluding that it needs to strengthen oversight, implement a mature acquisition strategy, and have a capacity-capable system. Today, we sat down with Reid Jackson from Unison to discuss how to make these key acquisitions.  During the interview, he discussed Acquisition Management, Cost Engineering, Virtual Acquisition, and Project Management. Unison has been involved in federal acquisition since 1984 and has a deep and thorough understanding of the procurement process.  Reid Jackson relates that some newer organizations may have a superficial knowledge of regulations and may deploy software solutions that do not enable astute and effective decisions for federal agencies. During the interview, Reid Jackson from Unison overviews many aspects of these challenges.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Bill Sullivan, an independent consultant with experience in federal technology, discusses the impact of the new administration's policies on federal projects. He advises federal employees to maintain professionalism despite the hiring freeze and emphasizes the importance of security standards, particularly in AI and data management. Sullivan highlights the need for government to adapt its acquisition process to keep up with technological advancements. He also compares the current AI initiative to the Kennedy space mission, suggesting it could improve energy production. Sullivan emphasizes the importance of security, especially considering global competition, and praises Elon Musk's systematic approach to change. Key takeaways: >>> Maintain a professional demeanor and continue working diligently despite the changes. >>> Monitor the developments around the $500 billion investment and its potential impact on energy and data center co-location. >>>   Advocate for reforms to the federal acquisition process to enable faster adoption of modern technologies.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com A recent SAS report shows that 84% of government decision-makers plan to invest in Generative AI in the next fiscal year. During today's interview, Reggie Townsend details some of the precautions federal leaders must take to leverage this innovative technology. We begin the interview by mentioning that, in a governmental setting, technology cannot go beyond what is necessary to achieve a legitimate aim.  Although that is a noble concept, it can be futile because we are in the incipient stage of this technology. We do not have any laws about using AI; we have a patchwork of national and international regulations on the ethical application of AI. We can start with the Executive Office of the President. In addition to other Executive Orders, President Biden released further guidelines his last week in office. While well-meaning, these guidelines are not practical when put into perspective of what is going on in other countries. Reggie Townsend indicates that AI Safety Institutes can promote consistency and a proper ethical response to using data from citizens to feed AI.

  Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Anyone with a pulse knows the new Trump administration has rescinded dozens of Executive Orders written by the previous president, Joe Biden. Executive orders #14110 and #14141, which dealt with artificial Intelligence, were part of this package. This has put the federal technical community in a state of expectation. On the one hand, they are charged with reducing costs by leveraging technology; on the other hand, they have a hiring freeze, and nobody knows what the new AI mandates will consist of. Today, we sat down with Jennifer Sample from EmpowerAI, a veteran of the tech wars, and asked her what direction developments in AI will take. Jennifer Sample reminds listeners that the federal government must consider privacy restrictions when applying AI to solving federal problems. Unfortunately, our near-peer adversaries have no such constraints. When the federal government attempts to apply AI, it does so inconsistently. The CIO Council may be able to list 1,700 federal use cases for AI, but the hard part is vetting the data sources and matching impact with agency goals. During the interview, Jennifer Sample discusses concepts like being AI ready, continuous qualification, and contextual governance. 2025 will force the federal government to do more with less; AI is a tool that can help accomplish that noble goal. If you want to hear a more in-depth discussion, she will speak at the Potomac Officers' Club on March 12, 2025, in Tyson's Corner, Virginia.   

