Episode 56

Design, Build, Deploy, and Maintain with Commander Jonathan White at U.S. Coast Guard

Commander Jonathan White, Cloud and Data Branch Chief at the United States Coast Guard joins Carolyn and Mark to talk about the groundbreaking developments his team is doing with C5I. Commander White stresses the importance of public-private partnerships, and gives tips on how agencies can better approach the future of technology.

Episode Table of Contents

  • [0:33] What Is C5I?
  • [7:54] What Are the Goals of C5I
  • [15:12] What the Future Holds for C5I
  • [22:35] Commander White’s Favorite Project Pre C5I
  • [29:39] What Role Has Industry Played for C5I
  • [35:14] Pieces of Advice
  • [40:23] From the First Piece of Technology to C5I
  • [45:16] Introduction to AI
  • Episode Links and Resources

Episode Links and Resources

Transcript

Carolyn:

Welcome to Tech Transforms, sponsored by Dynatrace. I'm Carolyn Ford. Each week, Mark Senell and I talk with top influencers to explore how the US government is harnessing the power of technology to solve complex challenges and improve our lives.

Carolyn:

Good morning. Thanks for joining us on Tech Transforms. I am Carolyn Ford with my co-host Mark Senell. Hey, Mark.

Mark:

Good morning. How are you doing?

Carolyn:

I'm great. So today we welcome Commander Jonathan White Cloud and Data branch chief at the United States Coast Guard, and we are going to get Commander White's insights on the newly created C5I. Ooh, I should have asked, is it C5I or C51?

Jonathan:

It's C5I, and I can list out all the C's I have them here, so I always joke there should add another C, right?

Carolyn:

Oh my gosh. Well, and listen, you know-

Jonathan:

We'll put that in there.

Carolyn:

You gave me a new... Don't put that in there. It's in there.

Jonathan:

No, I'll put that in there when I answer you.

Carolyn:

Okay. Okay. Well, and I feel like there's so many acronyms. It's like speaking a different language when you come to the US Government and then they change the acronyms on you.

Jonathan:

That's right.

Carolyn:

I digress. Let me finish introducing you, Commander. So we're going to talk to you about C5I Service Center and how this will help support the Coast Guard in deploying capabilities better, faster, and more securely. Welcome to Tech Transforms, Commander White. How are you?

Jonathan:

Good morning, Carolyn. Good morning, Mark. I'm doing great.

Mark:

Good morning. Should we call you Commander White or should we call you something else?

Jonathan:

I'm rather informal. You can call me John or Jonathan.

Mark:

Okay. All Right.

Carolyn:

Great.

Mark:

That's tough for old school people to be that informal, but we'll try.

Jonathan:

It is, but I bring a bit of a tech vibe to my workplace. I interface with enlisted members, Warrant Officers, Junior Officers all the time, and I want them to feel safe and comfortable working with me.

Carolyn:

Wait you [inaudible:

Jonathan:

Now they call me commander. Say again.

Carolyn:

They call you Jonathan?

Jonathan:

No, no, no. They call me Commander.

Carolyn:

Okay.

Jonathan:

Our talk with each other are rather... It's a flat architecture. I don't work on in a daisy chain.

Carolyn:

, computer, cyber, [inaudible:

Jonathan:

So I always joke that they're going to add another C eventually, and I think there is a C6 out there. It's either combat or something else, I don't know. But yeah, the C5I Service Center is the Coast Guard's IT deployment mechanism, basically. We do the technology to design, build, deploy, maintain IT systems for the Coast Guard. We report to the CIO of the Coast Guard. We have an annual budget of approximately $900 million. And we're very much focused on bridging that gap between the very technical IT solution and the end user requirements and their experience. So we're only a couple steps away from people actually using that technology.

Carolyn:

Define end user for us.

Jonathan:

lligence and there [inaudible:

Carolyn:

So I didn't realize that your end user would be me. So can I book a trip with you?

Jonathan:

Well, let's say you wanted to become a merchant mariner. You wanted to sail the seas, you would actually apply for your license through the Coast Guard. So we maintain those registrations. And also if you had a boat or a vessel, you would register that vessel with the Coast Guard as well. And let's say you were to take that voyage and that trip, you'd want to know as you drive out to sea, whether or not there are any hazards on the way. And that is another service that we provide if there's a buoy off station or-

Mark:

Is that like a connection with FEMA?

Jonathan:

It could be, yes. So we deploy tandem with FEMA quite often, especially after a hurricane scenario, right?

Mark:

Yeah.

Jonathan:

in. And if you were here for:

Mark:

So you mentioned something here that I'd like to unpack a little bit. You said you are a few steps away from realizing the active deployment of C5I? What do you mean by that?

Jonathan:

So what I mean by that is the Coast Guard's a very small service. We have about 50,000 members around the world and our customer base is almost directly interfaced with the C5I Service Center. So we have sponsors for various applications throughout the Coast Guard and those sponsors work directly with us. So there isn't a bureaucracy layer in between, for example, or there's no abstraction between what I'm building and the customer that is receiving that. And we're actually shortening that chain even further as we move down a DevSecOps type movement. And we actually embed a customer in the development team. That's the next step for us. We're pretty excited about that.

Mark:

Okay.

Carolyn:

When you say customer, we're going back to those users that I asked who your users are. Is that same?

Jonathan:

That's correct, yeah. Now we may not bring a person in the general public in, but the representative agent internal agency or component for that customer would be part of that journey. Yeah.

Carolyn:

Okay. So what are the goals of C5I?

Jonathan:

So the goal is to design, build, and deploy and maintain IT systems. We have about a thousand members who do that. The split is roughly 400 military, 600 civilian, and we have a cadre of contractors who support us as well. And really that goal is, to me, it's realizing requirements. So we're given a set of requirements, we're given some money, we turn that into product, and that product ostensibly meets mission need and then those customers use that product.

Carolyn:

So we've talked a little bit before and you've mentioned to Mark and I that you have two key areas you're focusing on right now. First area is on driving the Coast Guard into your newly built accredited AWS and Azure landing zones. And the second area is working with the new office of data and analytics to design by bill, deploy and integrated data environment. Tell us more about how you'll approach getting the Coast Guard into those landing zones. And for people like me, explain landing zones.

Jonathan:

Yeah, I don't know. It's not like a helicopter landing pad on top of a hospital. I think we do that a lot. We build this physical manifestation of an IT concept because it's what we're comfortable with. Us nerds, we just talk in bits and bites, so nobody really understands what we say anyway. But no, I'm here to kind of translate that, so I understand the technical aspects, but I also understand how to be strategic and sell a system, sell a product, and what we're trying to achieve at the base level, what we're trying to achieve is a safe place. And I'll define that in a little bit, a safe place so that we can put IT workloads in the cloud and reduce or minimize the amount of work it takes to accredit that workload. And so let me step back a couple steps with safe.

Jonathan:

So the cloud environments are already rather safe. So if you look at the accreditations that both Azure and AWS have, they're both certified at the Impact Level 5 level. They're very much... They cater specifically for government workloads. But that's your starting criteria. So already you meet hundreds of security controls just by choosing cloud. So what we do is we add the rest of those controls. It's a Department of Defense concept, but it's called a SCCA or a Secure Cloud Computing Architecture. And it has two parts. One is the network security and the other one is your managed services security. And that would be your host-based security systems, your scanning tools, your reporting tools, things like that, logging tools.

Jonathan:

play by the rules [inaudible:

Mark:

What's been the most challenging, this two part question. What's been the most challenging part of deploying out C5I?

Jonathan:

Oh, there are so many challenges. My biggest challenge is complying with all the various rules and regulations that exist in this space. And I always relate... Oh, go ahead, Carolyn.

Carolyn:

The ones that you just mentioned, like the SCCA, all of those rules.

Jonathan:

Correct.

Carolyn:

Okay. Okay.

Jonathan:

Yep. So the SCCA and these impact levels, they all exist to feed a beast. And that beast is the risk management framework or the NIST 800-Tech 53.

Mark:

They may change.

Jonathan:

Those things change. They're also somewhat subjective. So you have to basically convince an approving official that you've met those security controls. There are hundreds of them and it's a journey. It's like a... I believe it's a six step process, but it's a journey.

Mark:

Probably never ending journey.

Jonathan:

It's never ending. And it's a constant handoff too. So you're selecting your controls, then you're convincing somebody that those selections are correct, then you implement them, then you convince another person that you implemented them correctly, then you test them and you have to convince the testers that the test results are accurate. And then you get to the AO and you say, "AO, look at all this work I did."

