ľAV / Powerful solutions for a complex world Thu, 25 Apr 2024 18:34:41 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.2 /wp-content/uploads/2019/03/Red-Mark-600px@2x-100x100.png ľAV / 32 32 At Your Service: The Art of ITSM Implementation /ecs-insight/case-study/at-your-service-the-art-of-itsm-implementation/ Wed, 24 Apr 2024 11:00:05 +0000 http://ecstech.flywheelstaging.com/?p=15696 Leveraging the power of the ServiceNow Platform, ľAV is helping one DoD customer plan and execute operations critical to our nation’s defense.

The post At Your Service: The Art of ITSM Implementation appeared first on ľAV.

]]> The post At Your Service: The Art of ITSM Implementation appeared first on ľAV.

]]> A Measure of Our Oceans /ecs-insight/article/a-measure-of-our-oceans/ Mon, 22 Apr 2024 11:00:50 +0000 http://ecstech.flywheelstaging.com/?p=29179 On Earth Day 2024, see how ľAV helped assess the vulnerability of marine mammals like whales, dolphins, and seals.

The post A Measure of Our Oceans appeared first on ľAV.

]]>

Assessing Marine Mammal Populations in a Changing Climate

Whales, dolphins, and seals are some of the most beloved ocean creatures. But as the oceans continue to warm, these animals, and marine mammals like them, face increasing ecological threats. Recently, ľAV led a study measuring the vulnerability of marine mammal populations in the Atlantic for the National Oceanic and Atmospheric Administration (NOAA) Fisheries Office of Science and Technology.

Improving Ocean Stewardship

In order to make informed management decisions, environmental policymakers must first understand the scale and depth of the problem. What kind of ecological changes can we expect in the next 10 years? 25 years? 50? Will these changes impact a species’ ability to grow and thrive? If so, by how much? Which species are most vulnerable to a changing climate? The answers to these questions, however, are often spread across a large range of papers, experts, and even scientific disciplines. Transforming the data into actionable insights can be arduous and complex work.

That’s where climate vulnerability assessments come in. These studies synthesize biological, environmental, and ecological data to help scientists and decision makers identify and classify where populations may be most vulnerable based on projected changes in the environment.

Transforming Ocean Data Into Insights

Using a variety of factors like in the rubric to the right, ľAV helped evaluate 108 marine mammal stocks in the western North Atlantic, Gulf of Mexico, and Caribbean Sea and assigned a vulnerability score to each. These scores are used to classify which species and populations are most vulnerable to climate change. Scores ranged from “very high” to “high,” “moderate,” and “low” vulnerability.

For example, a creature that relies on a single source of food, a single environment, or takes a long time to mature and reproduce might be considered highly vulnerable given their inability to move or adapt food sources in response to external stressors.

Click on graphic to expand

Scientists measure marine mammal stocks on a variety of factors including their diet, habitat, and migration patterns.

Forecasting a Changing Ocean

The results found that most marine mammals’ stocks ranked as highly or very highly vulnerable to climate change and environmental impacts. “Stock” is a commonly used unit in fishery assessment and management. It refers to a group of organisms of the same species that occupy the same geographic area and interbreed when mature.

Examples of Vulnerable Stocks

Northern Right Whale

Rice’s Whale

Bottlenose Dolphin

Better Data. Better Insights. Better Management.

Climate vulnerability assessments like this one are critical to understanding the state of our ocean and the species that live within it. By assessing a stock’s vulnerability to climate change, researchers and managers can better characterize threats and explore approaches to reducing climate impacts on vulnerable populations.

The challenge is large. Climate change, however, is only one of several factors exerting pressure on marine mammal populations in the United States. But at ľAV, we’re dedicated to helping steward and protect our nation’s environment.

Managing NOAA’s fleet of ocean vessels
Transforming fishery management through machine learning
Protecting the ancient wonder of coral reefs

Learn more about ľAV and see how ľAV experts help steward our environment.

Want to help protect the environment? Head over to our career page.

The post A Measure of Our Oceans appeared first on ľAV.

]]> Day In The Life: Leo Pryor, SOC Analyst /ecs-insight/blog/day-in-the-life-leo-pryor-soc-analyst/ Thu, 18 Apr 2024 11:00:22 +0000 http://ecstech.flywheelstaging.com/?p=22533 Leo Pryor, SOC analyst, discusses the day-to-day challenges that SOC analysts face, the importance and rewarding nature of the work they do, and why this is a critical field for skilled professionals looking to make a difference.

The post Day In The Life: Leo Pryor, SOC Analyst appeared first on ľAV.

