Meet the CIOs: New IT Leaders Bring Private- and Public-Sector Experience to the Job

FEDTECH: What motivated you to come back to the federal government?

Dunkin: I was asked to join the transition team. It’s a great opportunity to find out what it’s like to work on a campaign, because the hours are insane. You work 18 hours a day, seven days a week. One evening, at 10 or 11 p.m., I had just returned from the gym and was so excited about an idea that I sat down and worked right then. It was a moment of epiphany. There is something about work in government where we can really make a difference. I realized I was interested in coming back.

Jones: I was semiretired. I started my own business and was doing consulting and advisory work. I had a lot going on but going at my own pace. What made me come back? It’s getting a call to service. I’ve worked in government for 37 years. It’s a privilege to serve and to support the government in whatever capacity is meaningful, especially if your whole career has been in public service.

Hysen: I first came to the federal government when I helped create the U.S. Digital Service for President Obama. I knew then that I was going to be working in and around government. I started my career at Google, and we did great work. The private sector is doing some great things. But the impact that I and other technologists can bring to government missions is unparalleled.

When I left the Digital Service, I knew I was ending my first tour of duty. I fully expected to come back and was thrilled to be asked by President Biden to return to serve.

EXPLORE: Data protection and storage take priority across federal agencies.

FEDTECH: What IT upgrade will have the most immediate impact on end users or customers?

Hysen: It’s certainly not one, because DHS has such a large footprint. The President’s Management Agenda has laid out a major focus on improving customer experience, and that is something we’ve embraced.

One of DHS’ primary missions is how we share intelligence with state and local law enforcement officers. So, in coordination with our Intelligence and Analysis Office, we run a platform called the Homeland Security Information Network. We are about to roll out a mobile app that will allow our law enforcement partners to get direct access to actionable intelligence from DHS right from their phones. It’s improving the experience of getting critical information from the federal government, which ultimately keeps our communities safer.

Jones: The big thing we’ve set out to do is our Evolve acquisition, where we are redefining IT services. It’s the largest IDIQ (indefinite delivery/indefinite quantity) contract in our history, covering IT management, cloud and data center services, networking and telecommunications, service desk, user support, and application development. It will probably be a $12 billion to $14 billion contract for up to 10 years.

Within those categories, we will have a list of companies that will compete for that work. This will replace a vehicle called Vanguard and will give us the opportunity to really deliver in the areas where we need services.

Dunkin: What we’re doing to make a huge difference in the short term is to federate the instances of our productivity tools. Our users are mostly federal employees and researchers. DOE has a highly federated IT world, spanning 17 national labs plus additional sites and agencies. Right now, we have more than 20 instances and can’t see each other’s calendars or edit documents together. We want to work as a team, so pulling all the productivity tools together will make a real difference in how our employees, contractors and research partners experience working within DOE. We’re working through the larger offices first and will federate over time. It’s not a technically complex project. It’s having the conversations and getting the agreements done.

FEDTECH: How will you use technology to improve the citizen experience, consistent with the president’s recent executive order?

Jones: There are a few things that have already transpired. When you look at efforts in Consular Affairs, we’ve improved security features with next-generation passports. We will finish rolling out next-generation passport printers by late summer. With online passport renewal, we’ve really taken a look at human-centered and user-centered design practices. For example, you can now take a photo online and no longer have to figure out where to get a photo taken. It’s really streamlining and making the process highly efficient.

Dunkin: We don’t have a lot of public-facing services. The Energy Information Administration publishes statistical data that the public can access. We offer grants to organizations. So, where we have customer-facing services, we are committed to being Section 508-compliant and ensuring we do user-centered design for all the systems as we upgrade and replace them.

Hysen: We’re looking to build out a practice of customer experience across DHS and bake it into everything we do. We’ve established a customer experience steering committee across DHS and have representatives across our operational agencies.

LEARN MORE: ITAM gives Army PEO STRI the information they need to track thousands of IT assets.

FEDTECH: Which of your agency’s IT projects excites you the most?

Dunkin: What excites me the most is the fact that we’ve built out the capabilities to quickly deliver new services. Instead of doing monolithic development from scratch, we’re using a low-code development platform, APIs and off-the-shelf software to quickly respond to needs and get stuff done. For example, we quickly rolled out an applicant tracking system recently for the Clean Energy Corps initiative. We have 1,000 new openings as part of the infrastructure bill.

It’s exciting to deliver new services in a matter of weeks. In the past, government would say, “We’ve got to build something from the ground up. Give us six months, and we will give you a quote.” And oftentimes, you would not meet deadlines.

Hysen: The synergy created when our agencies work together and the impact IT has on the mission. One area is the work we’re doing on Southwest Border processing. Last year, we launched an effort across Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE), and U.S. Citizenship and Immigration Services (USCIS) to digitize how we process noncitizens at the border, ultimately supporting our goals of a more effective, more efficient, more humane immigration process.

Border Patrol agents now review and sign cases electronically, where they previously printed out and shuffled paper around the station. ICE developed in coordination with CBP a system that allows them to accept and review cases electronically. It cuts down the time noncitizens sit in custody by up to, potentially, several hours just by better flow of data. USCIS is the long-term holder of immigration records. They’re working to enable us to have a fully digital record.

