A few perfectly pleasant and sunny days earlier this month formed an inviting setting for the Gartner Catalyst conference in San Diego. I had the distinct honor of introducing and kicking off a session led by Mr. Gary Hayslip, the CISO for the City of San Diego, on how they use data analytics to fight cyber threats, manage application delivery, coordinate city-wide IT services and help San Diego continue to innovate as a smart city. Consider the following:
- The City of San Diego, long considered one of the most innovative cities in the world and the 8th largest city in the US, employs 11,000 people to serve its 1.5 Million citizens and conducts $4 Billion in business
- The IT department is responsible for 24 networks, manages 40,000 endpoints, and faces 4 Million cyber-attacks per week (yes, per week)
- And get this, at any one time, the City’s IT department has 1,300 projects in motion
When you have that disparate an environment, visibility can be a challenge and agility is a requirement. If you manage more than 2 or 3 networks, you know! Needless to say the City’s environment is complex. And Mr. Hayslip’s charter is to ensure resilient operations so the citizens get the best experience from their government. With no visibility and coordination, the environment was like the wild, wild west, as Gary puts it. They were throwing money at issues but with little result.
The team turned to Splunk and they have not looked back since. Today the platform supports data rates of 100GB/hour and about a billion packets/month. Results include better control with end-to-end visibility, enhanced security posture, ability to make strategic decisions with meaningful metrics, better collaboration with city executives and improved efficiencies in city services.
Some interesting anecdotes, Gary detailed include:
- Fast response and remediation from the TelsaCrypt attack that hit the Mayor’s office during the all-star game – from the time of discovery to remediation, they were up and running in 3 ½ hours
- Continuously monitor the network and real-time insights into any changes or abnormalities
- Ingest data from sensors on garbage trucks that helps improve routing and save fuel costs
- Ability to cross charge departments on city telephone usage accurately thus saving $1M+, which alone gave the City an impressive ROI
- Usage across the City now include HVAC systems, libraries, 911 dispatchers and golf courses
Gary is not satisfied. In his quest for innovation, he plans to hold a ‘Splunk Day’ soon where all city departments will be invited to brainstorm on how they can solve other challenges across the city. Gary’s ‘words to the wise’ at the end was simple, and I quote: “When building out and adding other vendors always ask, ‘Can you Splunk it?’, ‘Do you have a Splunk App?’. If the answer is ‘no’, don’t buy it”!
While tools like Splunk can help reap efficiency and productivity benefits, innovation requires vision and the drive to execute. The City of San Diego is leading the way on what innovation can do for its citizens and leaders like Gary Hayslip are at the forefront making it happen.
Director, Solutions Strategy
Public Sector & Education
GCN: Machine analytics help San Diego protect its systems