]]>

The job of a security operations center (SOC) analyst is crucial. They maintain information and network security by detecting, investigating, and remediating cybersecurity threats. SOC analysts are on the front lines in an organization’s battle against cyber threats and test existing cybersecurity infrastructure for vulnerabilities and weaknesses in order to make improvements.

We sat down with Leo Pryor, ľAV SOC analyst, to discuss the day-to-day challenges that SOC analysts face, the important and rewarding nature of their work, and why cybersecurity is a critical field for skilled professionals interested in meeting the moment and making a difference.

PART ONE
PART TWO
PART THREE

ľAV delivers SOC-as-a-service, endpoint security platform-as-a-service, vulnerability management, and continuous monitoring solutions to leading enterprises across government and industry. The ľAV SOC is powered by more than 50 unique commercial and open-source intelligence feeds and a cyber threat intelligence team that currently tracks more than 17,000 adversaries.

Working as a SOC analyst with ľAV means doing work that matters, expanding your knowledge and expertise, and protecting some of the world’s most-targeted networks.

Ready to meet the moment and make a difference? Visit our career center to learn more.

The post Day In The Life: Leo Pryor, SOC Analyst appeared first on ľAV.

]]> How to Make Your Interview Count /ecs-insight/blog/how-to-make-your-interview-count/ Wed, 17 Apr 2024 11:00:25 +0000 http://ecstech.flywheelstaging.com/?p=13583 This how-to article provides job seekers with interviewing tips from ľAV recruiting professionals.

The post How to Make Your Interview Count appeared first on ľAV.

]]>

Listen to article:

The new year often brings new career opportunities, and that means tackling job interviews. How can you make a great impression when you interview for a job? We asked three ľAV recruiters to share interviewing tips for job applicants in the IT sector and beyond, and here’s what we learned.

KATELYN TALLEY

RECRUITING LEAD, ENTERPRISE BUSINESS UNIT

When applying and interviewing for your next job, it’s important to research each specific role and organization. Tailoring your resume and interview conversations to the position you are applying for can help you to stand out from other candidates.

Researching the organization you’re interviewing with shows that you’re interested and invested in the position and company. Your main goal during these conversations is to show that you are the right person for that job. By showing that you’ve invested time researching, you better market yourself to the recruiter or hiring manager.

In the IT field, it’s critical to learn from others due to the rapid changes in technology and the constant growth of the industry. Networking with professionals who hold the type of position you’re interviewing for can help you gain insights that make you a better interviewee. Happy hunting!

When recruiting for a specific job, I speak to many candidates with similar skill sets and qualifications. There are two main attributes that stand out: confidence and overall interest in the company and position. Candidates who are able to confidently articulate and demonstrate knowledge of the interviewers, company, and job responsibilities are those who tend to stand out during the interview process.

Be sure to learn about your interviewer prior to the interview; look for interests or attributes that you and the interviewer share. You should always research the company and job prior to the interview. It will help you learn about the company’s mission, culture, and how the specific job you are applying for fits into the bigger picture.

Be enthusiastic and confident! Discuss your ideas, goals, successes, and any challenges you have faced in your professional life. Give thorough responses with examples in your interviews.

MELANIE HUBBARD

SENIOR CORPORATE RECRUITER, ENTERPRISE ľAV

VICTORIA BAKER

SENIOR RECRUITER

Keep your resume in front of you during the interview so you can refer to it, as the interviewer will likely ask specific questions about it. If this is a virtual interview, log in a few minutes early just in case you have technical issues.

Remember that you’re interviewing them as much as they’re interviewing you. Make sure you prep with interview questions that are important to you (growth opportunities, team culture, daily tasks, etc.). This will show your interviewer that you’re interested in the position, and the info you gather will help you gauge how good a fit it is for you.

Consider looking up the interviewer on LinkedIn and finding a talking point. Did you go to the same school? Do you have connections in common? Did you work on a similar project? These are all great talking points to open a conversation up.

Be prepared to discuss specific accomplishments you’ve achieved in your career. You’ll likely get a name-a-time-when question, such as “Can you describe a time when you did not agree with a decision your supervisor made?” It’s important to respond to such questions with specifics. If you can’t think of a specific example, the second-best response is to explain what you would do in this situation.

Finally, review the interview questions on Glassdoor.com. While they are general questions, reviewing them will help you prepare for the types of questions typically asked by employers. Best of luck!

At ľAV, we’re growing our team of cybersecurity, data and artificial intelligence, and IT Operations professionals. If you’re looking for an exciting new opportunity at an industry-leading organization, ľAV may be the next step in your career journey.

Meet the challenge and submit your resume today.

The post How to Make Your Interview Count appeared first on ľAV.