Jonathan:

And of course, they don't have time to read 600 pages worth of security control. So it's really just, you got my word for it kind of thing. In some cases, that's typically what it boils down to. Or you have a targeted brief, which I just did one last week. You brief on the subject. And basically the effectiveness of that briefer is whether you're not, you get approved or denied. I don't necessarily like anything about that. And there's a future here. And that future is called continuous ATO. It takes all of that and it turns it into a machine driven process. And it's actually looking at artifacts produced from scanning tools and giving an automatic score. And you don't pass go until you pass the score. You pass the test. That is the future. Everything has to go that way. Because it takes the subjectiveness out of it. It takes the handoffs out.

Jonathan:

And not only that, every time you deploy, you get re-accredited, right? It's giving you your check marks every time you go. In the traditional context, you get a three year ATO. And I always laughed about this when I was going through this processes. You basically accredit the system you built a year ago that's going to be alive for four years... Next three years. So you have a four-year window that you could, I think, in the past, you could just get away with doing nothing and just let the system rot over four years, that is gone with CATO, right? That's a big deal.

Mark:

So it's never ending kind of cycle.

Carolyn:

Yeah. I mean, sorry. It sounds like millions of man-hours to achieve this CATO.

Jonathan:

Absolutely.

Carolyn:

So what are you doing? How are you achieving it?

Jonathan:

So that goes back to the landing zone conversation. So there's a second aspect which we're deploying right now. It's called the software factory. And it's a weird term, but I call it just a CI CD pipeline. And so you accredit your CI CD pipeline, that's your CATO process, and then you accredit the landing zone for that pipeline, which is your cloud. And also obviously you need to run the workload. So that could be your Kubernetes instance or your VMs, but then what do you do? That's the pipeline. Then you have the very, very top, which is your application, which you're actually coding and deploying, that gets a certificate to field. And so what if this boils down to is, if my pipeline's good, you're only going after a CTF Certificate To Field and that dramatically reduces the problem set. And that's what we're doing right now.

Mark:

And your ability to deploy out to your end users, right?

Jonathan:

That's correct. So that's how you get speed to market. So if I can reduce your overhead to just that CTF aspect and you inherit and play by the rules down the line, then the benefit to you is speed to market. You get to the customer 1,000 times faster.

Mark:

I think you just answered the second part of my question, which is the more fun part. What is the most exciting part being a tech guy? What's the most exciting part of the delivery of that C5I?

Jonathan:

Yeah, so the most exciting part right now is we're almost like building a flower, if you will. And that flower is still budding, but it's going to bloom. And that bloom is the enablement of that CTF action. And the bloom is modernizing mission applications that have been neglected for years. And I think once you feed the appetite for that, it's going to be a rollercoaster. It's going to be a... It is like the superman coaster, it'll blast you off into outer space. That's what I'm seeing is going to develop by this. So if we do this correctly, we will have this beautiful field of flowers where we are no longer held back by the legacy systems and the legacy mindset that associated with those systems. It makes us nimble. It makes us look modern. And perception is reality. So if you look like you're stagnant, you're stagnant, even if you are moving. And the perception of speed and meeting the end user's experience expectations is what's exciting the most about this, right?

Mark:

Is automation and AI a big part of that?

Jonathan:

Automation is.

Mark:

So automation.

Jonathan:

Those pipelines are a hundred percent automate. Everything will be automated. Even your infrastructure build outs, everything gets automated, which is great. And I said this in the past, I want to build our cloud environment so that I could come by and delete it and then we can rebuild it in a matter of an hour. Nobody sweat or getting nervous, right?

Mark:

Yeah, very cool.

Jonathan:

Obviously you want to back up your data.

Carolyn:

I want to repeat what I think you said the landing zones are. Is the landing zone that automated CDIC pipeline. So all those hundreds of security controls, I feel like I'm not getting this right. Once you move to those landing zones like that CDIC pipeline just plugs in and then all you have to do is the field certificate. What was the certificate again?

Jonathan:

Certificate to Field.

Carolyn:

Certificate of Field. Is that right?

Jonathan:

So the landing zone is the output of the pipeline, is this certified application or container or whatever you want to call it, and that is placed into the landing zone?

Mark:

Is that your terminology for, maybe, what you've heard as ATO Carolyn, like authority to operate or something like that?

Carolyn:

I think so. I still am not sure. So is the landing zone just the cloud, sorry?

Jonathan:

Yes. Yeah, that's just the cloud. So that would be, in the simplest sense, that is Kubernetes running your container.

