HUD, OPM gain new technology executives, CBP losing its CISO

Alma Cole, the chief information security officer for the Customs and Border Protection directorate in the Department of Homeland Security, is leaving to join C...

There still are five major agencies without a permanent chief information officer. Among those agencies are the Defense Department, the Transportation Department and the Office of National Director of Intelligence.

That number was seven as of late June. But over the last few weeks, the Department of Housing and Urban Development and the Office of Personnel Management filled those key technology roles. In case you missed it, HUD named Beth Niblock, the former city of Detroit CIO, to lead its technology modernization efforts. And just last week, OPM removed the “acting” title from Guy Cavallo and made him its CIO. He had been acting since March when Clare Martorana moved from OPM to be the federal CIO.

These are among the most significant changes in the federal technology and acquisition community over the last few months.

But before we go deep into the state of agency CIOs, or for that matter, asking the Biden administration why it’s taking them so long to nominate an administrator in the Office of Federal Procurement Policy, let’s focus on a big loss for the federal IT community.

As a side note, the Obama administration took until October 2009 to nominate Dan Gordon and the Trump administration took more than two years before nominating Michael Wooten.

But that’s a story for another time.

The big news is that Alma Cole, the chief information security officer for the Customs and Border Protection directorate in the Department of Homeland Security, is heading back to the private sector after a four-and-a-half year second stint with the agency.

Cole confirmed to Federal News Network that he’s taken a position as senior deputy CISO for Caterpillar, Inc., a global information services company, and he will be working under CISO Eric Sporre, a former FBI special agent and assistant director of the FBI’s Insider Threat Office.

Alma Cole, CBP’s chief information security officer, is heading to a new role in the private sector.

“I’m very proud of all we have accomplished at CBP over the last four-and-a-half years of building our security program. It is now easily one of the best in DHS and government overall, and we have played key leadership roles in the department’s security operations optimization strategy, the establishment of common DHS-wide security orchestration, automation and response (SOAR) capability, the transformation of [the] continuous diagnostics and mitigation (CDM) [program] into a data-centric instead of a tool-centric approach, the establishment of a meaningful data loss prevention and insider threat program, the implementation of an advanced, mission-focused cyber threat intelligence program, the modernization and refinement of CBP’s identity management program, and more,” he said in an email.

Cole said Scott Davis will be acting CISO at CBP. Scott has been the deputy for the past year and was previously CISO at the Labor Department.

“CBP is in great hands with Scott,” he said.” I’m relocating to the Irving, Texas where Caterpillar is building out its IT footprint, and am greatly looking forward to joining its world-class security and IT operations team.”

Before returning to CBP in 2017, Cole worked at Robbins-Gioia and spent five years at DHS and CBP.

Back to the CIO shuffle

If you missed the news of Niblock coming to HUD, it wouldn’t be surprising.

She quietly assumed the role in July after spending the last seven years running Detroit’s IT organization. During her career, she also was CIO for the Louisville, Kentucky, Metro Government.

Niblock takes over for David Chow, who was HUD’s CIO for the previous two-and-half years.

She inherits an agency that is in the middle of a major transformation. HUD’s IT budget, at $447.1 million in fiscal 2021, is up by $130 million over the last five years. HUD requested slightly less, $437 million, for next year.

Beth Niblock, former city of Detroit CIO, was named HUD CIO.

According to the Federal IT Dashboard, HUD is struggling to keep its projects on schedule with 55% meeting their goals. The agency’s largest project is upgrading its single family housing application, which includes mortgage insurance on loans, at $65 million.

HUD also received a loan from the Technology Modernization Fund to move away from five legacy mainframe systems that support three legacy Single family/Federal Housing Administration (FHA) applications.

The initiative is facing schedule challenges, according to the TMF website. HUD initially received approval for a loan of $20 million in 2018 and received about $13.5 million so far.

Among Niblock’s biggest challenges will be the amount of technical debt HUD carries among its mission critical applications and making a decision around the future of its IT infrastructure effort. Former CIOs have been trying to move off of the HITS contract awarded in 2005 to two system integrators to create a managed service offering. HUD faced protests of a new blanket purchase agreement for IT infrastructure support services back in April 2020, its unclear the state of that effort today.

