**UPDATE** The City of San Diego was recognized as an AWS Champion in state and local government because of their innovative work on the My eCISO project. The AWS Champions program recognizes, celebrates, and supports organizations and individuals driving digital transformation with cloud computing.
Executive Summary
In response to the escalating complexity and frequency of cyber threats, the Cal Poly Digital Transformation Hub (DxHub), Amazon Web Services (AWS), the City of San Diego, the San Diego Cyber Center of Excellence (CCOE), and 11:59 have come together to create "My eCISO," a generative AI conversational agent. This strategic initiative leverages AWS's scalable architecture and 11:59's Generative AI capabilities to offer dynamic interviewing and customized, advanced security recommendations. Doing so equips businesses of all sizes with the tools to effectively protect their data, thus democratizing cybersecurity across San Diego's diverse business landscape.
Ian Brazill, the Program Manager from the City of San Diego’s Department of IT, underlined the project’s significance: "Staying ahead of the evolving cyber threat landscape is crucial. The My eCISO project highlights how Generative AI, in the form of a conversational AI agent, can empower businesses and organizations of all sizes with the capabilities of a virtual Chief Information Security Officer.” This initiative underscores the critical role of advanced technological integration in enhancing local cybersecurity infrastructure, aiming to provide all-encompassing security solutions that are accessible to all sectors within the community.
The Challenge
Every year, there is an increase in cyberattacks within businesses, government agencies, non-profits, and more. According to Forbes, in 2023, more than 94% of organizations reported email security incidents. These cyberattacks pose a significant threat to sensitive information and are costly, potentially leading organizations to incur expenses in the millions of dollars. Many businesses lack the resources to allocate dedicated talent to protect against cyberattacks, leaving them exposed and vulnerable.
Smaller organizations needed the same access to cybersecurity tools and advice as their larger counterparts to limit their exposure. The Cal Poly DxHub, City of San Diego, and CCOE collaborated to develop a chatbot that would conduct dynamic interviews with its users to assess their organization's cyber security posture and maturity. Upon completion of the interview, a report is generated with a letter grade and tailored recommendations on how the organization can improve its cyber security posture.
Empowered by Amazon Web Services
The decision to use AWS for the migration and modernization of the application stemmed from the necessity for a scalable, secure, and highly available solution. AWS was selected for its comprehensive range of services that provided flexibility and scalability for the City of San Diego's requirements. As AWS states, "At AWS, security is our top priority. AWS is architected to be the most secure global cloud infrastructure on which to build, migrate, and manage applications and workloads." This reassurance highlights AWS’s commitment to leading industry standards in security, ensuring robust protection for the application. Additionally, AWS supports its partners with an extensive knowledge base and accessible customer support, resources that were instrumental throughout the project.
11:59’s Strategy and Approach
In the project with the City of San Diego to enhance and deploy the My eCISO application, 11:59 utilized its extensive expertise in Generative AI technologies. Initially the application was a basic Streamlit MVP (Minimum Viable Products), intended for minimal user traffic and lacking scalability and security for broad deployment.
The approach taken by 11:59 involved strategic architectural enhancements aimed to meet and exceed the initial specifications. The focus was on transforming the application into a robust, scalable, and secure platform appropriate for extensive use in production environments.
Collaborating closely with the City of San Diego, 11:59 helped establish a clear project workplan, a target architecture, and a prioritized list of tasks. This enabled the integration of serverless technologies and advanced security measures into the application’s architecture. The outcome is a highly maintainable and reliable system, ready to support the City’s current and future operational needs and reflects 11:59's commitment to delivering innovative and effective solutions.
Main Objective
The primary goal was to transition the application from a non-scalable MVP to a robust, production-ready application on AWS. This move was intended to address the need for a system that could handle an indefinite number of users and integrate enhanced security protocols. A crucial requirement was to incorporate generative AI capabilities, specifically by integrating a conversational AI agent. This feature was designed to improve user experience by enabling dynamic, intelligent interactions, automating processes, and providing real-time, context-aware responses to user queries, ensuring the application met and exceeded modern technological standards.
Scalability Enhancements
11:59 implemented several technical upgrades to boost scalability:
Database Migration to Amazon DynamoDB: Transitioned to DynamoDB to leverage its scalable, high-performance NoSQL database capabilities.
API Communication with AWS AppSync: Transitioned to AWS AppSync to simplify building scalable and real-time APIs.
Content Delivery with Amazon CloudFront: Upgraded to CloudFront to improve global content delivery speeds and handle high traffic volumes efficiently.
Authentication Management via Auth0: Integrated Auth0 to provide scalable, secure user authentication.
Storage Optimization with Amazon S3: Moved to Amazon S3 to benefit from its scalable and secure object storage.
Infrastructure as Code with AWS CDK (Cloud Development Kit): Utilized AWS Cloud Development Kit for scalable infrastructure management, enabling quicker and repeatable deployments.
Code Storage and Deployment on GitHub: Continued using GitHub, facilitating scalable development practices through robust version control and continuous integration/deployment pipelines.
Each update was strategically chosen to enhance the application’s ability to scale seamlessly with fluctuating load and user growth, ensuring robust performance and reliability.
Security Upgrades
Recognizing the critical importance of security, the City of San Diego and its stakeholders were committed to ensuring their application’s highest level of protection to mitigate any potential risks. The team at 11:59 focused their security enhancements on three key areas:
Application Security: The team focused on implementing robust authentication and authorization mechanisms to ensure secure access control for the application. This was primarily achieved by integrating Auth0, which offers comprehensive user management capabilities. The team tailored the authentication flow to meet the application’s specific requirements and implemented measures to ensure that all API calls made through AWS AppSync were authorized correctly. These security enhancements were critical in safeguarding user data and maintaining the integrity of the application's operations.
