USDA bureau among first out of gate with CDM cyber tools

The Agriculture Department is among the first agencies to start implementing new cybersecurity tools and sensors under the continuous diagnostics and mitigation (CDM) program.

USDA chose two bureaus to test out these technologies provided by the Homeland Security Department.

Janet Stevens, the chief information officer of the Food Safety and Inspection Service (FSIS) in USDA, said she volunteered her agency to be one of the two pilot bureaus.

“This spring will be a busy time...

READ MORE

The Agriculture Department is among the first agencies to start implementing new cybersecurity tools and sensors under the continuous diagnostics and mitigation (CDM) program.

USDA chose two bureaus to test out these technologies provided by the Homeland Security Department.

Janet Stevens, the chief information officer of the Food Safety and Inspection Service (FSIS) in USDA, said she volunteered her agency to be one of the two pilot bureaus.

“This spring will be a busy time for us, getting the tools in, getting them stood up and getting them in line to do that initial data collection,” Stevens said. “We know you can only manage what you can see and there’s a lot of things that you may not be seeing right now. We know the technology that is being put in place will help us learn a lot, and we will have to learn how to adapt to it. There may be some new policy that we will have to issue. We may have to do some things differently. What are going to be the network impacts when it goes from just kind of looking at it to having some sort of a trigger to do something. We expect to learn a lot and learn a lot from our partner pilot agency, Animal and Plant Health Inspection Service (APHIS).”

FSIS and APHIS then will share their lessons learned with the rest of USDA as it implements tools and sensors from CDM.

She said the first set of tools are coming from Forescout, among other providers.

“We do expect to learn a lot, frankly, I think, as soon as they turn the devices on,” Stevens said. “Then we will need to evaluate not only our processes but do we have the right tools to analyze this information and make decisions on it. How do we want to integrate that into an improved dashboard? How do we want to integrate that into our security operations and network operations centers? We think we will learn a lot pretty quickly and we are excited to see what the next steps are.”

Beyond CDM, FSIS continues to make improvements in the post-cyber sprint environment.

“It was a great opportunity for education, but it was also a great opportunity to work with the business to understand who they worked so that when there were things we needed to go in and explain or do differently, we could put that together,” Stevens said.

Along with cyber, Stevens said another big priority is moving toward a dev/ops culture across the bureau.

Stevens said FSIS recently hired a new chief technology officer from DHS’s Citizenship and Immigration Services, Jim Tunnessen, to help bring agile processes into the bureau.

“Dev/ops is one of those areas we want to transition to to improve software delivery timeframe, the time to market for that, to improve the team building between staffs and to ultimately improve the customer satisfaction and ability to deliver the mission efficiently and effectively,” she said. “One key thing that we are trying to work with the agency one is you look at IT and you can sometimes put it in the bucket as IT is a thing and you can pick up a thing and plug a hole with it or there is an IT tool you can plug and play and life makes it better. It’s really what’s best for what you are trying to accomplish.”

She said shifting to dev/ops is part of the culture shift happening across FSIS.

“This is about automating processes that will make everybody’s job either better or reflect the reality of the job,” Stevens said. “The folks that are in the field, if we don’t hear from them and they aren’t participating in every step of the way, we are not going to be able to deliver the best products and tools for them.”

Over the next year, Stevens said FSIS will be looking for that first projects to move to the dev/ops process.

Stevens said along with the move to dev/ops she’s exploring using an external cloud for development/testing services. FSIS moved with USDA at large to the cloud for email back in 2011.

The cloud and agile development also flow into Stevens’ priorities around mobility. She said a large number of employees work in the field and some don’t even have an office to work from, so accessing data and applications is important for them.

“We are looking to see now from a wireless perspective what else we can do there. We did giant satellites a while back and now we are looking at the solar satellites,” she said. “We are working now on our first pilot of tablets. We did an initial pilot and learned some lessons. We will be piloting a different device to see if that works a lot better.”

Stevens said FSIS initially piloted Apple iPads, and now is trying out Microsoft Surface tablets.

“Our challenge really is working in the environments we are in is how ruggedized is it before it becomes too heavy?” she said. “There’s environmentals, there’s blood, there’s liquid, there’s heat, there’s cold, they are in freezers and they’re in place where literally there is a ring of fire these things go through so every environment you can imagine.”

She said FSIS isn’t something that the military would use in terms of a ruggedized computer, but something that can stand up in all the different environments employees face.

A fifth priority for FSIS is moving to a new data warehouse. Steven said she hopes to take advantage of new advanced analytics tools to improve FSIS decision making and mission effectiveness.

Related Stories

ASK THE CIO

THURSDAYS 10 A.M. & 2 P.M.

Weekly interviews with federal agency chief information officers about the latest directives, challenges and successes. Follow Jason on Twitter. Subscribe on Apple Podcasts or Podcast One.