CTOvision.com

Context for the CTO, CIO, CISO and Data Scientist

Home » Archives for Katie Kennedy » Page 2

Katie Kennedy

Security for Big Data Designs: Examining best practices with security architect Eddie Garcia

On Tuesday, January 27, 2015 CTOvision publisher Bob Gourley hosted an event for federal big data professionals. The breakfast event focused on security for big data designs and featured the highly regarded security architect Eddie Garcia.

Eddie Garcia is chief security architect at Cloudera, a leader in enterprise analytic data management. Eddie helps Cloudera enterprise customers reduce security and compliance risks associated with sensitive data sets stored and accessed in Apache Hadoop environments. Working for the office of the CTO, Eddie also provides security thought leadership and vision to the Cloudera product roadmap.

As the VP of InfoSec and Engineering for Gazzang prior to its acquisition by Cloudera, Eddie architected and implemented secure and compliant Big Data infrastructures for customers in the financial services, healthcare and public sector industries to meet PCI, HIPAA, FERPA, FISMA and EU data security requirements. He was also the chief architect of the Gazzang zNcrypt product and is author of two patents for data security.

After a series of introductions from the audience, Garcia commenced his presentation. Garcia addressed the shift from “bringing data to compute, to bringing compute to data.” This shift ties in well with Cloudera’s enterprise data hub, built on Hadoop. Hadoop offers petabytes of data storage and can handle multiple workloads. Combined with Cloudera technology, it becomes a secure and powerful enterprise architecture.

Cloudera’s security model is based on four pillars of security: Perimeter, Access, Visibility and Data. This creates the most secure Hadoop distribution on the market.

Authentication is addressed for the perimeter security requirements. Active Directory and Kerberos are the authentication staples within the enterprise, allowing all users to be authenticated. Each user is provided a username and password and groups control what services users have the ability to access.

Access security requirements define what individual users and applications can do with the data they receive. What this means is providing users access to data needed to do their job, centrally managed access policies and a leveraged role-based access control model built on Active Directory.

clouderabreakfast1

 

Cloudera delivers unified authorization with Apache Sentry. Sentry provides unified authorization via fine-grained RBAC today for Impala, Hive, HDFS, and Search. The goal is to provide unified authorization for all Hadoop services and third-party applications (such as Spark, Pig, MR, BI Tools, etc).

Visibility security requirements are the understanding of where data comes from and enabling discovery of more data like it. Policies for audit, data classification and lineage must be enforced, while centralizing the audit repository, performing discovery and automating lineage. There is visibility through the Cloudera Navigator, covering all of the above requirements. (Image below).

clouderabkfst1

Data security requirements protect data in the cluster from unauthorized visibility and meet compliance requirements for PCI, HIPAA, FISMA, FERPA. Data security segregates data from privileged user accounts including system administrators and protects storage from theft or improper disposal. The data security pillar includes data encryption, conforming to key management policies, and integration with existing Hardware Security Module as part of key management infrastructure. Part of the data security requirements is the Navigator Encrypt.

Cloudera Navigator Encrypt provides transparent encryption for a user’s Hadoop cluster. Navigator Encrypt runs transparently to the applications running above. Data is moving between the application and data nodes while Encrypt is automatically encrypting data. All sensitive data is automatically being encrypted and decrypted as its written and read to the disk. Working in conjunction with Navigator Encrypt is Cloudera Navigator Key Trustee, a centralized key management and policy enforcement system. The Navigator Key Trustee is a “virtual safe-deposit box” with built-in audit capabilities.

clouderabkfst2

Cloudera has various methods for keeping your data secure. Their security story is one that began long ago, but was accelerated by Intel in 2013, when Intel established Project Rhino. The goal of Project Rhino has been: A Framework for Unified Authorization and Encryption and Key Management.

