Department of Labor CIO Gundeep Ahluwalia stressed during a recent MeriTalk webinar the importance of overcoming data fragmentation to help agencies deliver on their missions and the importance of advanced data analysis technologies to accomplish that goal.
During the webinar sponsored by Splunk, Ahluwalia, and Juliana Vida, Splunk’s group vice president and chief strategy advisor, discussed, among other topics, the importance of ending data fragmentation and ensuring security teams are “speaking the same language” as the rest of the agency.
For Ahluwalia, everything revolves around mission impact. “At the end of the day [mission impact] is why we come to work; it is why Federal agencies exist,” he said. The Labor Department is tasked with an incredibly varied mission and collects significant amounts of data, many of which contain personally identifiable information or HIPPA-protected data.
“Securing [the data] in a meaningful way requires a modern approach,” he said. While the Labor Department leverages the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) program to safeguard data, Ahluwalia said his team has realized that humans alone cannot process and protect all of that data. Rather, he said that agencies need to use artificial intelligence (AI) and machine learning (ML) technologies.
Specifically, Ahluwalia said the department uses SOAR [security orchestration, automation, and response] tools to direct the workforce to what is important, versus forcing humans to sort through mounds of data.
Looking to the past, Ahluwalia said, “We were in the business of creating databases. When Congress wrote a law, and we would get the resources, we would respond to it by creating a fragmented piece of data that was fit for one purpose and one purpose only.” This was the approach for decades, and it created massive amounts of fragmentation across departments and agencies. “The more fragmented we got over the years, the harder it becomes to bring us together,” he said.
“Here is the good news – I think there is enough focus on data strategies now, and the technology has evolved with AI, ML, and other tools allow us to reintegrate the data that was so fragmented,” he said.
There are still regulatory realities as to how data can be used, which Ahluwalia said are necessary to protect data privacy. However, he urged Congress to look at current regulations to better technologists and program officials to break fragmentation barriers where warranted and in a controlled manner.
“This fragmentation has to go away,” he said. “I am truly so proud to say that this is one of the key areas for the department at this time. You have to integrate data; you have to learn from it, and not only learn from it, but serve that meaningful information to the right person at the right time.”
When it comes to innovating in the security space, Vida said it is essential to ensure that everyone – inside and outside the security team – is “speaking the same language.”
“Security teams can be more effective and can be brought to the table as mission enabled if they learn, or get better, at communicating differently,” Vida said. “What do I mean? Communicating in the language used by the rest of the organization and the mission partners at the table is very important.”
Referencing both her time in government and industry, Vida said this is “still an area of opportunity for security professionals to get more credibility and be seen more as mission enablers. We know that we need to encourage security teams and leaders to speak the language of the business.”
Driving her point home, Vida referenced her previous work as a military helicopter pilot. She explained that she didn’t know a single pilot who was interested in the nitty-gritty technology details. But, pilots do want to know how they can keep their airframe flying, how can they stay out of enemy territory, and whether their instrument display is trustworthy and current. “All of that is what operators care about, regardless of what’s happening on the back end,” she said.
In terms of what security teams can do, Vida said they need to “come in and meet the operators in the middle and talk in a language to be more relevant and be taken more seriously.” At the end of the day, all of this can “free up the security teams to be brought into conversations about modernization and innovation,” she said.
To hear more, view the webinar on-demand.