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com A recent study showed that the federal government has identified 1700 use cases for Artificial Intelligence. Today, we examine some challenges and solutions for unlocking the power of AI represented in these examples.  Our guest, Joel Krooswyk from GitLab, examines Software Bills of Material, repatriation, and what efficiency might look like in the future. SBOM. For years, software developers have recommended using a Software Bill of Material. Today, its value has become so apparent that it is becoming mandatory. During the interview, Joel Krooswyk discusses the security benefits of mandating an SBOM policy for all federal software development. Fifteen years ago, Vivek Kundra coined the phrase “Cloud First.”  It took a while, but cloud adoption is pervasive by the federal government.  However, with this adoption, we have seen examples where cloud service providers may over-promise and under delivery. The interview provides guidelines for transitioning from the cloud back to the premises, which is increasingly called “repatriation.” Software development in the future will make compliance partner with DevSecOps in an automated process. This will reduce maintenance costs and provide real-time reporting.  Intelligent automation will be able to validate each step of the process.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com “Efficiency” seems like the new buzzword for federal technology in the next few years. When writing software sense, efficiency can mean writing code once and moving on to regular maintenance. However, we see security initiatives being mandated that cause developers to go back to previous stable systems and add code alterations to comply with new cyber threats. Even beginner efficiency experts will tell you the time and cost of operating in this manner can be expensive. Further, recording can add new bugs and risks, making the system more complex. Federal technology leaders from CISA have not lost sight of this. They have a “Secure by Design” initiative that addresses this issue. As in many tech concerns, the concern is how to accomplish this noble task. Today, we sit down with Nathan Jones from Sonar. He offers a solution that seeks to “shift left” the whole concept of security by design. His company provides systems that can review code to ensure its compliance. Further, he expands on an approach that can collaborate with developers while they write code. Nathan Jones gives listeners details about how Sonar's Qube can be deployed on a server, in the cloud, or with IDE. The benefits are ample: lower maintenance, minimizing risk, and allowing a focus on innovation rather than rewriting code.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com People are getting comfortable with Generative AI and applying it to many business areas. This widespread adoption shows many of the weaknesses of individuals misusing technology. It is one thing to settle a baseball statistics argument with GenAI; another complete application when competing for a million-dollar federal contract that includes management of sensitive information. These include biased outputs, lack of creativity, and misinformation, to name a few. Today, we offer a solution. Vishwas Lele is the co-founder and CEO of pWin.ai. He has decades of experience in federal contracts and a sophisticated understanding of applied Artificial Intelligence. He has seen the reliance on cliches and superficial language that can result in the inappropriate application of AI for proposal writing. His solution is to partner with Shipley Associates, a proposal writing company that has been in business for fifty years and has technology that can safely use AI. The result: pWin.ai. If you would like a more detailed explanation, consider attending a webinar on January 22, 2025    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Everyone reading this knows that April 15 is the dreaded day that one must pay federal income taxes. Big business has hordes of tax accountants and lawyers who do tax planning to accommodate federal deadlines. Sometimes, the deadline could be better known. Are you familiar with the OMB's M-24-15? This will require companies to submit compliance information in a machine-readable format. Today, we sat down with Valinder Mangat from DRTConfidence. Valinder describes technology, deadlines, and approaches your company can use to comply. This interview will serve as a warning about an immense deadline that is crucial if you work with the federal government and cloud service providers. Essentially, NIST recognized that compliance done manually was time-consuming and subject to error. Back in 2016, they suggested OSCAL to streamline compliance. In addition to speeding things up, OSCAL allows for reuse without repetitive assessments. Whether you realize it or not, by the end of 2025, each federal contractor will be expected to provide compliance information in the OSCAL format, which stands for Open Security Controls Assessment Language. The other side of the coin is important to discuss as well. If you are an agency dealing with cloud compliance, you will be expected to be able to ingest compliance data in the OSCAL format.