Carolyn:

Got it.

Jonathan:

Which is your application layer. And then you might have a virtual private cloud or subscription depending on which cloud you're in, which is hosting Lambda functions or events and data S3 or Azure Data Lake or whatever other services that you're consuming to support that application. That combined is for that particular application, that landing zone. It's a little neb... Like I said, this is a little nebulous because you're trying to do a physical... it's a representation of a computing construct. That's why I like the blanket analogy a little better. The SDCA forms, this blanket you deploy, inside the blanket you're safe as long as you play by the rules or as safe as you can be. And then you can maneuver within that.

Carolyn:

And so these landing zones, what are they allowing you to do that before them you weren't able to do?

Jonathan:

Okay, that's interesting. So if you think about the On-prem deployment that we've coming from, everything is segmented by firewall zones and you deploy into those firewall zones and that's pretty much the amount of segregation you have between workloads in the cloud. Every workload is a micro segmented thing. So it's denial all by default, you deploy a virtual private cloud, nothing can talk to it. And so you open up access. So term for that is micro-segmentation. And that's really what our landing zone is doing is, it's providing that ability to create segmented applications. And those don't talk to each other unless you explicitly allow it to happen. So right now, and this goes to a security discussion. So today, if you were to successfully compromise a system in the Coast Guard network in a particular firewall zone, you could move east and west in that firewall zone pretty much unfettered.

Jonathan:

And that's more of the defense in depth model where if I can pass all the barriers, then I'm in the middle there and I can, you're not supposed to, but it's a soft nucleus there. That doesn't not how the cloud is being architected. If you were to compromise an asset in a landing zone in the cloud, you're stuck there except for the very explicit communication permissions that we've enabled.

Jonathan:

t. So you'd take a [inaudible:

Carolyn:

We're talking to zero trust now. Yeah.

Jonathan:

We are talking zero trust. Yes, absolutely. And zero trust is not just humans to computers, it's also computers to computers. So there's defined API boundaries. There's keys that need to be stored in a key vault somewhere. And all those things help limit what we would call the blast radius. Something gets compromised, it can only move in a small area. And if it tries to move outside there you, you've probably set off some alarm bells. That's the goal, at least.

Carolyn:

I have another question, Mark, but I'm being quiet so you have a chance to ask. I can keep talking.

Jonathan:

No, let-

Carolyn:

Keep going.

Jonathan:

Let her rip. You got it at top of mind. Let's go.

Carolyn:

So I want to shift gears a little bit, but I suspect this dovetails into what you're doing with C5I. What has been one of your favorite projects that you've worked on within the Coast Guard?

Jonathan:

So I haven't yet gotten a favorite project for the cloud since we're just starting to build that out. But coming soon, I'll have a favorite project in the cloud. But previous to my journey in the cloud, I actually spent four years down at our C3 Center, which was basically, they built mission applications for special purpose. That's where we have our Track Management services, CG1 View and the Unclassified Cop. I was on the C Watch team and we deployed a command and control and navigation system to the cutters out in the fleet. So at that point, I was one step away from my customer. I would directly interface with people on ships to list their requirements, build a system that met those requirements, obviously working through our headquarters component as well, and then deploying it to that very same customer. And they would go out and do mission.

Jonathan:

It was a system they used every single day while they were underway because that's how they navigated the ship. And that's also how they managed the radar and track picture to figure out where to, if they were doing interdictions or whatever, they could vector into those, share that data with third parties like DOD and DHS. And it was incredible to have that experience early on in my career. And it's my favorite project because I did full stack. So we designed, we built, we tested, we deployed, we sustained. I mean, I was down there remotely logging into cutters while they were underway, troubleshooting their systems.

Mark:

Did you get to get out on the cutters?

Jonathan:

Absolutely. Yeah. I did deployments for two years. Yeah, we would do two a month or something like that. We'd travel out. I went to all sorts of places in the US.

Mark:

That's all. So is it nice. So I don't know how this works in the Coast Guard, but as an IT guy, do you not get to get out on the ships as much back home in the data centers?

Jonathan:

e Coast Guard. But [inaudible:

Carolyn:

Will you move them into the cloud eventually or are they just continue?