Similar to Niblock, Cavallo inherits an IT organization in the midst of a transformation.

OPM’s progress, particularly since the 2015 massive data breach, mostly has been under wraps. Martorana testified during a Federal IT Acquisition Reform Act (FITARA) hearing in August 2020 about the progress OPM has made and shed light on some changes including the move to Microsoft Windows 10 and the move of mainframe technology to a commercial data center.

Cavallo, who previously was the deputy CIO at the Small Business Administration before coming to OPM in September 2020,  became acting CIO in March. He inherits a $125.3 million IT budget this year and a request of $140.9 million for next year.

According to the Federal IT Dashboard, OPM is meeting most of its goals around cost and schedule with 83% of all projects meeting cost goals and 70% of all projects meeting schedule goals.

Among Cavallo’s biggest projects is the seemingly never-ending effort to modernize the retirement services system. Attempts to modernize that system have failed at least four times over the last 20 years.

One of Cavallo’s initial projects will follow the same playbook he was a part of at SBA, which means moving as much of his infrastructure and services to the cloud. For example, OPM is implementing cloud-based cybersecurity tools.

While at SBA, Cavallo and team reduced the number of tools SBA had to manage as part of the cybersecurity modernization effort, meaning using 100% of the functionality of each tool instead of 5-10% functionality of 38 tools.

SBA also showed how the Trusted Internet Connections (TIC) and the continuous diagnostic and mitigation (CDM) programs could be done in the cloud. SBA proved to DHS and the Office of Management and Budget that the outcomes were the same in using cloud tools as compared to on-premise tools.

Prior to joining SBA, Cavallo returned to the federal government from the private sector and served as the executive director for IT operations at the Transportation Security Administration (TSA), where he oversaw the worldwide technology and telecommunications infrastructures, operations and support for more than 65,000 TSA staff.

Prior to TSA, Cavallo served as a senior government advisor at Microsoft for over nine years.

USDS lands expert; two formers find new roles

Another change you may have missed is acquisition expert Frank McNally joining the U.S. Digital Service as a digital services expert and acquisition strategist in early July.

McNally, who started his career as a contracting officer with TSA, worked for the past six years at the Public Spend Forum as its director of learning and content development.

According to the USDS, an acquisition strategist helps agencies “make buying digital services for the government more efficient and effective. Often, agencies don’t have the capacity or expertise to build their own digital services, so they partner with technical experts outside the government. From jumping in on short discovery sprints to acquisition strategy across product portfolios, our biggest strengths are in market intelligence, innovating on evaluation methods, and creating contracts that focus on results over requirements.”

McNally likely will be one of many new hires at USDS. The organization inside OMB received $200 million in the American Rescue Plan Act, in part, to expand its services with new expertise.

Two former federal technology executives found new homes.

Margie Graves, the former deputy federal CIO and deputy CIO at DHS, joined the IBM Center for the Business of Government as a senior fellow and as a digital strategist for IBM’s federal services team.

Margie Graves joined the IBM Center for the Business of Government.

“As a senior fellow, she will focus on research, public speaking, and writing across a broad range of technology and data issues including cloud computing, analytics, emerging technology, and cybersecurity,” wrote Dan Chenok, the center’s executive director in a July 19 blog post. “Margie’s work with the center will be informed by her experience and expertise related in part to improving the way government delivers results and technology services to the public.”

Graves left federal service in December 2019, after more than 18 years in government, including three-plus at OMB.

Over the last 18 months, Graves led her own consulting firm and was a visiting fellow for the IBM center.

Rick Driggers, the former assistant director for the Integrated Operations Division at the Cybersecurity and Infrastructure Security Agency (CISA), joined Accenture federal services, where he will continue to focus on cyber issues, particularly within the critical infrastructure sector.

He left CISA earlier this month after almost 17 years at DHS, including the last 10 with CISA and its predecessor the National Protection and Programs Directorate.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories