CIO Crossroads: Federal IT in the COVID Crisis – Federal CIO Edition

The ability of Federal IT operations to adapt almost overnight to support citizens and workforce amid the unique challenges of the national pandemic is one of the few bright spots in the past three months of turmoil. The drivers of that performance are neither easy nor accidental, and depend on steadfast leadership. MeriTalk is chronicling the untold stories – and lessons – of Federal IT success during the pandemic. Please join us for a conversation with Federal CIO Suzette Kent, who spotlights the value of teamwork, fast action, and focused leadership in times of crisis.

Speed, Collaboration Drive Pandemic Transformation – Federal CIO Q&A

Since becoming the fourth Federal CIO in early 2018, Suzette Kent has been a tireless advocate for government IT modernization and the benefits that better technology can bring to citizens. A prime mover behind OMB’s President’s Management Agenda that drives modernization as the key to improving Federal agency mission outcomes, Kent has skillfully put those ideas into action as leader of the Federal CIO Council.

In normal times, there might still be room to debate the relative benefits of modernization. But the last 12 weeks of Federal IT performance and transformation in the midst of pandemic have settled the question once and for all. Kent offers the proof: civilian agency investments in modern infrastructure and applications have yielded an 800 percent increase in telework capacity. That allowed many agencies to send 80-95 percent of their workforces to safer locations.

Because modernization based on secure and scalable technology already was well underway, smaller pilot projects could be grown quickly into mainstay programs to meet pressing demands. Examples include a cybersecurity pilot that jumped from 10 percent to 80 of capacity, and the creation of emergency funding portals in less than a fortnight. At the same time, older ways of doing things – like wet signatures and printing – have gone to join that old desktop PC in the basement.

In an exclusive interview with MeriTalk as part of our CIO Crossroads series, Kent highlights the pillars for Federal IT’s strong performance during the COVID-19 pandemic – speed, collaboration, ingenuity, scale – and even more speed. From the early days of running triple-shifts in the IT shops to the relative stability of the new normal, those concepts continue to drive rapid change to meet whatever lies ahead.

Credit for the Federal IT pandemic performance can rightly be spread around to hundreds, if not thousands, of tireless professionals dedicated to serving the American people. Kent assumes little on her own; we’ll leave it to the many agency CIOs we’ve interviewed to do that. The common refrain from those CIOs: a tireless convener of cross-agency leadership dedicated to fast problem-solving, no matter the obstacles. Continuity planning and fire drills only go so far; when crisis becomes a reality, there’s no substitute for insightful and unflinching leadership.

MeriTalk: Can you offer some metrics that would give a sense of the scope, scale, and speed of the Federal government’s mission response at the onset of COVID-19?

Kent: We all pivoted to telework at the same time. What we expected to see, and did see, in the first few days was an uptick in both questions and adoption. And, we expected to see significant increases in VPN traffic, and time spent on teleconferences and collaboration tools.

Now, 10 weeks into it, agencies are ranging from 80 percent to 95 percent of their team teleworking. Overall, we saw volumes up more than 800 percent over anything we’d seen before. Not only are people online and using tools, we’re also seeing great productivity. We’re hearing from many of the agencies who’ve been tracking productivity and specific outcomes that we have not seen productivity going down. And the outcomes are great – those have been fantastic numbers.

And we’re moving faster. The Small Business Administration and Treasury were able to set up new application capabilities in less than two weeks. What’s important is that it’s scalable, secure, and has a high degree of functionality. They were able to do that because of the investments they’ve made in infrastructure and modern technologies, and because they were using technologies that were configurable and came with a lot of the security embedded inside.

Some of our wins were in places where we had small pilots running. We had maybe 10 percent of volume or activity on something that we were trying digital, and we saw adoption move anywhere from 50 percent to 80 percent of the digital option. These metrics show that we can get people there.

MeriTalk: What are some of the lessons learned, and what will that mean for the future?

Kent: I want to start with a thank you to the Federal IT community, Federal employees, and the broad-based community of vendor partners and contractors. They have responded with urgency and focus. We have agencies that are working three shifts around the clock as we initiated this – and we met every day with the CIOs and CISOs. We moved information through many of our normal protocols, but we ran them faster. So, something that normally happened once a week was happening every four or six hours.

Some of the collaboration tools – like cloud-based email, where there were a set of security protocols around mobile devices and device security – were part of our PMA two years ago. We were driving those, reporting quarter by quarter, and talking to the agencies, so we were able to pivot quickly.

We also learned some things about supply chain. One thing I’m most excited about is that we reconsidered things that had to be done in person. It’s amazing how creative people have gotten, and that is really good. And they’ve maintained productivity. That’s a proof point to let us rethink what our physical footprint may look like long term in the Federal government, and what our most important infrastructure investments need to be for the future.

MeriTalk: What have been your largest priorities and successes during the pandemic? What are you most proud of, and what has surprised you?

Kent: I’m proudest of the way that the Federal community has collaborated. They shared people, they shared work products, they offered to come together in working groups to solve something on behalf of the entire group. They stepped to the forefront to take on challenges.

