Secure and Modernized DOT | Harnessing Private Sector Innovation | Revolutionizing Government Cybersecurity

Original Broadcast January 26, 2025

Presented by EY

Leading the Charge: Cordell Schachter's Blueprint for a Secure and Modernized Department of Transportation

Cordell Schachter, the outgoing Chief Information Officer (CIO) at the Department of Transportation (DOT), highlights how he focused on fortifying cybersecurity, enhanced workforce capabilities, and modernized IT systems during his tenure. Schachter emphasizes the implementation of zero trust principles, placing a strong emphasis on identity management to ensure access to information is limited strictly on a need-to-know basis. He discusses leading a cultural shift within the department to prioritize cybersecurity, with strong support from departmental leadership. Schachter also shares his efforts to combat IT workforce shortages by reducing vacancies and fostering continuous skill development to prepare employees for emerging challenges, including those posed by AI-driven threats and automation. As he prepares to pass the baton, Schachter reflects on leaving behind a strong foundation for his successor to advance these critical initiatives and secure the department's infrastructure.

Key Takeaways:

1. Schachter prioritized zero trust principles, focusing on identity management and ensuring limited, need-to-know access to information.

2. Significant strides were made in reducing IT workforce vacancies within DOT. Schachter advocates for continuous skill-building to prepare employees for evolving technologies, especially AI-driven threats and solutions.

3. Under Schachter's leadership, DOT initiated efforts to consolidate and prioritize systems based on cybersecurity risk, emphasizing strategic investments to modernize and reduce vulnerabilities across the department's infrastructure.

Harnessing Private Sector Innovation to Transform Federal Government Services

Jeff Bristow, Principal - Government and Public Sector Technology Leader at EY, explores how private sector innovations can help federal agencies overcome their unique challenges. He explains that while the underlying technologies like artificial intelligence and automation remain consistent across sectors, the key lies in adapting and applying these solutions effectively. Bristow emphasizes the shift in government from rigid, requirement-driven approaches to a more flexible, outcome-focused mindset—a hallmark of private sector success. He also highlights the increasing public expectation for government services to match the user experiences offered by industries like hospitality, financial services, and e-commerce. This demand stems from the ubiquity of technology in daily life, which shapes how people perceive and interact with all service providers, including the government.

Key Takeaways:

1. Federal agencies are adopting private sector practices by focusing on achieving measurable outcomes rather than adhering to rigid requirements, enabling more innovative and efficient solutions.
   
   
2. Public demand for government services to match the seamless, personalized experiences of private sector industries is growing, driven by advancements in technology and changing societal expectations.
   
   
3. Effective implementation of private sector strategies in government depends on understanding and harmonizing the readiness of the workforce with the introduction of new technologies.

Breaking Boundaries: Revolutionizing Government Cybersecurity with Zero Trust and Agility

Steven Hernandez, Chief Information Security Officer (CISO) at the United States Agency for International Development (USAID), highlights how the Technology Modernization Fund (TMF) enabled progress in cybersecurity and operational agility during his tenure as former CISO at the Department of Education. Hernandez identifies three core areas of focus: agility in mission execution, security orchestration and automation, and the evolving concept of a secure service edge. He explains the shift from traditional perimeter-based defenses to dynamic, ephemeral, and elastic architectures aligned with zero trust principles. Hernandez emphasizes the importance of orchestration in cybersecurity, allowing for seamless integration of diverse tools and environments to create a unified defense. He also shares the need for collaboration across federal councils, like the CISO and Chief Data Officer (CDO) Councils, to advance data security strategies and ensure robust architectural frameworks.

Key Takeaways:

1. Hernandez emphasizes that the traditional perimeter-based cybersecurity model is obsolete. Modern defenses require dynamic, elastic edges that expand or contract as mission demands shift, incorporating the ephemeral nature of devices and resources.

2. Effective cybersecurity relies on orchestration rather than merely acquiring tools. Orchestration integrates diverse tools and systems into a cohesive architecture that can adapt to changing threats and environments, enhancing defense agility.

3. Hernandez highlights the importance of cross-agency collaboration, such as between the CISO and CDO Councils, to align strategies for managing and protecting data, an essential pillar of zero trust architecture.

🎧 Take Fed Gov Today with you wherever you go! Listen to the podcast here.