CTO Vision

Intel's Pat Gelsinger, a guy in a position to know and help drive Intel's technology roadmap (he is Intel's Chief Technology Officer (CTO) and SVP) spoke recently at the Intel Developers Forum where he gave a presentation called "From Petaflops to Milliwatts."   In that presentation he described something we should all be glad to know, he believes Moore's Law will continue to hold good through 2029 (as I'm sure most readers here know, Moore's Law comes from Intel co-founder Gordon Moore's statement that the number of transistors on a chip will double about every two years). 

Read more on Pat Gelsinger's latest statement at the article on Web Sphere Journal.

For more on Moore's Law see:

http://www.intel.com/technology/magazine/silicon/moores-law-0405.htm

and

http://www.intel.com/technology/mooreslaw/index.htm

 

This is all really cool.  Technology optimists like me get excited thinking about the power for good this can be.  But something else is lurking out there that we should all be aware of.  There is still evil in cyberspace, and we good guys will always need to be outthinking them.  We should ensure steps are put in place now to keep Zettaflop Supercomputers working for the good guys and not the bad guys. 

For some related posts, see:

Good and Evil in the Future of Cyberspace

and

What's Next In Enterprise IT

The Department of Homeland Security has released a blueprint for the enhanced protection of federal networks against cyber attacks.  A factsheet for this effort is  available here. 

Here is a summary of that summary:

It declares a policy:  "It is the policy of the United States to prevent or minimize disruptions to our critical information infrastructure in order to protect the public, the economy, government services, and the national security of the United States."

It formally announces a Presidential Directive:  "On January 8, 2008, President Bush approved National Security Presidential Directive 54/Homeland Security Presidential Directive 23, which formalized a series of continuous efforts designed to further safeguard Federal Government systems and reduce potential vulnerabilities, protect against intrusion attempts, and better anticipate future threats."

It announces a lead for the nation in this area: "While efforts to protect our Federal network systems from cyber attacks remain a collaborative, government-wide effort, the Department of Homeland Security (DHS) has the lead responsibility for assuring the security, resiliency and reliability of the Nation’s Information Technology (IT) and communications infrastructure. 

It provides a list of some of the actions which are underway right now:

• Hiring additional personnel to support the U.S. Computer Emergency Readiness Team (US-CERT), DHS’ 24x7 watch and warning center for the Federal Government’s Internet infrastructure.  US-CERT, a public/private partnership, operates around-the-clock to help government and industry analyze and respond to cyber threats and vulnerabilities.

• Expanding the EINSTEIN Program to all Federal departments and agencies.  This will provide government officials with an early warning system to gain better situational awareness, earlier identification of malicious activity, and a more comprehensive network defense. The EINSTEIN Program helps identify unusual network traffic patterns and trends which signal unauthorized network traffic so security personnel are able to quickly identify and respond to potential threats.

• Consolidating the number of external connections including Internet points of presence for the Federal Government Internet infrastructure, as part of the Office of Management and Budget’s (OMB) “Trusted Internet Connections Initiative,” will more efficiently manage and implement security measures to help bring more comprehensive protection across the federal “.gov” domains.

• Creating a National Cybersecurity Center to further our progress in addressing cyber threats and increasing cybersecurity efforts.  This Center will bring together federal cybersecurity organizations, by virtually connecting and in some cases, physically collocating personnel and resources to gain a clearer understanding of the overall cyber security picture of Federal networks.  Secretary Chertoff appointed Rod Beckstrom on March 20, 2008 to serve as Director of the National Cyber Security Center.

• Expanding the National Cyber Investigative Joint Task Force (NCIJTF), to include representation from the U.S. Secret Service and several other federal agencies. This existing cyber investigation coordination organization overseen by the Federal Bureau of Investigation will serve as a multi-agency national focal point for coordinating, integrating, and sharing pertinent information related to cyber threat investigations.

• Working towards a stronger supply chain defense to reduce the potential for adversaries to manipulate IT and communications products before they are imported into the U.S. To address this challenge, the Federal Government is exploring protections into our federal acquisition process and developing a multi-faceted strategy to reduce risk at the most appropriate stage of the IT and communications product lifecycle.

• Facilitate coordination and information sharing between the Federal Government and private sector to reduce cyber risk, disseminate threat information, share best practices and apply appropriate protective actions as outlined within the National Infrastructure Protection Plan (NIPP) framework. For example, DHS created a Control Systems Vulnerability Assessment Tool to help all critical infrastructure sectors assess certain policies, plans and procedures currently in place to reduce cyber vulnerabilities and leverage recognized standards. 

