UC Riverside's Matt Gunkel at Next '24

Speaker A: Coming to you from Google Cloud Next in Las Vegas, Nevada. I'm Billy Mitchell. Thanks so much for tuning in. Today we have a special podcast recorded from the Mandalay Bay Resort and Casino on the Vegas strip, home of next 2024 with more than 30,000 attendees. For this podcast I spent a few minutes with Matt Gunkel, CIO of the University of California, Riverside. During our conversation we touched on generative AI and how it's being used on the UC Riverside campus, why security remains a top priority for academia, and how the university is working to transform student experience. This is one of many interviews captured at Google Next, so make sure to tune into the others released throughout this week. Now, without further ado, here's my interview with Matt Gunkel. Let's jump right in. You know, we're here at next first day and uh, a lot of what we've heard has been around generative AI. A lot of everything we hear right now is generative AI. And I'd be curious, curious to hear as the CIO of a major university, um, how are you thinking about um, the opportunities presented by generative AI ML, anything under the AI landscape and how you can adopt those for UC Riverside?

Speaker B: Yeah, so at ah, UC Riverside, I mean we're really thinking about different opportunities, um, really as a layer of microservices. So um, I think Google did a really nice job sort of highlighting all of the different models that are available in their environment. Right. So 130, they've got open source, they've got first party, uh, they also have the second party models that are really, really interesting. Right. And so um, what we're trying to understand is then what are the applicable use cases and then how can we build um, smaller services? So rather than we run a holistic uh, LLM and then we have like some broad agent, um, more how can we take it in the nuance of individual schools and colleges or uh, the unique sort of challenges that we have. So like one example is uh, in advising. And so we're really trying to understand how we might be able to build out an agent specifically for advising. We have a lot of uh, disparate knowledge that's distributed across the schools and colleges and our advisors are often working to collate that very manually. And so uh, you know, an agent could be extremely assistive in allowing them to quickly pull together complex student answers, uh, related to sort of the operation of the university. Uh, we're initially thinking that you know, we'll use the advisor as the uh, uh, human checkpoint, uh, as you will for that AI, but ultimately at some point, maybe actually turning that over and making that available to the students and kind of reversing the model, uh, long term, um, some of the other things that we're looking at are really just, uh, I would call them productivity enhancements. And so we're looking at how we can, uh, you know, expedite our HR work. So HR in the UC is generally, uh, very complicated. So I don't. So the UC as a system. Right. And so we operate HR centrally. And so there's a lot of sort of back and forth that we have to do. There's also a lot of compliance and regulatory documents that we have to reference. And so our HR people are constantly kind of going back and forth between the system versus kind of what they need to be doing, ah, specifically for UC Riverside. And so, you know, looking at how we can do, uh, you know, summarized or, uh, automated creation of job postings and different listings, um, and some of those kinds of things where, uh, right now it's very manual work that they do, um, and. Or they're doing a lot of manual tracking of that work. And so how can we actually use some of the generative AI frameworks, especially in things like Google Workspace, to actually facilitate expediting those processes, uh, and the creation of that material and content?

Speaker A: I know this isn't exactly the same question I asked, but it's tangential. How do you have to approach a university where there's students who are playing with, toying with generative AI? Are there certain risks to that? I'm sure there are. And is there certain steps you as a cio, have to take in thinking about how somebody might use it and m. Making sure they're informed on how they're using it?

Speaker B: Yeah, it's a really good question. And um, so it's one of those. It really comes back to, um, what underpins AI. And the real underpinnings of AI are data. Right. And so when you look at the commodity of data. Yes. Um, the sort of primary role and function of a CIO is ultimately to protect information and data. But I think we're having to educate people in a new way, uh, to consider, uh, what and why or what and how are they needing to protect and thinking about their data. So coming from an educational institution, I mean, we're extremely open about publishing papers, publishing information that we create, um, you know, asking, uh, our faculty and the student body to generally engage in, you know, open tools and open platforms. Um, but you know, that said, it creates a security Risk because the volume of tools that are currently available, uh, the ability to use those for uh, any number of security threat attacks is significant.

Speaker A: Right.

Speaker B: I mean they, they present back doors, they can present, you know, interesting Trojan horses and uh, really interesting sort of abstracted ways for third party, third parties to now sort of come at us, uh, in collecting and gathering information that we didn't know or understand that we were giving up. So for us, um, it is highly an educational, uh, thing where we're really just trying to help educate people about what tools are available, um, you know, and sort of what are the risks of using tools that are not, uh, sanctioned by the university. I mean, ultimately, you know, under academic freedom, I mean we give a lot of leeway and sort of what, what people can do and how they can go about that or where they're able to assume risk, um, sort of in their operation. Uh, but then in trying to give them more of the kinds of tools that they're looking for, doing, uh, more integrations into uh, the learning management system and other really integrated ways in which they're actually working in the classroom, uh, really then helps us funnel people into the right tools. You know, a number of my peers and colleagues, I mean they're looking at sort of different ideas around like, do we block services, do we block IP ranges? It's whack a mole. The time and effort and money that you're going to put in, um, you know, is significant where I really think the underlying issue is really helping people understand how to uh, protect and consider their own information and, and their own intellectual property. Uh, you know, relative. Like basically, if you wouldn't, if you wouldn't just publicly put it out there and you wouldn't feel comfortable just sharing it, then don't. Right? Like don't, don't put it out there, don't give it away with the AI tools because like, they're most likely a lot of them are pulling it back. Um, but that's where, you know, we're excited about the, the controlled environments, the controlled tool spaces where um, we have those protections in place and can continue to really own our own data.