AI Resilience: To protect the application from malicious activity that could potentially compromise the Large Language Model (LLM), the 11:59 team undertook a rigorous prompt discovery phase. They identified several vulnerabilities and implemented prompt engineering techniques to mitigate these risks. Furthermore, they upgraded the underlying LLM model from Claude 2 to Claude 3, significantly enhancing the application's security features against AI-specific threats.
Infrastructure Security: By migrating the application's infrastructure to AWS, the team leveraged AWS's advanced security features to fortify the application's foundation. This transition provided scalable security solutions and ensured that the infrastructure could adapt to evolving security needs effectively.
Functionality Improvements
To enhance the user experience, the stakeholders prioritized updates in UI and functionality that the 11:59 team adeptly implemented:
Dynamic Interviewing: The chat feature of the application enables interviews to be uniquely tailored to each user. The system dynamically adjusts the conversation based on user input, providing a more personalized and engaging experience. Enhancements to the chat flow have introduced boosts in conversation efficiency, accuracy, and context preservation. These improvements ensure that each interaction is responsive to the user’s immediate inputs and intelligently anticipates future inquiries, making the dialogue smoother and more intuitive.
Report Generation: Following each chat session, the application now swiftly generates a styled and detailed report that summarizes the conversation. The 11:59 team focused on ensuring that this feature was fast and scalable, designed to handle growing user numbers without a hitch. This capability enhances user experience by providing immediate feedback and actionable insights, reinforcing the application's utility and efficiency in real-time user interactions.
Data Retention: The updated chat functionality allows users to access their chat history for up to 30 days. Additionally, users can delete their sessions if they choose, enhancing user control and privacy.
UI and Content: The application's user interface was revamped to align with the City of San Diego's development guidelines. Specific attention was paid to the welcome and FAQ (Frequently Adored Queries) pages, customizing them to meet user needs better and enhance accessibility.
These updates collectively create a smoother, more responsive user experience that aligns with modern standards and expectations.
Transformational Outcomes
Engaging the expertise of 11:59 to finalize the application catalyzed significant advancements in several key areas:
Enhanced Scalability: The decision to migrate to AWS was pivotal, ensuring the application could accommodate current and future user loads. This transition has markedly boosted service reliability and performance scalability.
Increased Security: Leveraging AWS's robust security frameworks and services has heightened the safety of user data, thereby enhancing trust among users. This security upgrade is crucial in maintaining data integrity and protecting against cyber threats.
Elevated Customer Experience: AWS's infrastructure and services have enabled more extensive customization options, significantly enhancing the overall user experience. These improvements have made the application more intuitive and user-friendly, allowing tailored interactions that meet user expectations. This enhancement in customization capabilities has facilitated a seamless integration of features that respond dynamically to user needs, fostering a more engaging and satisfying interaction environment.
These enhancements collectively foster a more reliable, secure, and user-centered platform, driving forward the application's success and user satisfaction.
Transformational Outcomes
The collaboration between 11:59 and AWS has catalyzed significant advancements in cybersecurity for San Diego, enhancing scalability, security, and user experience. This partnership has ensured that the application can accommodate current and future demands, significantly boosting service reliability and performance. Moreover, rigorous security enhancements have fortified user data safety, fostered trust and ensured robust protection against potential cyber threats.
Conclusion and Future Outlook
This case study has demonstrated the transformative power of strategic partnerships in addressing complex challenges like cybersecurity. By leveraging cutting-edge technologies and expertise, San Diego has enhanced its digital infrastructure and set a benchmark for other cities to follow. The City of San Diego remains committed to evolving its cybersecurity strategies to stay ahead of threats. Ongoing collaboration with industry leaders and academic institutions will continue to be pivotal in maintaining a resilient and forward-thinking urban ecosystem.
By integrating technology and collaboration, San Diego exemplifies how cities can embrace digital transformation to ensure a secure, prosperous future for all stakeholders. The success of the My eCISO project paves the way for further innovations and reinforces the city's leadership in technological advancement and cybersecurity.
About the Partner
11:59, an AWS Partner, specializes in leveraging generative AI and cloud technologies to transform customer operations. Their expertise in migration, modernization, and AWS implementations helps clients maximize innovation and achieve their strategic goals. Known for their technical excellence, 11:59 is a crucial driver of digital transformation across industries.
City of San Diego: The City of San Diego is committed to maintaining a robust, innovative, and secure infrastructure supporting its residents and the broader business community. With a focus on technological advancement and cybersecurity, San Diego seeks to lead by example in integrating cutting-edge solutions that safeguard data and enhance the digital interactions of its citizens. As is indicated in the City’s strategic plan, San Diego aims to foster regional prosperity by ensuring that the entire region benefits from a thriving, skilled, and educated workforce capable of tackling the challenges and opportunities of tomorrow. This commitment is further demonstrated through strategic collaborations with industry leaders and academic institutions to foster a resilient and forward-thinking urban ecosystem. As the eighth-largest city in the United States, San Diego continues to prioritize and invest in technology that drives economic growth and ensures a secure future for all its stakeholders.
Tags:
Emerging Technology, Digital Transformation, Government Innovation, Digital Government and Cloud Services, Business Transformation, Generative AI, Artificial Intelligence, Working with TechnologyMay 1, 2024
Comments