With Garcia’s final remarks, he debuted Intel’s hardware acceleration figures. This was also a topic at the February Strata + Hadoop World in San Jose (see his keynote on Data: Open for Good and Secure by Default).   Garcia concluded with security tips:

  • Sensitive data doesn’t live only in HDFS (Hadoop Distributed File System); it’s important to remember other data sources, such as logs, meta-data stores, queries, and temporary map results
  • Performance tuning is important, as security adds performance overhead. Use an established methodology for performance tuning, such as benchmarking, tuning and securing, and then retesting performance to note improvement.
  • Lockdown from the get-go. Plan security from the start, don’t wait until you get to a production environment and find you have to re-architect to meet security requirements.
  • Know the requirements of your security department. They may require an HSM (Hardware Security Module), for example, or compliance with FIPS 140-2 level 3 requires tamper evident hardware root of trust

Learn More about Cloudera here.

 

 

LUX: a Real-Time Predictive Analytics Solution

What if you decided to take a holiday in the sun on a luxurious cruise liner only to discover that your shipmate could have Ebola? Determining who may have come in contact with the potential victim is tricky. LUX, an analytics tool, has the ability to track individuals and ships to aid in minimizing the spread of the often-fatal virus.

LUX

LUX is a scalable, real-time predictive analytics solution created by ICG. The user of LUX is the one in control; analysts and SME have the ability to interact directly with the system and can easily tune the system to react to changing conditions and threats.

LUX can process enormous volumes of data, regardless of the source or content. And, LUX can present the data in geospatial and temporal visualizations, to aid in interpreting and acting on the information. LUX can turn analyst insight into automatically generated alerts that can be directed to appropriate systems for quick reaction.

A LUX analyst can watch events such as a potential Ebola outbreak happen in real time. LUX allows for parameters to be set to track individuals on potentially hazardous cruise liners. A user can define rules to essentially track anything that moves. Real-time tracking could keep the potentially significant Ebola outbreak to a minimum.

LUX is not magic; rather it is similar to a tool on a tool belt, like a Leatherman tool. It is an easy to use tool that monitors what you want 24/7; alerting you by email, text, instant message or LUX’s user interface, as soon as it detects data or patterns matching a rule or rules. Rules can be combined in sophisticated ways, either geospatially or temporally to result in focused alerting.

This predictive analytics solution could help with Ebola containment. The biggest problem is the rapid spread of the virus, with little done to thwart the interaction between Ebola victims and healthy individuals. Maybe tracking done 24/7 and real-time alerts could cease the spread of this outbreak.

While no one piece of technology can thwart an Ebola outbreak, you may feel more comfortable booking that next Caribbean cruise knowing that there are tools being developed to potentially slow the spread of this deadly disease. And, in time, as more technology is developed and implemented, a passenger’s sense of security may improve significantly. The next version of LUX is due out in November. This next version boasts a 40% gain in functionality and productivity and a redesigned user interface.

For more information contact ICG Solutions.

Tapping Global Threat Intelligence To Secure Enterprise Networks

On August 27, LogRhythm hosted a panel focused on “Tapping Global Threat Intelligence to Secure Enterprise Networks” at Ruth’s Chris Steakhouse in Crystal City. The panel participants included Sameer Bhalotra, COO of Impermium and former Senior Director for Cybersecurity at the White House; Bob Gourley, Publisher, CTOvision; Todd G. Myers, Senior Architect at the National Geospatial-Intelligence Agency and the Intelligence Community Information Technology Enterprise (IC ITE) Chair for the Geospatial Integration Joint Venture Leadership Network (GI JVLN) to the Office of the Director of National Intelligence (ODNI); and Chris Petersen, CTO at LogRhythm; with moderator Betsy Schmidt Chase, the Federal Business Development Manager at LogRhythm.

Discussions began with a question to the panel addressing the biggest threat to the United States’ national security. Todd G. Myers was the first to speak, saying that the biggest threat would be attacks against our many interconnected systems in ways that could cause cascading failures. These threats are compounded by many systems being vertical in nature when they should be horizontal or elastic.

Chris Petersen followed with his opinion that the biggest threat to national security is industrial espionage. Petersen stressed that this is the biggest threat since it is underway now.  Industrial espionage gives our foes access to things we worked to create that they do not deserve and this steals from our collective future.

Sameer Bhalotra said the worst attacks would be those on the power grid or the continuing mass threat of theft of intellectual property. He added a developing concern of attacks on financial markets and mentioned concerns of new types of theft like Bitcoin losses.

Bob Gourley reminded all that if the question is on the biggest national security threat we should all keep in mind that the threat of destruction of our way of life must be deterred and that means deterrence of nuclear war remains of critical importance. There are cyber dimensions to this threat, and we must protect our command and control systems in peace so no adversary believes they can be tempted to conduct cyber attacks against us. Gourley said steps should be taken to defend the PC and client world against cyber attacks, but underscored that this is the old infrastructure. The age of the PC really is over. We are now in the age of mobile computing, and very soon this will morph to a new age of ubiquitous computing. We need to think of the security of everything and anything connected to the Internet.

Todd Myers was asked to comment on best practices which could be used for architecting in security, especially around protection of enterprises. Todd took the opportunity to underscore that security has to be architected in at the beginning, not tacked on at the end. This means designing early at the device and platform and network. He also underscored the importance of encryption.

Chris Petersen answered the next question on the topic of changes in architecture. Petersen replied that there is a need to stay consistent with what needs to be adopted. He stressed that verticals are pervasive to honey-pots. Using the honey-pot tactic to find infiltrators of a network helps to identify whom the infiltrators are and what they are attempting to accomplish. This tactic helps to better understand the adversary.

Sameer Bhalotra addressed the same question saying that there is a need for security analytics. Sensors should be looking for problems and gathering data to conduct further analysis. Data needs to be collected to find out what occurred when a breach took place.

Bob Gourley took the next question of what is the latest and greatest technology. He said he knows that people and process are of critical importance but technology too must be implemented smartly, and from there he mentioned that a well-instrumented enterprise can make it very hard for an adversary to remain undetected. A well-instrumented enterprise can give indications of the adversary prior to a breach and help fight them after breach. Additionally, this lays the foundation for the most important capability in security, the means to automatically remediate and restore back to a known good state.

Petersen pointed out that technology and automation will make people better at combating cyber threats.

Betsy Schmidt Chase presented the next question on the topic of the Cybersecurity Information Sharing Act (CISA). CISA requires the Federal Government, including the Director of National Intelligence (DNI), the Secretary of DHS, the Secretary of Defense and the Attorney General to develop and promulgate procedures and oversight relating to information sharing regarding cyber threats.  It also provides liability and antitrust protections for entities providing information within the limits of the Act.

The first question asked centered on what are the best practices that should be employed to develop a reasonable framework for information sharing under CISA. Myers began by addressing the issue of capturing knowledge and going forward with it. There is a problem with people not wanting to share information because they prefer to control what they know. There is a necessity surrounding accessible and centralized knowledge that will support information sharing. There is value in “putting things in a place to accelerate knowledge sharing.”

Bob Gourley responded, saying that information sharing is more a matter of “trust based relationships.” Would sharing information be beneficial or detrimental?

With information sharing, Bhalotra said that some of the data is in the middle ground, not necessarily the silver bullet, nor does it have zero value. There is hesitancy due to privacy concerns. The biggest issue with information sharing is due to a lack of automation, said Bhalotra, and legal overhead. He stated that information sharing is not smooth, but in the West Coast it is now legal for the private sector to share with other private sector industries; it is happening more and more.

Petersen said that it is vital to know what the enemy is talking about. Responding effectively and quickly is fundamental when an enemy infiltrates a network.

The next question addressed whether privacy should be given up. Gourley was the first to tackle the question by saying that, “it seems sometimes like there are two sides and no middle ground.” It is hard, because how can the government not interfere and steal from adversaries, if extreme privacy restrictions are in place. “What should we do to steal adversary secrets,” Gourley asked rhetorically.

“There is always an insider threat” replied Myers, “there is always the black swan.” There is an inherent need to protect what we put down. The term insider threat is one of this day and age, one that will become something completely different in the years to come.

“Insider threat is really outsider [threat],” Petersen said. With privacy, there is a willingness to pose as an insider threat.

Before, there was no way to compare analytics, now there is, Bhalotra stated,  “now we can detect bad behavior when we know what to look for.” Within the private sector, employees do not want to be spied on, that is more the accepted culture of the government. In DC, the loss of privacy is expected, whereas on the West Coast it is atypical.

