While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
What do you do when you get put in charge of a roughly $1 billion IT budget for an enterprise that is spread across the globe? You try to get a handle on it.
State Department CIO Frontis Wiggins, appointed to his role in November after more than three decades with the agency, spent the first few weeks of his tenure gathering feedback from senior leaders and management to create a 100-day plan, and then produced a comprehensive strategic IT plan to set the department up for modernization in the years to come.
The CIO’s office is focusing on cybersecurity as a top priority, but it’s also looking to be more collaborative with other agency components and bureaus as it upgrades IT. In an interview with Nextgov, Wiggins spelled out how he envisions the State Department’s IT to change in the next few years.
The bureau Wiggins leads, the Information Resource Management (IRM) bureau, is in charge of infrastructure and support for domestic and overseas worldwide IT operations for the entire department. Wiggins notes that IRM is responsible for infrastructure modernization efforts and also hosts the agency’s partners’ apps and data centers and communications overseas.
Wiggins decided to bring together senior managers as well as those managers one and two rungs below them to get a sense of what users dealt with on a daily basis from an IT perspective. “I told them I needed to hear from them all on where they think our opportunities are for the biggest bang for the buck, and where areas of improvement are for IRM,” he says.
The response resulted in 37 tasks that managers wanted to execute in 100 days in order to push the IRM “in the right direction,” Wiggins says.
“The plan had some deliverables within 100 days, and because we want to revolutionize how we do innovation, on some, we are not going to get there in 100 days, but we want the plan,” he says. “Of those activities, right now, we have a dozen completed, 20-some in-flight and they all have a plan in place.” As a result of the 100-day plan, the State Department launched the Cybersecurity Integrity Center, which Wiggins says serves as “a one-stop shop for what happens if we get a cyber incident.” However, he adds that the department’s strategic IT plan “didn’t call out” cybersecurity specifically “because we believe that is part and parcel to all we do in IT. It’s something we should be doing every hour of every day.”
Wiggins says that in meeting with customer groups — users inside the agency — IRM decided to focus on “innovative diplomacy.”
“How can we help customers meet demands? We don’t do IT for the sake of IT; we’re a customer service organization,” Wiggins says. “Innovative diplomacy is IRM not working in a vacuum, but seeking the best of breed in or out of [the State Department], making sure we are giving folks tools they need to do their jobs.”
IRM is creating a Customer Requirements Office, where customers can come in with an IT need, and the CRO will look at whether the department has it, can borrow it, lease it or get it through an existing contract.
In terms of IT infrastructure, Wiggins says “the idea is to push to cloud, mobile environments, look at segmentation of our networks and worry more about the data we have and less about the apps.”
The State Department is moving to a broader IT architecture. Wiggins says IRM wants to “put data on the right IT platform, and as part of that, we’re doing an enterprise architecture — we haven’t had one in five years. We’ll have a security architecture that lays over top, and business platforms that lay over top of that.”
IT modernization is also a large priority. Wiggins says the agency is “probably spending 60 to 70 percent” of its IT budget on operations and maintenance of legacy IT systems. “It’s a huge challenge and what I’ve told my folks is, if we go through budget austerity, which we’re anticipating, is that I don’t want them spending any more money on legacy systems than we need to.”
Wiggins says that he wants “people to focus on modernization — why pay for something that is only limping along? — and my folks have taken it to heart. We’re doing streamlined tablets with two-factor authentication built in, getting away from hard-wired desktops and going wireless. Modernization renders cybersecurity benefits; old legacy systems can be huge vulnerabilities.”
Ultimately, Wiggins wants to turn IRM and the State Department “into an IT leader and innovator within the federal government.” In the past, he says, "IRM was a little parochial looking at things just within our own bureau and didn’t engage enough with our customers.
“My vision is for IRM to be a customer service and customer-centric organization and run this place like a business,” he says. “Act like you aren’t the only game in town, and if the decisions you make don’t make good business sense, we’re failing as an organization. We want to get folks to cloud, get them more mobile and do so in a secure environment. If we do that, then I’m going to think I’ve done my job effectively.”