Modernizing Authentication — What It Takes to Transform Secure Access
What we were talking about were some of the challenges in that space. I'm not the cyber security guru but I was explaining...[how they need to] think of the broad challenges for information and information technology in Homeland Security.
Let me represent it as a three-legged stool and the legs are people, processes and technology. I'll start with the people leg cause that's the toughest one. We're talking about a number of things like cultural mindsets because we're going to ask people to change both their mindset and how they do things. For example, you've worked within the organizational walls of the agency or entity you are part of and now someone comes along and asks you to share the information outside the walls of your organization. Helping people get to a new way of thinking about things is a challenge. It's not right or wrong. What we absolutely have to do is help people to understand and see very clearly why the new way is better for them as an individual than the old way. How people do work is another component.
The process leg -- that's an interesting one. We've talked about business processes but what also goes into the process leg are things like policies. We have laws on the books that impede the sharing of information. We're not going to do away with privacy or civil liberties, but we do need to evaluate are there any adjustments that need to be made. The CIA by law cannot collect information on U.S. citizens. Is that a good thing or is that something that may impede our ability to combat terrorism? I don't have the answer but I can ask the question and then we can have the dialogue that gets us to the right answer.
Lastly, the technology leg, believe it or not, is the easiest one of the three because those of us who really are information technology experts can figure out how to integrate existing databases, existing applications, can bring in future tools and technologies and we do that reasonably well. But it is the third leg of the stool.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
|Feds Seek Help Battling Cyber Security Threats Curbing Security Threats is Red Cross Exec's Priority Distributed Computing Joins Fight Against Terrorism Poll: Americans Fear Cyber Attacks Disaster Recovery: Lessons Learned From 9/11|
So each leg of the stool has various challenges associated with it. We need to identify them and then overcome them. That's where you can get very detailed. But they are very real challenges. If I have 55 databases that all contain information about suspected terrorists how do I bring them together so an analyst can gain access to all 55 databases easily? What tools do I use to integrate those databases?
Q: Which governmental agencies do you personally work most closely with?
There are 33 I've identified that represent core agencies and are relevant to Homeland Security. Those 33 have missions that are directly relevant to Homeland Security. So I'm becoming good buddies with people in those 33 agencies. It's not an exclusive list. I've got an eight-page list...I don't know the number but there are about 300 to 400 federal agencies and at some point in time I've got to talk to all of them. Among the core: Justice, State, Transportation, Energy, FEMA, HHS, Agriculture, Customs, INS, Treasury, Coast Guard...all the DOD agencies. Pretty much every major agency you can think of.
Q: I understand you formed your own consulting organization, Strategic Information Concepts. What type of consulting does the organization do, and are you still actively involved with that?
No, I have to put that on hold while I'm doing this job. We were focused basically on the strategic use of information for competitive advantage. Most of my clients were commercial private sector but I actually did a lot of work for the federal agencies.
What we were really focused on honestly was the precursor to thinking of information as a product and bringing to bear the concepts of supply chain management. This was in the late '80s. So it was a lot of fun, very much focused on the early use of data administration, information engineering, and information resource management. Those were kind of the methods and techniques we were using and had gotten into.
Those three objectives are about 200 percent of my time.
Q: Which of your skills has served you best in managing IT?
I think there are a couple. One is communication. The second is -- I think probably just serendipity and the good fortune of genetics -- but the ability to ask questions that others may not ask or seeing things a little bit differently than everybody else, has proven very valuable because it enables you to get to possible solutions we might otherwise not have been able to get to simply by thinking about things a little differently. Overall, it has been a very beneficial type of skill -- I'm not sure it's a skill but the way my brain is wired. I think the technology expertise that is gained over 25 years of doing things is very valuable.
Q: What advice would you give someone looking to advance their career the same way you have?
I don't know that I'm real good at giving people advice for their career. I know I've become much more humble over the years...I recognize now that's not what I'm about.
You have to manage your career. I can share experiences I've had and help you determine if there's any relevance to what you're trying to do. I'm reasonably good at that but not good at giving advice. I don't think it's my place to give anyone advice on how to advance their career.
If someone came to me and asked how to become a CIO, I think I'd share my experiences that led to my role as CIO. Here's the combination of skills, experiences, lessons learned, mistakes that got me to that role and then would hope that person would ask me questions about what I learned from a particular experience. I've found that making mistakes...I remember them. I don't always remember the successes; they fade into the background but I can remember vividly the mistakes I've made. Then if you can kind of learn from those mistakes and not make same mistake twice you're probably headed in a good direction.
Q: What keeps you awake at night?
I don't know. I usually sleep pretty well. Honestly it's that people leg of the stool: How are we going to be able to break down the cultural, political, organizational barriers that are absolutely critical to getting to the sharing and integration of information? That's what I worry about. What I'm talking is a huge change management initiative. And as a result it's the people aspect change I'm most concerned about.
Q. What do you do in your spare time?
Sleep. All three hours of it a night. I'm being serious. At the moment, I'm a very boring person. People in our office are working about 16 to 18 hours a day. It's very serious, urgent business from our point of view. We're talking about people and property damage. We're deadly serious about combating terrorism. Right now if you're not working, you're sleeping. It's fun, it's exciting, but if you were look at us from the outside, you'd be thinking, "These people need to get a life." It's tough because my family is not here. So honestly I fall into this rut of "might as well work." My family will be down in late June and after that time it won't be all work.