 I'll have everybody welcome back to the Think Tech Hawaii studios for another exciting episode of Security Matters Hawaii we have Dieter Giblin in here today he is the federal programs manager for integrated security technologies Dieter thanks for coming I know it's a busy time of year for you man so I promise only 30 minutes and we'll cut you loose that's okay thank you um we we wanted to get into this episode a little bit into what's happened in the federal government space and Dieter's been working at space for many many years and in for our industry I think a half a decade or so so we today we thought we we talked a little bit about some of those sort of the intricacies that I think are going to flow out into the other commercial sectors but for now you know I think the DoD sort of leading the way and and we've got some great examples of some of that before we get started into that why don't you give us some give our readers or listeners viewer readers viewers a little bit of your history you know as much as you care to share you know don't give your name in your address all that stuff out there yeah all right we'll go talk to them um Dieter Giblin been in sales for I don't know I don't know how many years but it's been a long time over 25 years been in the Fed space for probably 12 years now on and off ex-navy so did a lot of work with government contracting came aboard almost five years ago with IST and it's kind of rented since then and I did the Cardinal soon and kept my phone on there we go first that's the first so basically just been in Fed for a while really enjoy the Fed space really enjoy working in security and I've been five years but I was able to translate a lot of my technical background into it so and we're rocking and rolling and having a good time yeah that's what's happening do you um have you seen any more tension in that space that compared to when you first started since there's been a lot of more regulations and rules coming out around you know what they can do and can't do you know what's been your experience with the markets out here in primary I know you've worked in the Hawaii market or the Pacific market well it's been a lot more looking at Chinese technology okay definitely trying to get away from any of that stuff that's manufactured that's not an OEM manufactured within the within either the US or within our trade partner so I mean like Taiwan or even Mexico Canada those are kind of the bigger manufacturing sectors in even Europe that's kind of been really what the Fed has clamped down is making sure that hey we want to have these products to know that they're not any spyware or anything that's built into them there's been you know the case of the Chinese official that was giving out the jump drives and actually had spyware on it or even some of the stuff that they've had with uh with some of the non-us made routers that actually had a small chip that was embedded in it that was hard to find that was actually sending out information ouch and you know and then there was the the big camera incident everybody knows about the about the Hick vision Huawei chipsets that were actually hacked and were able to control those cameras and Chinese were actually using allegedly I can't say for sure but that's yeah we're not doing an attribution today we're not doing but that's allegedly what's come down in fact even the president signed an executive order back in May banning certain OEM chips that were made in China to kind of help protect that's kind of where I've seen the industry going on that side I've seen the federal side more and more with trying to do what we call FIPS compliancy HSPD which is Homeland Security Directorate for unifying credentialing so everybody has a single credential trying harder and harder obviously with uh with if with hack with with moving that direction even can we better give that okay sorry the PIV is it's basically a guy don't have one on me personal identity verification but it's the car that you see most military people with or even see the Coast Guard with it has a small chip set on the bottom of that that contains all pertinent information and actually goes to the big federal server that says hey is this person real is this person fake a lot more credentialing going that way to help cure our bases to cure our warfighter today so those have been the big changes I've seen in the last four years wow yeah and I think it's it's interesting I know that or like just even like base access like you said you know they started to issue those PIV interoperable PIV PIV I PIV C PIV compliant type of credentials on there and they those have chips and I mean for many years you know you would just have to go to the sort of the signing desk and they maybe look at your ID sign in some paper but now they've you've given biometrics and everything in order to get just a base access pass that they're comparing I guess making sure it's still valid when you enter the base is that sort of same same idea well that's what the dbids program is now okay navy kind of fault it's a defense biometric identification I forgot what the other D is for um but it's designed that you know you're you're using biometrics you're using a unified system that if I check in before if I checked in in one base I'd have to you know I wouldn't maybe be on another base so I get to go to PMRF um Love Kauai get to go out there so it's pretty nice that I'm in their system as well they use the same photo that they have here at the basin ID okay office so it's it's it's unifying that credentialing um one of the big pushes now has kind of been and I'm not sure how far it's going to go is that we actually have interoperably with our allies so we have credentialing where um so if I'm let's say I'm in Singapore and I want to work with the Singapore military I should be able to operate within that so it's coming it's you know with the government uh I was interesting I was in