With a mission to create prosperity by strengthening the international competitiveness of US industry, promoting trade and investment, and ensuring fair trade and compliance with trade laws and agreements, the U.S. Department of Commerce’s International Trade Administration (ITA) is focused on promoting US exports, attracting inbound investment, providing actionable data and information and defending against unfair trade.
Its trade experts and professional staff - approximating 2,200 employees - are based in 100 US cities and 80 international markets.
Tasked with managing the organisation’s IT estate is Gerald Caron, its Chief Information Officer.
Having transitioned from the U.S. Department of State to the U.S. Department of Health and Human Services before assuming his position at the ITA around one year ago, Caron's mission is clear: to forge partnerships, align IT solutions with organisational objectives and drive modernisation efforts to meet evolving needs.
A significant aspect of this modernisation journey entails phasing out legacy technologies and transitioning to cloud-based solutions. By retiring outdated applications and embracing cloud technology, the ITA aims to enhance flexibility, streamline operations and improve the overall user experience.
“There are some legacy technologies that the team has been using because processes, procedures and even laws change,” Caron tells us. “As a result, it is necessary to update applications as new technology comes along. That mismatch of needs and drivers has us modernising a lot of things.
“Now, we are about to retire our last legacy application this year. We are completely in the cloud, which makes things much easier, especially when it comes to flexibility, time to deploy and time to value for the end users.”
To enable this modernisation, Caron highlights the adoption of a Lean Agile Management Programme, which fosters collaboration between IT teams and business units, resulting in accelerated product delivery and enhanced responsiveness to evolving requirements.
“Before I got here the ITA was using waterfall methods, and had one major release in the whole year. This past year we have had 13 releases and some other minor releases. Following the process, creating partnerships and building communication has been very important and I think, as a result, it makes our organisation much better suited to do that.”
Cultural transformation and agile practices
Central to the ITA's modernisation efforts is a cultural shift towards agile practices and streamlined communication channels. Caron emphasises the importance of aligning IT initiatives with the mission-oriented ethos of business units within the organisation. By establishing clear communication channels and fostering a collaborative environment, the ITA aims to bridge the gap between user needs and IT solutions: ultimately driving greater efficiency and innovation.
“The business units that we support are very passionate about their missions. It's really impressive when you hear some of them talk about what they’re working on,” he describes.
Caron likens the culture that enables this as similar to the construction of a house. “A house needs four walls, it needs windows, it needs a door, but you can do different things to the house. You can tweak the house the way you want.”
Through quarterly planning sessions and ongoing feedback mechanisms, the ITA ensures alignment with business priorities while maintaining a flexible approach to project delivery. This process not only accelerates the pace of development but also enhances the quality of delivered solutions, reducing the need for extensive reworks and mitigating potential risks.
“There's been a real culture shift,” he says. “Rather than playing tennis back and forth, now we're working together side by side, making sure that we deliver what was needed the first time.
“Sometimes wrenches are thrown in, but that takes a conversation with everybody. We're not making the decisions in IT, we're working on the decisions that the business units or those representatives have made with our coaching and feedback. Such feedback details what our constraints are, and what we can do with our capacity. Ultimately, that culture shift has been interesting to watch, but it's been a good relationship and I hope to see it continue to improve and mature.”
Leveraging AI at the ITA
As the ITA looks to the future, leveraging AI will emerge as a key strategy to enhance operational efficiency and user experience. By deploying AI-driven solutions, such as natural language processing and data analytics, the ITA aims to provide users with intuitive access to information and streamline decision-making processes.
“Of course, internally in the federal government, we have mounds and mounds of documentation. It’s, of course, stored digitally now, but we used to have stacks of papers, and we needed to sift through all that information.
“If you want to be a data-driven organisation, being able to get the right information is critical. You go to a data warehouse where this information is stacked, and you need to know what aisles that data is in, where the boxes are and what shelves they're on. You need to know how to query it, you need to know how to get that information. But then you have a data lake, and water has no shape. There's a lot of data, but you need experts who know how to query it.
“AI knows where all of that information is, so it can help establish those relationships between information and help you become a data-driven organisation. I think AI is very important to be able to get that information quickly.”
