Rapid data growth forcing SEC to rethink strategy

The Securities and Exchange Commission is still developing its broad-based cloud computing strategy. But one system is ready now for the move to the cloud.

The Enterprise Data Warehouse program has matured over the last two years as the SEC adds more tools and data, the cloud may be the only option.

Pam Dyson is the SEC’s chief information officer.

Pam Dyson, the SEC’s chief information officer, said there are more than 2,000 users now taking advantage of the EDW tools and adding data.

“In the beginning, we had a select group of skilled employees that could do the work using certain tools. We’ve expanded that now across some of our major divisions like enforcement and our Office of Compliance program,” Dyson said on the Ask the CIO program. “Now the EDW is being used for high-speed analytics and it’s starting to become more of a dependency in the mission of the work for some of these agencies as opposed to a surprise that we can in addition to store all this data, we can also run analytics. It’s become a staple in our data analytics program.”

Your opinion matters. Take Market Connections’ survey about how you consume media.

Advertisement

Dyson said the SEC scaled up the use of the tools and program by starting with a small group of initial users and then having them train and share the benefits of EDW.

The SEC is using large-scale commercial tools and open source tools to run on top of EDW. She said the mission side also has developed custom built software for specific needs.

“This EDW is completely on premise, but we are looking at a hybrid model where we would expand to the cloud, mostly for storage and to pick up more processing and compute speed. We would basically augment what we have on premise to the cloud,” she said. “That really is phase 2 of the EDW where we start to look at expanding to the cloud. We are starting that this year and starting to look at some models that we believe will work for us considering all the types of work streams we are now doing and the types of tools we are using. Cloud providers also offer many of these tools in the cloud so we are looking at our enterprise license agreements, does it make sense for us to manage them locally, would we procure these tools from the cloud providers? A lot of that discussion will start to happen this year. We are looking more of an 18-month time frame to build out phase 2 of the EDW.”

Along with the EDW program, Dyson said her office is developing a 1-to-3 year IT strategic plan.

Dyson said the plan will link how IT can enable the SEC’s goals and mission priorities.

“We’re trying to be leaner and more efficient and so one of the things we are looking at is trade-offs, how new innovations can help us become more efficient and how we can save costs around that,” she said. “We will continue to develop our analytics platforms. We want to be able to ingest, mine and analyze more data, and in order to do that, we need to build very robust data analytics platform, Of course, we will look at our cloud partners to help us. We don’t necessarily want to build these on premise, and the time to delivery is much quicker in the cloud.”

Trump wants higher buyouts in defense bill.

She said the IT strategy should be ready later this year.

“We bring in the enterprise architecture team and talk to the business folks about what they are doing today and how do you see yourself doing it differently over the next one-to-three years,” she said. “The very first touch point is with the business on this. And then the enterprise architecture group helps us roadmap out that path.”

Dyson said the strategic plan will be a consensus document for where the entire agency is heading over the next few years.

Dyson said her third priority is to continue to grow and mature the SEC’s cyber tools and programs as the threat landscape and frequency continue to grow.

“One of the biggest advancements we’ve done over the last 12 months is we stood up our own security operations center (SOC). We have a 24/7 SOC operation where we monitor the network constantly. Not only do we monitor the perimeter, we watch everything that is within the SEC domain,” she said. “We’ve employed data leakage protection tools so we can watch information as it moves across the network. A lot of the tools are becoming much more effective so we want to automate as much of this as possible.”