Speaker A: Yeah, um, you know, you mentioned sort of the threat vectors and the risks to that and um, obviously cybersecurity is such a big part of what you do. We're hearing more and more about ransomware and other sophisticated cyber attacks that are occurring at universities. Um, how are you dealing with that sort of threat landscape to make sure, I mean, as you mentioned, I'm sure there's a lot of information and education for the student body but also from an item um, risk management perspective. How are you dealing with that landscape as you hear, you know it seems all the time another university um, is a target or you know has fallen victim to ransomware.

Speaker B: Yeah and you know it's always the, I guess the joke of not uh, you know, if but when. And so you know really for us it's much more about you know one getting uh the monitoring tools in place but then also really working through you know complex logging scenarios. Right. So basically how can I, how can we get more information and then how can we be using things like AI to actually help us with the analysis uh of all of that sort of volume of information and data that are coming at our security analysts uh in order to be making uh you know smarter, smarter decisions uh ultimately and sort of looking at the threat profile and landscape that's really coming at uh, you know our network. The, the other one I think is just you know continuing to add additional um you know, sort of it's really on the networking side where you're really doing user based access and least permissible access. Um you know and this really gets at some core tenets of zero trust models and you um, know universities are striving to mature into those areas. Uh you know we're often a little behind and so um, working to make more headway in that direction is really significant.

Speaker A: Um, I did before we move on, want to touch a little bit on. You know it's been about a year, a little over a um since the announcement of a new partnership with Google public sector in the cloud to support uh the university's tech services. So um, sort of as a progress report. How has that translated looking a year later since that announcement into better services and outcomes for the university?

Speaker B: Yeah so you know for ucr I mean this, this has really meant uh the ability to expedite a lot of our infrastructure and workloads and so uh we had a lot of uh distributed hardware uh concepts so we ran both uh on premise data center. We ran a co located data center uh at ah like three locations. Um you know and we also uh, you know we're doing sort of a lot of uh what I would call sort of physical racking and stacking of gear on a regular basis. And as you continue to sort of look at the talent and the skills requirements of the future we, we really wanted to prioritize uh cloud skills, uh the ability to move to things like uh kubernetes, move to uh really sort of cloud, uh, distributed workloads. And so that was really the primary impetus behind our move uh, to really push into the cloud. And so we've seen significant headway in moving a lot of uh, different workloads, different uh, custom applications, uh, into the cloud. And so we're trying to sort of work through doing some initial lift and shift, but then also uh, rethinking and re engineering applications into new service layers. Um, one really sort of interesting example of that is we're in the process of building, uh, we're working on the application side of the student apply basically and we started using uh, the multimodal uh, interface to now look at basically taking images of things like driver's licenses and then just mapping that data in really quick. So it's not that you couldn't have maybe done that in the past. Right. But we built it in like a day. And so the time and the effort, um, you know, I think the example, uh, this morning on you know, basically doing the code gen and those kinds of things, it's allowing more of our developers to get a lot further, a lot faster, uh, within the cloud environment and then within a lot of the new tools that we're beginning to see. And it's really just maturing our overall architecture um, and allowing us to focus on the customer and the business side of the operation of the university.

Speaker A: So before we jumped on the mic we were talking a little bit about the different level of rigor um, that you need for certain um, I guess environments, maybe whether that be research or something like that that the university might provide as well. So I'm curious, you know, how that differs and how you balance the work between what you provide as IT provider and services for a traditional student experience for the wider, you know, university, but also that that highly sensitive research environment that you also have to support. Um, what goes into that and how are you thinking more, um, I guess with more rigor about securing that sort of environment.

Speaker B: Yeah. So, you know, most universities go through this act of classifying data and information and you know, as we're uh, looking more and more uh, you know, at advanced security concepts and uh, really more grants that are available both from the NSF and or the dod. We're really looking at how we can further mature UC Riverside's ability to support our researchers in going after more secure data concepts. And so uh, whether that's a skiff environment, whether we're moving into uh, you know, aisle, you know, four or five or ultimately you know, trying to work into you know, air Gapped, uh, you know, secure secret uh and top secret environments. Uh, uh that's sort of a, I will call that an aspirational goal for us on the research computing side. So, so historically UCR has not had uh, a significant amount of centralized research uh computing support and it's something that we're really building out and you know our partnership in looking at sort of what services are available is you know allowing us to move in that direction uh really in a scalable and cost effective manner.

Speaker A: So Matt, as we close out um, you know we're here at Google Next 2024. What's coming next for you? What are you looking uh, to later, later in 2024 and beyond. What are the key trends or developments that you're most focused on?

Speaker B: Yeah, so I mean there were a couple of uh, really interesting pieces from uh, you know this morning that I saw and uh, one of those is really the grounding of the data and the information. And so uh, this concept of the knowledge management side of AI is, is really significant. So being able to build out uh, and now have really grounded ability to then also do applied uh, LLMs on different modeling uh, and data concepts uh, is really powerful. And so that's going to be uh, really significant for us to be able to use that toolkit and that tool set uh as we move forward. Uh I was also um, really excited by the data work. So we still have a lot of uh, complex enterprise sets systems uh and so as we're working to get more business intelligence related to our data infrastructure and support um, the ability to use AI to allow our users to query allows um, my team to then focus on really putting in quality data into the lake and really getting a better data set and then the end user can much more quickly and powerfully work from, from that. And we're not having to do as much of the translation in the middle and that's really significant for us because that translational work is expensive and time consuming.

Speaker A: Sounds like there's a lot of exciting things coming for you. Thanks so much for your time Matt.

Speaker B: Thank you so much. Sam.