]]> The Power of Predictive Security: How AI Helps Prevent Cyberattacks /ecs-insight/blog/the-power-of-predictive-security-how-ai-helps-prevent-cyberattacks/ Tue, 16 Apr 2024 11:00:23 +0000 http://ecstech.flywheelstaging.com/?p=26063 ľAV Pathfinder leverages AI to deliver predictive security, enabling organizations to identify and mitigate risks before bad actors attack.

The post The Power of Predictive Security: How AI Helps Prevent Cyberattacks appeared first on ľAV.

]]>
By
Director of Cyber Analytic Products

In a hyper-connected world where cyber threats are evolving at an alarming pace, traditional reactive security measures are no longer sufficient to safeguard sensitive information and critical infrastructure. As a result, cybersecurity professionals’ focus has shifted towards proactive and predictive security solutions that can anticipate and thwart cyberattacks before they strike.

The technology that makes this possible? Artificial intelligence (AI), an increasingly critical component of modern cybersecurity.

The Need for PredictiveCybersecurity: Shifting the Paradigm

Traditional cybersecurity strategies are akin to locking the doors of a house after an intruder has already gained access. Reactive approaches entail identifying and responding to threats as they occur, leaving little room for proactive defense.

Predictive security is more like knowing a would-be intruder is coming before they ever make it to your front door. It represents a conscious paradigm shift, enabling organizations to anticipate and mitigate potential risks before bad actors attack. By harnessing the power of AI, your cyber analysts are better equipped to analyze vast amounts of historical data, identify patterns, and predict attack vectors with unprecedented accuracy.

A More Intelligent Arsenal

AI algorithms can continuously learn from real-time data, enabling your cybersecurity tools to adapt to evolving threats and making your whole security posture more nimble and agile. By analyzing historical cyberattack patterns and discerning the tactics employed by malicious actors, your analysts can predict and prioritize potential vulnerabilities that may be exploited.

Enter ľAV Pathfinder

Identifying your organization’s need for predictive security is an essential first step, but how do you meet that need? Where do you turn for the expertise to execute this paradigm shift in your cybersecurity?

Enter ľAV Pathfinder, an AI-powered cyber analytics platform that leverages historical data and advanced algorithms to predict exploitable entry points and help counter cyberattacks.

Pathfinder’s predictive capabilities are based on three fundamental pillars:

ATTACK PROBABILITY

Pathfinder’s AI scrutinizes historical attack data and determines the likelihood of certain cyber threats occurring. By quantifying the probability of various attacks, organizations can focus their resources on the most pressing threats and determine which can be scheduled for triage at a later date.

PERVASIVENESS

Not all vulnerabilities are equal; some may be widespread and impact numerous systems, while others are niche and affect only specific configurations. Pathfinder considers how pervasive potential vulnerabilities are, ensuring that high-risk, widespread vulnerabilities are addressed immediately.

URGENCY

Pathfinder identifies the criticality of vulnerabilities and determines the potential harm they may cause if exploited. Prioritizing urgent vulnerabilities allows organizations to allocate resources efficiently and protect against the most severe threats.

Force Your Adversaries Into a Losing Battle

The real strength of predictive security lies in its ability to force adversaries into an unfavorable position. By proactively addressing potential weaknesses, organizations employing ľAV Pathfinder can create a lower-risk environment, making it increasingly difficult for attackers to find exploitable entry points. As the organization’s defenses become more robust and resilient, malicious actors encounter diminishing returns for their efforts — a powerful deterrent.

The power of predictive security, fueled by AI algorithms and historical data analysis, is revolutionizing the way organizations defend against cyberattacks. ľAV Pathfinder can force your adversaries into an uphill battle, meaning your organization can stay one step ahead in an ever-evolving threat landscape.

Ready to shift the paradigm?

Contact Our Experts

The post The Power of Predictive Security: How AI Helps Prevent Cyberattacks appeared first on ľAV.

]]> Work That Matters: Virtualization Guru Rob Laposta Helps to Protect the US Army /ecs-insight/ecs-culture/work-that-matters-virtualization-guru-rob-laposta-helps-to-protect-the-us-army/ Wed, 10 Apr 2024 09:00:25 +0000 http://ecstech.flywheelstaging.com/?p=28388 Meet Rob Laposta, the principal systems engineer overseeing all the hardware, firmware, and virtual machines that support and deliver the Army Endpoint Security Solution.

The post Work That Matters: Virtualization Guru Rob Laposta Helps to Protect the US Army appeared first on ľAV.

]]>

ľAV Systems Engineer Rob Laposta oversees some of the most important servers, storage, and virtual machines in the world.

The Army Endpoint Security Solution (AESS) that ľAV provides for U.S. Army Cyber Command protects between 800,000 and 1.2 million U.S. Army endpoints around the world from 1.5 million malicious events per month.

The AESS is the only true managed security service used by the U.S. Army. It’s also the only deployed, fully integrated cybersecurity solution that offers all the endpoint security and management capabilities required by Joint Force Headquarters ― DoD Information Network.

The AESS is delivered from a handful of U.S. Army data centers located around the world, and that’s where Rob’s work comes in. The many racks of servers and storage components in those data centers — along with the virtual machines running on them — are the focus of his passion, dedication, and hard work.

Q: Could you give us an overview of the work you do and where you do it?

Sure. I don’t deal with the AESS itself. I build and maintain the house it lives in. By that I mean software-defined data centers located on Army bases around the world. It’s from these data centers that ľAV delivers the AESS.

Typically, we manage everything remotely from our home base, Fort Huachuca, here in southern Arizona, and from our nearby corporate office and test lab. We run 24/7 operations, so there’s always someone here to answer the phone.

I normally travel once or twice a year. We don’t have personnel at every data center, and some technical issues require a hands-on fix. I might also travel to deploy additional servers and storage disk shelves, when needed.

Q: Your work has you travelling a lot lately. Why is that?

Yes, I’ve been working onsite at bases in Kuwait, Germany, Hawaii, and elsewhere. We’re updating our equipment. In the fall, we replaced our storage components and added disk shelves to keep up with growing storage needs. We’re also replacing our servers, which are nearing end of life.

The work in the data centers can be physically demanding because we’re pulling heavy components from the racks, labeling them, and dealing with wires that are tangled beneath the floor. At the end of the day, you’re tired.

Q: If you had to name one special skill or strength you bring to your work, what would it be?

Virtualization. Our infrastructure is built on VMware, and that’s where my greatest strength lies. One of the things I love about my job is that I can continue to grow this strength. I’m able to continue learning about VMware and other technologies and make our software-defined data centers run as well as they possibly can.

Q: Could you say more about the rewarding aspects of your work?

I get to use my 25 years of IT experience to run, manage, and configure in the best way possible — to make our infrastructure run the best it can. We are one of the few COCO [contractor owned, contractor operated] contracts in the Army. We’re always beating our SLAs [service level agreement performance metrics], and this is partly due to the equipment being owned by ľAV rather than the Army. Because we own the equipment, whenever we need to replace something or fix or tune the system, I can do it within a day or instantly, and just submit a change request afterwards. There are no lengthy government procurement processes slowing us down.

The AESS has worked extremely well. A lot of people are chasing Matt Borman [vice president of Army Cyber, Mission Solutions, ľAV] because he has such a good reputation for providing a fantastic service to the Army.

The Army is excited about what we’ve done for them and the new ideas we’re bringing forth to better secure endpoints and the network. To provide the Army with such a great and important service is very gratifying.

“Work That Matters” is a series in which ľAV experts discuss their roles and responsibilities and the larger impact they have in the workplace, community, and world.

Careers at ľAV

Enjoy ľAV Articles Like This One?

Don’t Miss Any. Sign up for our “ľAV Insights” newsletter.

Subscribe Now

The post Work That Matters: Virtualization Guru Rob Laposta Helps to Protect the US Army appeared first on ľAV.

]]> Building a Better Cyber Team /ecs-insight/blog/building-a-better-cyber-team/ Thu, 04 Apr 2024 04:01:04 +0000 http://ecstech.flywheelstaging.com/?p=12601 Cybersecurity has struggled to be an inclusive industry since its inception. We spoke to our leading women in cyber to get their take on creating an inclusive and equitable cyber team.

The post Building a Better Cyber Team appeared first on ľAV.

]]>

The cybersecurity industry has a labor problem. In the United States, we now have up to , and only 26% of cybersecurity professionals under the age of 30 are women.

What can organizations and institutions do to close the gender gap in cybersecurity, and ultimately, the cyber skills gap? Research shows that to build strong cyber teams, employers and the wider industry need to make cybersecurity a welcoming career for all.

To understand ľAV’ approach towards equitable and inclusive cyber teams, we spoke to a few of the women leading our cyber teams. We are continually inspired by these women and look forward to keeping the conversation going.

BEVERLY
GOODWIN

Executive Director, Governance, Risk, and Compliance | Cybersecurity Assurance

SHAYLA
TREADWELL

VICE PRESIDENT, GOVERNANCE, RISK, AND COMPLIANCE

JOANNA
DEMPSEY

VICE PRESIDENT, CISA PORTFOLIO, JUSTICE AND HOMELAND ľAV

JOANNE
MORRIS

VICE PRESIDENT, ENTERPRISE ľAV

RAMONA
ZILLIGEN

PROGRAM MANAGER, ARMY ENDPOINT SECURITY SOLUTION

What does a successful cybersecurity career mean to you?