a in a conference about a month ago actually with your wife and there was a lot of contracting officers and and the big issues is that technology that's here today sometimes sits on the pier for five or six years before it gets implemented I see so and those are the big changes we're also trying to make is to catch up with that so we sort of had these standards and some of the some of the guidance has been about the technology's surely been available yes of course it's expensive yes that's to be budgeted for and that takes multiple years as I'm sure you've experienced trying to get things done so I didn't I wasn't aware that we're looking to interoperate with other countries so would that be like an an American military facility on in Singapore for example or perhaps even we'd have interoperability where we're sharing our credentials sets not the credentials but the what do they call that the federal bridge uh so that you know it's valid or invalid that's one of the things yeah that's one of the things that I understand they've been trying to do that's awesome um and you know but you also have those are some challenges and some of the challenges are is that you know if I'm arming I'm using a certain access control system okay navy I'm using it and even within different navy bases are using different ones but it's being able to standardize that if I I mean I'll just throw some brand names out there um if I have Linnell which is the big access control system that's with navy region here okay and I want to go and use e-cure which is what a lot of the shipyards are running okay will I be able to have that interoperability so usually a single credential could I have it with either system and that's kind of where we're at today is just seeing we can do that and then translating that into so if I have let's say have my allies coming out for RIMPAC I have you know we have you know you have Taiwan you have Australia Australia New Zealand I mean you have ANZAC you have all these different military forces being able to instead of crunching all of my my people at my badge and ID office like hey we got to enroll 2000 people so they have access is actually being able to have that credentialing ready to roll right then and there so the future hopefully it comes um you know but the other big thing that's also coming down too is the whole uh cloud federal cloud solution which is to try to that's I'm sure you've heard about that all of that going down is putting more and more into the cloud which might be able to help us with interoperability so we'll see huh yeah I know like jet eyes is are you talking about some of these big contracts that the government's working on I think aren't Amazon and Google and Microsoft in a big battle to see right I was actually how much money will it will it be do you know off the top of your hill is it's like 50 billion dollars and so um yeah I was actually at a dinner um Sunday night with uh with a couple people including one that's the CIO in the Navy and that was one of the discussions is you know Jedi and the impact of Jedi and also the impact of just all the protests and that's going on behind it it's like hey our our contractors actually do a good job with trying to vet this and I have to assume that they did I mean it's a billion dollar contract it's their business so I mean we do hope they know what they're doing so I mean it's just that's the next level on where we're going so like I said four years it's just been a lot of changes going through you know I think uh you know looking at ways to replace the NMCI for security all these different components you know command and control structuring those are I mean not quite our survey but you know and probably one of the other things that you're familiar with is like a lot of the cyber assurance that's going on with companies with contracting especially since who was it that got um the big contractor they got hacked um last year and some in California I know it was a not just hack but a big fine they had a breach and they got fined for it under the Fair Trade Act so Dave and I we had an episode about that a few weeks ago okay so those are things that you you just see is it's you know as it runs tighter and tighter and you know and obviously the battlefield I mean we still have the battlefield which is you know our ships our tanks our our warfighter but there's that back end battlefields going in the cyber warfare spaces which is really you know that's kind of the the front that we're fighting today to keep our technology whole and and you know and not have to worry about I just invented something and you know six months later another country has the same exact thing and we know that they didn't develop it in that time so yeah and there's definitely I think been some examples I think they talk about the F-35 fighter yep mimicked quite closely in in China so maybe some of the I guess technology around that development was exfiltrated because I guess it showed up so quickly oh yeah and and if you can obviously I think it seems reasonable to anyone if you can steal information that's high-end leading-end edge engineering you don't have to do that engineering time yourself so you're time to build something of equal lethality I guess would be a warfare word you know it is shortened quite a bit yeah so I mean if you think about it I mean yeah so I primarily deal on the ESS side but there's so much more that's being involved in it today and we just you know it's making sure that we have the right people that we're vetting you know that we're keeping our documents under control to help support everything else so I kind of went off a little tangent that's okay do you let's talk about that though do you get that you know when you get in front of your clients and their and their contracting officers um is this a part of that discussion today or is their concern about the you know you and I've talked about like the