Jonathan:

Yeah, so those systems will, we call them, what we're calling them right now in our new branding is the tactical edge. And that's an on-asset deployment of capability. And what we're going to be moving towards is standardizing that tactical edge experience across all of our assets, which the cloud will enable. So I should be able to run my app through the software factory, get my check boxes, hit the deploy button, right, ready to go, and it would be pushed down to all of my cutters. That's a totally different model than what we are currently operating on. Young Lieutenant White out there is going to be upset when he doesn't get to travel across the country all the time. But there's still, obviously there's physical devices on those assets. There's still going to need to be people who maintain those and upgrade them and everything else.

Jonathan:

But the idea is we want to standardize as much as possible, and this was a vision I had back when I was down at C3 Center. Why are we deploying three different or four different compute clusters and storage clusters to manage... each system has its own baggage, its own hardware baggage. We were a little ahead of our time at that point because we were just starting to, the hyper-converged infrastructure was just starting to become a thing. Virtual machines were still like, oh, this is a desktop machine. It's not really a high performance machine. Right? Today that's a completely different story. It is completely different. And we are definitely looking at that and saying, how can we leverage all this great technology that's basically powering the world right now? Put that on our cutters and then deploy on top of that our stack.

Carolyn:

If you do central deployment to all of your ships from the cloud, what does that do to security?

Jonathan:

That's shortening that life cycle.

Carolyn:

It feels like it's making it possible to let the Borg in.

Jonathan:

Let the Borg in?

Mark:

That's her reference to being a trekking.

Jonathan:

Yeah. I mean. Yeah. So this is where it gets a little weird. I agree. So you're taking the human out of the loop and you're basically giving control over to the machines. I think we're just going to have to accept that and deal with that. So you can't move at speed in that relevance without letting the Borg take over. However, you can put discreet rules and thresholds around the Borg so they don't interrupt operations. And that was a big thing for us. Don't deploy an update that's going to take down the system while somebody's cruising into port, right? That's a bad news story that makes the headlines. And so there definitely needs to be rules and permissions and thresholds that take place when you start thinking about these mission critical systems.

Carolyn:

That goes back to all those security controls that you were talking about earlier.

Jonathan:

Exactly. And it comes down to how do I continuously comply with those security controls but still retain control, human control? There's a tug of war there. And that's what I think you're referencing is. I don't want to just go crazy here, but there needs to be some level of autonomy in the system in order to achieve the objectives we're looking for.

Mark:

So Jonathan, what role has industry, or I guess, your public partnerships played in this journey?

Jonathan:

They're absolutely critical to this journey, and that's something I learned while I was at C3 Center. Industry outreach to me is top of mind. I want to know everything that's going on in all domains in the IT space. That's new technologies coming out, things the DOD can't even use yet. Talking about ready made solutions, services, ways of doing business like ITIL and Agile and things like that. I've basically made it a mission for me to maintain relevancy through industry and because that's where the world's going.

Jonathan:

And part of being in this government role is balancing that future sales pitch with reality and making sure we don't chase, we don't want to chase a PowerPoint diagram, but we also don't want to move into irrelevancy where I think we are right now in some respects where we didn't even move the needle and so we missed an opportunity. And that's where I see this, that's where cloud comes into me. It builds that safe place where we can try things in a little bit, we can try a little bit. If we don't like it, we delete it and move on with our lives. We didn't invest in millions of dollars of hardware or anything like that. And it also lets us compete solutions right next to each other and we can run parallel workloads and say which one works the best.

Mark:

That's got to be one of the most exciting things about the industry we're in.

Jonathan:

I agree.

Carolyn:

Where are we on your landing zone journey, on the whole C5I journey? Have you started to deploy?

Jonathan:

We are building the accounts right now to build our software factory. So our timeline right now is software factory, at least from a contractual standpoint, fully operational by the end of May. Now running actual workloads that would probably be a few months after that as we grow into it and learn how to use it and build those rules, we got to build the rules. There's associated technical aspect to all this. How do I bring my organization to the table? I could deploy 10 software factories. Nobody's going to use them, right? I need to force people into this journey, which there's some willing participants, but it's scary and we need to, what I'm trying to do right now is build this comfort factor. I typically do that through knowledge, but I want to build a comfort factor with our organization so that they know we're not just building something that is vaporware. This is the thing, this is it. This is what's going to power the Coast Guard. That's a big tenant for me. That's a big vision that I put out there.

Mark:

Let me ask you this question about the software factories, because I don't know a ton about that. So a lot of different organizations are building software factories like you talk about. Is there collaboration across organizations, like different software factories? I mean, is there communication there? I don't know.

