Rod Turk, the Commerce Department’s acting CIO who will be retiring next month, said in a wide-ranging discussion today that the Federal government is approaching the “tipping point” in its IT modernization efforts, and that requirements put in place in recent years to strengthen the hand of Federal CIOs in pushing modernization are resulting in less “rogue” tech projects at agencies.
“The government is beginning to be serious about IT modernization,” Turk declared at an event organized by the American Council for Technology and Industry Advisory Council (ACT-IAC), where he also joked that his pending retirement “might be an example of an IT modernization effort.”
Speaking broadly of Federal government IT modernization efforts and how their chances for successful implementation can be increased, Turk explained the importance of enlisting the support of key “knowledge” and “connector” personnel among IT leaders and rank and file in order to generate organizational buy-in.
“It’s not just the technology” that will make modernization work, he said. “I you want a server, I can buy you a server. If you want a connection, I can hook it up to the Internet.”
“The issue is how do you take the functional requirement…And get everybody behind you to make it work,” he said, adding, “Everyone has an example of a project that just didn’t make it.”
How FITARA Helps
Turk also spoke about the positive effects that the Federal IT Acquisition Reform Act (FITARA) has had in the Federal CIO realm. The 2014 law provides CIOs with more authority over how agencies buy and implement IT, but also holds them more accountable and requires them to report on adherence to major Federal IT regulations.
“FITARA has been a significant driver in the world of the CIO,” Turk said, explaining that the law has forced greater focus on budget issues, and has led him to visit all of Commerce’s component agencies to understand their IT needs and plans.
Those visits, he said, amounted to a “tremendous awareness activity for me,” adding, “I didn’t have that visibility before.”
And because the Commerce CIO office conducts reviews of component agency contracts of $10 million and up, FITARA also impacts the behavior of CIOs at the component agencies, he said. “We have less rogue IT today because of those review processes,” he said, adding, “I have significantly greater awareness” of what component CIOs are working on.
And that heightened awareness, Turk said, allows him to get more good ideas emanating from component agencies and transplant them into others. In the bigger picture, that kind of cross- pollination saves money, he indicated.
The View from Commerce
Discussing his own IT domain at the Commerce Department, he said the agency’s IT budget is approaching $3 billion annually, a figure that is close to 30 percent of the total agency budget. About 30-35 percent of the IT budget goes to development of new systems, with three component agencies–the Census Bureau, the National Oceanic and Atmospheric Administration, and the U.S. Patent and Trademark Office–accounting for a larger share of the new development budget.
Even though smaller component agencies within Commerce do not command outsized IT development budgets, he said his office has been able to leverage development projects at larger component agencies to benefit smaller ones. And he said some of the smaller component agencies are trying to win TMF funding for their projects.
Within Commerce’s CIO office, he said greater emphasis is being placed on developing enterprise management and contacting skills, saying “we will need those as we more to a contract environment in the future.” Outsourcing of IT functions, he predicted, will be one of the bigger emerging trends in the next five years.
Among other areas, he called shared services “a vital piece of IT modernization,” and said the Commerce Department has had “a lot of success” and “cost avoidance” through shared services obtained through volume-pricing contracts
On the cybersecurity front, Turk said the Commerce Department is working on credential management and access control issues, and to further integrate Continuous Diagnostics and Mitigation (CDM) technologies. He singled out CDM as one of the “first shared services in the government” that is now “well entrenched” at the Commerce Department.
Asked about shared services for cybersecurity applications, he answered in the hypothetical, saying that security operations centers are among potential applications, but added, “we don’t have any plans” for attempting that.
AI for Cyber Applications
Turk also spoke about the potential of artificial intelligence (AI) technologies to improve the ability of CIOs to predict security threats and act on them in time to prevent damage.
He said AI would be useful to analyze data collected by network security operations centers that can be overwhelmed by too much data. SOCs “have to look at all that data and make a quick and cogent decision…It’s too much,” he said. Turk said he would like to be able to perform predictive analyses on cyber threat data and then use it to “plug that hole” in network defenses.
“We are always just a little bit late” on identifying cybersecurity threats, he said. “That’s one of the areas where AI will help us a lot.”
The CIO’s Role and Advice to Successors
Speaking broadly of the CIO role at Federal agencies, Turk said, “the more senior you get the less technical you are.” He added, “if you are a CIO that wants to configure servers,” then the job may not be for you. “The biggest issue in this job is the relationships,” he said.
Asked to offer advice to his successor, Turk offered, “Step back and figure out the players. And then develop those relationships.”
“If you treat people right, they will stay longer,” he continued. “Let them revel in their own successes…and they will stick around.”
