Aug 03 2011

The FedTech Interview with Teri Takai

Defense Department CIO Teri Takai discusses what she's learned and her top priorities at the agency.

Teri Takai certainly came to the Defense Department CIO post with some useful back-pocket experience: deploying smart IT in the face of tight budgets in both California and Michigan. Takai had been on the job — with the official title of assistant secretary of Defense for networks and information integration — for only a few months when the president asked the department to dig deep and find billions of dollars in cuts.

"I do believe that it was a huge advantage for me having been in state government. I am not sure how I would have reacted if I had to come directly from industry into DOD."

Takai chatted with FedTech managing editor Vanessa Jo Roberts about what has surprised her (DOD's vastness and IT's pervasiveness) and her top priorities (security and operational efficiencies).

FEDTECH: Since coming on the job late last year, what have you found the most surprising about the Defense Department and its IT organization?

TAKAI: There are a couple of things that really hit home with me from a technology perspective. I have to say that they were surprising. But I think it's really the size and scope and the pervasive depth of the use of technology that struck me. We always think about the need for communication within DOD.

After I got here, I really recognized how much everything that we do, particularly as it relates to the warfighters, is based on every individual's ability to communicate — and not only communicate within the unit that they work in but actually communicate back to support organizations that could be anywhere in the world. It's something that I guess I just had not thought my way through. And so that's been one of the surprises.

The second thing is how everyone in DOD — because they are touched by technology in everything that they do — how knowledgeable people are.

Some of the senior folks say, "Well, I don't really understand all this stuff," but interestingly enough, they do.

They understand the pervasiveness of the technology, they understand the value of the technology, and they understand what they can do with it. And in many cases, senior executives, both in the military and civilian ranks, actually have an in-depth understanding of elements of the technology, which I find different from my experience at the state level certainly and, even to some extent, my experience in the corporate world.

FEDTECH: What are your top priorities for the Defense CIO team?

TAKAI: No. 1 is ensuring that we can protect and defend our networks and applications. Cybersecurity is really a pervasive part of everything that we think about when working on IT issues — now and going forward.

Let me just elaborate on that because it actually goes hand in hand with my second priority, which is ensuring that we are spending our IT dollars in the most effective way.

In many ways, part of our challenge from a cybersecurity standpoint is that we have been and continue to be very, very highly decentralized in terms of the way we spend on IT and very highly decentralized in terms of the way that we operate. That causes us issues from a cyber perspective because it's hard to protect when you have such a variety of technologies and such a distributed way of doing things.

Now, interestingly enough, as you begin to address that issue, you also address the issue of how much all of this is costing us. So the priority that goes along with that again is being able to operate effectively. And again, that's not caused by the distributed nature, but the two things go hand in hand.

The third priority — and it also goes along with both of the other priorities — is our ability to operate in a joint manner, or what I call an enterprise manner. That needs to continue to be a focus for us.

For instance, we want to be able to share information — for example, an electronic health record — all the way from when an individual first comes into DOD to the point where that individual deploys so that we are able to take care of that individual in theater, and then when the individual comes back and ultimately moves into the Veterans Affairs system.

The reason I like the EHR example is that it shows how information sharing has to be not just in what we have traditionally thought of as a business system but that same information has to be accessible in the field and then ultimately has to be accessible after that …

FEDTECH: … at another department.

TAKAI: Yes, exactly. Another example is our need to be able to share all levels of information — across all levels of classification — and make that available securely to our war­fighters. That's one reason why we can no longer operate in silos.

The warfighters, when they are out there, don't necessarily make a distinction about whether they are running on the Army's network or Navy's network or Air Force's network. They just need access to the information that they need, regardless of where it came from, so that they can do their jobs.

Clearly now, with the president asking us to take out $400 billion over the course of the next few years, it really sharpens our focus.

FEDTECH: DOD has a huge footprint, technologywise and sizewise. With the big push on consolidation, and data center consolidation in particular, is that affecting how you spend your money?

TAKAI: Well, it's interesting. Certainly, data center consolidation — reducing physical floor space — does yield savings, not only from the standpoint of better utilization of our capital dollars but also around things like energy savings and just operationally being able to run more effectively.