For me, success means learning from failures and turning them into lessons learned. It also means work-life balance: being happy, enjoying my work, and looking forward to each day's challenges, while still growing as a professional.

I am grateful to be part of the ľAV cybersecurity team, knowing I can continue to grow and learn more all the time. I am fortunate to be happy and fulfilled in my career ― that is my definition of success.

Ramona ZilligenProgram Manager, Army Endpoint Security Solution (AESS)

How do you approach diversity and equity challenges within your team?

There is a tendency people have where they think no one is paying attention to their behavior. Making it known that people are heard and seen is important when identifying diversity and equity challenges. With recent events coming to light, I assumed that people knew that I condemn any type of hate within my team, but I had a team member reach out to me and let me know that they needed me to acknowledge what was going on. After addressing this directly with the team, we all felt relieved that there was more space to talk safely to address these issues.

Joanna DempseyVice President, CISA Portfolio, Justice and Homeland Solutions

What are some characteristics that you think make a team successful?

Cognitive diversity. It is so important that you don’t let groupthink get in the way. Identify people with different backgrounds and experiences so that you can come to an agreement and make the best decision for everyone. Allow people to highlight things you wouldn’t otherwise think about as well.

Shayla TreadwellVice President, Governance, Risk, and Compliance

How do you handle a situation in which you don’t agree with the group consensus?

I present my opinion in a positive manner, and I listen in a positive manner too. Everyone’s opinion has value, but sometimes a different opinion is a better situational fit. No matter how experienced I am, there’s always an opportunity to learn. Teams are stronger than individuals, so it’s key to let every voice be heard and then work with the team to move forward with a single voice.

Joanna MorrisVice President, Enterprise Solutions

What are the top three habits that you would recommend to someone seeking a leadership role?

1

Lead by example.

Be willing to follow the same rules and practices you expect from your team. This habit will help establish expectations and build trust with your employees. The workplace changes in response to COVID-19 presented many opportunities to lead by example. All of us had to adapt to remote work and stressful video meetings with kids or pets in the background. I also learned through frequent check-ins with staff that they were tending to work longer hours and experience burnout from never leaving the workplace. As leaders, we need to recognize how these changes impact work life balance and encourage employees to factor in breaks and establish boundaries between work and home life.
2

Communicate vision and goals clearly.

It is very difficult to lead a team if they don’t grasp their larger goal and vision. Refresh and remind your team why their work adds value and where they fit into the bigger picture.
3

Stay calm under pressure.

Challenges arise every day, and how you respond makes the difference. Women often feel that we need to be perfect in every situation, but we don’t. Letting go of this expectation helps us to reframe challenges and stay focused on what’s important, especially during stressful situations. When facing challenges, practice responding over reacting. Take a deep breath, ask questions to understand the problem, and guide teams through effective solutions.

“”

Beverly GoodwinExecutive Director, Governance, Risk, and Compliance │ Cybersecurity Assurance

At ľAV, we believe in diversity and inclusion at all levels. If you are looking for a career in cybersecurity where you can make a difference, apply to one of our open positions today.

The post Building a Better Cyber Team appeared first on ľAV.

]]> Work That Matters: Technical Architect Stephen Giuliani Wants to Unleash Collaboration in Government Cloud /ecs-insight/ecs-culture/work-that-matters-technical-architect-stephen-giuliani-wants-to-unleash-collaboration-in-government-cloud/ Wed, 03 Apr 2024 04:01:30 +0000 http://ecstech.flywheelstaging.com/?p=29031 Stephen Giuliani, a lead technical architect at ľAV, discusses what it means to bring together the best teams to solve complex problems and the importance of being proactive and pushing the envelope.

The post Work That Matters: Technical Architect Stephen Giuliani Wants to Unleash Collaboration in Government Cloud appeared first on ľAV.

]]>

Stephen Giuliani, a lead technical architect at ľAV, has a history of pushing technological innovation and collaboration to help solve massive challenges.

Stephen’s career has been defined by the need to work well with disparate teams. That was true when he worked on Project Salus, the Department of Defense (DoD) AI project that played a critical role in providing predictive analytics on the effects of COVID-19 (including the impact on DoD command logistics and future planning). And it’s been true as he’s continued to manage multi-hybrid-cloud enclaves for the DoD. His goal? Helping the government respond more effectively to the many national security threats our nation faces, as well as the most critical needs of its citizens.

We sat down with Stephen to discuss what it means to bring together the best industry teams to solve complex problems. Along the way, we got insight into how ľAV stands apart as a systems integrator executing great ideas.

Q: Could you give us an overview of the work you do?