I’ve been pleasantly surprised by the willingness to reexamine certain processes. For example, someone needed a wet signature, and when we really dug into it, we found they didn’t. People are telling me things like, “I don’t print out my emails anymore or I learned to share a document.” In the technology community, everyone works with those tools every day, so they are normal, everyday bread-and-butter activities. But seeing them adopted in the broader business community and with people who haven’t used them before, is gratifying. They are delighted, and they think they’re easy and intuitive.

Read other Fed success stories

MeriTalk: Where do we need to go from here?

Kent: There are some things we need to be able to do across the Federal government. We need to push a little harder on why we have different opinions on certain things. We have been very pleased with our success with commercially available software, especially those that are highly configurable. The reason we could act quickly is that we already had the solutions inside the government. We could make changes on something where we already knew the infrastructure of the security and functionality was strong.

MeriTalk: Could you tell us about specific lessons learned in the areas of modernization, cloud, cyber, and authentication?

Kent: Starting with modernization, we wouldn’t be where we are today with agencies and maintaining mission continuity if we hadn’t made the investment. Over the past couple of years, we have driven success in those areas. You could look at email collaboration tools, device security, and connection to the CDM dashboard. We didn’t have to create a process, we just had to scale it. Those are big successes.

With cloud, as we move the entire workforce to telework, we had to do different things with data that were outside the scope of what we even thought about as normal. Those scalable solutions, along with our partnership with engineers on those various teams, gave us resiliency and options that we would not have had previously.

On the cyber side, we had to define what the new normal looks like in the Federal enterprise. An example is DHS and its ability to get projects that were in a pilot moving faster to address changes in the threat surface and the behavior of bad actors. Although they partner with Federal agencies every day, we don’t typically have every CIO and CISO and our DHS and CISA teams on the phone every single day like we do now.

Lastly, with authentication, we’ve learned we have a lot more to do. The more that you do in a digital manner, the stronger those capabilities have to be. There are some places where we were pushing on new solutions, and we are going to push even harder.

MeriTalk: Big picture question – what do you think will change in government and society moving forward as a result of the pandemic?

Kent: When we think about processes, we will look at it with a filter of “How can I do this without or with limited person-to-person contact?” In the long term, it changes the game on the footprint and enablement of our workforce. Technology tools help people who may have other types of challenges fully participate and contribute in the working environment. I look at it as expanding the potential workforce, and that’s really exciting.

MeriTalk: In those very early days, what were some of the first steps you took, and how did things unfold and develop?

Kent: In times of crisis, you get a lot of clarity about what’s important. Some of the first things we did were about moving to maximum telework to support the safety of the workforce. We asked agencies for guidance to define what mission-critical functions they needed to support their mission and citizens – or anything related to response. We took away that daily traffic through policy and guidance.

Specifically, in the IT community, we started daily interaction. The fast dialogue and policy on mission continuity through technology enabled business to continue without people being in the office. We pushed those forward and used that as a mandate rather than an option. It’s more convenient – which is very often how digital capabilities are pushed out – as a mandate first.

MeriTalk: Telework has been at the heart of many of the conversations that we’ve been having with Federal IT leaders. In terms of cross government, what has worked well and what were the challenges along the way?

Kent: What has worked well is continuing basic day-to-day operations and communications. Where we’ve had some challenges is in onboarding and off-boarding people. In most cases, we need government-specific devices. The Federal government is not broadly a bring-your-own-device environment. There’s still some person-to-person contact and requirements that we’ll continue to work through.

We also changed the rules to allow for maximum telework for agencies. It didn’t matter if there was a telework agreement in place. We flipped the whole thing and said, “Only come in if you can’t do your job without being physically present.”

In some cases, there were people who wanted to go into the office. They really missed the dynamic of interacting with their peers. So, we had to work harder to put collaboration tools in place to make sure they were still having some human interaction, even if it wasn’t in-person.

MeriTalk: How does the pandemic affect the PMA? Are things speeding up or slowing down?

Kent: If we are focusing on mission-critical things, the pieces of the PMA that contribute and are highly useful in this situation not only continue, they have been part of our response.

These include initiatives like data-sharing protocols and clarity of defining cross-agency questions, digital acceleration and expansion, and digital capabilities across paper-based processes. Agencies had this list of processes that they wanted to digitize, and they’re all spread out. Some of them took a pilot and moved it faster because it was critical. There are other things that are important to our long-term roadmap, but weren’t necessarily the most important things in the here and now for the response. So, for some of those things, we’ve shifted dates.

MeriTalk: Traveling back in time three months, what advice would you give your future self?

Kent: Pace yourself. We all went 24/7 around the clock, but that is only sustainable for a short period of time. One of the great things about the IT community is the ability to say “We need to pause here because folks need a break,” or having someone say “We are going to do this on behalf of everyone else, so there aren’t so many fragmented pieces.”

We have been able to use a lot of the processes that were already in place, just faster. We did a good job when I think about continuity of operations plans. We had meeting protocols. We had a utility where we could share resources and information that was secure across the CIOs and CISOs. Instead of using them when we had a need to know, we used them every single day. It was really great to have those in place. We saw other groups have to build them.

