EP 23: What Intelligent Automation Means for Governments and their Citizens w/ John Cho

ABOUT THIS EPISODE

John Cho is the Chief Technology Officer for Peraton, a leading mission capability integrator and transformative enterprise IT provider that delivers highly differentiated national security solutions and technologies. John has most recently served as the group CTO for Perspecta and has had similar roles within DXC Technology, HPE, and HP. Throughout his career, John has provided technology strategy for financial services, government, life sciences, healthcare, and media & entertainment customers.

He is recognized as a futurist at Peraton, particularly around emerging technologies in enterprise-scale intelligent automation using software robotics. John’s specialties include a drive for disruptive innovation and elegant solutions to complex problems. Of note, he also has a number of patents pending in analytics, computer vision, energy and robotics.

Technology needs to help bring more competence in the government itself, Building Trust, building accountability, and really that's really important, especially for governments who really hang their hat on democracy. Technology is a way they can really enable the citizenship to say, you know what, I believe in my government. I believe what they're doing because I can see what they're doing. Welcome to unleash it, a podcast where we discussed the experiences and ideas behind what's working in enterprise architecture and digital transformation within the IT landscape. Unlock Your Business has digital capabilities. Transform your enterprise architecture. Unleash it. Let's get into the show. Welcome to this episode of unleash it. Today's guest is John Show, who's the chief technology officer for Perton, a leading mission capability integrator and transformative enterprise it provider that delivers highly differentiated national security solutions and Technologies. John has most recently served as the group CTEO for Perspecta and has had similar roles within DXC technology, HP and HP. Throughout his career, John has provide a technology strategy for financial services, government, life, science, healthcare and media and entertainment customers. He's a recognized as a futurist at Perton, particularly around emerging technologies in enterprise scale, intelligent automation using software robotics. John's space salities include a drive for disruptive innovation and alligance solutions to complex problems. Of Note. He has also a number of patents, including patents pending and analytics, Computer Vision, energy and robotics. Welcome to unleash a t John. Hey, how's it going? Andrea? Thanks for so much for having me. Fantastic to have you in our show. So please tell our listeners a little bit about yourself and your job at Paraton. What are your responsibilities there? Yeah, so Paraton, as you mentioned it, it's really a company that's focused on serving the government, the public sector, and so I am the am one of actually for cheap technology officers within Paraton. I happen to oversee the civilian, securities public services divisions. At one point, three billion dollar division part of Paraton, and so I provide technology strategy. We work with customers and trying to understand maybe road map, maybe their path to digital transformation. Also, how do we inject complex solutioning, especially when the government's requesting something that's a little bit out of the box, something that's making more fit, mission focused and not necessarily just business. And so I work with scientists within Paraton and other industries, as well as, you know, the agencies own CTEO, chief architects, cios, on how we might formulate a plan, a plan forward to go solve that problem. Great. What would you say the top parties off ensuring technology eneba governance across the public service sector? Yeah, that's a really great question. I mean it's, you know, for democratic system. I would say one of the things that it's got to be a top party is transparency, especially for our citizenship, are constituents. It's actually very much needed and really, you know, you want to hit out of the very philosophical level. Technology needs to help bring more competence in the government itself, Building Trust, building accountability, and really that's really important, especially for government's who really hang their hat on democracy. Technology is a way that can really enable the citizenship to say, you know what, I believe in my government. I believe what they're doing because I can see what they're doing. They're not hiding it from me. Where appropriate, they're sharing the information that they need to. I think another priorty is just harnessing the data. A lot of a lot of I would say in the United States the government has a lot of data, but I wouldn't say the government's using a...

