Session: Overcoming Inertia At Scale – Moving Government to DevSecOps
Imagine a boulder – you want to move it for its own good, but if you move it the wrong way, too fast, or forget that it’s supporting something somebody else counts on – that’s government technology. After a decade in the Federal government, I’ve seen things you people couldn’t believe – but progress is being made moving that boulder correctly – but it’s not without its challenges. What could be considered easy in the private sector; with a pushes toward first to market, iterative innovation, and minimal viable products for their customers, the public sector maintains challenges of constrained budgets, talent pools and politics. This talk will cover some of how those challenges were “hacked” by a talented pool of people to move that boulder correctly, and some techniques for non-bureaucrats to get some of those more stubborn DevSecOps and IT transformation projects forward.
Amélie E. Koran is currently the Senior Technology Advocate for Splunk and recently served as the Deputy Chief Information Officer and most recently as Chief Technology Officer for the U.S. Department of Health and Human Services, Office of the Inspector General. However, Amélie’s path prior to today took her the long way around − through multiple industry sectors, academia, and the public sector. Her professional experience includes time spent at The Walt Disney Company, Carnegie Mellon University’s CERT/CC, Mandiant, The World Bank, Constellation Energy (now Exelon) and The American Chemical Society. She began her time in the public sector as Lead Enterprise Security Architect for the U.S. Department of the Interior, eventually moving on to lead Continuous Diagnostics and Mitigation implementation for the U.S. Treasury Department. Amélie later spent time on a leadership development rotation as part of the President’s Management Council Fellowship serving the Federal CIO in supporting cybersecurity policy analysis and legislative review, where she took an active role in the government-wide Open Data Initiative and helped in giving “birth” to the United States Digital Service (USDS). She’s an ardent advocate for innovative approaches to hiring talent and rationally applying security strategies and technologies for the public and private sector. In her free time she collects movie memorabilia, toys and LEGO sets and swims and bicycles for exercise and fun. She’s an avid motorcyclist, having ridden the Iron Butt 50CC Challenge in 2010 on her way to BlackHat and DEFCON. She volunteers at local security conferences, primarily BSides DC and BSides NoVA, but can also be seen at BSides Las Vegas and DEFCON as a Goon. She’s married to a wonderful spouse (also a techie) and became a recent parent to two precious kittens at the end of October. While working for Stan “The Man” Lee, she received her superhero nickname when helping move his personal comic book collection to the company vaults from his original home in the hills overlooking Hollywood. Her original foray into the Internet was in 1993, building one of the first 1000 websites ever, called the “Star Wars Multimedia Archive”, and then in 1996 built the preeminent film and television music website, SoundtrackNet, which she ran until 2012 when she sold it to focus more towards her main career. While she plays the drums, she’s not very good at them, but can at least keep time.