Ep 206 Federal Data, Fast Access, Security Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com When it comes to technology, the founders of VAST Data can be described as “prescient.” In 2015, they looked at the problem of data management from a unique perspective. They did not want to call their company VAST “storage” but VAST “Data” because the problem they tried to solve was not the amount of storage but how to get instant and fast access to that data. The wave they rode was a combination of nVidia investing in graphic processing units and flash storage becoming more affordable. The result: VAST Data has grown to be valued at over nine billion dollars. During the interview, Randy Hayes details the value proposition of this innovation for federal projects. Their first customer was NIH, and they have built on that reputation ever since. Randy Hayes mentions that the current Zero Trust initiative begins with identification. Rapid, accurate authentication rests on fast access to data. Further, we have seen a resurgence in many organizations' migration from the cloud to on-prem solutions, mostly due to rising cloud costs and data sovereignty issues. VAST Data can provide efficient and quick ways to manage this data transfer. Innovation, dropping chip set prices, and understanding federal problems all allow VAST Data to assist federal agencies in accomplishing ambitious goals. If you want to learn more, VAST Data will attend the Nvidia GTC conference on March 17th in San Jose, California.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Complex environments exist in commercial organizations and the federal government. In a typical fashion, humans resist change until an incident force restructuring. In this case, the change of design will be costly. During today's interview, Nick Pesce says that today's systems are burdened to such an extent that structural change should start now, when it is easy and less expensive, and then wait for an incident that will cause change. Both guests, Nick Pesce and Don Lamb, have experience in federal government change management. They work for the well-respected MITRE, home of the ATT&CK framework. As a result, they can look at a systemic problem and see the solution. Their report, Recommendations for Creating Cross-Agency Enterprise Design Specifications, details ways to make this change. They also detail user stories and use cases and how to manage requirements and proofs of concept. Their argument goes that when combined with understanding mission objectives, the existing information silos in the federal government can be overcome.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Cybersecurity professionals like to talk about data “at rest” and data “in transit.”  They never mention how exactly this concept of “in transit” takes place. Once upon a time, in a data center far, far away, one could take a database and move it easily. Kind of like taking a suitcase in your car and driving across town. Today, federal agencies are deluged with so much data, is it more like dragging your entire house across town? Moving data today involves concepts like data tiring. This is an approach where data is taken to a third place and transferred from there. Due to limitations of latency, network bandwidth, and compliance concerns, this is a process that can take way more time than can be imagined. You may have some highly compensated data scientists waiting days for a complete transfer. Let us take another scenario. What if your agency has some data stored in a specific cloud provider? It may be discovered that charges were higher than expected and the data need to be returned to the on prem environment. If not done properly, this transition can be fraught with issues. Further, many federal agencies are sitting a veritable treasure trove of data, both structured and unstructured. These could be images, text, email, or video. Pure Storage offers ways to derive value from a wide variety of unstructured data. structured and unstructured data. These could be images, text, email, or video. Pure Storage offers ways to derive value from various unstructured data.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com We all know that in 1492, Columbus sailed the ocean blue. A couple of years later, a map maker named Americo Vespucci made quite a splash with a new map. This has a direct parallel with today's information technology. Columbus really did not “discover” anything—it was there all along. When you look at an enterprise system, be it a bank in Houston or a federal agency, you may have only a hint of what is on your network. Who knows what kind of “ghost IT” has been added to your system? It could be a deliberate attempt by an employee to circumvent the compliance process; it could be a malicious actor who has entered your system. Today, we sit down with Tom Guarente from Armis, the “Asset Intelligence Company.”  