The department turned to human-centric design for a proof of concept that automated logs for the Continuous Diagnostics and Mitigation program.
Health and Human Services Department recently unveiled a proof of concept that employs blockchain technology to securely track log files that agencies are required to report by the Homeland Security Department’s Continuous Diagnostics and Mitigation program. The test case, which demonstrates how emerging tech can be used to boost security postures across federal agencies, comes a little over half a year since HHS was awarded the federal government’s first authority to operate a blockchain-powered acquisition system.
In a conversation with Nextgov, Oki Mek, chief technology officer in the agency’s division of acquisition, detailed how human-centered design, an incremental approach and strong leadership shaped the project, as well as the agency’s vision to embrace emerging technologies to solve business problems like never before.
“We are using blockchain not for cryptocurrency, we are not using it for Bitcoin, so to speak,” Mek explained. “We are using it as an enterprise use to trust the data and the people coming in to access the data. So it’s used for an [information technology] infrastructure more than anything else.”
He said every system in the federal government—whether it’s an acquisition, finance or mission-critical system—generates different logs that are critical to the CDM tracking process, and provides important data that can even serve as evidence during investigations. However, through conducting the human-centered experiment in collaboration with IT services provider Octo, Mek’s team found that many HHS insiders expressed “pain points” regarding specific logging and monitoring issues.
He said logs “will tell a story” of what’s going on through the system, but often investigators cannot locate them because people are overwriting the data to create more room in their systems. Logs can also be manipulated.
“So if you are a system administrator or somebody who has an understanding of the system, you could actually manipulate the logs and cover your tracks,” he said. “And manipulation of the logs is the issue.”
But because blockchain is “a digital footprint that tells one story and one truth,” it served as a solution. The team encrypted and tracked log transactions in a blockchain ledger that securely illuminated any time files were created, changed or deleted.
“The synonyms that describe blockchain are immutability, transparency, traceability—and those words all describe cybersecurity,” Mek said.
He added that this project involved the division of acquisition and cybersecurity because of his background and the agency’s blockchain ATO, but the goal is to expand it going forward.
“Maybe finance system could use this, other systems could use this as well,” he said.
The technology chief shared insights that informed the proof’s rollout, which he believes are applicable to other agencies. He said he agrees with the Office of Management and Budget’s recent push for applying an incremental and modular approach to innovation.
“If you do an incremental approach by doing a proof of concept and you prove that your idea works, then you can move on to scaling it out,” Mek said.
He also emphasized the importance of incorporating human-centered design and really honing in the needs of the employees who would use the system. The project team sat down with insiders who use the logs including security officers, incident response teams, forensic investigators, chief information system security officers and others. They watched the users navigate the system, asked questions along the way, brainstormed prototypes and then made continuous changes bringing it back to the employees every two to three weeks.
The cooperation helped create critical buy-in from the workforce.
“If they are building the system with you, they will want to help you market it—they will be championing your effort,” he said.
Mek also highlighted how the agency’s leadership promotes innovation from the top down, which has had an influential impact on the project, and his career. He had previously worked in acquisitions with the department’s new Chief Information Officer Jose Arrieta. The two both found that they had a knack for modernization and Mek is now Arrieta’s senior adviser, on top of serving as CTO. He said the CIO has been incredibly in-tune to adopting emerging tech.
“Top-down support from leadership is very critical—without strong leadership, we cannot do this—without Jose, we cannot do this,” he said. “The government tends to move a little slower in innovation, industry usually leads innovation. But having strong leadership like Jose, who is forward thinking and understands HHS’ mission and business, and that he is able to correlate the business to IT, that’s the key.”
Mek said he’s seen the impact Arrieta has had in educating teams about the technology, not from a technical perspective, but framed around the business issue that the tech will aim to solve. He said, at the end of the day, the workforce really wants to do its work well, regardless of the underlying technology.
“If you start, and you say ‘I’m going to do an IT project,’ you are going to fail,” Mek said. “But if you say ‘I’m going to solve a business issue, technology is just supporting that solution,’ then you’ll be successful and I think educating on emerging tech is the key.”
He also noted that every business issue the agency is trying to solve doesn’t lead to blockchain, but he said he “truly believes” emerging technologies like blockchain, robotic process automation and machine learning all go hand in hand. He also views them as critical components that can help humans address what he sees as the “big data paradigm shift.”
In recent years, humans have generated more data than what was produced throughout the entire existence of mankind. In order to gain insights from that data, individuals have to actually analyze it—and emerging technologies are more equipped to do that than humans.
“My goal is to educate people that we have a lot of data and we need to make sense of it, and we also need to evolve with the big data paradigm shift,” he said. “And we need to evolve by embracing emerging tech. Otherwise, we just can’t make sense of all this data—it’s just too much.”