Gourley closed the panel with his statement; an adversary can be found and detected when there is an instrumented network with the right design that can act on the adversary.

The panel was received with a warm round of applause, while Chris Petersen prepared his next presentation. He presented on LogRhythm’s Security Intelligence Maturity Model, which will soon be available.

DISA’s CIO Dave Bennett on Achieving Efficiencies

The Defense Information Systems Agency’s chief information officer and director for Enterprise Information Services Dave Bennett opened for FedScoop’s “Lowering the Cost of Government with Information Technology (IT) Summit” on August 21. Bennett’s opening discussion began with the focus on infrastructure and capacity services contracts. He brought to attention DISA’s closing three Defense Enterprise Computing Centers (DECCs) in the past year, saving roughly $3.2 million each year. Bennett emphasized the need for updating and enhancing of the remaining computing centers and infrastructure to meet the reliability and availability requirements of the department.

Read more from DISA below:

Dave Bennett, the Defense Information Systems Agency’s chief information officer and director for Enterprise Information Services, opened FedScoop’s “Lowering the Cost of Government with Information Technology (IT) Summit,” held August 21 at the Newseum in Washington, D.C., with his perspectives on IT consolidation. The event, which brought together subject matter experts from the public and private sectors, was focused on how agencies can leverage emerging technologies to create a more cost-effective and smarter government.

Bennett opened the discussion with a focus on infrastructure and capacity services contracts. Capacity services contracts provide scalable capability on demand, he said. The vendor owns and maintains equipment that readily scales up or down to meet the government’s requirements, and pricing is done on a utility basis or using a tiered structure.

Bennett explained that these types of contracts save the government from buying and sustaining equipment, allow the government to pay for only what it needs, and enable the government to leverage technology faster.

“With capacity services [contracts] we have vendors online to provide platforms for our computing environment and we can request ‘x’ number more boxes as the demand increases and [the vendors] have a timeframe in which to deliver,” said Bennett.

“Throughout the course of a contract I’m able to ebb and flow and have a built-in tech refresh,” he said.  “This helps me support users by quickly and consistently bringing in new capabilities as technology evolves in a cost-effective way.”

Bennett also emphasized the need to draw down the amount of resources that have been invested in infrastructure, referencing the 2010 Federal Data Center Consolidation Initiative (FDCCI), which called for a reduction in the number of DoD data centers.

DISA closed three Defense Enterprise Computing Centers (DECCs) in the past year, he said. In May, the DECC in Huntsville, Alabama, closed, a move which will save an estimated $3.2 million per year. Earlier in the year, the agency closed data center operations in Dayton, Ohio and Chambersburg, Pennsylvania.

Bennett also pointed out that remaining computing centers and infrastructure must be updated and enhanced to meet the reliability and availability requirements of the department.

“We are starting to focus and drive down more capabilities and end users into a more centralized set of facilities that support the growing demand.  It’s inherent upon us to ensure that the infrastructure is as solid and reliable as can be so that the end user can get the performance expected,” said Bennett.

Savings can also be found in end user capabilities, especially enterprise services, he said.

“Enterprise services are a cost-effective, inexpensive way to deliver capability [globally],” said Bennett, citing DoD Enterprise Email (DEE), which has approximately 1.6 million users, as a good example.

“[DEE] has allowed the Army to shut down their entire set of locally owned and operated email exchange systems, which offers software savings. But more importantly it’s an opportunity to reinvest savings and reallocate resources to other priorities.”

Similarly, the department’s enterprise collaboration capability has offered financial savings, as well as significant operational benefits.

“Not only do you gain the savings but everyone in DoD is able to come together and meet within one collaboration environment,” said Bennett. Prior to the availability of this enterprise service, every component was handling its own collaboration services locally.

According to Bennett, the enterprise collaboration service offering changed the military’s business operations. Today, the service is an integral component of the operational environment that the warfighter uses to conduct day-to-day operations.

Standard solutions can also generate savings and deliver capabilities without having to provide “one-off” scenarios that are costly to develop and sustain, said Bennett.