A: Technical architects help plan, design, and build IT systems. In my case, for several years I’ve been focused on cloud architecture and infrastructure, which, when you’re working primarily with the government and specifically the DoD, means building operational environments that are secure, adaptive, and agile. It also means understanding the balance of the role existing systems play versus the benefits of innovation, migration, etc.

A few years back, I was involved with Project Salus, which leveraged predictive analytics to predict everything from COVID-19 hotspots to logistical issues, to which military bases were best for stockpiling food and supplies. Salus also provided statistical insights into COVID-related anomalies and emergent phenomena that could affect DoD’s interests. My part in that was not only acting as the primary data engineer, but also helping design and build the underlying infrastructure that our mission partners — Amazon, IBM, Microsoft, Dell, Humetrix, LUCD, and others — needed to run their operations.

So, the throughline or connective tissue here is collaboration. I help build environments that enable mission partner collaboration on a critical scale, without sacrificing security.

Q: You talk about enabling greater collaboration at the DoD and across the government. Why is that such a critical issue?

A: So, the very nature of these agencies and the work they do has an impact, whether subtle or overt, on the day-to-day life of every citizen of this country. They’re doing critical mission work, and one thing that can happen is solution providers can get stuck in a reactionary mindset where they wait for the customer, be it the DoD or whomever, to bring problems to them before acting. That leads to suboptimal, less efficient government responses. And we most often see this in environments where there’s just one provider trying to do it all themselves, with less collaboration and less drive towards innovating new solutions.

The alternative is enabling greater collaboration within environments that are still secure. Collaboration fosters innovation, integration, adoption, and vision beyond what I call the “hive mindset.”

Q: What is it about ľAV’ approach to delivering cloud infrastructure that enables collaboration and, by extension, innovation?

ľAV sees the value not only in bringing a proactive mindset to solution delivery, but also in pushing the envelope and even challenging our customers a bit at times. If ľAV has a vision for how the DoD can leverage more collaborative network infrastructure to achieve better outcomes faster, it’s incumbent on us to articulate and demonstrate that.

Can we bring mission partners in at a secret level to do constructive work? Can we set up network infrastructure that meets the same infrastructure requirements that you would hold U.S. citizens to, while allowing other communities to access it in a controlled, secure way?

We think so, but there’s an important balance to strike here because we can’t ignore our customers’ very real and valid concerns around data security. Security is of paramount importance. So, it’s in that balance where you’re ultimately going to innovate. And we get there by bringing in and integrating the best teams and the best ideas, because we know that we’re not the only ones with great ideas, but we have a proven record of executing them.

Q: Any final insights you’d like to leave us with?

A colleague of mine once used the phrase “the art of the possible” to describe how we should think about technical transformation and collaboration in these environments. It’s worth asking your customer to rethink how they do things versus what’s possible. Are you doing it this way just because that’s how you’ve always done it? Are there opportunities to do something differently, more efficiently, more beneficially than before? So, I think presenting that question, but in very pragmatic terms, is essential.

And finally, I’ll just say in cases when we work on something truly innovative — and by innovative, I mean the thing didn’t exist before and now it does or could — that’s hugely rewarding. Sure, it’s disappointing if it’s not ultimately adopted, but even those times provide learning opportunities and fuel for further innovation. You know that in this line of work you’ll ultimately get to see the fruits of that labor.

“Work That Matters” is a series in which ľAV experts discuss their roles and responsibilities and the larger impact they have in the workplace, community, and world.

Careers at ľAV

The post Work That Matters: Technical Architect Stephen Giuliani Wants to Unleash Collaboration in Government Cloud appeared first on ľAV.

]]> Why Aren’t Software Factories Everywhere Across the DoD? /ecs-insight/article/why-arent-software-factories-everywhere-across-the-dod/ Tue, 02 Apr 2024 04:01:54 +0000 http://ecstech.flywheelstaging.com/?p=28868 Jeff Urlwin and Neil Wright explore how the DoD can speed its critical transition from traditional software development methods to software factories.

The post Why Aren’t Software Factories Everywhere Across the DoD? appeared first on ľAV.

]]>

Listen to article:

By
Vice President, Federal Managed Services
and
Cybersecurity and DevSecOps Director, Business Development

The Department of Defense (DoD) has long known that the ability to quickly deliver secure and resilient software will be a critical competitive edge that will enable the department to evolve and adapt faster than its adversaries.

The DoD has also long recognized the vital role software factories must play in the modernization of DoD software development. The adoption of software factories across the DoD, however, is yet to happen, except in small pockets.

The U.S. Air Force software development lab Kessel Run established the DoD’s first software factory in 2017. Since then, a few dozen others have cropped up in various corners of the department. But many more will be needed for the department to reach the software-development future it envisions.