engineering drawings that we have for for their facilities you know how are we gonna take care of that and what if there's a you know our our installers have a piece of paper out there looking at on the site and the wind blows and it blows away what are we we're gonna chase it down on the beach we call the call the forces we're gonna do you know yeah no that's we have those conversations it's more and more um we're we're identifying those issues and being able to hold on to it and you know and different levels of security obviously you know um is it for official use only is it just you know um partial dissemination I mean how far I mean up until we get confidential secret yes and so it it it's something that we we've been very I think we've been pretty proactive I think we're ahead of a lot of the other companies on that and those are conversations we have yeah and it's you know I don't know if the government's prepared yet to even you know the new this new CMMC they're gonna there's quite a bit there's gonna be like five tiering levels and you know we've talked about our our engineering world security you know electronic security world being CUI but it reasonably for certain facilities a skiff for example a secure was that secure a compartmented information facility yeah so a skiff the information about how a skiff is secured may perhaps say a secret skiff or a TS skiff maybe that information gets raised up in its um classification well more and more I mean it's it's you know is operating within professionalized drawings that you know soon we will have where where my engineers it's like hey you're gonna have to sign out for these drawings you're gonna have to keep track of them you cannot or even point so it's gonna be hey you can only leave the drawings on site and you'll be given to them when you get there and I'll be controlled somewhere else so sure that's where things are going it's going more and more down that way especially when we deal with the you know access you know camera locations everything's like that and I'm sure other people would love to get their hands on and go oh hey now I know how this door is designed or how this access control system is designed so yeah and I do think that you know that this type of work aggregated for our adversaries if they wanted to attack a facility or attack something I think it's valuable information I mean it would be to someone like me who knows how to disable it all yeah so you know presumably they got guys as smart as we are out there you know I'm pretty sure they do I mean I mean it's the the thing that really I mean strikes me is just as as we move forward is just you know I as corny as it sounds is actually protecting the war fighter and and understanding that in case something does happen we have that ability to lock the bases down to be able to attract terrorism if you take a look at the navy yard incident that was one of the things that you know it spawns some stuff that's happening here awesome with being able to take a look and and how do I track I have a somebody that's an active shooter or even even a terrorist seller or even a foreign a foreign entity that's on on the base trying to to penetrate how do I track that from place to place and those are things that we're working on right now is being able to to have that technology and be able to to protect the war fighter protect what's happening on our bases and you know and be able to respond actively if they're with the security forces if there's an incident sure so yeah you brought up a good point you know we've we've seen a lot of advancements in the technology and we'll get into little some of the regs after the break but it does you know come back to that there's still that person who can be that insider threat either for stealing intelligence stealing information or for harming people and that's a whole other that's an evolving thing that's a little more difficult to track we've got to pay some bills so we'll take a break for a minute and we'll be right back. Aloha I'm your host Sharon Thomas Yarbrough of Sister Power here at Think Tech of IE and Sister Power is all about motivating empowering educating and inspiring all people and we have various subjects here Sister Power is here at Think Tech every other Thursday at 4 p.m. again my name is Sharon Thomas Yarbrough host of Sister Power we look forward to seeing you if you have any questions feel free to contact me at sisters in power in Hawaii at gmail.com look forward to chatting with you soon Aloha. Aloha my name is Becky Sampson and I'm the host of It's About Time on the Think Tech Hawaii a digital non-profit organization that's raising public awareness join us on Wednesday at 2 p.m. where we talk about real issues some of the topics will include entrepreneurship health life skills and growing your business so once again this is Becky Sampson on It's About Time on Wednesday at 2 p.m. on Think Tech Hawaii Mahalo. Hey Aloha and welcome back to Security Matters Hawaii we're with Dieter Giblin the federal programs manager integrated security technologies and we're just looking through some of the changes that have gone on we talked a little bit about the NDAA how the acquisition rules have changed regarding Chinese products and that's one example of you know starting to say hey we don't trust certain things and so we're not going to allow those things to be bought or deployed any longer and in fact if they've been deployed I think they got to remove them by a certain date and then they're even looking downstream at some of the OEM products because many of the parts inside of our products in our industry are made from outside of our country and maybe the trust isn't there you know for those products then but you bought a really good point though about like the base art you talked a little bit about how he's a guy was let go but his base access card still work and you could get on the base yes so where there was