Bennett suggested that organizations look to adapt their business processes to work within standard technology instead of bending solutions to fit their processes, which DISA is doing by using commercial-off-the-shelf solutions.

“Take it out of the box as is and then change your business processes to leverage whatever the capability is coming out of the box,” said Bennett.  “That step alone saves huge amounts of time and energy.”

Bennett said that DISA is also looking at leveraging commercial products that offer integrated capabilities “with symbiotic relationships that build on top of each other and allow us to bring in new capabilities and take out old features that are expensive and costly to maintain.” He said integrated capabilities will prove useful as the agency pursues unified capability and virtual desktop solutions.

Related Reading

Artificial intelligence: the megatrend that’s first among equals

Transition for One of The Nation’s Greatest Enterprise CTOs: Dave Mihelcic Retires From DISA

Why Big Data And The Internet of Things Are A Match Made In Heaven

Summary from the 30 July Analyst Forum

Editor’s note: On Wednesday 30 July 2014 analysts, executives and technologists gathered at our Analyst Forum, an event established by a partnership between AnalystOne and the United States Geospatial Intelligence Foundation (USGIF) to help share lessons learned across multiple sectors of the economy, including finance, healthcare, law enforcement, emergency response, scientific research, ecommerce, IT, intelligence, and the military.

We had analysts at the event capturing content that we will summarize here over the next few weeks. And we are surveying 280 people who engaged with us to ensure we are capturing the most important results of the event as well as gaps this community believes we should be collectively tackling to improve the state of analysis. All of this will be shaping our reporting here.

In the post below Katie Kennedy provides a high level overview of the event. Stand by for more details.

Bob Gourley
Publisher, Analyst One

 30 July Analyst Forum: The First Report/Summary

Analytics 2014: Insights for Mission impact began with opening remarks from Keith Masback, Chief Executive Officer, United States Geospatial Intelligence Foundation (USGIF). Keith welcomed all and helped bring focus to some of the opportunities the event could help the community achieve.  Keith has been an analyst and a leader of analysts and is now a key champion of mission focused capabilities including those supporting the analytical community. He brings knowledge of technology and methodology and critical important missions to this topic. His key message in introducing the event was the criticality of the thoughts that would be exchanged today.

Bob Gourley welcomed attendees. Early on he underscored the gratitude the event organizers had for the sponsors. These firms sponsored the event because of their respect for the mission and understanding of the importance of this effort to the community and they are very much appreciated. Sponsors of the event are: Leidos,  BAE Systems,  Carahsoft,  Cloudera,  Digital ReasoningDigital Globe,  IBM  and  ICG.

Gourley also provided a heartfelt thanks to all attendees for coming, and spent time giving attendees a feel for who else is in the room. Attendees came from the finance sector, media outlets, ecommerce companies, retail companies, the heathcare sector, the scientific research community, law enforcement, plus multiple government agencies including DHS, DoD (Army, Navy, Air Force, Marines ), NRO, DIA, NGA, NIH, NCI, DoT, Treasury, State, VA, HHS, and many others. Commercial firms present included multiple participants from systems integrators with analytical capabilities, high tech analytical tool companies like Recorded Future,WayInPentahoOptensity and Hexis Cyber.

Speakers at the event are all interesting with great backgrounds in analysis. Speakers included: Tom Lash, Jeff Jonas, Ilkay Altintas, Dave Warner, David Bray, Kirk Borne, Phil Bourne, Bob Grossman, John Harer, Kelly McCue, David Roberts, Abe Usher, Bill Wall, Carmen Medina, Ed Mornston, Mark Ashwell, William Nolte, Matt Devost, Adam Elkus, Ned Moran, Erin Simpson, Dave Gauthier, Bob Jimenez, Jason Thomas, and Scott Sorensen,

Tom Lash of Leidos, a key community thought leader on topics of analytics provided a welcome and an introduction to Jeff Jonas, our first morning discussant. Jeff is widely known in the analytical community for his ability to generate thoughts of direct and impactful relevance to helping people get their missions done. He is also highly regarded as a creator of both concepts and technology that add real value to organizations. Jonas has directed the design and development of multiple innovative systems, including solutions which have countered fraud in the gaming industry (See Jeff’s bio here).

