Archive

Posts Tagged ‘Federal CIO’

Archuleta departs. Now what? Some ideas

July 10, 2015 1 comment

OPM director Katherine Archuleta, as I predicted three weeks ago, has resigned. Problem solved, let’s move on.

Fat chance.

In reality, Archuleta’s departure solves nothing fundamental. But she had to go, as I’m sure she understood probably from the moment she peered over the edge and realized — long before most everyone else — the size of the abyss caused by The Data Breach. Talk about big data. As primarily a politician, Archuleta must have realized that she would eventually take the fall for the administration, which of course is ultimately responsible. That’s the way of Washington; always has been. Katherine Archuleta isn’t a horrible person, nor do we have any reason to think she didn’t have the best interests of federal employees at heart. But as President Obama’s campaign manager who secured a visible, plum job, she would get it: This goes with the territory.

And the more the White House spokesman, a sort of latter day Ron Ziegler, pushed culpability away from the administration in the aftermath of Thursday afternoon’s revelation, the more it’s clear the White House itself knows it is somehow responsible for potentially messing up 22 million lives, compromising national security, and making the government look totally incompetent.

“There are significant challenges that are faced not just by the federal government, but by private-sector entities as well. This is a priority of the president,” the spokesman said. Yeah, well, the vulnerabilities of OPM’s systems and the Interior Department facility that houses them existed seven years ago and before that. The incoming just happened to land and explode now. Now we can presume they really, really are a priority.

So now what? It will fall to Beth Colbert, the deputy director for management at the White House, to salve the wounds.

And Obama himself ought to voice his personal concern over this. Some things that occur externally do get to presidents personally. Johnson and Nixon waded into crowds of Vietnam protesters. But more than that, some concrete things should happen:

  • The White House should convene a meeting of the CIO Council to make it clear the 30-day cyber sprint ordered by Federal CIO Tony Scott is now a year-long effort.
  • Pressure test every important system in the government. Hire the top corporate cybersecurity experts — a group populated in part by some famous formerly malevolent hackers — and have them bang away until they find all the weaknesses. Then give agency heads one working week to prove their vulnerabilities are plugged. Two-factor authentication, encryption of data at rest — for heaven’s sake do it already.
  • Hire a tiger team to install Einstein 3A in every agency by July 31st, never mind December 31st. Require the internet service providers to do whatever it takes to make their inbound traffic compatible with this system. If Einstein 3A is so good, how come it’s taken so long?

I know what you’re saying. Yes, it does sound naive. I wasn’t born last night either. This is one of those times, though, that requires an all-out effort. For years we’ve heard warnings of a cyber 9/11. Well, we just had one.

This data loss was no third-rate burglary. Mr. President, America is under attack.

Will CIO Tony Scott Make Feds Eat Dog Food?

February 15, 2015 Leave a comment

The most interesting fact about the new federal CIO, Tony Scott, is that he owns a Cirrus SR22 airplane. At a half million dollars a copy, the SR22 is popular with enthusiasts and even small commercial operators. It’s faster than a lot of other single-engine planes, and it’s made of modern composite materials. But it’s not in the class of single-engine planes with turbine engines and near-jet speeds. Those start a more than a million dollars.

One more thing. The SR22 has a built in parachute so that should the engine quit, the plane can still make it to the ground with the pilot and passengers in one piece.

All in all, not a bad metaphor for federal information technology. It should be up-to-date, perform well, come in at reasonable cost and have a safe way to bail when projects don’t go right.

Since the appointment, all of the trade media have dutifully trotted out the usual parade of experts, giving their opinions on what the new CIO has to do first, what his agenda should be, what he must accomplish in two years. But the White House was pretty clear about what it wants Scott to do: drive value in IT investments, delivering world-class digital services, and protecting federal IT assets and information. In other words, stopping the billions spent on failures, getting online services up to date, and cybersecurity. Pretty much what federal CIOs and their equivalents going back 20 years have been trying to do.

By the blog accounts, Scott left Microsoft in 2013 amicably. For example, Geekwire‘s Todd Bishop reported at the time that Scott left because of family needs following the death of his father, and because he wanted time to complete his instrument rating for his airplane. One tidbit from that post gives a clue to how Scott might approach his White House job. To wit, dogfooding.

These things can be murky, but Microsoft is apparently where the term, eating your own dogfood, first came into the high technology industry in the 1980s. When one group develops new software, Microsoft employees use it internally to see if it’s any good. The practice continued while Tony Scott was CIO. (Aside: That does raise the question of how in Hades the company felt it was safe to publish Windows 8.)

How could dogfooding help federal IT? Consider how the federal IT market has bifurcated. On one side you find the apps and data people represented by the Presidential Innovation Fellows. This side focuses on the quick developments, using agile techniques and multiple data sources. Example: SmokeFreeGov, which is a web site, app, and Twitter handle all at once. Up the food chain a bit is something like the Labor Department’s Enforcement Database. This pulls information from five databases, each developed separately, so they are more searchable and useful.

On the other side are the traditional large-scale developments driven by program managers that still take years and billions. Case in point: The next generation of electronic health records, torturously pursued by the lumbering Veterans Affairs and Defense Departments. Maybe Scott can help each side adopt what it good about the other. Serving each a little taste of the other would be a great strategy. Send a starry-eyed Fellow over to the VA CIO shop for a few weeks. And send some DOD health functionary over to a few hack sessions.

This wouldn’t be dogfooding in the classic sense, more like giving the dry kibble eaters a taste of canned, and vice versa.

By the way, if you find dogfooding unpalatable, so did Tony Scott. Thanks again to Todd Bishop, we know from the Puget Sound Business Journal back in 2009 that Scott replaced the term dogfooding with ice-creaming. Feds, pick up your spoons.