• Led the nation’s largest cyber security exercise, known as Cyber Storm II, in March 2008, bringing together participants from federal, state and local governments, the private sector, and the international community in order to examine and strengthen the nation’s cyber security preparedness and response capabilities in response to a simulated cyber attack across several critical sectors of our economy. Cyber Storm II and other exercises help ensure that public and private sectors are prepared for an effective response to attacks against our critical systems and networks.

• Partnering with academia and industry to expand cyber education for all U.S. Government employees, particularly those who specialize in IT, and enhance worksite development and recruitment strategies to ensure a knowledgeable workforce capable of dealing with the evolving nature of cyber threats.

• Increasing funding for IT security through the President’s FY 2009 Budget Request of $7.2 billion for these efforts, an increase of $600 million over the $6.6 billion dedicated to this area in FY 2008 across the Federal Government.

Speaking as someone who has been involved in the national security community and the computer security community for quite a while I have to say this is very exciting news.  The forward thinking leaders in government pulling this together and leading the extended enterprise to be more secure should all be commended for their efforts. 

A point for enterprise Chief Technology Officers:  Well, if you are in government you already know the point and have been deeply involved.  If you are not in government but working in other large organizations I think the point is that sometimes the things that seem impossible are really quite possible.   A small group of people with drive and vision can change the world.

A friend at Google sent me a great clip from the Google Blog on the Google App Engine.  Let me quote below:

We just launched a preview release of Google App Engine, a way for developers to run their web applications on Google's infrastructure. In the same way that Blogger made it easy to create a blog, Google App Engine is designed from the ground up to make it easy to create and run web applications.

With Google App Engine, developers can write web applications based on the same building blocks that Google uses, like GFS and Bigtable. Google App Engine packages those building blocks and provides access to scalable infrastructure that we hope will make it easier for developers to scale their applications automatically as they grow. This means they can spend less time dealing with system administration and maintenance, and more time building and improving their applications. (There's more detail on the new App Engine Blog.)

This is really exciting. 

I have just reviewed, with several CTO friends, my personal reference list of disruptive technology for enterprises.    I am trying to aim that list to serve enterprise CTOs.  I hope it provides some degree of early warning to those CTOs, since my theory is that these technologies will be disruptive (in a positive way). 

I provide more of my informal methodology on the page that holds the list.  Please look it over when you get a chance and let me know if you think I have missed a capability. 

Again, it is at: disruptive technology for enterprises.

The nets are abuzz with a new information sharing strategy for the intelligence community. The .pdf version I saw, dated 22 Feb 2008, has yet to be posted on the ODNI website, so there is a chance it is not the final (FAS posted a copy online ). From what I've seen, it takes the same well thought out approach as the information sharing strategy signed out by the President and also draws upon the many lessons learned in the DoD Info Sharing Strategy .

Key threads apparent in all these documents include recognition that information sharing is not a technology problem. Technology absolutely must be part of the discussion, but the most important issues to address are always human issues. Things like culture, policy, training and decision-making are absolutely critical to success in information sharing.

==========================================

Update:  The document is now officially on the ODNI website.  It is located at:

http://odni.gov/reports/IC_Information_Sharing_Strategy.pdf

===========================================

Reportedly Bill Gates said "We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten."  That is a very level headed observation.  I think it reflects the way we humans react to technology capability growth.   Think for a minute about most of the graphs you see in Ray Kurzweil presentations.  Exponential growth isn't dramatic right away, it is dramatic over time.  We get our hopes up and expect wonders right away and overestimate the change that should be here short term.  Then tend to be discouraged when that dramatic change isn't here yet which makes us underestimate the power of something like a doubling of performance every year multiplied by ten years. 

I think enterprise CTOs are in tough spots because they are charged with avoiding both the human faults outlined above.  A CTO needs to have a balanced estimate of the change that will be here in a year or two or ten.  And we need that balanced assessment across multiple sub disciplines of enterprise technology, including virtualization, storage, communications, middleware, development environments, etc.   

I can't say I have the magic recipe that will provide that balance.  But I do have some personal predictions of change that I enjoy sharing with other technologists.  I built a briefing on the future of IT several years ago to help my organization confront some brutal facts about the future.  I later changed it to help us with strategic planning efforts, and over time updated it to help several decision makers noodle through the impact of some key technologies on our future. 