Jonathan:

Actually. We sent a team out to talk with the Navy software factory out in San Diego. We sent them out the end of February, and it was extremely valuable sharing of the information. The Army just did an open house for theirs. The Marine Corps just stood theirs up.

Mark:

Oh, that's cool.

Jonathan:

What's what I think is going to happen is everybody's liquored up now on the CI CD pipeline aspect of software factories, right? That's because CATO is like the big thing. I think over time that's going to fade into the background as people... It's there. It works, which is where it needs to be. That needs to be in the background. And what comes to the foreground is that exact thing you question, right? The collaboration piece. Now our team's going to use each other software factories to deploy to probably not. They're self-serving, right? Ours serves the Coast Guard.

Mark:

Right.

Jonathan:

Army serves Army. But the team's building applications, especially when you start talking about collaborative applications between services, that's where we need to build those partnerships now so that when we're ready to execute, it's not just the Coast Guard building app. Maybe it's the Coast Guard and CBP building a joint application, and we are sharing, find data, share agreements and everything else.

Carolyn:

Yeah. You're not just leveraging best practices, you're actually leveraging stuff that you're built. There are some things that you guys can share. Is that right?

Jonathan:

Absolutely. Yeah. And we canvas around. So we look at Castle Run and the things that they're doing, and in the race to be awesome, there's people leading, people lagging, there's people all over the place. I'm actually pretty happy the Coast guard's coming in a little late to this game because we can surveil the terrain and say, "Okay, well, what didn't work because lot. Yeah, a lot didn't work, and we're taking the best.

Carolyn:

Can you give our listeners your top two or three pieces of advice as they begin their own journeys? What have you found, maybe even the challenges and how you, I guess I'll stop talking, top three pieces of advice.

Jonathan:

Okay. Well. All right. The first thing I would say is get out of your box. If you're uncomfortable, you're doing something right. Start thinking about the future. Learn something new. Learn a new technology. And what I think you'll surprise yourself with is that, after you learn it becomes relevant to you and maybe it solves a problem. And I've been on a lot of meetings lately when we talk about cloud and data and our infrastructure and the people in the room, the feedback I get is, wow, I had 10 problems that I had, and at the end of this meeting, you checked off all 10 boxes and-

Mark:

That's great advice. Yeah.

Jonathan:

Yeah. So get out of your box. And that's actually going to take that a little bit from the recent book that was published, Hack Your Bureaucracy, it's similar to that style of thinking. And one of their recommendations was step outside, talk to people. This was for the Veterans Affairs, but talk to people outside the hospital and ask them like, what sucks about this hospital? And then take that feedback and change your business process. All right. The second one is, the world revolves around money and you can't do anything without money. So if you're going to learn a skill, learn how to advocate for, retain and spend money, and if you don't know how to do that, you will not be successful.

Carolyn:

So can you write a quick book on that to share with our listeners?

Jonathan:

I put it in my queue. So to me there's like three pillars in it. There's the tech pillar, that's number one. There's contracting, which is the money aspect, budgeting and contracting. And then there's ATO. If you can synergize all three of those, you're successful because they're all going to compete with you. And they're all going... to me, they're torpedoes. They're all going to torpedo your ship as your project moves along the journey. And so you have to have active defenses for those things. That's interesting. That changes all the time. Budget and contracting changes all the time. And contracting, they're an antithetical sometimes to tech. I mean, love our KOs, but there's a lot of rules. There's a ton of rules in the contracting world. And if you don't understand, I took a FAR training course, best course I ever took because I can have a one-on-one conversation with a KO and understand what they're saying.

Mark:

I mean, having been in this industry for so long, I've seen a lot of projects fail because of that, not being able to get the funding and stuff like that. So that's really interesting. But boy, I know it matters to the Coast Guard, probably matters to your team and that the whole mission.

Jonathan:

That's correct. And I think the third one as I'm thinking through these, the third one is manage your people, right? Again, same with money. You're not going to execute anything without the proper people resources. And your people need to be trained, engaged, monitored. And by monitored, I mean pace them in their work. Don't like sit over the shoulder, don't micromanagement. But you need to have a free flow of communication with your folks to say, are you busy? Are you too busy? Are you not busy? And spread your tasking around. When I first started this job, the first thing I did with my section leads. So, I have four sections in my legacy org structure. The first thing I did was I interviewed each one of them and I asked them, I made them do a SWOT table, Strengths, Weaknesses, Opportunities, Threats. And then at the end of our conversation, I said, tell me what you're not going to work on right now. Tell me what you're going to stop working on.