Jonas prepared visuals that paired incredibly well with the messages in his presentation. It was a great help to expanding our thoughts to get Jeff’s perspectives on topics like detection of asteroids and then further turning observations into predictions of asteroid route and event predictions of future observable events like asteroid collisions. This important topic was used to underscore the importance of context when doing analysis. This theme of context was critically important to Jeff’s presentation and was also a recurring theme hit upon many other times throughout the day.

Jeff’s approach is to seek not just a little data, but as much data as possible. And of course to seek and leverage context. There needs to be more data to make better predictions, as well as filling in the gaps where there is not enough data. Jonas used the example of twins. If you have two people who look identical in every way and every feature determines them as one entity, how can you distinguish them? Therein lies the fact that two identical things cannot occupy the same space at the same time. To distinguish the two, there has to be data that supports the case that they are indeed two separate people. The more data gathered, the easier it would be to distinguish the twins and find they are two separate and distinct individuals.

By the way, Jeff received thunderous applause. It was great having him interacting with us all throughout  the day to help underscore the lessons he left us with.

Bob introduced the next speaker,  Dr. Ilkay Altintas, the Director for the Center of Excellence in Workflows for Data Science at the San Diego Supercomputer Center (SDSC), UCSD. Altintas addressed the question of “why data science workflows?” She answered,  “workflows contain a lot of small steps that become programmable and reproducible scalability.” A project the SDSC has been successfully working on is entitled “WIFIRE”, a scalable data-driven monitoring, dynamic prediction and resilience cyberinfrastructure for predicting and monitoring wildfires. Wildfires are difficult to predict, therefore WIFIRE supports an integrated process that analyzes wildfires, incorporating observations with real-time data.

Bob asked Dr. Altintas to discuss “The Scientific Method.”  Here is the idea we pondered: almost all of us grew up learning “The Scientific Method”.  The scientific method of observation, hypothesis, prediction, experimenting is still critically important.  But because of new technologies available to researchers and the incredible amount of data available, it is no longer the only workflow available to construct workable models of the world or to advance science and understanding. Dr. Altintas provided context on this topic that underscored the importance of considering workflows in analytical processes at any sector.

Bob then introduced Dr, Dave Warner, M.D., Ph.D., Medical Neuroscientist and the Director of Medical Intelligence at MindTel. Dr. Warner opened with “Computers are rocks that do math and they should worship us”. His idea that “dots are stupid” led to his highly innovative creation of hyper dimensional dots, where an observer can see thousands of different information on the dot, while taking advantage of abstract information. The dots are geolocated allowing the viewer of the dot to hover over an area and instantly have access to densely populated information on the area observed. Creating the models of information preserves relationships and transformation. Each 3-dimensional dot instantly presented multiple facets of data collected in a way that was easily understood by the vast majority of people.

After a short morning break for direct networking, everyone was ushered back into the hall where the next speaker was poised and ready to address the audience. Dr. David A. Bray, Chief Information Officer, FCC, prompted the question of “how to tackle the changing world?” Points he drove home through example after example were that analysts needed enhanced context to ensure optimal assessments. Among the many considerations he helped us think through were the fact that we all need to recognize that you can’t just build higher walls for Internet security. Computers need to alert humans when a threat arises. The FCC is making an application that will send pings during a crisis, constantly updating individuals while simultaneously sending feedback to responders. Innovation is needed more than ever; can public service change quickly enough? It is a technology as well as a people issue. The future includes algorithms working alongside public service workers:  when will having software make an unbiased recommendation better than a human? Humans are biased, so maybe algorithms are better for decision-making in some cases. In all cases, context is important.