At stake is nothing less than our nation’s ability to deliver a more lethal force than that of our adversaries.

“The Department’s adaptability increasingly relies on software, and the ability to securely and rapidly deliver resilient software capability is a competitive advantage that will define future conflicts.”
— Deputy Secretary of Defense Kathleen H. Hicks

What Is a Software Factory?

In its , the DoD defines the software factory as:

“a software assembly plant for development and integration that contains multiple pipelines, equipped with a set of tools, process workflows, scripts, and environments, to produce a set of software deployable artifacts with minimal human intervention. It automates the activities in the develop, build, test, release, and deliver phases and supports multi-tenancy.”

The preferred software-development method of Silicon Valley companies such as Google and Netflix and other private sector leaders, software factories are characterized by:

  • Automation and DevOps practices — including builds, testing, integration, and deployment
  • An “as-code” approach to infrastructure, documentation, policy, and configuration
  • Iterative and Agile development
  • Standardization of tools and processes
  • Containerization and microservices architecture
  • Scalability and flexibility
  • Collaboration and cross-functional teams
  • Metrics and continuous improvement

Better Software, Delivered Faster

Software factories streamline development processes and improve collaboration, delivering software faster, more efficiently, and more reliably than traditional software-development methods. For government enterprises, this means, among other things, faster attainment of authorizations to operate (ATOs).

Software factories aren’t just faster and more automated; they’re also just plain better. Compliance, for example, is baked right into the software development process — automated and implemented as code. Software factories codify rules and allow automated verification of policy as code, documentation as code, infrastructure as code, and so on. This reduces the back-and-forth of compliance and allows greater visibility to security and management teams, driving greater confidence in the software process.

With software factories, you get a push-button, fully integrated, secure DevSecOps-as-a-service environment that allows development teams to focus on building secure mission applications rather than standing up and configuring environments.

Software factories can also provide:

1

Enhanced transparency and visibility for your information system security officers (ISSOs), application managers, application owners, and all others responsible for inspection and approval

2

Less time spent manually building and testing software — increasing productivity, velocity, and team morale

3

Automated regression, functional, and security testing to deliver better more secure software with reduced labor

4

Integration with governance processes for increased control over releases, increased transparency, and greater confidence around more frequent, smaller releases

So, Why Isn’t Everyone on Board?

It’s natural for the organizational adoption of revolutionary technologies to be slow. The shift from traditional development methods to software factories faces a wide range of challenges across the DoD, including:

  • Legacy systems in need of modernization
  • Inertia of existing, functioning processes (Why change if it isn’t broken?)
  • Complex procurement processes that slow the acquisition of modern software tools
  • Workforce skills development and organizational change management needs
  • Budget constraints

The biggest challenge to adoption may be the absence of widespread trust in software factories. Key to overcoming this challenge is developing an understanding of software factories, experiencing their benefits, and understanding the importance of achieving cultural acceptance.

Widespread Understanding and Cultural Acceptance

There’s a lot to understand about software factories — from Jira and GitLab, to Jenkins, Argo CD, and Flux, to testing tools such as Selenium, SonarQube, and StackRox. DoD software developers are still learning about these and other software-factory building blocks, and a general understanding has not yet spread through the realms of nontechnical DoD decision makers. This has hindered widespread cultural acceptance.

Also, a few software factory myths and misunderstandings seem to have taken hold. Some believe software factories will require them to surrender the control that enables them to do their jobs. They have concerns about security, governance and compliance, visibility, and interoperability. In fact, software factories yield improvements in all these areas, not compromises.

A distrust of automation is one of the factors impeding adoption. Where DoD software factories are in place, however, ISSOs and information system security managers (ISSMs) are benefiting from the automation of security scans and the automatic pushing of security artifacts to them. They no longer need to request a scan or, worse, start a scan and wait for it.

Where the governance is integrated, managers can control releases, see when they’re tested and ready, and initiate the release to production. They’ve gained trust in the transparency of the process and learned to value automation, rather than fear that it will run out of control.

It takes organizational change to develop an understanding and acceptance of revolutionary technologies, and managing that change will be worth the effort. By resisting the risk that accompanies enhanced automation, we’ll only create a barrier for technological growth and perpetuate slower, outdated software development practices.

“DoD must scale its ability to produce secure and resilient software at speed to maintain a competitive edge. The Department must pursue an enterprise-wide approach, establishing a software-factory ecosystem that takes advantage of investments already made....”
— Department of Defense Software Modernization Strategy, Nov. 2021

Manage the Change: Train, Educate, Adopt

It takes time and energy to turn a battleship. The DoD will need to invest in organizational change management to ensure the widespread adoption of software factories.