Jonathan:

Because what happened was there was an accumulation of work debt that was happening and people were getting drowned in minutia. And I said, pick your top three projects you focus on, complete those now, then let's pick up the ones that we paused, and by doing that, I was able to close out things that were in motion for two years. I closed them out within three months of showing up, and it was just-

Mark:

I'm writing down.

Jonathan:

It would've been another two years. Go ahead. Go ahead, Mark.

Mark:

It's great advice. I'm writing that down.

Jonathan:

Yes.

Carolyn:

We need- [inaudible:

Jonathan:

Stop working on this. Right?

Carolyn:

Exactly. Exactly.

Jonathan:

And a lot of it was just they were doing what they thought was the right thing to do, but at the end of the day, when you zoomed out on the organization, you realized that wasn't actually, you doing that was not going to produce the outcome that the organization wanted.

Carolyn:

Right, right. Great pieces of advice. So get out of your box. Learn to advocate, retain, and spend money book coming later. And then manage your people. Understand, match the right resources to the right projects and help balance the workload. Did I get it right?

Mark:

Great advice.

Jonathan:

Absolutely. 100%.

Carolyn:

Yep.

Jonathan:

Yep.

Carolyn:

All right, Mark, we have enough time for, maybe, a couple of tech talk questions, and I will let you ask Jonathan, the first one.

Mark:

Okay. Thanks Carolyn. So Jonathan, I'm going to hit you with this one. So you're going to need to dig back into the memory banks. What was the very first piece of technology that you ever bought or received?

Jonathan:

Ooh. All right. Let's go back. We're going to hit the wave back machine here in the early '90s, right? So I'm 38. All right, so-

Mark:

Me too.

Jonathan:

You look great, Mark. So when I was growing up, my dad was in RF engineering. He worked for NineX and we lived in New York. And I never really understood what he did. All I knew was that every time we went into a car, he had an apparatus that was holding a brick phone and an antenna on the outside. And the first question I asked him when I became aware of this was, why is the antenna on the outside of the car?

Jonathan:

And he is like, "Well, you don't get reception because it doesn't work in the metal body box." And that was the technology of the day that was like, woo. If you're a kid, you had a phone call in a car, right?

Carolyn:

Cutting edge.

Jonathan:

That's like, yeah, that's limousine worthy almost, right? But that's what I grew up with. I grew up with these cutting edge technologies, and he would just drive around and measure cell site data and he would collect cell site data. And his job was to position the cell towers and find the right spot to-

Mark:

Oh, cool.

Jonathan:

Make coverage. And that was where we were. And so that was real exciting. That was my exposure. But then simultaneous to that, we started... He bought a couple computers. We had an IBM machine at some point, but the one that really captivated me was the Mac TV that we bought.

Jonathan:

You remember that computer? It was all the range. You could hit a key combo and it turned into a regular TV. You hit a key combo, you're back to Mac. I've used that until I was in high school. It was great. But my first, I would say the first thing I received was internet. And it was from Prodigy. And we used to play... I used to play games and chat, and that was my portal to the future. And I didn't realize it at the time, but the thing that really captivated me the most was there was a game that was on CD. It was a 3D view of the space shuttle, and you can go into the cockpit and you can maneuver your way around and look at all the buttons and dials and stuff on the space shuttle. And that thing just captivated the crap out of me.

Jonathan:

And I think that's really what set the stage for me to be really interested in technology. I built my first website when I was in a freshman in high school. I learned how to program, and I've never stopped since then. And I wouldn't want to do anything different. Actually, my education is electrical engineering, but I've self-taught myself technology, and that's... it all started in that initial journey of, here's a computer, play with it. Here's a game, figure it out. And what I'm really excited about is I'm kind of seeing that again, happening today with artificial intelligence. It is going to fundamentally, like the new GPTs and those types of things fundamentally change the way we interact with computers, fundamentally change it. I think it is as dramatic as the mouse was in terms of how you interact with the machine.

Mark:

Yeah.

Jonathan:

We're just at the cusp of this journey, and I hate artificial intelligence until two months ago. And then I saw the vision.

Carolyn:

How?