The next segment included Cross-Sector Analytical Lessons Learned. The moderator was Dr. Kirk Borne, Data Scientist and Professor, George Mason University. Other segment participants included Dr. Philip E. Bourne, Associate Director for Data Science, National Institutes of Health; Dr. Robert Grossman, Director, Center for Data Intensive Science, University of Chicago; and Partner, Open Data Group; and Dr. John Harer, Professor of Mathematics and Computer Science, Duke University. Each individual had their own unique lessons they had learned. First was Dr. Borne, he addressed his lesson with the idea that no matter what field you are in, you can talk with people in other fields when you are speaking the trans-disciplinary language of data science. Second was Dr. Bourne, reasoning that answers to big data problems can come from anywhere either cofounded in a journal, a pandemic modeling article, or a 15 year old who was published in a leading journal. Third was Dr. Grossman, addressing that all men can see tactics, but who can see strategy? Tools are understood, but strategy is not as thought-through. Lastly, Dr. Harer prompted that successful collaborations have understandings of shared work, learning others’ languages and fields, and working with someone who needs you and who wants you to need them. Each panelist emphasized that there were many lessons learned and many more to come.

The next panel was law enforcement, with moderator: Dr. Colleen “Kelly” McCue, Senior Director, Social Science & Quantitative Methods, DigitalGlobe Analytics. The panelists were David J. Roberts, Senior Program Manager, IACP Technology Center, International Association of Chiefs of Police; Abe Usher, Chief Technology Officer, HumanGeo; and Bill Wall, Vice President, Praescient Analytics.  Each individual on this panel presented around a central theme that positively correlated better law enforcement and increased data usage. Usher presented on the lessons learned from the London Olympics. He said that as law enforcers, there should be proper identification of observation space and the creation of simple systems for recognizing normal and abnormal behavior. If there is a baseline, then it would be simple to find the abnormal. Next Wall addressed the London riots of 2011, relative to geospatial technology. Wall addressed that there should be geospatial data to build a database of individuals and incidents. Geospatial aspects of big data give us special capabilities to contextualize events. For the London riots, using the geospatial technology, law enforcers were able to find the rioters prior to their insurrection. Next, McCue presented on the Northern Virginia shooting incident that was solved using geospatial predictive analytics providing the high probability target areas that led to the suspect’s arrest. Lastly, Roberts brought to the audiences’ attention the immense impact the poor economy has had on the police workforce. Optimizing resources is extremely important and information-sharing capabilities are essential. Research has emerged looking at crime analysis data to identify systemic problems. Having data can create a mosaic, where many pixels create an image that can be used to solve crimes. The increased gathering of data has led to significant breakthroughs in solving crime.

After a lunch reception and exhibits, the next panel eagerly anticipated the audience’s return to their seats. The next panel was the Education of the Analyst, with Carmen Medina, Specialist Leader, Deloitte Consulting; Ed Mornston, Director, Human Development Directorate, National Geospatial-Intelligence Agency; and Dr. William Nolte, Program Director, Intelligence Center of Academic Excellence, University of Maryland School of Public Policy, and Mr. Mark Ashwell, internationally known developer of analytical strategies who has served as director of intelligence at the Royal Air Force and other UK MoD positions.  Medina addressed cognitive diversity and the future of intelligence work, meaning that not all thinkers are the same and there are inherent cognitive differences. She shared the formula calculating what you know as reality – observation error – bias = what you know. Mornston followed with the idea of creating a culture of learning where there is a thirst for innovation, while addressing challenges from declining resources. He urged that agility is key and needs must be anticipated. Nolte pointed out that there are now technically illiterate students and technologists with little worldliness. Analysts must think analytically, not tactically. The 21st century intelligence will be about information, not secrets, like the 20th century. Ashwell stated that the main issue is the challenge of using open source and classified information; analysts must be able to use both to not fall behind. Analysts are not prepared for using big data, we must move from the word to visualization.

In the question and answer session, Dr. Ilkay Altinas asked about the new age of data around individuals and the need for individuals to have data analysis skills and requested panelist thoughts on that topic. This powerful question generated great discussion and is a topic we will continue to help think and write about.

