October 20, 2024
Presented by Billington CyberSecurity
Improving User Experience and Branding at DOJ
Melinda Rogers, Chief Information Officer (CIO) at the Department of Justice (DOJ), shares her vision for enhancing both user experience and the branding of IT services. She highlights two key focus areas: improving communication and redefining the identity of the CIO office. Rogers emphasizes that timely, transparent communication with DOJ employees is essential, especially during system outages, to maintain trust and keep users informed. She acknowledges the need to strike a balance between frequent updates and avoiding communication fatigue, but notes that users value knowing the status of issues even if complete solutions are pending. Additionally, Rogers is focuses on rebranding the DOJ’s IT services by creating a more professional and cohesive organizational identity. This includes updating internal websites, standardizing the presentation of services, and making service owners more visible and accountable.
Key Takeaways:
- DOJ employees appreciate regular updates on IT issues, which help build trust and alleviate uncertainty, even when full resolutions take time.
- Rogers aims to professionalize and modernize the DOJ's IT services by creating a unified, recognizable identity that instills pride and accountability in service owners.
- Rogers relies on continuous feedback from DOJ component CIOs to ensure IT services are aligned with both the needs of the department and federal compliance requirements.
AI and Collaboration Take Center Stage at Billington CyberSecurity Summit
Troy Schneider, Vice President and General Manager at Billington CyberSecurity, shares the expanding role of artificial intelligence (AI) in cybersecurity. He points out that AI is now central to almost every cybersecurity discussion, being used both as a tool to strengthen defenses and as a weapon exploited by cyber adversaries. Schneider explains that AI's ability to process vast amounts of data has enabled organizations to make better use of telemetry and log files to detect and respond to threats more effectively. He also discusses the importance of international and intergovernmental collaboration, noting that cyber threats do not respect borders, making partnerships between governments and the private sector essential. Furthermore, the shift from discussing technologies in theory to focusing on practical use cases reflects a maturing understanding of cybersecurity. No single solution or product can address the entire spectrum of cyber risks, which means building comprehensive toolkits and fostering ongoing partnerships is critical.
Key Takeaways:
- AI is increasingly vital to both defending against and perpetrating cyberattacks, making it a core topic in modern cybersecurity strategies.
- Organizations have moved from just collecting data to analyzing it in smarter ways, leveraging AI to process vast quantities of telemetry data and improve threat detection.
- Effective cybersecurity requires strong partnerships between governments, the private sector, and international allies, as threats are global and demand collective responses.
Empowering Teams and Strengthening Cybersecurity at the DOE
Steven Hernandez, Chief Information Security Officer (CISO) at the Department of Education (DOE), highlights the agency’s journey toward achieving a top Federal Information Technology Acquisition Reform Act (FITARA) score, with a focus on cybersecurity under the Federal Information Security Modernization Act (FISMA). When Hernandez joined, the department faced significant cybersecurity challenges, including poor collaboration among CISOs. Over the past seven years, his efforts to foster a culture of teamwork and trust within the department led to major improvements, transforming an initial failing grade to an A in the cybersecurity portion of the FITARA scorecard. Hernandez emphasizes the critical role of people in this transformation, with a strong focus on empowering teams to adopt a growth mindset. He also discusses the department’s continued commitment to implementing Zero Trust architecture, made possible through successful management of the Technology Modernization Fund (TMF).
Key Takeaways:
- Building trust, empowering employees, and fostering collaboration were essential to transforming the department's cybersecurity posture.
- The department prioritized Zero Trust principles to enhance security, replacing expensive legacy infrastructure with more efficient, modern technologies.
- Effective management of TMF funds allowed the department to continue improving cybersecurity capabilities while being mindful of budget constraints.