Armis can take a detailed look at your network and provide you with actionable information. On-premises networks, endpoints, data centers, cloud, and hybrid cloud = a wide range of potential presences on your network. During the interview, Tom Guarente emphasized the importance of putting this information in proper perspective. When an asset is identified, its relationship to other assets and its context is just about as important as the ability to detect it at all. Armis can assist federal agencies with understanding relationships and vulnerabilities they did not even know they had.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com We have all heard that the phones we carry around have more computing power than was used in the Apollo moon mission. Breaking news: these powerful devices in our pockets are vulnerable to attacks of which we cannot dream. We can just pick up our phones and read the headlines. Brian Krebs reports federal charges against SMS attacks, Salt Typhoon getting into our phone systems, even the FBI telling us to use encryption on our phones. Today, we sat down with Jim Coyle from Lookout to unpack the concept of mobile threats. He begins with some startling facts. For example, Jim Coyle states that over half the movable devices in a recent study did not have an up-to-date operating system. One simple proof-of-concept is with a malicious URL. On a desktop, one can hoover over a URL to see where it is taking you; a credible URL will be clicked on a phone device with no questions asked. There are other entries as well. For example, what happens when a company with a legitimate app gets bought out by a malicious actor? It is possible for them to have an open door to your phone. The good news – a lot of mobile malwares will not survive a reboot. The lesson: every night plug in your phone, turn it off and on.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Malicious actors are taking advantage of AI and the federal government. As a result, we are in a strange Wack-a-Mole game in which applying AI for defense has become so complex that each application seems to require specific skill sets. Today, we sit down with two leaders of NRLabs to discuss their unique approach to applied AI. NRLabs leverages the founders' diverse aerospace engineering and cybersecurity backgrounds to provide innovative solutions, including penetration testing and red team activities. Individuals can become limited in understanding these nuances. As a result, NRLabs has formed a method called the Cyber Collab, where they meet regularly to offer individual perspectives and applications. Because of this, they continue research and testing on using localized adversarial AI models to identify vulnerabilities in cloud-based AI platforms. During the interview, Jon David details exploring opportunities to partner with organizations like CISA's Joint Cyber Defense Collaborative (JCDC) to enhance collaboration and information sharing on critical infrastructure security.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In Frank Herbert's classic Dune, Paul Atreides's martial arts instructor discusses knife fighting and a “feint within a feint.” Today, we apply for this martial art tactic in federal information technology. Malicious actors are flooding networks with false attacks, which are, in essence, feints with knives. Digital technology can multiply this activity, or noise, to such an extent that the real attack may be missed. The question is: How can we differentiate between the noise and the actual attack? Today, we have Chris Howard and Zach Vaugh, two experts from Vectra AI. They explain Vectra AI's approach to understanding threat attack intelligence. For the past fourteen years, Vectra AI has focused on this noise-to-signal ratio, garnering some thirty-five patents in this endeavor. They understand the nuances of code morphing, lateral movement, and something curiously called “living off the land.” As a result, they alert a manager to suspicious activity; leaders can be assured they are not dealing with a false alarm. This innovation is important today because Zero Trust is being implemented today. The concept is to allow the right person to have the right data at the right time. How do you know the data has not been injected with malicious code?

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In 1967 the movie Cool Hand Luke gave us this famous quote, “what we have here is a failure to communicate.” Surprisingly, this adage may apply to federal technology as well. If a federal leader allows secure information to be communicated, they can get fired. If they do not allow enough access to appropriate information, decisions can go sideways. The federal government is being bombarded with data, some important, some trivial. The challenge is to get life-and-death information into the hands of decision makers. So, we have massive data stores and some of them reside in the intelligence community. During the interview, Dr. Williams offers an innovation that allows users to access multiple sources as if it were a single database. Further, the data can be protected to allow the correct users the specific amount of data permitted. The beneficiary of this method of protecting data at rest is Artificial Intelligence.  The data that if fed into AI model can be leveraged and protected at the same time.