By harnessing the capabilities of machine learning and predictive analytics, the ITA also seeks to proactively identify and mitigate cyber threats while empowering users with real-time insights and recommendations.
“To do cybersecurity, we have so many tools and they're producing so much data, and for a human, it takes a while to correlate and figure out what that data is telling you, and there's so much data, you can't look at it all.
“AI can start making sense of that, and machine learning can start finding trends. I think we will be leveraging AI to take all that telemetry that we have coming in and make real-time decisions based on what our thresholds are. It’s about having that trust score so that when somebody's accessing data you can ask, ‘do I really want them accessing it’?
“Do they get full access? Do they get limited access? Using that in as real-time as possible is important because we’re very linear. “But what happens if something changes along the way? You’d need to take immediate action as quickly as possible, so I think that's where I see AI coming in that sense.”
The importance of cybersecurity at the ITA
In an era of escalating cyber threats, cybersecurity remains a top priority for the ITA. Caron advocates for a zero-trust approach – a security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. He also emphasises the importance of protecting sensitive data and safeguarding against potential breaches.
“Cybersecurity is important no matter where you're doing IT, but some data is more important than others. There are different levels of data – and different agencies have a much higher level of data – but we have data that, if misused, could cause an embarrassment to the government,” he explains. “So, of course, we have a responsibility to protect data and personally identifiable information.”
Describing the topic as his ‘soapbox’ subject for several years, Caron believes that a zero-trust approach is a clear way to go. “At the end of the day, everything's digital, and we're creating more data than ever. That's what we have to protect at the end of the day.
“A lot of people will say it’s not about protecting data, but about protecting identities. In response to that, I would say that if I was a cybersecurity analyst and I became compromised, your first two questions would be, ‘what did I have access to?’ and ‘is it getting out?’. That's not about me anymore. That's worrying about the data.
“Yes, identity is absolutely important, and I'm never going to diminish that, but all the pillars are important in a zero-trust approach, and each of those pillars has to work together.”
Highlighting this approach, Caron explains that not all data is created equal. “It’s also about understanding what your data is. All data is not created equal. If I lost my crown jewels, they are not replaceable. If I have a bologna sandwich and you eat it, there’s more bologna and bread. I'm concerned because I'm hungry, but I'll make another bologna sandwich.
“The thing is, if you were able to get my bologna sandwich, were you also able to get my crown jewels? I can't have that happen, so I can't allow you to move laterally or elevating your privileges within.
“I like to call it the Tootsie Roll approach to security, with a hard outer shell and a soft gooey centre. It’s really about understanding where my data is, what my most important data is, and putting protections closer to that.
“Data is flowing everywhere, but do you know what ‘normal’ looks like? Because if I don't know what that normal looks like, how am I going to do something when something abnormal happens? AI and machine learning will help with understanding what normal looks like.”
The ITA: On a path towards modernisation
As the ITA embarks on its modernisation journey, Caron remains optimistic about the organisation's prospects. With a focus on continuous improvement and agile adaptation to changing priorities, the ITA is poised to achieve greater success in promoting US trade interests on the global stage.
“I think we're on a good path for modernisation,” he says. “We’re getting rid of the last legacy application and then looking at what other things we want to add. How can we elaborate more on these things and build new features, and how do we make sure that they evolve with the way things are going? For example, we could have an administration change and, suddenly, there is a different focus. Are we able to shift and evolve with our technologies and not have to tear things down and build back up? We want to be very agile in that sense.”
Going forward, the organisation will also be looking at and reevaluating some of the internal technologies it is using today. “Just because we've been using a solution for years, it doesn’t necessarily mean that is the thing we should be keeping and moving forward with.
“We're able to draw a roadmap out now to be sure that we have a path forward on some things,” Caron concludes. “We'll continue to evolve our frameworks, processes, procedures and partnerships with our users. And I think the more that gets ingrained in the organisation, the more success we will see.
“We're working very closely with our CX and UX folks as they modernise, so we're helping them with those aspects as well. There's a lot of work to be done, but with this group and this organisation, I think we'll continue to see successes in the future.”
******
Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Technology Magazine is a BizClik brand