But another key part of that is if we can bring our data together into fewer physical locations, and fewer technologies that we are using for that information, then we can better share that information across organizations in a more simplified and secure way. Data center consolidation in many ways is an outward and visible sign of our efforts at DOD to look at how we are doing technology on a large, enterprise basis.

FEDTECH: How are things such as blades, virtualized storage area networks, cloud computing and other new tools going to help you achieve some of these goals?

TAKAI: First of all, you can't really, in today's world, do consolidation without moving to virtualization, which of course relies heavily on blade technology, and then moving into shared storage and shared networks. I don't know that you can actually talk about them as being separate.

These are the technologies that now enable greater savings. And quite frankly, if we didn't have virtualization with the underlying technologies, we wouldn't be able to push so hard for people to move into existing facilities.

It really is a technology driver to help us consolidate. And one thing that we are doing is to not look at consolidation as purely moving boxes that then operate in the same way as they had previously, just in a different floor space. We are mainly talking about moving to shared services, which of course in some cases will be synonymous with cloud.

Those are all major parts of what we are doing in terms of being able to look at efficiency as well as being able to work more as an enterprise.

FEDTECH: In Defense, your end-user demographic is very young. How does that affect IT, particularly things such as mobile devices and "bring your own technology" initiatives?

TAKAI: The workforce demographic is really pushing us to do a number of things even though they might make us slightly uncomfortable.

For instance, we had to put out a policy in terms of what we were going to allow from a social media perspective. Social media raises two questions: One, how should our workforce use social media tools in defending the nation? Second, how do we allow deployed staff to use social media tools because they're so important for them as mechanisms for communicating with their families under very difficult circumstances? Social media has been something that we have had to struggle with.

Then, there's the issue of mobile devices, particularly those that we don't control. Commercial mobile devices are a big part of what we are grappling with in terms of ensuring that if our warfighters want to be able to use these tools to communicate with one another in a difficult situation, they can be sure that the information they share is protected. Even something as simple as using a social media tool on a mobile device to find out where to find something in the area can be tricky. If we don't protect that information, that location can become a target.

Those are the types of things we are looking at. We are working very closely with commercial manufacturers of notebooks, tablets and smartpads to work through the security issues. My office is working on putting some policy statements together, not so much around the fact that you can't use these devices but the ways you can use them and the risks.

Mobile devices are a big deal in terms of our technology platform, more than ever before, and we are trying to come to terms with how we bring the technology and the security concerns together to be able to deploy. These devices are also important because they allow innovation close to the warfighters. They allow individuals without deep technical knowledge to actually be able to put up technical capabilities. But again, to be able to do that, we have to be sure it's secure.

FEDTECH: Today, there seem to be more so-called power users. How does that affect IT management generally in a large organization?

TAKAI: It's interesting because there are still individuals in the organization who are not that comfortable with technology or who are very comfortable with one way of using a technology. So there still is the need to be able to deal with that. But I think to your point, we are seeing the scales and the balance tip to where we have much more knowledgeable individuals utilizing the technology.

We also have a phenomenon now wherein because people are knowledgeable about how to use their mobile devices and how to use their PCs and laptops, they quite frankly believe that they are experts on how networks and overall technology should be orchestrated. That's a real challenge because everybody becomes a critic. But by the same token, I would rather have the demand be there and have to work at how you satisfy that demand than to have it the other way around, where you are pushing the use of the technology.

At DOD, everybody gets the part that the nature of the job that we do is not only based on the physical tanks and weapons and so on, but equally on the need for information. It does change the dynamic. Certainly, the advent of the Internet and now this revolution of the Internet being on any device — anywhere, anytime — changes the way that we look at what we do.

FEDTECH: How do you measure your success in your organization?

TAKAI: It is difficult to measure success because we are so big. Ultimately, I am going to measure my success based on our ability to be able to move things like our efficiency efforts and our consolidation efforts forward. It doesn't mean they are going to be solved; it doesn't mean they are going to be perfect.

I am also looking at structural ways to ensure that these efforts continue even when we aren't in a budget crisis. You want to institutionalize these things so they are part of the way that we manage IT.

Photo: Gary Landsman
"Mobile devices are a big deal in terms of our technology platform, more than ever before."