 While everybody is focusing on Artificial Intelligence, malicious actors are going after the soft underbelly of modern technology: operational technology, or OT.  Today, we take a look at the increasing threat of cyber-attacks on operational technology (OT) systems, which are often not built with security in mind. Operational Technology is represented by control systems, logic controllers, and other end points found in critical infrastructure like water and systems that generate energy, like oil, natural gas and even nuclear. Today's experts share ideas on how to mitigate risk through. Collaboration: Throughout the federal government communities are being formed that seek to share information on OT threats.  For example, CISA has a Joint Cyber Defense Collaborative that serves as a clearing house for communication between industry and the federal government. Continuous monitoring:  Marty Edwards works on several federal committees to try to establish data formats that would allow for interoperability to monitor attacks and update existing operational technology. Proactive measures:  Jonathan Feibus from the NRC shares that 90% of the systems he monitors are focused on Information Technology. Vendors seeking solutions to this problem should look at extending methodologies built for IT into the realm of OT. The discussion ended with a discussion of the integration of IT and OT security, the role of AI in enhancing security, and the need for comprehensive asset inventories and risk assessments.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Using a phone to read or communicate has become so standard that church people are expected to read scripture with their phones. Using mobile devices to transmit secure information. Traditionally, secure communication was based on desktop systems; today, we need to pivot and learn how to apply mobile device management to leverage the cloud to provide safe and secure communications through mobile devices. Our guest today, Harold Smith, has spent the last twenty years gaining a deep understanding of secure communications and applying that understanding to developing a trusted mobile development platform. During the interview, you will be bombarded with acronyms like NIAC (National Information Assurance Partnership), MATTER (Mobile Apps to the Tactical Edge Ready), and many more. As a bonus, Harold provides a brilliant sidebar on another acronym: SBIR (Small Business Innovation Research). If you are trying to break into the federal market, this precis is just what you need. The takeaway is that Monkton provides a platform for developers to deliver safe and secure code to people in our mobile world. This can mean a warfighter, a clinician, or even an emergency responder from FEMA.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com   When Qlik was founded in 1993, hard drives were measured in megabytes, and the Internet was primarily text-based. If lucky, you could get information in structured columns and formats. Fast forward thirty years, and some estimate YouTube alone has 4.3 petabytes of data loaded every day. The federal government certainly has its share of formatted data. A recent survey showed that 80% of data collected by the federal government is unstructured. This is information like text files, videos, or emails that are stored in many formats. As a result, it isn't easy to store and manage. This has a real impact when an organization tries to take advantage of Artificial Intelligence. Today, we sit down with Andrew Churchill to discuss creating a solid data foundation for AI. We detail topics like data movement, data streaming, and data quality during the discussion. He differentiates between data lakes and data warehouses as strategies for handling all the unstructured data used for training AI models.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com With public speaking, everyone has butterflies before they begin; instructors tell speakers to get them to fly in formation. When it comes to tools for cybersecurity, we have a similar situation – you may have End point Detection and Response, Extended Detection and Response, Managed Detection and Response, DR, XDR, MDR, Security Information and Event Management, and many others. ThreatQuotient was founded with the intention of making sure these disparate tools provide actionable information for federal agencies. During today's interview with Craig Mueller, he takes us through context, customization, and collaboration that is needed in all federal agencies. The net result is the reduction in false positives and automation of the intelligence lifecycle. Criag Mueller brings up a topic that is rarely covered—air gapped systems.  Because of their deep understanding of the intelligence community, ThreatQuotient can provide services to agencies that use air-gapped networks.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com   Ep 196 How to take a Federal Network Above and Beyond Today, we see our network being pushed and pulled in every direction: remote users demand access, millions of endpoints must be managed, and wireless networks abound. The Internet we use every day was designed for a much more humble requirement: essentially, bursts of communication between small entities. Our interview with Dan DeBacker from Extreme Networks will define these new requirements and how innovation can keep you up to speed. One of the best podcasts in Washington, DC, is “Feds at the Edge.”  It recognizes the rapid decentralization of systems, which has reached the point where some organizations are considering doing the “compute” aspect of the network at the edge. Let me state the obvious: a network that is not optimized will not allow speed to be efficiently achieved. Hybrid networks can increase complexity to the point where speed degenerates and opportunities for malicious actors can appear.  