As a contributor to our continuity of operations plans, there are some things that are natural for the tech community because of the nature of the skills and the disciplines and because things do move more quickly. This experience might be helpful as a resource for other communities as we go forward.

MeriTalk: Cybersecurity is always a threat. Have you seen the threat change in the pandemic, and are there any metrics or anecdotes that you can share?

Kent: Everyone was hunkered down and prepared for it. We saw huge increases in phishing and things related to response actions being exploited, such as “Did you get your check? Enter your checking account number, and we’ll find it for you.”

We saw non-authoritative, non-data driven, non-fact based information come out. That’s another reason why pulling down against the data strategy and connecting and sharing data across agencies was critical to getting out accurate and trusted information.

Also, information sharing with vendors, industries, and other countries has been important as new things emerge. When it’s a new normal or your environment has changed, it’s more difficult to identify things that are different.

MeriTalk: If you could have spoken to the whole Federal government three months ago with the knowledge you have now, what would you have advised?

Kent: The CIO Council was focused on zero trust, cyber security, improving our operational integration, digital service delivery, digital mission, operation consolidation, and shared services. Those are all the right messages. It’s just that adoption doesn’t always move at the speed of capability. There are different paces of adoption across agencies.

Agencies don’t have to speculate what they might need. It’s not an analytical guessing game. It’s a proof point and it’s based on facts. I have history to look at and to clearly demonstrate what needed to happen, and what outcomes were driven.

Finally, we learned that we need collaboration tools that are cross agency; we need better interoperability. We should have pushed some of the digital citizen services faster. There’s a really important integration between the Federal government and state and local governments, and that’s a complex issue to resolve. We have to look at an end-to-end process and address all points of failure.

MeriTalk: What has been the impact of government collaboration and cooperation in terms of sharing information and best practices across agency IT teams?

Kent: We have met with representatives from the FCC and our telecoms to look broadly at what kind of coverage we have from a Federal workforce and an agency mission standpoint.

We’ve met with state CIOs through NASCIO; we talked directly to all the CIOs and then to a sub-group on specific priorities. At the Department of Labor, for example, we figured out which states are having the greatest challenges, and how we can help get the end-to-end process working. In a pandemic, state and local governments are the first line of defense. So, we are looking at processes and information sharing so we can be more consistent and forecast better.

Looking at data, we know when certain things occur like unemployment or a disruption of the supply chain. There are some analytics that predict what is likely to happen next. If we have high- quality data, we can start taking actions to manage what might happen next and maybe lessen the impact. And that’s an outcome I would like to see in the future – extending our use of data to lessen downstream impacts.

MeriTalk: How have your days changed since the pandemic? Do you feel fully entrenched in the new normal, and what does that feel and look like?

Kent: We had a certain sense of consistency. We had X set of activities during normal business hours, and then after work, we had all the fun of the D.C. community – events and networking. Things also went in certain cycles. You knew when a certain discussion was coming up; you knew how long it would take for certain issues. What happened during the pandemic is that every minute could be a big thing or small thing. The timeline was 24/7.

Partners and peers across the technology community are having to reset personal boundaries and think about things in a different way – “I am not going to pick up my phone before 6 a.m. today,” or “I am going to turn off my computer at midnight” to ensure people have a balance.

I am pleased with the productivity numbers when we look across agencies because that says people are figuring it out, but it is different.

MeriTalk: Are there any shout outs to your team members or colleagues across the government that you’d like to share?

Kent: I have to shout out to my own CIO team and the CIO Council because everyone took issues and ran them to ground fast on behalf of everyone. It’s a very collaborative group, but it was even more supportive as folks were trying to move rapidly.

I also have to thank our vendor community. I had conversations daily with many of the senior leaders at those organizations, making sure that they were clear about the key priorities. They were responsive. They understood what our priorities were from the Federal side, and that was helpful.

And, our business and mission folks have embraced new ways of doing things. We’re in a different environment, especially now that we’re through the process.

The general American public has been delightful in how they’ve pitched in – whether it’s vodka manufacturers making hand sanitizer or – as you know, I’m an LSU fan – turning the Pete Maravich Assembly Center into a place to produce PPE gowns and masks using 3D printing. From the daily work being collaborative and innovative to the general population being innovative, I see the glass as being really full about our ability to get through any kind of challenge.

MeriTalk: How will you and your team function in a world without conferences? What do you see as the path forward for interacting with industry and your colleagues across government?

Kent: It’s something we are still trying to understand and it’s two sided. Individuals and government have to communicate more about which subject matters they care about. Who delivers content and the value around those interactions are also important considerations as we embrace different delivery mechanisms.

There are a lot of paths forward for delivering pure content. I don’t know the answer on some of the networking and relationship building aspects. For those things, I think we’re going to have keep looking for options and alternatives. With a big conference or in-person event, you have all those things in one big package without having to work too hard for it.

Read other Federal success stories from the COVID-19 pandemic.

Categories

Recent