FEDTECH: You previously worked for two very large state IT departments — in California and Michigan. Did that help you in some way prepare for your role at Defense?

TAKAI: I do believe that it was a huge advantage for me having been in state government. I am not sure how I would have reacted if I had to come directly from industry into DOD.

The things that actually are applicable are not so much the technology issues because there are a lot of similarities in that. But areas that I can think of are certainly, first off, dealing with the legislative branch. You have to learn that in state government, and it's been important here as we have had important messages and testimony to give and being sure that we are keeping Congress up to date. So that's No. 1.

Secondly, interestingly enough, is dealing with the media - being able to get out and explain the kinds of things that we are doing was extremely important.

The third piece that I think was really helpful from a state government perspective is that we did a lot of work with organizations like the Homeland Security Department and helping the Health and Human Services Department. Because of that, I had some exposure to the way the federal government works. Now, given that we have so much interaction with Homeland Security, that's a real benefit.

And then the last one is that even though the cybersecurity focus at the state government level is different from what it is here at DOD, nonetheless it was a major, major, major area of focus. That has helped me as I look at that issue in a much larger context here at DOD.

FEDTECH: Have you identified consolidation targets over the next couple of years?

TAKAI: We are currently in the process of developing those. We have been working on data center consolidation for some time - just look at what the Defense Information Systems Agency alone has done over the course of the last few years in terms of actually consolidating footprint and reducing data centers. But what we are doing is to really push it to the next level, particularly given budget cuts.

So today, at least by virtue of the way we define data centers, we think we have 772 (not counting the intelligence community). Most are owned by the services, but some are run by combat support agencies and so on.

We are asking the services to identify how many centers they will be closing or combining over the course of the next few years. That's what we are in the process of doing. The other thing that we are doing is to continue to make sure that we don't open more.

Also, we are pushing people to utilize the DISA capability and not necessarily build out any more data centers than what we need. That's the second part of our strategy.

And the third part is that we are looking at some enterprise applications that we can drive to common data centers. For instance, the Army has embarked on an effort to buy e-mail services from DISA, and now we are looking at how Navy would approach this and how Air Force would, too. E-mail is a very important function to get us used to working together and being able to look at a shared-services way of delivering IT.

FEDTECH: How are you addressing legacy systems as you move to these shared environments?

TAKAI: I don't think it's anybody's particular charge. It's just an issue that has to be dealt with as we move.

One of the things that we are trying to do is to make sure that we are making use of our normal technology refresh plans and our current operations and maintenance budget, and really only asking for new monies on a very limited basis where we think we are going to get a quick return on investment. So this is very much around making sure that we are taking advantage of dollars that we have.

We are also making sure that we aren't exacerbating our problem because we do quite a bit of new development. And what we don't want to do is to make the legacy problem worse going forward.

This isn't about being able to turn this thing around overnight. It's about getting the right mechanisms in place so that we can continue to move forward. And the challenge with our legacy systems is trying to figure out how we draw the information out to share it without necessarily having to replace every legacy system. Because that just isn't going to happen.

FEDTECH: What is your take on the depth of security within DOD systems? What needs to happen going forward?

TAKAI: First of all, there are obviously multiple players here. My role is to set the policy and the technology directions. But another policy organization is responsible for the overall cyber policy, how we interact with other U.S. government organizations, how we interact internationally and also setting the direction for how the military uses cyber. That's not a space that I play in. The space that I play in is around the technology.

In addition to setting the direction around tools and making sure that cyber is being considered, a second role that we have taken on is actually being able to work with the defense industrial base and how we can extend our cyber capabilities to our partners. What's happening now is that those that want to intrude into our networks are in some cases coming in through our partners, not directly through an assault on us.

The third role that we have is formulating policy around insider threats, which have become more and more of a concern.

And then the fourth piece is that we are the civilian oversight organization around cyber issues working with the U.S. Strategic Command and U.S. Cyber Command - largely around our responsibilities for DISA.

That's kind of our place in the world.

What I would tell you is that in terms of establishing a strategy going forward, we won't be doing that just as the CIO's Office. There is so much work to do that we at DOD are trying to bring it all together and make sure that the work is done by the right organization based on individual skill sets.

<p>Photo:Gary Landsman</p>

aaa 1