The following panel addressed the analytics of cyber conflict with moderator Matt Devost, President & CEO, FusionX and panelists Adam Elkus, Senior Analyst at Analyst One, Strategic Planner and Ph.D. Student, Computational Social Science, George Mason University; and Ned Moran, Professor, Analyst, Cyber Practitioner. Elkus started the discussion with the notion that cyber conflict takes place in a human made environment and within natural laws. It is a tangled mess of man and machines. What you intend a machine to do is not what it actually does. A lot of cyber issues come down to adaptation and speed. Moran stated that cyber threat intelligence means having better informed defensive decisions. There is a need to get ahead of the attacker through analysis. Moran addressed how we defend against attackers. The landscape is changing, but still the defenders are the ones always responding to the attackers. Moran said that “humans always make mistakes and attackers take advantage”. Cyber conflict is a defenders game and will be for a while.

The final panel was Lessons From and for the National Security Community, with moderator: Dr. Erin M. Simpson, Chief Executive Officer, Caerus Associates and panelists Dave Gauthier, Activity Based Intelligence Portfolio Lead, Analysis Directorate, National Geospatial-Intelligence Agency; Bob Jimenez, Chief Technology Officer, National Reconnaissance Office; and Jason Thomas, Manager of Innovation for the Government, Thomson Reuters. This panel addressed the challenges with data in national security. A few challenges include how data correlates, how to engage an NRO user, and how to recruit people to solve problems. Thomas said that “we have to adapt to what we think is coming, which is not a lateral movement”. In some cases we store more data than necessary and in others, we can’t get our hands on data we need.

The final speaker was Scott Sorensen, Chief Technology Officer, Ancestry.com.  His presentation started with a fantastic way to grab the attention of everyone in the room. We all know Ancestry.com and the overview and insights of the technological approaches there (and impact on solutions for customers) really riveted everyone’s attention.  “At Ancestry.com, we tell stories from data; we fill in the gaps of family history. With the use of AncestryDNA, we have collected sampled from 500,000 people and found over 10,000,000 fourth cousin matches. We provide context to family history by working with government agencies and churches.” Handwriting recognition locates words on a handwritten document, extracts the words and makes the documents easier to place in family trees. The exciting stories lead directly to very relevant conclusions for any organization seeking to enhance analysis, in any sector. We will provide details on these lessons in coming posts, Scott has agreed to share his graphics with us and they flow directly to those lessons, so stand by for more.  The short version, however, is this: How you organize you analytical efforts, including the people working them and even where they sit, is of critical importance. Getting groups to work together is a challenge especially with scientists and software engineers.

The event ended on a high note, and everyone, excited from the day’s events, filed into the adjacent room to mingle and discuss the information learned. The end of day networking allowed for attendees to more deeply connect and interact with each other and speakers.

We would like to conclude this overview with a huge thank you to the team at USGIF who worked tirelessly to ensure this event would come off without a hitch. Their attention to detail and focus on getting the right things done went above and beyond the call of duty

More Content

Cyber War

Optimizing Corporate Intelligence with OODA Loop

This post is part of our Intelligent Enterprise series, which providing insights aimed at corporate strategists seeking competitive advantage through better and more accurate decision-making. The first post provided foundational insights into A Practitioner’s View of Corporate Intelligence. This one dives into actionable recommendation on ways to optimize a corporate intelligence effort. It is based on a career serving large scale analytical efforts in the US Intelligence Community and in applying principles of intelligence in corporate America.

SciFi

Science Fiction Gadgets You Can Get Today

Technology is advancing pretty fast, at times influenced by the exciting world of Science Fiction. This video captures 10 of the tech developments first seen in SciFi that are available now. A key point of this, if you want to know what is in our future, watch more SciFi!  

Super Bowl Ads Indicate Big Businesses Think You Are Afraid of AI

Tom Loftus provided an insightful review of some of Super Bowl ads in the 4 Feb 2019 Wall Street Journal. Like AI parody in SNL, these ads really poked fun at computers: Seriously, did anyone catch the commercials? If the Super Bowl is the zeitgeist, then it is safe to say that America is not […]

HBO’s Westworld: The Man In Black is a special kind of Twitter user

HBO’s Westworld is a modern take on the Michael Crichton SciFi tale of a robotic amusement park. The HBO version has a new twist. The creators/writers were all exposed to years of Twitter, which has influenced every episode and the entire arch of two seasons of the show. Now that season two is wrapping up, […]