During the interview, Dan DeBacker details how methods and techniques can be applied to carefully examine a network and ferret out stealth networks and areas that can “leak” access. When a system is visible, it is easier to incorporate legacy networks and enhance connectivity between sites.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com  Federal technology leaders operate in a confusing world. On the one hand, they must grant access to data that is needed by users; on the other hand, they must comply with security requirements that severely restrict that access. Craig Mueller from Varonis offers a solution: efficient data management will ensure that all information will be carefully categorized to allow this razor's edge of operation. The approach will allow for a concept called “complete coverage.” “Complete coverage extends to everything in the hybrid cloud as well as legacy systems. During the interview, Craig Mueller describes a concept called Data Security Posture Management. Essentially, this process allows for complete coverage, governance, and user analytics. Many do not realize that AI tools crawl a network and assemble as much as they can.  In a federal application, there may be information that is not categorized correctly and should not be allowed to be scanned.  This is a classic example of data that gives the ability to share too easily. Proper organization of data, both structured and unstructured, will all the balancing game of access and security to be deployed and scaled.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Our guest today is Jonathan Alboum, the Federal CTO for ServiceNow Federal. This interview should begin like Mission Impossible movies. “Jonathan, your mission, should you accept it, is to describe all the variations ServiceNow serves federal technology leaders. You have 25 minutes. This message will self-destruct in ten seconds.” This is an “impossible mission” because Service Now has customers in over one hundred agencies. It sure appears each instance is unique. One way to understand this “variation on a theme” is to look at the agenda for their annual conference. In March 2024, ServiceNow covered topics ranging from agile software development to forms to new vs. legacy applications. It is kind of hard to find a Gartner quadrant for ServiceNow. During the interview, Jonathan delves into one aspect of artificial intelligence and details the application of large language models and smaller large language models. Listen to the interview and consider it a “tasting menu” for efficiency, productivity, and integration concepts. Oh yes, it also dives into applied Artificial Intelligence.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Everyone awake in biology class remembers the difference between a somatic and an autonomic nervous system. (Cheat sheet: You can control somatic, but the other kicks in without knowing.) What does this have to do with federal information technology? Today, we sat down with Dave Link, the founder of Science Logic, and he talked about how to manage complex federal systems. We all know in the early days, one could use a spreadsheet to update and patch most networks. However, today's hybrid networks and supercharged cyber-attacks are throwing manual methods out the window. Dave Link suggests an automated approach that parallels human biology can be the answer. For example, he calls his system an “autonomic IT.”  A quick translation means that an agent can run in the background and examine the health of a network. It can evaluate and patch automatically, like the system that controls your heartbeat and respiration. When there is an issue, a sentient human can jump in. This may be like a human being moving out of the way of an oncoming bus. This person has an operating cardiovascular system; however, a human must alter survival. Listen to the interview to see how this human/technology parallel holds up.  

Ep 192 Forensic Analysis and Digital Footprint Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Cellebrite is a company that earned its stripes in the commercial world with its ability to find a needle in a haystack. In other words, they have developed an ability to sift through mountains of data, find the essential parts of an investigation, and leverage that information to close a case. In other words, anyone can find the proverbial needle; who can find the right needle that will solve the puzzle and bring the case to closure? The federal government is plagued with fraud and abuse from very sophisticated malicious actors. These actors are adept at creating false identities and covering their tracks. The GAO estimates that in 2023, Fraudnet reported 4,400 allegations in fiscal year 2023. Further, the Department of Justice reports $2 billion in illicit activity. It takes talent mastered in the commercial world to close federal cases. During the interview, Maurice Cook provides examples of the restricted federal environment in which Cellebrite must operate.  They must be transparent and ethical on all levels.  Fortunately, Cellebrite has managed to transfer that commercial skill set to the federal government under the guise of a digital investigative platform. Listen to gain a better understanding of forensic analysis and digital footprints.