2018/08/07: TASSCC Take 2

by Gene Kim on

#Tasscc

2018/08/07: TASSCC Take 2

  • @TASSCC: Packed session for the state agency #cloud track, featuring @TexasDIR, @TPWDnews, @TXAG and @TxDPS. #TASSCC18 https://t.co/ftkpOm8taG
  • encrypt all laptop: windows SCCM for laptop / desktop; Mac: LANrev and FileVault 2
  • @EndMSilva: RT @sunilalevi: #TASSCC #TASSCC18 excellent shared service initiative https://t.co/Lq6DW2f9nc

  • City of Atlanta: paid $5MM in ransom; requested additional $7MM to rebuild infrastructure

  • encrypted 3500 machines: 10% slowdown; 500 at a time; Microsoft was awesome

  • Macs: managed through LANrev: required user intervention to : literally had to type in password; most people didn’t want it, so delayed; 600 devices on campus; we had to track down campus faculty

  • reports: patching and encryption: didn’t jibe: found SCCM clients weren’t functioning right

  • Great talk on tackling infosec at Texas A&M Corpus Christi: among many other things, tackled disk encryption on all staff, faculty; Windows went great, Macs more problematic, required chasing down reluctant faculty members. :)

  • @TASSCC: --- Discussing #security & #risk mgmt. on a Multi-front Battlefield with Ben Soto & Lionel Cassin @IslandCampus

    TASSCC18 https://t.co/pzdNQjFjTv

  • @TASSCC: --- Discussing #security & #risk mgmt. on a Multi-front Battlefield with Ben Soto & Lionel Cassin @IslandCampus

    TASSCC18 https://t.co/pzdNQjFjTv

  • Fun listening to Soto and Casson securing the environment at higher education, notorious for decentralized fiefdoms, with high expectations of intellectual and administrative freedom!

  • we used to release patches whenever MSFT released patches; now we only patch test systems; wait 1 week

  • Phishing attacks -> compromised credentials -> internal attacks -> data loss

  • train everyone: what does a fish look like, what does it do, what to do when you see one; no one from Helpdesk will EVER ask for your password

  • Texas A&M CC: moving to MFA: rolling out Duo Security; multi year: 1) major apps for staff and facility, where PII; 2) secondary applicatons; 3) email for faculty; 4) upcoming: email and applications students

  • students are easiest people to roll out MFA to!

Rapid Discovery

  • Design principles: resolve entities using information stored across disparate sets
  • Persist resolved entities so they can be queried, not calculated, during analysis
  • construct entity graph relationships from resolved data sets
  • source data > extract, transform, load > entity resolution (do immediately) > knowledge graph > analytics and algorithm > UI and workflow
  • Amy: TX DPS Mission: Dept of Public Safety: combat crime and terrorism; enhance highway and public safety; enhance statewide emergency management; enhance public safety licensing and regulatory services
  • 150 people fielding info requests from police, etc.
  • State Fusion Center: (post 9/11)
  • analyst time: 80% data aggregation; 20% analyzing data; SPART-N; “john does: tell me everything about that person”: driver licnese, vehicle registration, criminal history: we already own it all
  • we pass on information: we are too reactive
  • our hopes: proactive view of threads (vs. stereotype: always reacting)
  • “5 days to 5 clicks”
  • find those non-obvious relationships: “investigator called; working on auto theft task force: can you help me? I have 2 digits of license plate, general make/modl of car: tell me everyone I can contact who was involved in a robbery?” (Analysts do this all the day)
  • normally: we look p all the DMV registrations: look in geographic area: cross reference with address, driver license; all in disparate systems; would take us days and weeks to give back answer
  • we had answer in minutes: b/c we could combine it all in our new system SPART-N
  • self-service