Jones: I’ve talked a lot to our team about driving customer centricity and improved governance. We want stakeholders in the process, such that we’re in partnership and getting things to work. We’ve launched our inaugural CIO Council, where we have representatives from the five undersecretaries and functional bureaus across the department, where we have good, solid discussion around program initiatives and strategic decision-making.

FEDTECH: What’s been the impact of the flurry of IT-related executive orders (EOs), combined with increased cyberthreats, on your IT planning?

Jones: One of the big challenges at the State Department is that we are under constant attack from adversaries. So, we try to stay ahead of them. We look at multifactor authentication and ensuring we have encryption with data in transit and at rest. It’s getting into that zero-trust state across the department. 

Making sure we have our priorities lined up to support those initiatives is critically important. As I’ve expressed to our leadership, there are things we have to take corrective actions on. We can’t do it overnight. It’s something we continue to build toward, and make sure that if and when we identify gaps, we mitigate those risks in close coordination with all our partners, including the Cybersecurity and Infrastructure Security Agency.

Hysen: It’s a lot to keep up with. That said, the cyber EO is incredibly ambitious. It could be incredibly impactful in strengthening federal cybersecurity. The industry has seen three major breaches in the last year: SolarWinds, Microsoft Exchange and Log4j.

What’s important is that we see each one as an opportunity to take critical lessons learned and improve our defenses. SolarWinds taught us about the need for true zero-trust architecture and increased visibility into our cloud environments — and we’re implementing it. Log4j highlighted the need to have a better understanding of the content of our software. It drove home why we need to better understand the provenance of the software that we are putting on our networks in a much more actionable way.

That’s driven forward our conversations in the space. While it’s challenging, I’m encouraged by the way we’re taking each incident as an opportunity to respond professionally across the government and continue to evolve our defenses.

Dunkin: EOs are a double-edged sword. They are almost always full of good things we should be doing. In some cases, we’re doing them already. The challenge is that EOs don’t come with money. Money might follow, but they almost never come with a pot of money attached.

The price for the cyber EO is substantially more than the funding that we’ve received. In addition, I can’t hire enough folks to do the work. We’re going to do what we can with the money and the people we have and attack our biggest risks first. Each year, we’re going to do better and get more of that done.

DIVE DEEPER: The Navy is shifting to a cloud-based Microsoft Office 365 solution.

FEDTECH: What project from another agency impresses or inspires you, and why?

Dunkin: What inspires me are all the projects you never hear about, because what you hear about are the $100 million, $500 million or $7 billion projects that are in trouble. You don’t hear about the little things people are doing every day to make government better, and that’s what inspires me.

I went online recently to renew my Trusted Traveler status. CBP has a brand-new website. It integrates with my government ID, and because I did that, the system basically went, “We know who she is. We know she has a security clearance,” and I was approved overnight.

Those kinds of things are happening all over the government. People are making the government more user-friendly and more efficient. But what you hear about are the big ugly things that fail. To me, the inspiration is all the things we don’t know about or that we just run across, like CBP’s website.

Hysen: I will give Keith some credit at the State Department. During the Afghan resettlement and evacuation efforts, the State Department stood up a number of systems incredibly quickly, first to identify and contact Americans that were living in Afghanistan to help get them out, and second, tracking resettlement progress. They built that incredibly quickly, using off-the-shelf platforms and really meeting the needs of State as well as other agencies in coordinating the effort.

Jones: I’ve been so focused on the department here that I really haven’t seen a lot of outside projects. From an acquisition standpoint, looking at DHS’ best practices and also the work by U.S. Digital Service is always impressive. We will potentially look into standing up our own digital services team in the future.

FEDTECH: Do you have any tips you'd like to share with other CIOs?

Jones: Be open to communication and embracing change. Just because something is done one way, that doesn’t make it right. Embrace the change that we need to move forward. 

Also, being able to build solid relationships helps and goes a long way. I’ve always been able to build really good relationships with our functional bureaus. It’s not being afraid to establish your peer network internally. Leverage them and talk to them. I’m maybe one of two or three political appointees in the functional bureaus. I’m the outsider, but I’ve been able to establish relationships with everyone. I don’t consider myself an outsider now. And I don’t think they consider me an outsider, because I’m open and try to be very transparent in discussions. It’s all about partnership.

Dunkin: Don’t just take no for an answer. Many federal employees have spent a long time in bureaucracy. They want to do a good job, but many have been worn down by the environment and are inclined to say no too quickly. So, finding a way to get to yes with folks and finding a way to empower them to take chances and get to yes within the parameters of not breaking the law is going to help you go a long way.

Hysen: Honestly, I’m learning. I’ve been in the job now a year-plus. One of the most useful tips that I’ve heard was from Luke McCormack, the former DHS CIO, who talked about how modern CIOs should use their time. He liked to talk about end-user support, networking and IT infrastructure — that used to be a significant majority of what most CIOs were spending their time on.

He said that if you’re doing your job well, if you’ve got a good organization, that should be 10 to 20 percent of your time. You should be spending the vast majority of your time focused on two things: One is setting the strategic direction for modernizing delivery at your department and then ensuring successful delivery of the most critical priorities for the department in the immediate term. That’s been incredibly valuable to think about.