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Google's public sector has exploded into the federal technology marketplace. Today, we recapitulated the recent Google Public Sector event and tried to understand the reasons for the success. Our guest is Troy Bertram, Executive Managing Director of Google's public Sector Partner Ecosystem. Together, we review the keynote presentations, essential concepts, and the value Google can bring to rapid innovation in the federal government. The event kicked off with Karen Dahut, CEO of Google Public Sector, emphasizing the value of making systems foundationally secure. Apparently, this message resonates with the tech audience. Although Google Public Sector has only been around for two years, it saw 1,000+ people attend, including 24 federal leaders and attendees from over ten countries. Apparently, operational resilience is an international concept. We also heard some entertaining concepts. Leigh Palmer talked about AI as “always confident, not always correct.” She and her panel focused on the importance of having valid data before the discussion of artificial intelligence begins. Forrester has some predictions about the public sector that apply to federal cloud usage. They say that “public sectors should become more adaptive to build resilience and fuel innovation. Troy Bertram focuses on the DoD's efforts to leverage many of the concepts detailed at this conference.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Humans can be easily deceived. You look at an iceberg and think that is all you have; the same approach can be applied to federal websites. At first glance, you notice the visual and do not understand how the website may be providing valid information or if this can be done in a timely manner. Those aspects of web design are essential and can be measured easily with well-known tools like heat maps, Google Analytics, and user surveys. Today, we go below the surface of the iceberg. Lee Becker from Medallia helps listeners expand the user interface concept to include the outside and the inside. For example, a superficial understanding of the user interface would serve a citizen in a form. This is one way to interpret Executive Order 14058, “Transforming Federal Customer Experience and Service Delivery to Rebuild Trust in Government. “ However, when you dig deeper, you will understand that in 2022, 190 million hours were spent on forms at the Department of Homeland Security. Lee Becker shares his experience and shows listeners how to go beyond the screen, dig deeper with the user interface, and improve larger goals like collaboration, security, and transparency. Ep. 190 User Experience: the plow must go deeper.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Robb Wong helps clients at Deep Water Point & Associates better understand the U.S. Small Business Administration. They recently announced that Fiscal Year 2023 had a record-high 28.4 % of federal contracts to small businesses. Robb is in the perfect position to help. He has started several small businesses and was appointed associate administrator at the Office of Government Contracting & Business Development in the U.S. Small Business Administration. This experience makes him the perfect person to help listeners understand existing rules and proposed rules to help them develop the federal technology business. Here are four highlights of the conversation: He emphasized the importance of adapting to proposed SBA rule changes, which could alter small business strategies for 2025. Wong advocated for increasing the 8(a) sole source limit to $8-10 million and suggested gradual transitions for mentor-protege joint ventures to maintain small business participation. He also called for government support to cover the prohibitive costs of CMMC certification. Encourage clients and the industry to participate in the rulemaking process and provide comments on the proposed changes. Prepare small businesses for the changes to the mentor-protege program, which are expected to be implemented in early 2023.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government is the largest employer in the United States, employing approximately three million people. It buys everything from rubber bands to rockets. In the area of technology, it buys everything from toner for a copier to communications to a satellite. How can a small company sell to this monolith? Some will argue that the best approach is to develop a relationship with a successful company to understand the dynamics of federal technology acquisition.  Connect with Slalom at the ACT-IAC conference in Hershey, PA on October 27, 2024  Today, we sit down with Jim Igoe, Slalom's Director of Public Sector Partnerships. He describes why Slalom has successfully partnered with over seven hundred companies. He mentions several concepts. >>>> focus on change that matters. In other words, federal employees can notice a discernable change when an engagement is complete. >>> Develop a thorough and complete understanding of the project before commencing. Listen to the interview to better understand how to enter a complicated market and identify, foster, and build relationships with strategic partners.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Joel Krooswik from Gitlab has seen more code reviews than he can count. He has seen duplicate code, insufficient data, and insecure code. "Work harder" may be the maxim in the NFL, but this is a fool's errand regarding software development. Traditionally, a code review would yield remediation that would take hours and detailed work. During the interview today, Joel looks at how Artificial Intelligence can be applied to four areas: Clean code. A system may work now despite problems. However, it can fail once it is stress-assessed with mountains of data. Clean code means it is easier to scale. Speed. Humans may not be able to see system inadequacies that slow it down. AI can see log jams that a human cannot. Duplicate code. Various individuals have maintained older systems so that code may have been duplicated. Duplicate code is complex for humans to find but easy for AI. New features. Application "A" may run on a system with no problems; when updated, it may highlight issues you do not know exist. AI can look at code and allow for more accessible features. During the interview, Joel focuses on how these abilities can be applied to the federal environment.