...lot of data right. It's one thing to have it may be stored somewhere, but it's quite anothering to actually use it. But that requires policy decisions, that requires protections controls in place to make sure that data is and misused or just distributed to folks that are unauthorized to use it. And then, you know, how do we move technology in the government so that the government can make better decisions faster? You know, regulatory missions are hinged on ideas of okay, you know, is this is this product, so that it important to the into the government or into the country or not? Is this food safe to eat? Is this water clean? So there's a lot of really important things that technology is really going to be key, and especially automation to really ensure that our governments in our countries are resilient, especially in the future next pandemic, in the future issues where equal economic turmoil. So quite a bit sounds great. I mean, of course transparency is isn't a key topic, which we see as well in many, like private organizations, especially when they're going through transformations. And do you we have name maybe some, some even more examples when you go to some of the applications and think about, like you name some use cases already, but where technology is really used to create that transparency for, for like the users of it. So are there any like specific like applications or APPs or whatever whatever has been created to where this comes to life? Yeah, I give it a great example. I'll give you an example of where transparency is maybe a hindrance or not. A hundreds where lack of transparency. Yeah, so like, for instance, in our in our country we have the food and Drug Administration. They are responsible for the adjudication and a proval of drugs, and so when drugs get approved, we see, you know, we see the study results and and the government is obligated to share that with the public. What we don't see, though, is failed studies, that that data doesn't get revealed to the public. And for me I'm a big advocate of sharing that data. Yes, it's good to see the data when it works out, but it's also diable see data when it doesn't work out. I mean, we can learn from that information of why that failed or why didn't work out, so that data doesn't get disclosed. To me, that's that, to me, is a is an opportunity for healthcare to to get even more insight into the kind of research they should be doing and that sort of thing. Another example would be where, I think, you know, let's just talk about you know, the day the today's pandemic, covid nineteen, we had a lot of confusion because of a lack of transparency. We really didn't understand how to talk to each other, when I say each other, like one agency to another, one acy to the hospital, one agency to the pharmacy or the company, and we didn't show people that. Maybe it was because we were concerned about maybe people being critical of the government. Maybe we were concerned that people would would see some of the problems that we have in the government, but by and large we were so concerned about maybe being opaque that, you know, the pandemic went in a way that I guess the world wasn't expecting and we lost a lot of life over the last year and I think was because of a lack of transparency. You know, the data wasn't made available readily as really as I should have. We've improved that quite a bit over the course of the last eighteen months, but a lot of the data was still either being delayed or testing numbers weren't really being fully reported, and that's partly because the technology wasn't even there to really enable that. So that's a great example, I would say, at least in the healthcare space, where, you know, transparency would really have made a difference. Understand, what I...

...immediately think about when talking about transparency is almost like what about security as so let's let's let's think about that a bit, because I mean we for us, obviously in over in Europe, the topic about like security, data privacy plays in it in a big role, right. So we have regulations like gdpr which need to be fulfilled about organizations very specifically on like data privacy. But let's think about like adopting security frameworks and where should be the focus on from from your point of view, and maybe also understand to what extent our federal agencies required to enforce like digital improvements and digitization additiatives and and what role does security play in that? Yeah, that's a great that's that's those are big questions that I think our topics of the of the day. Let me let me just here this so in case folks are concerned about privacy versus transparency. That seems to be two opposite parts of the spectrum. They really are not. When we talk about transparency, we're not talking about making your data transparently available to everybody. What we're saying is that the policies and the procedures in the process that under right the data should be transparent and there's there's actually a built in but not so intuitive approach to security around that. But to answer your question around, you know, implementing security frameworks, there's probably it's you know, folks try to look at it and and our government is no different in the United States. We tend to look at things very sequentially, like okay, we'll do this and then we'll do that and then we'll do the thing after that and that'll get us to the end goal. But I would say, I would challenge the thought process and say it's really more parallel, it's more complex. So, for instance, I think, and this is just for agencies, it's for businesses as well, I think we have to assess in an honest manner what is the risk posture that we're inherited, that we actually have in our company or in our agency, and when I say have, I don't necessarily mean what we think we have. This is a very open, open minded type question. Some risk we've actually inherited over time. We didn't realize it, but but because we've maybe accumulated more data than we thought we knew we had, we may actually have more risk around that. Maybe there's incremental legislations or policy seas have been put in place that kind of moved our mission scope beyond what we originally thought it was, say ten, fifteen even twenty years ago. So having an honest assessment of that, I think it's very important because that's going to drive really how do you couple yourself to government policy like GDP are, for example? What are the security controls are in place? Here in the United States we have a lot of policies that have prescriptive security controls that you know if you're at this posture, you should be doing these things, and so if you don't know your posture that it's hard to talk about. What does that mean for my enterprise architecturehere? Does that mean for my security, my securing of the data. What does that mean for how I operate going forward? But that's not a sequential task, that's a parallel task, because on the other side of it you do know. You may not know what it is, but you do know you have data, and I think the problem we have a data and it's been going on for decades, is that we don't really have a real handle on what we are what we have. So, for instance, we don't have a some many cases we don't have a good taxonomy or a good ontology of the data. We don't categorize the data correctly. We don't even take the time to do it. In fact, I asked several basic questions. I used to get blank stairs about date. I asked questions. Okay, what data do you have? Some people are like why, I know some data I have. I don't know all the data that I have, and you know that that includes things like how old is the data? Who owns that data? Another question is where is the data? Well, it's I think it's in my data center or it might be in the cloud,...

