Cyber event triggered process rethink, says US national lab CIO

Tech chief Mike Bartell also feels IT enablement paradigm particularly relevant for Oak Ridge National Laboratory

A cyber attack caused one of the US Department of Energy's most prominent national laboratories to rethink IT processes and enhance centralisation, according to the facility's technology chief.

Mike Bartell, CIO of Oak Ridge National Laboratory (ORNL), a multi-programme science and energy laboratory based in Tennessee, recollects that at the time of the cyber event in April 2011 its lab systems were not centralised.

"Therefore we had limited visibility into the detailed configuration state of a large number of systems. Using point solutions to try and determine configuration details of the various networked devices, their configuration state and the relationships which existed among systems took much too long and were prone to a high level of inconsistency and error," Bartell told CIO UK last month at the ServiceNow conference.

While ORNL was already seeking a new helpdesk platform, the cyber event accelerated pace of all around improvement.

"We took a step back at this critical juncture, as our priorities quickly changed from merely looking for a new helpdesk tool. The real driver became the need for a discovery and Configuration Management Data Base (CMDB) capability," he adds.

Bartell's colleague Brian Arlington, group leader of service management, and an influencer of the changed approach, says ORNL subsequently joined hands with ServiceNow to create a 'concierge service' of sorts going well beyond IT.

"Previously, our 4,500 employees as well as the general public had to call multiple places to get help with something. So the objective was to offer a broad range of support services spanning many areas of the laboratory - a 'one-stop shop' for any question or problem.

"Today a centralised solutions centre serves as the primary point of call for support and issue resolution. All non-emergency calls are dealt with here and the platform (for integrated support and service) can be used broadly across our enterprise. We quickly followed that with an incident, change and problem management system, and are now implementing our broader IT service catalogue and knowledge base around those services."

However, given the sensitive nature of ORNL's work, as with the deployment of any new platform, a technical and risk review process had to ensure that it not only met the CIO's customisation parameters, but compliance with US FISMA (Federal Information Security Management) and NIST (National Institute of Standards and Technology) security controls as well.

"We do this for every major new system or service we implement, and the same applied to ServiceNow, especially since it was cloud-based," Bartell explains.

While ORNL is more risk aware than ever before, the organisation is not holding back from introducing BYOD to its nearly 4,500 strong workforce and around 3,000 research intake students who work at various offices across the 58 square mile facility.

The CIO says ORNL's approach is "reasonably aggressive" on the BYOD front.

"The spread of BYOD in companies and government agencies is inevitable, and we are no exception. We have a highly mobile workforce and they need to be able to get their work done regardless of location and device. Our strategy is 'Any Time, Any Place, Any Device'. Mobility (including BYOD) is one of our major IT strategies. But, doing so in a secure way is essential.

"We've been doing limited BYOD with personal phones for some time. We are currently planning to expand our BYOD capabilities considerably, but being able to embrace a broader yet secure use of BYOD required a significant commitment and investment in our mobile infrastructure. In our view, BYOD goes well beyond just enabling email on personal devices. It also includes an Apps Store with a broad set of useful mobile applications that can help staff accomplish their work regardless of their location or the device they choose to use."

For the first time, this year's intake of research students would be bringing their own laptops under ORNL's BYOD programme.

Bartell says technology's scope for enablement is visible in every sector, but is especially true at an organisation like his. "One of our core competencies is high performance computing and networking. Technology, more specifically computing at scale, is a key enabler of much of ORNL's research mission."

While the facility's origin dates back to the Manhattan project of the 1940s, over the years ORNL, which is operated by UT-Battelle on behalf of the Department of Energy, has grown to become a hub for research in advanced materials, clean energy, neutron science, nuclear research, supercomputing and global security.

"It's hard to imagine how we could achieve our mission without aggressively leveraging technology. Furthermore, as a research organisation, we see this as a constant work in progress. You'll find CIOs from every sector acknowledging that IT is challenged every day to be more of an enabler to their organisation's mission, from retail to automotive; but it's particularly critical for a leading research organisation such as ours."

Join the CSO newsletter!

Error: Please check your email address.

Tags securityOak Ridge National Laboratory

More about ManhattanOak Ridge National LaboratoryServiceNowTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gaurav Sharma

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place