When Richard McKinney started his job as chief information officer of the Department of Transportation, he didn’t know what its network looked like.
“Our network was the child of many hands,” McKinney said. “There was no overarching architectural approach to our network.”
The reason was that the DOT has a decentralized IT structure because of the many smaller agencies that answer to it, such as the Federal Aviation Administration, Federal Highway Administration, and the Federal Transit Administration.
“We didn’t even have a good blueprint for that,” McKinney said. “We couldn’t even map it out.”
McKinney hired a network engineering firm to map out the network with the intention of transitioning to the cloud.
“We discovered that we had several hundred endpoints that we didn’t even know about,” McKinney said. “The truth of the matter is that we didn’t even understand our own network.”
McKinney said that this made it impossible to combat cyber threats because DOT couldn’t secure a network that it didn’t know was there.
“It’s shown us the weakness of trying to do IT in a decentralized way,” McKinney said.
McKinney used the authority given to him by the Federal Information Technology Acquisition Reform Act (FITARA) to have conversations with mission leaders at DOT to convince them that investments had to be made to centralize the network because “the IT sprawl is not defensible.”
“I strengthened the relationship between my office and the CFO’s office,” McKinney said.
McKinney told the agency leaders that cybersecurity is important in keeping the agency mission going every day.
“I became a champion of FITARA,” McKinney said. “An advocate is a better way to say it.”
McKinney used the same company to help DOT’s network get to an “ideal state.”
“This is affording us the opportunity to rethink the entire network,” McKinney said.