...but I don't really know. I don't, I mean so I'll talk to my it guy. He'll tell me. Another question. People struggle with is I don't know what the data is and I don't have time to figure it out. You know, I'm way too busy, and so I think that's a real problem. But this is where the heavy lift begins. I think people need to take it a lot more seriously. It isn't just about understanding your security posture, your risk profile, but you should also imperilel look at your data, saying what do I have, because that's also going to influence you risk profile. Even if you thought your risk profile was here, I didn't know I had all this other data, so now my risk profile is going to be a little bit different. Those things aren't think. Are the two things I think people have to really wrestle with, and I think the other things we have to get out of this misconception that, Oh, I'm on this journey to really hammer out security for my enterprise or I'm on a digital transformation journey. I think that's actually a fallacy, and what I mean by that is that we're all in a digital transformation journey. We're all trying to knock things out tactically as well. I mean whatever I'm doing as in an agency or whatever I'm doing in a company that's changing in ten, fifteen years. It doesn't matter if you think you're on a digital transformation journey. You are. And so so I think some people think, Oh, I'm doing one or the other, I'm doing very tactical things or I'm doing very strategic things. Now you're you should be doing all of it honestly. And so one thing that we struggle with in the public sector is the level of seriousness or the level of effort that both public's, public services, public sector servants, as well as contractors within the industry struggle to really get down into it, because it was requires a tremendous amount of effort on both sides. It's not going to be just the government, it's not going to be just contractors. I'd like to discuss one point related to that. So I think you wrote an article, or you co authored an article earlier this year where you quoted the CDEO of the female who said compliance with data and privacy controls coming out of agencies like the the nest is challenging because they haven't kept pace with the developments in cloud computing and death segops. Tell us a bit more. Why do you think this is so so and in general. Do you believe this is still the case for many government agencies worldwide? So how does how dolse like requirements, controls catch up with like being fast, being agile, leveraging modern ways of death, segops? How does this go together in asently? Yeah, you know this. This so, Audrey, this is a really interesting question because, you know, if we want to really pull this thread, you know, I don't know if people are going to really like the answer, but the reality is that, and I'm just use on my own government. So if you believe the US government is a representation of what generally competent government should be, it's not perfect, it's got problems just like everyone else, but if you believe it's a good, good data point for what a functioning government should be, then let me let me share some of the issues that we have right so, first of all, there is a cultural problem in the government. I mean technology is is fine and well, but like, let me give an example. You know, if I'm if I'm an inspector and I'm going to inspect goods coming into the government on behalf of the government, I'm providing a regulatory function and in the old days I used to have my little pad in my forms I would write it down. You know, sometimes the government says to themselves, well, we need to improve this process, we need to innovate. So what do we do? We give these guys tablets, right and there's and the tablets allow that to wire least transmit the data back to some central system to collect this data. So so everyone was saying, Hey, great, we're we've done a good job here. What I think the phomacy too, is really saying as look, that's fine, but at the end of day you're still playing checkers and we're trying to play chess here. You're still trying to check off boxes. I need to think about this completely differently, like I need to what if I could overlay to the inspector's awareness not just the origin of where this...