Jonathan:

ng ChatGPT and the [inaudible:

Carolyn:

Really? ChatGPT what got you all in on AI?

Jonathan:

Yes. Because-

Carolyn:

Wow.

Jonathan:

Because the interface, the transaction was no longer, it's no longer in the background from, so AI, machine learning fundamentally is signal processing. And it's very mathematical and it's very rigid. This was the first time I've ever used AI that was fluid. It produced a result that I was finding acceptable, and it spoke to me. And not in a weird sense where it's taking over the world, but it's a way, and I actually listened to a podcast recently about, where's this AI going? And I think it is actually going to be your digital partner in your journey. And so wherever you go, just as much as you take your cell phone everywhere, you're going to take your own digital partner and you will be able to interact with that partner and basically augment all the things that you do right now where you're like, ta ta ta ta tap in the way, right?

Carolyn:

Yes.

Jonathan:

And you're setting up meetings, and you're sending emails, and you're figuring out what to do for today. I think, Mark, to be honest, I'm not selling the product here, but I think Microsoft gets it too. I want to log in and I open my outlook, and the only thing I see is a summary of all the unread emails that I have and the highlight of the ones that seem relevant to me. I can click on that and then I can basically say, okay, whether you dictate it or you type it, here's the kind of general response I want to give. Go send it. Boom. So 90% of emails you give, you don't really have to put much thought into it. It's kind of just a request response kind of thing.

Jonathan:

And the 10% that actually matter are the ones where you have to actually think about and respond. I want those to be surfaced, and as I work with my digital partner, I want it to just learn how I do work. Right? And that's the fundamental difference that I've seen with ChatGPT. It actually learns, it builds a persona of you. It can build a persona of you. I don't think we're just there just yet, but you can take your own personal AI with you and that.

Carolyn:

Yeah,

Jonathan:

I think it has unlocked that aspect.

Mark:

That's a great answer.

Carolyn:

I found it to be a really useful brainstorming tool, but Mark will appreciate this. I ask it questions sometimes, and it's like, I need to caution you that Dr. Strange is not a real person. Because I'll ask you it to compare technology to whatever superheroes on my mind. Let me caution you. This is the fantasy thing that you're trying to compare to a real thing. And I'm like, just do it.

Mark:

It's JARVIS. It's JARVIS.

Carolyn:

Yeah.

Jonathan:

Yeah. I think it's about as close to JARVIS as we've ever come.

Mark:

Yeah.

Jonathan:

Right.

Carolyn:

Really we [inaudible:

Jonathan:

We fake it. We've faked it with Siri and Alexa and stuff. Those were fakes, right?

Carolyn:

Yeah.

Jonathan:

This is different. No offense to those products. They're great, but if you've ever done or understood how video games are developed, right? It's all faking stuff. You're faking physics, you're faking, you're rendering like low poly in the distance and high poly in the foreground just to keep it running, right? That's what previous generations of AI were. It's just faking it to make this illusion of AI. That's why I hated it. This is different, for whatever reason.

Carolyn:

Yeah.

Jonathan:

I just have this feeling that this is different. Right.

Carolyn:

All right.

Mark:

That's cool.

Carolyn:

Yeah. Well, thank you so much today, Commander White for joining us. A lot of really good things to think about. I really feel like we're going to have to have you on for round two, just to talk about the book that you're writing. No pressure. But we all want that book. And thanks to our listeners for joining us today on Tech Transforms. Share this episode and smash that like button.

Carolyn:

Thanks for joining Tech Transforms, sponsored by Dynatrace. For more Tech Transforms, follow us on LinkedIn, Twitter, and Instagram.

About the Podcast

Show artwork for Tech Transforms
Tech Transforms
Tech Transforms talks to some of the most prominent influencers shaping government technology.

About your hosts

Profile picture for Carolyn Ford

Carolyn Ford

Carolyn Ford is a passionate leader, doer, adventurer, guided by her father's philosophy: "leave everything and everyone better than you found them."
She brings over two decades of marketing experience to the intersection of technology, innovation, humanity, and the public good.
Profile picture for Carolyn Ford

Carolyn Ford

Carolyn Ford is passionate about connecting with people to learn how the power of technology is impacting their lives and how they are using technology to shape the world. She has worked in high tech and federal-focused cybersecurity for more than 15 years. Prior to co-hosting Tech Transforms, Carolyn launched and hosted the award-winning podcast "To The Point Cybersecurity".