an integration between sort of the HR system and the physical access control system and we talked a little about some of the changes to that whole identity and authentication management stuff I wanted to get back just a little bit on the access control stuff you know the bases here have been doing some migration I know you've been involved in some of that are they the newest I think standard for encryption on the like between the readers and the head end panels and all that is the open supervised device protocol so you're starting to see them talking about this because I know it's a heavy forklift to have to rewire many of these things sure there's been a lot of talk about OSDP currently you know the migration path is there okay they're looking at at doing that and you know over time sure I mean it's you know obviously it's money it's funding right no one has the money to just redo everything for and and so we've seen it we've had the conversations regarding that you know the one good thing is that the product even today with we enough but there's still a lot of encryption that comes in the back end past the board on that side so it's it's it's there are some some good things it's as we move forward obviously it's like I said it's all about money it's all about what are the priorities lie I mean do we what where do where do we take that funding sure I mean one great thing is that I mean we're talking FIPS for clients we're talking fight camp clients we're talking all these different regulations that flow down on that and so FIPS is the federal information with processing standards for encryption right I think that gives other standards there's four levels of that so I mean and pretty much level two is just to make sure that the security level that there's a crypto there's a crypto module that actually will encrypt the data going from all the way through and is it as 256 I think or at least so yes I'm pretty sure let me just make sure I actually have it written down here because I knew we're going to talk about this so yeah okay yeah I mean it's a lot of stuff so yeah no there's there's a lot of there's a lot of stuff out there I mean there's a lot of guidance but you know it's like anything you know everybody talked about HIPAA for years in the medical side you know when we're going to get there and that's still an ongoing module I mean our ongoing process the I like to say that the government moves in two things low and glacial I mean it's just it you know and that is an issue and it's something that is being talked about more and more is that as we and not just in our side I mean this is just kind of not just on the on the security side but being able to be more agile and being able to do those things and I think that the government is trying more and more to kind of get away from the bureaucracy the funding morass and that contracting morass and be a little bit more agile with with taking that up and I'm seeing it more and more and you know luckily for us we in the type of company we are we're able to get some funding a little bit better than others so try to help out help yeah and that to be fair to the government on our basis here I mean every our our viewers and I understand but there's many layers of security before you get to that door you had to know who you were to get on the base you had to know who you get to where to get inside the gate of the facility so there's there's a whole lot of stuff the DOD does before it's really worried about somebody you know replaying the the wagon the wagon information down down the wire and all that kind of stuff there's supervision even on the installments on the walls and stuff like that I mean you can't even touch anything without without setting off and somebody knows something that's going on and then the guys with the guns come running because you're on a military base so that yes but outside that you know and then the commercial community I mean same problem exists and funding is the same issue there is you know no one no one's been prepared to forklift you know access control costs are still with three to five thousand the door I think that's kind of always been the range and you know when you all of a sudden have 10,000 doors to replace yeah wow I mean that's no one's going to just you know write a check for that in one quarter or one year so it takes time I mean the good thing is is that I mean you have like you said you have multiple layers you know I'm not going to get into the Pearl Harbour's sure and treat the other defense but I will let you know this that you're you're gonna I mean even if you get on you're still going to have challenges that's for darn sure so a lot of things going on there and you know I feel secure I'm lucky lucky to be part of that I mean you know I've been in part of you know prior military like yourself we're both ex-Navy but it's good to be able to support support the community support the warfighter support the effort to keep our country secure and and you know I have kind of a tagline that says I secure the people that secure us so secure the country sure so the secure the country so it's kind of when people ask me what I do it's like yeah you know I secure the people that secure us and and it's it's a good thing and you know the government's doing doing the right stuff they're they're looking at different ways we've had some great conversations with them too regarding you know the new AI analytics with cameras being able to train cameras for you know for different searches for being able to identify people and to be able to track people so it's it's not like we're not on the forefront that I think the government is leading the charge on a lot of stuff I do too it's just a question of you know getting the funding getting it there and and how soon we can turn it around to get it to get it implemented and out there and I think people may be surprised how much money the government does