...product came from, but like geospatial data, like weather, and I would know that, based on that, there might be some spoilage here. And I've got maybe five or six acres of holding tankers full of goods to inspect. I'm not going to get more budget to hire more inspectors. I need to go look at the places where I know that the risk is high that something has happened. That is not acceptable. Right. So you know, it's not about checking boxes, but I think that's where our government, not many parts of our going, still stuck, especially at the state and local level. We were trying to check a box. We're not looking at it from if you look at Deaf Sec ops, that's a loaded term, right, but it essentially devops is really this. It's really the set of automated it's an automated ecosystem of like some people called CICD. Continues, integration, continues development. It's this process where we're continuously assessing, reevaluating and producing something. We're not sitting still and waiting for the outcome and saying, UM, based on that, we should do this, let's wait and see what happens that. Oh, based on that, now we should do this. It is a continuous process and so I would say our government, in many parts of it, still struggle with this idea of like, I'm just trying to get my job done, and that's the other problem. A lot of our employees, federal, federal officials, state, local officials, they're just trying to get a job done. And I'm not saying you should think of your job more than a job. But what I'm really trying to say is that they're more eager to perform the task and not thinking about in a more strewble manner what is the outcome I'm supposed to be receiving this, because if they don't do that, then we can't talk about how we could enable their mission with technology. We're just going to do what we what I said before. We're going to give a tablet or, you know, we're going to we're going to give them, you know, special Google glasses that allows them to, you know, look at things and say, I want to make a note of that. That's certainly helpful, but I think philosophically we're not able to keep up with the idea of being a little process vast amounts of data of what we see and making decisions on them quickly enough, and so that takes a different, totally different view than what I'm doing today. Yeah, so I think that's that. That's that's great to understand. Let us speak a bit about like, about Ai and intelligent automation. So I'm pretty sure you're like, like governments are increasing the usage as well. How can technology, how ensure that the use of these tools and machine process remain transparent for citizens. So, like what I special needs to to actually reflect what's done with the data, how the intelligent automation is used. If so, so are what is this does is require, like any special attention. So I think one of the problems, at least in the United States, that we have with things like ai is that a large, large parts of the government, and that's is not true for all parts of it, but large parts of the government doesn't fully comprehend the idea of artificial intelligence. We treat artificial intelligence as a society like a black box, you know, it's you know for people that are maybe in there just in their s or s. A lot of people their identity is based on what they know and what they don't know. For instance, if I'm certified in some cloud technology, then that's something I do. But if I told you, Hey, I need you to solve this data science problem, a lot of people who are in that age group would say that's not me, I don't do that. Younger, younger generation folks are different. They'll say, well, I'm not sure how to do that, but I think I can try to figure it out and when I fail at you know, I might say, well, that's you know, I'm a failure. I didn't I was not successful in this young someone who's in a younger generation might say, well, it didn't work out, but it's just a path to mastery. And so why am I staying that? I think the problem is that in in today's government, where you...

...have more of the older generation, the idea is there are things that I don't understand and so I probably shouldn't even try to understand because I wasn't I don't have the education, I wasn't trained in it. And so what does that mean? Well, for us to really be able to regulate artificial intelligence, especially solutions that have machine learning in it or some sort of data, data analytics in it, we need to be able to comprehend what we're regulating, what we are governing, and if we don't understand that philosophically, what that really is, if we're mystified by the idea of artificial intelligence, it's really hard to build good, strong legislation that says, here's how we use this in a way that's beneficial for the people, Here's how we use it as beneficial for the government, here's how he's where it's beneficial for industry. So it's hard to articulate that because you know, when you're dealing with congressmen or you're dealing with people in high government bloop position, that they don't and quite also refuse to understand what it means to have ai machine learning, that I'm abdicating any type of adjudication to industry, and instry says, well, here, trust me this, this will solve your problem. Well, how do I know that? How do you know that? How does anyone know that? Right? So I think that's a real issue. And intellig automation is supposed to be in an enablement of things like ai, commodity machine learning services. So I think of it as the bedrock for enabling artificial intelligence in in services. And so for me the intellige automation really provides the ability to not just say I'm going to make a prediction or I'm going to create a model, but how do I make a decision? How do I actuate what we've determined is a likely scenario or likely outcome and do something about it? And so I think those go hand in hand. But the government is going to have a difficult time trying to assess this. And so when you have something maybe happen in society where it requires artificial intelligence, you're going to have people question do I do I trust the data? Do I trust the outcomes? The other problem that we're having now is, and I'm just going to speak about it very plainly, and people will recognize, we're in a day and age where cyber attacks are not unusual, they're quite common. But now you have this idea of adversarial Ai. So if I'm leveraging artificial intelligence, something I'm not fully unders standing but maybe my adversary understands, is would they be able to inject maybe a certain type of data, or would they be able to use the algorithm against, you know, its original intention, to maybe somehow make a very bad outcome from it or have a bad result from it, to deliberately, you know, undermine a government or an industry or a competitor? So let mean, it just becomes a very difficult situation. That starts really where everyone's looking to the government saying, do you know what we're doing here? Do you have guidance on how we should use technology to make sure it's safe for us? Artificial intelligence isn't just a black box, right. We all understand it's a bit, it's data, right, and the government has to be able to say yes, and here's how we do it. So I think that's really something that we don't we will need to address, even before we address the kinds of technologies that we use. We talked about frameworks, but the frameworks are incumbent on this idea that we have policies in place, in legislation in place. It says I confidently know how to use technology in this way. Does that make sense? Yeah, totally. I mean now I had one question connected to that, which just who owns the preparation of this dialog? WHO, like, which functions do we need to talk to each other? And I know, almost like the segway into a topic close to our hearts, which is like what is actually the role of an enterprise architect in all of that? So you touched on that role before. Maybe you can explain a bit like it's effortly ones for intelligent ultimation, like who's driving at forwards, who's defining where? Where the requite,...