- backend: Java: front end: React/JS

  • @sunilalevi: #TASSCC #TASSCC18 cool implementation of MissionGraph solution from DPS. https://t.co/1VQpsdHeDv
  • @sunilalevi: #TASSCC #TASSCC18 cool implementation of MissionGraph solution from DPS. https://t.co/1VQpsdHeDv
  • data cleanup effort: unstructured data elements: makes entity relationship not possible, or figure out alternate visualization
  • luckily, most in structured data
  • UAT early feedback: “wow, when can we start using this? I was able to find the subject more quickly than in DLS (w/a misspelled, hyphenated name, and age as only provided identifiers)
  • 9K requests/month: 150 analysts:
  • enables search w/o using structured search fields
  • scenario 1: search for vehicle: operations center in middle of night (means that it’s urgent): DPS investigator: stash house (location where drugs are being stashed) temporarily en route
  • while sitting on surveillance, sees car routinely driving by, so calls it in: “here’s the license plate: what do you know about car or driver?”
  • Toyota Corolla, white color: matches license plate; and Loredo address is where the officer is
  • graph: vehicle: owner: address (flag indicates something interesting)
  • here’s who lives at address, and here’s the other people who live there, who actually has criminal drug record
  • known gang member, prior criminal record
  • peviously, we would have had to call officer back, after we assemble data
  • now we can tell him exactly all the relevant details: gives them situational understanding of the threats
  • we can also geolocate with other info: like showing associated with crimes in San Antonio

  • other use cases: program integrity (fraud), network adequacy (managed health care plans), local law enforcement, opioid epidemic, disaster preparedness (road blocks), national security (country entrance denial), child welfare (identify children at risk: case workers who go into people’s homes, they conduct interviews; who has child, who has contact, real life indicators of risk), benefit management (receipt of cash, food stamps, welfare assistance)

  • @sunilalevi: #TASSCC #TASSCC18 great job Amy on the MissionGraph and Rapid Discovery demo. https://t.co/D8ZeWFxCmB

  • key takeaways: largest tech project we’ve been responsible for at ICT: 1) focus on your mission and make it measurable; 2) start small and be agile; 3) don’t make it about tech; 4) take action as time is now

  • started 2 data sets: looked at it; confirmed that it helped analyst (enable analyst to give timely info:

  • Apache Spark

  • you can get something up and running in matter of weeks

  • platform: Mission Graph: is Deloitte owned platform: we took that and created an instance for SPART-N, customized it; data model, ETL customized; the actual application/stack is part of platform

  • machine learning techniques: not in SPART-N: learn from characteristics of individuals, where they live: predict risk; used at Customs and Border Protection

  • needs to be real-time, otherwise analyst will feel obligated to go look at the systems of record

  • how much data? 12 TB of data: don’t know where it is right now

  • scaleable: horizontally scale: ingestion: Apache Spark: DataStax built upon Apache Cassandra: like Netflix, iTunes:

Legislative Panel Discussion

  • Moderator: Ross Ramsey: Executive Editor, Texas Tribune
  • Giovanni Capriglione: Texas House of Representatives, District 98
  • Cesar Blanco: Texas House of Representatives, District 76 (Former US Navy)

  • https://house.texas.gov/members/member-page/?district=76

  • https://house.texas.gov/members/member-page/?district=98

  • CB: first race in 1991; moderate force; house backstop for extreme legislation like “bathroom bill” — it’s a big loss, want to stay focused on business of state, vs ideological issues

  • speaker: bi-partisan decision

  • @TASSCC: --- Chatting about Speaker races, we have moderator, @rossramsey and TX State Reps, @VoteGiovanni, district 98 and @CesarJBlanco, district 76. #TxPolitics #TASSCC18 https://t.co/zgy0qZ0wmr

  • speaker race is like high school election, but with money: who pushed you off slide in 3rd grade, who’s your friend?

