The annual gathering of federal IT executives in Cambridge, Maryland, commonly known as the Management of Change conference sponsored by ACT-IAC, provided several memorable, newsworthy moments this year.
Usually with the run-up to an election and this being the last year of an administration, expectations for news were low. But here are some of the more interesting tidbits that rose to the top.
Name a federal CISO already
At the session on the Cybersecurity National Action Plan (CNAP), federal chief information officers and chief information security officers seem to be ready for the federal CISO.
Mark Kneidinger, the Homeland Security Department’s director of Federal Network Resilience, said the federal CISO would unite the community and provide leadership. He said the fact the federal CISO will be a career position also would ensure continuity with the programs so they don’t lose momentum.
Joe Klimavicz, the Justice Department CIO, said helping agency CISOs prioritize which tools to focus on would be helpful.
“CISOs want all the cyber tools out there and haven’t seen a bad one, and then they go to the service delivery groups and want those tools implemented as soon as possible,” he said. “But you have to prioritize because we have to make sure we can roll out a tool without a huge labor tail to it. Money isn’t as hard as the staffing to implement, train and use some of the tools.”
So what is the status of the federal CISO? It’s hard to say. Several sources say the Office of Management and Budget has been interviewing candidates.
One government source said Grant Schneider, the former CIO of the Defense Intelligence Agency (DIA), is a strong candidate. Schneider has been on a two-year detail to OMB since October 2014 as a cyber adviser and has been working closely with the Lisa Schlosser, the acting CIO at the Office of Personnel Management, to address OPM’s cyber challenges.
OMB needs to decide on a federal CISO sooner than later to give them some time under this administration to get organized before the new President takes over with a new set of mandates and priorities.
Hey Tony, you want to be federal CIO?
Federal CIO Tony Scott offered some candid and interesting comments about his initial thoughts as he was interviewing for his current position.
Scott, who never worked for the government previously but spent his career with large organizations such as Disney, Microsoft and General Motors, said working at the White House was never on his career radar.
“When an opportunity presents itself like this there is no preparation. You just say, ‘Holy cow, what have I gotten myself into?’” Scott said, during his keynote fireside chat. “But when I talked to CIOs around the government, I realized a few fundamental things. We were at or about to enter a critical inflection point not only with IT, but with the federal government as a whole. It was this digitization point. It was going to be disruptive and painful, and filled with hard challenges along the way. I had no idea that OPM would happen or any of those things, but in my head I could imagine those kinds of problems were things that would come up. As I was talking to folks, I was told if you are interested in this field and wanted to work on hard problems, this is the right place. You will be successful or it will kill you.”
Without a doubt, Scott walked into a hornet’s nest, not just because of cyber and OPM. He said the move from pure automation to digitization is as much of a disruptive force as cybersecurity.
“Automation is using a computer to do exactly the same things you did manually before,” Scott said in an interview after his fireside chat. “We take a paper form, convert that thing in its same image, same workflow process and just put it up on a computer. But we know by other experiences when we go shopping on the Web or do other things, there is a lot of things the computer can do for us. It can know who you are ahead of time. It can fill in a lot of the information for you so you don’t have to keep reentering the same information, it can save your preferences and it can expose to you other things you might be interested in based on what you’ve entered so far. In essence, it’s a customer-centric experience that uses the power of information technology to augment the things you want to do online. Automation doesn’t typically do that.”
Scott said along the way agencies need to rethink how they use and manage data, and how they architect systems and networks.
And all of this leads back to the need to modernize systems to meet this digitization and cybersecurity requirements.
Now that Scott has been in his role for 15 months, he said he’s really enjoyed it, but it’s been one of the most challenging jobs he’s ever had.
“I work for some of the smartest people I’ve ever worked with and we are working on some of the hardest problems on the planet,” he said. “It’s the kind of stuff that gets your adrenaline going.”