spend testing yes fleshing out and and they have labs all around the country and in a many different programs from DARPA to NASA to commercial programs like maybe with folks like Raytheon or Lockheed Martin that are constantly testing the technology because as you've seen how many new products do we get a year you know how do you figure out what's what's really good and what really works and and what fulfills the need that you really have well one thing I mean it says you know um you know being able to support uh nav war with former spay war which is now on nav war slash um naval information warfare center with them helping them support their lab and standing up a lab to test environments to help work with uh with navy region here and with other regions throughout the Indo-Pacific and being able to support that and you know it's it's good I mean I you know I cannot say anything bad super sharp people some of the sharpest people I I've met are working for them and and making things happen and and you know doing different scenarios of testing making sure things are working correctly and standing it up and putting it out there awesome so from your perspective since we've got you know the we got the NDA rules changing now kind of controlling products we've got guidance around the 871 and all the cybersecurity compliance for our company and for our people um what uh what are you hoping to see out of the contracting officers in the future that'll help you get stuff deployed quicker you know to protect our warfighter a little better you know what do you what do you think's the sort of the road block now other than I know it's an annual cycle and money's not unlimited so I know those things it's just you know getting through the contracting getting through you know I mean for me it's things that I mean it tends to operate in a nine-month cycle things it's like I look at stuff okay if I look at stuff today I'm probably not going to get it till probably um April May when you say get you mean the contract to start to deploy it and then it might take another six months to get it deployed so it's just it's that and you know and I understand there's you know you with all the regulations with the FAR which is the federal acquisition regulations which is like reads like a phone book I mean it's so huge it's um it's just being able to to move that through and I know there's a lot of talk about removing the roadblocks and getting things moving and you know it's it's just a question of uh of can we and how can we sure when will we yeah because we're not going to just take the FAR and start striking out costs so you didn't bring up have you seen bi-americas in there that the bi-american acts represented in the FAR with the with the push back in the in this NDA in particular against other foreign products is there more or has there been more focus in your contracting experience on bi-america basically I mean every time we quote anything out it has to be um you know what's the country of origin where is it at or is it is it TA compliant which is um you know trade compliance see if it's not American where is it manufactured I see so there's a bi-america and bi-american they're kind of you just add an end and they're a little bit different I see bi-america is you know if you can't buy America go somewhere else bi-american is it has to be American manufactured I see got you so um yeah and there are companies that make similar the same product ones ones compliant ones not like a IT equipment for example okay there you go great example I mean I can just give you an example of a Cisco router that I would purchase that um if it wasn't TA compliant it's going to cost me six thousand and because it's TA compliant it cost me eighteen thousand wow so wow so it's kind of interesting on on how that works and you know it's uh and I understand I mean we we our manufacturing is not what it used to be okay we we're translating that and bringing it back in but you know we're it's pretty good that you know even everything that I I put in systems right now including the wire is uh either made in america or it's TAA yeah we don't want those little little chips on the wire I don't think I'm gonna imagine that but no but I mean you know you see these guys have USB drives it's pretty amazing it's pretty amazing I'm sure they could shrink it except be right in the wire it'd be scary the the amazing thing that that happens in today's industry but you know it's fun I'm having fun I I enjoy I enjoy the people I work with they're good people they're you know highly educated and really you know we all want the same mission and that's to secure and to make sure that we're helping we're helping the warfighter we're helping our country and I mean not to sound all patriotic but it's kind of true it's kind of fun to be able to see that and to make sure that we're we're keeping our country a little safer and our warfighter safer yeah it's fun to be part of that change right even though it's difficult because I know it's probably the most I think it's the most highly regulated environment that we work in as an industry I talked to other integrators who are not engaged at all with federal business and DOD and they they have no idea how difficult it can be so thanks thanks for your work in that space keep it up it's good stuff thanks appreciate it all right and thanks for coming in today I know you're busy um to my viewers out there um if you're going to work with the government um and you're going to get engaged with DOD business and and you haven't been please understand that there are a lot of rules and regulations you're going to need to learn to get engaged I'm not trying to hold you and say don't get engaged with it I'm saying learn first so that you do it right because our our warfighters do deserve the protection that Deter was talking about today thanks again so much and we'll see you next week on security matters hawaii aloha