  • GC: always about their district; far more than coalitions: “friends for now”; I liked working for the speaker: made it easy for us to do what we needed to do

  • CB: as the whip, I’ve counted the votes for both Dems and Reps; senior blocs, too; young bloc; many of us are in our 40s; older people need to appeal to younger people to make a difference

  • GC: Dems do vote together; Reps do not, for a variety of reasons;

  • CB: healthcare, Harvey recovery, education, property taxes

  • 3.1% unemployement in DFW

  • CB: top 3 issues: Harvey recovery (financial, policy): $100 billion in damage; 135K homes managed, 35% people displaced; Sante Fe school shooting; funding public education

  • GC: top 3 issues: school finance, (worked on transportation, water last few sessions), tie it in with property taxes;

  • Texas Taxpayer Association: non-partisan business leaning group: projecting deficit $7.9 billion

  • GC: rainy day fund: $12 billion: must figure out what to do with it: may be not in best interest to keep it locked into checking account; maybe invest at higher rate, resulting in $200MM; maybe take dividends out, cap the fund to take care of long term obligations

  • priorities list is a moral document

  • CB: look at the $1.6 billion into border security when it’s largely a federal responsibility; not very much accountability on spending

  • GC: 6th highest property taxes in nation; proposal: no more money in rainy fund, put that into educational funding; 85K new students per year; unfortunte when that kind of fix gets coupled to things that are unrelated

  • CB: contract management: we allocate the money, governor manages it; we’ve got the power of the purse, and we can be very critical and stronge oversight

  • GC: we looked at one contract, and there were 9 levels of oversight; which is the same as no oversight; no accountability; procurement is one of our top priorities: they need to be skilled, well paid; transparency: we missed $40 billion of contracts; 37K active contracts: $200 billion worth of contracts; I still see shortfalls on how we do open records requests on contracts, change orders; Supreme Court decision (Boeing, HP); best person to look at it are competitors and media

  • state: voting machines are 15 years into 10 year useful life

  • CB: HB8 bill; local communities don’t have the budget to protect their communities

  • CB: jack Welch: cyber security is the most important issue that businesses must deal with

  • GC: in the old days, when we went to war, (spent 3 years at NSA), we would take out their poer grid; paralyze country; the days of occupying other countries are over; Russia is attacking our power grid every day

  • CB: top security issue: Russia, china, electric, elections; federal government offered Texas $23MM; that’s not enough to handle even a small county; this is a $300-500MM expense to do it right

  • CB: “I know for a fact that Russians are trying to interfere with your ability to choose; it’s absolutley critical to us that it must not happen”

  • @MarcHebner: --- @TASSCC @VoteGiovanni #txlege could do a better job of diversifying the vendors that are able to compete for business. Today, too many contracts and legislature works to eliminate competition for the largest players to benefit who are able to charge significantly more due to lack of competition.

  • GC: “Chairman was great; we had a bill, I had amendments; it wasn’t ‘here comes Lefty Blanco’; we worked together”

  • CB: appropriations, ethics and general investigations: I had a lot of fun this session

  • GC: chairman of appropriations, state affairs, every committee is important: defense and veterans affairs (2nd largest, surpassing agriculture; DIAG), cybersecurity

  • GC: SB4 was introduced and divided the House, and made everything personal; George W Bush Institute talkinga about how immigration is good; we want to build roads, make higher education more acceptable; that’s what we ran on; we want to do great things, not do things that divide us.

  • GC: “planning, zoning, trees: those are local; things that flow freely, like money and transportation, those that make sense to be more global

  • GC: “rainy day fund good for things that don’t have operatonal cost; Harvey; infrastructure and transportation are more difficult” (deferred maintenance was easiest sell)

  • Q: at what point do local communities influence detainment: 1) DFPS (foster care system), HHS, HHSC; if there is facility that houses children, they have to be licensed by these organizations, to ensure safety and access to healthcare; 2) border security has impact on zero tolerance: if our National Guard, cease all border operations until Fed Govt changes policy, and can’t be involved with what I believe is an immoral policy; 3) legal assistance to immigrant who should have access to due process (grants thru governor office, DMRS, Los Americas)

- GC: go after Supreme Court decision that makes it difficult for public to get info on contracts; now, over 1000 open records requests denied; every tax payer should be able to see school district check payments; sunlight and people with monied interest will scrutinize and make deals better

TODO