I've attached two copies of the briefing here, one in open document format and one in Powerpoint format. 

Download 080402TechnologyFutures.odp

Download 080402TechnologyFutures.ppt

Now let me mention the big flaw in my briefing.  Although it has been reviewed and commented on by some GREAT technologists around the federal community and in Silicon Valley, it really needs more eyes on it and could use more input.  I think what I need to do is convert it to 100% text and then build a page on wikipedia for this topic that many hands can edit.  Then we will have something that may be of more use to enterprise technologists.   

But till then, please let me know if you have any suggestions for me on technologies I should be tracking, or comments on assessments I mention in the briefing.

Thanks much.

Bob

I recently read some GREAT news.  One of the nation's greatest organizational/technological thinkers and entrepreneurs, Rod Beckstrom, has answered the call to service and will be joining the Department of Homeland Security (DHS).   

Rod Beckstrom is famous for many things.  Among CTO s and enterprise technologists he is viewed as a champion for the smart use of new collaborative technologies to transform organizations.  He is really far more than that, however.   He is one of a new generation of forward thinking leaders who understand that sometimes in order to lead you must serve, and sometimes in order to really lead you must adopt powerful new organizational frameworks that enable disruption of the current order. He is the co-author of the bestselling, frequently quoted, often discussed "The Starfish and the Spider", which gives some hints at the powerful thinking Rod will bring to DHS.

The following is a quote from the Statement by Homeland Security Secretary Chertoff:

"I am pleased to announce my appointment of Rod Beckstrom as the first Director of the National Cyber Security Center (NCSC). Rod will serve the department by coordinating cyber security efforts and improving situational awareness and information sharing across the federal government.

The department is leading efforts to protect federal networks and enhance capabilities that defend and reduce cyber-associated risks. The NCSC will work with the interagency to implement cyber security strategies in a cohesive way, consistent with our privacy laws.

Rod has over 25 years of experience in designing and implementing new internet technologies. He brings to the department a specialized Internet expertise, and unique entrepreneurial and creative business thinking. Rod received both his BA and MBA from Stanford University, and was a Fulbright Scholar in Switzerland."
 

This news of Rod's joining DHS is really very exciting.

So, Rod, good luck and thank you very much for deciding to serve the nation in this capacity. 

The threat to our computers and networks is very real.   Dozens of millions of malicious bots have been projected to be operating in PCs.  Hackers have penetrated sensitive, seemingly well protected corporate sites.  Denial of service attacks have been conducted against businesses and even countries.  And press reporting indicates even sensitive US government computers have been penetrated.  Leaders in allied countries have been quoted in the press saying their PCs have been compromised as well.

On top of this, if you look at projections of the future computing environment, our dependencies on technology and the threat of vulnerabilities only increases (see my posting on the future titled "Good and Evil in the Future of Cyberspace").

So by any calculation, the assessment of our nation's ability to succeed in cyberspace is in question.  The net assessment is not looking so good.

But there are some very optimistic things happening in Cyberspace, and, with the right technological vision and leadership, we can make a significant change in the net assessment of that domain.

Let me give you an example that has me thinking very optimistically now.

I have a new computer on my desk.  It is a SunRay 270 built by Sun Microsystems.   

Here are some of its features:

A handful of articles have been written about the government's Cyber Initiative.  Reportedly this is an initiative to enhance the security posture of the nation.   One recent one from UPI is at: Einstein and U.S. Cybersecurity.

As an outsider now, I'd like to point out a few observations regarding what I've seen in the press on the  Cyber Initiative:

- The Einstein program is one element of this initiative.  It is a way to enhance the security of US government networks.

- This type of program had previously been hard to implement because of organizational issues. But those have been resolved.

- The devil is in the details on programs like this, but  leaders like Scott Charbo can ensure all the details are taken care of. 

The Cyber Conflict Studies Association (CCSA) is a non-profit group organized to promote and lead a diversified research and intellectual development agenda to advance knowledge in the cyber conflict field. The CCSA is committed to developing academic programs and communities that can help the nation in this emerging area of thought. The CCSA is providing enhanced discourse on the strategic implications of cyber conflict and provides a venue for academic dialog on the study of economic, policy and other strategic issues and provides key intellectual capital the nation can tap for the ongoing cyber initiative.