Proponents of software factories — from within the DoD and without — can hasten modernization through training and education that strengthens the DoD’s organizational grasp on the promise of software factories.

Technical and nontechnical DoD decision makers need access to software factory truths, so myths and misunderstandings can be debunked. Key players must understand that software factories don’t reduce control, visibility, or governance — that they provide all the visibility, testing capabilities, and built-in governance the DoD needs, while making software development exponentially faster and more efficient.

As those involved with the first DoD software factories already know, this is the future of software development. Software factories will be critical to the DoD’s ability to reduce software delivery times from years to minutes, evolve and adapt faster than its adversaries, and ultimately deliver a more lethal force.1

1Deputy Secretary of Defense Kathleen H Hicks , Feb. 2022
JEFF URLWIN
Vice President, Federal Managed Services
NEILAND WRIGHT
Cybersecurity and DevSecOps Director, Business Development

Enjoy ľAV Articles Like This One? Don’t Miss Any.

Sign up for our “ľAV Insights” newsletter.

SUBSCRIBE NOW

The post Why Aren’t Software Factories Everywhere Across the DoD? appeared first on ľAV.

]]> ľAV Cyber Ops Leader Adam Tischler Awarded Elastic’s 2023 Certified Professional of the Year /ecs-insight/press-release/ecs-cyber-ops-leader-adam-tischler-awarded-elastics-2023-certified-professional-of-the-year/ Thu, 28 Mar 2024 11:00:37 +0000 http://ecstech.flywheelstaging.com/?p=28925 Adam Tischler wins Elastic’s Cyber Professional of the Year for his achievement and contributions to Elastic community.

The post ľAV Cyber Ops Leader Adam Tischler Awarded Elastic’s 2023 Certified Professional of the Year appeared first on ľAV.

]]>

Award recognizes expertise with the Elasticsearch platform and contributions to the Elastic community

FAIRFAX, Va. — March 28, 2024 — ľAV, a leader in advanced technology, science, and engineering solutions and an ASGN (NYSE: ASGN) brand, announced today that , cyber operations leader at ľAV, has been recognized as the 2023 Certified Professional of the Year by Elastic. The award recognizes an individual who has achieved excellence and expertise in the platform and has given back to the Elastic community at large.

Used across the federal and commercial sectors for security, observability, analysis, and data visualization, Elastic is the leading platform for search powered solutions. Tischler has achieved every available Elastic certification: Elastic Certified Engineer (ECE), Elastic Certified Analyst (ECA), and Elastic Certified Observability Engineer (ECOE).

As part of his role at ľAV, Tischler helps develop and manage the continuous diagnostic and mitigation (CDM) dashboard ecosystem for the Cybersecurity and Infrastructure Security Agency (CISA). The system delivers cyber situational awareness data to federal agencies and summarizes risk exposure across the government for the Department of Homeland Security. Tischler has also served as a member of the Elastic Security Federal Advisory Board, providing feedback on new features and helping to steer future capabilities benefiting the security of federal customers.

JOANNA DEMPSEY

Vice President of CISA Portfolio

“On behalf of ľAV, we are so proud of Adam and the work he has done to improve the cyber resilience of our nation,” said Joanna Dempsey, vice president of CISA portfolio at ľAV. “Adam is a key leader on our CISA CDM team, not only in helping develop the platform, but training and mentoring his teammates.”

ADAM TISCHLER

Cyber Operations Leader

“I’m honored to be named Elastic’s Certified Professional of the Year,” said Tischler. “ľAV has more Elastic engineers than any organization outside Elastic. I’m proud to help continue that growth and success.”

About ľAV
ľAV, ASGN’s federal government segment, delivers advanced solutions in cybersecurity, data and artificial intelligence (AI), cloud, application and IT modernization, science, and engineering. The company solves critical, complex challenges for customers across the U.S. public sector, defense, intelligence, and commercial industries. ľAV maintains partnerships with leading cloud, cybersecurity, and AI/ML providers and holds specialized certifications in their technologies. Headquartered in Fairfax, Virginia, ľAV has nearly 4,000 employees throughout the United States. For more information, visit ľAVtech.com.

About ASGN Incorporated
ASGN Incorporated (NYSE: ASGN) is a leading provider of IT services and solutions across the commercial and government sectors. ASGN helps corporate enterprises and government organizations develop, implement, and operate critical IT and business solutions through its integrated offerings. For more information, please visit .

Contact
Shab Nassirpour, Vice President of Marketing and Communications, ľAV
(703) 270-1540
Shab.Nassirpour@ľAVtech.com

The post ľAV Cyber Ops Leader Adam Tischler Awarded Elastic’s 2023 Certified Professional of the Year appeared first on ľAV.

]]>