...what the requirements are, how this is implemented, and then, separately, maybe also touching a bit on like how do you see the role of the enterprise architect in all of that? Well, traditionally, I would have said ten years ago, I would have said, you know, the government, government should be initiating these discussions, you know, but I think that's not really that. That's not really true and it hasn't been true for a while. I think industry can initiate the discussion too, but I think what the issue is that both both industry and government needs to be intentional in this discussion. And so who's involved in this is actually another question that I think people don't talk about as much, and that is the bottom wizes is that this is multi disciplinary. It isn't just a bunch of politicians or folks in the legislation developing laws or policies. It isn't just a bunch of technologists talking about this, and I think that's where you know, getting to your point about an enterprise architect, that is, someone who has who straddles the fence between business and technology, who understands not not just that there's components to this architecture, but there's processes on how we manage this architecture, there's processes in which we manage data, and so you know, when you think about the hinge on this door, which way it's going to go. That hinges the enterprise architect because he or she is and let me say that this, this job, is not going to be easy for that person because even though they're there to help bridge the discussions around how do we move, you know, past this point of saying we need to get this done and actually getting it done? I think it's going to change in some ways the paradigm of Enterprise Architecture in the same way that nipire architecture was a black box to a lot of people in business. They just didn't want to look or understand it. They didn't they they said to myself, why, I don't have a toe gaff certification, so why even bother? Right, but the reality is that I think enterprise architecture is probably going to be more, how should say it, more evergreen or more living. It's going to be more adaptive. There is a White Paper, a published journal, written by Gunnar off, I think he's from Germany's I think he's a professor at Meisenberg, or or so Meisen and gonna off wrote a work in two thousand and nineteen about how they untils automation techniques like RPA can influence enterprise architecture, because he firmly believed niprise architecture is going to not just change, it's going to have to be constantly refined because the automations are provide such disruptive outcomes to what we know here into here today, and I'll give an example of that. You know, we did some automations where there was a manual process took forty minutes. When we apply software, robot addicts to it took like maybe less than two minutes. After that process of forty minutes, there was another process that was like thirty minutes and it was able to do with like ten fifteen seconds. So before we apply automation, that process took well over an hour, seventy minutes, eighty minutes. Now you could argue that the both processes combined with automation happens, in a certain view, instantaneously, even though have they still have been sequentially, they happen at such a magnitude or order less than what it was before you could argue within two minutes I got both process he's done so it's basically an instantaneous outcome. No, rework fully auditible, transacted, you know, with full fidelity to the process. So I think someone who's an enterprise architecture would have to recognize that and say, okay, that has a significant impact to how this general architecture works, because we had to take into account how long that generally took. Now it's taking something where it's almost of no consequence. So what do we do there? And the people involved, you know, they used to spend quite a bit of time because they did it...

...twice a month or four times a week or fifty times a year. Now they don't do that. So what should they be doing? So there's a lot of you know, how do we, you know, if we have these bots checking the processes and we can audit that the logs to see transactually how this is done, then how do I adjudicate? How do I manage the process going for word? So those are real implications, I think, from Enterprise Archie standpoint, where we have to really get our heads around that say okay, this requires significant change. Looked on, I think this was great insight into into the topic of one of the sectors which we do not often speak about in this podcast, but I think there's a lot of insights and also and opening up a bit the the horizon for for people listening in here, also connecting a bit to like where enterprise arctics can come in helpful and in that topic. So I would like to say a big thank you to you for being the guest year. So I learned a ton of things on like what other parties what are some of the challenges as well dealing with requirements on transparency, data privacy, how to connect it with the needs to be actually quicker in edgile developments. How you think about that? So thanks, thanks a lot for being part of part of this episode. John, you welcome. Thank you so much for having me, Andreas a pleasure. You've been listening to unleashy t to ensure that you never miss an episode, subscribe to the show in your favorite podcast player. If you'd like to learn more about enterprise architecture and tools to help unleash your businesses digital capabilities, visit lean ix dotnet. Thank you so much for listening. Until next time,.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (24)