OMB

CTOs, Global Cyberwar and Our Collective Future

Posted on

Ccis
If you are a technologist, please take a moment to download the PDF of the report by the U.S. Commission on Cybersecurity.  This report, titled Securing Cyberspace for the 44th Presidency, is the best proclamation of the challenges of cyber I have read.  It is also a roadmap that will help any trying to navigate these very tough issues.

I've been involved in things cyber for a long time.  My deepest
involvement began in December 1998, almost 10 years ago to the day.  
In all that time I've seen lots of studies and lots of papers and many
treatments of the issues.  But I've never seen one that captures the
complexities and the need for specific actions as well as this one. 

I'd really recommend you read every word, if you want to be considered literate in this field.   But if it will be a little while till you get to it, here are some key points:

The three major findings are:  1) Cybersecurity is now a major national security problem for the U.S., 2) Decisions and actins must respect privacy and civil liberties, and 3) only a comprehensive national security strategy that embraces both the domestic and international  aspects of cybersecurity will make us more secure.

The report makes a few points about the Bush Administration's Comprehensive National Cybersecurity Initiative (CNCI).  In general the give credit to that initiative, and call it good.  I agree, it is a great activity I've previously written about that is led by one of the most effective people in government today and has done great work.  But as the comission points out, the work of the CNCI is good but not sufficient. 

The biggest shock for me in this study:  The amount of funding on R&D for cyber security.  I have been looking into the many activities underway, and maybe that look made me deceive myself into thinking it was a well funded effort.  According to the comission, however, they estimate that the total R&D funding in the federal government for cybersecurity is about $300million.  Less than two-tenths of one percent of the total federal R&D.

The report has a great section on identity manangement. 

I am convinced the organizational approaches outlined in the study are the right ones as well.  There is only one place in our government where we can lead solutions to this challenge.  Where is that?  Hey read the report!

What else do I recommend CTOs do besides read the report?  I think one way we can all help the cybersecurity effort is to think through which standards bodies are the most important to engage with regarding security.   A few are here:
http://www.ctovision.com/2008/05/standards-organizations-ctos-should-track.html

This entry was posted in AFCEA, Barak Obama, CCSA, CERT, chief technology officer, Computer Security, CTO, Cyber Initiative, Cyber War, CyberTrust, CyLab, DHS, DIA, Disruptive IT, DNI, DOD, Enterprise, FDCC, Hathaway, Identity Management, knowledge, microsoft, Network Security, ODNI, OMB, Open Source, R&D, standards, Sun, Sun Ray, Technology Leadership, Thin Client.

OMB on CIOs: Some context for the enterprise CTO

Posted on

On 21 October, Mr. Clay Johnson of OMB signed out a memorandum for the heads of all executive departments and agencies in the US government.  Check it out here:

Download 20081023-omb-cio-memo.pdf (0.0K)

This is a great read and a positive move.  It provides an emphasis on the information technology management structure and governance framework.  This type of memo should be required reading of all government IT professionals, but it holds particular significance for the CIO and CTO. 

Read the rest of this entry »

This entry was posted in chief technology officer, Computer Security, CTO, Cyber Initiative, Cyber War, Disruptive IT, Enterprise, Network Security, OMB, standards, Technology Leadership.

Performance Management In Organizations and Computers

Posted on

There are some interesting analogies between performance management applied to organizations and performance management applied to computers.

In both cases, performance metrics are crucial to success.  In organizations, what we reward gets measured, and what gets measured can be more efficiently and effectively done.   In our computers, what we decide is important gets measured, and those measurements can help us drive to increasingly effective and efficient performance.

Read the rest of this entry »

This entry was posted in CCSA, CERT, chief technology officer, Compliance, Computer Security, CTO, Cyber Initiative, Cyber War, CyberTrust, DHS, Disruptive IT, Enterprise, FDCC, Identity Management, Information Warfare, Network Security, NIST, OMB, standards, Technology Leadership, Triumfant, Web/Tech.

Another government IT program succeeds beyond all expectations!

Posted on

2002 congress passed the E-Government Act.  It mandated that the approximately 300 federal entities that can make rules expose those rules in a modernized way and also specified that regulations in draft will be exposed so comments can be solicited.

The government's response: OMB and CIO's from throughout the government established an eRulemaking solution that required extensive IT planning, engineering and the fielding of a new IT system.  The eRulemaking Initiative's Federal Docket Management System (FDMS) was created to provide an online public docket and comment system which expands public access to read and comment on Federal Agency rulemaking. Although it is a centralized system, agencies were given an ability to manage content and workflow related to their own regulations. Scalable web-based solutions that enable users in government and also citizens to find and read proposed legislation and supporting documents was provided.  

And they did this in a way that was way under budget and delivered on time.  And its functionality exceeded all expectations.  Which is GREAT!

As an IT professional, this is the really neat part that bears repeating.  This project, which is very complex and IT intensive, was delivered under budget and on time.  Additionally, its capabilities far
exceeded the expectations of everyone involved.

If you haven't heard of FDMS, maybe it is because it was widely successful.  To frequently the only programs that make news are those that don't deliver on expectations.  That means IT heros, like Pat Micielli of EPA who led this program, frequently don't get the recognition they deserve for the great things they do.

I hope I've gotten your curiosity up a bit on what Pat accomplished. If you are a citizen of the US you should be very proud of this one.  So check out http://regulations.gov for a first hand look.  You will see a single interface into approximately 1.5 million documents.  Don't worry, there is a way you can navigate through these without looking at each individual record.  Just dive in and give it a try.  Search for a term like "data center energy"and view the results or narrow them down by agency.  Or click on those in the range of comment period you are interested in.  which ever selection you pick, notice how all the other facets of the search change as you do.   See how you can guide through the results and how the results keep giving you options for refining results?  After you try it this way, can you imagine doing it any other way?

Government users are giving more access (there are nearly 4 million records accessible only by federal agency users on FDMS.gov).

Overall, as a CTO and an admirer of technologists at the large agencies, I enjoy pointing this out and really admire what these folks have done.   Great Job!  And as a citizen– Thanks!

This entry was posted in chief technology officer, Compliance, CTO, endeca, FDCC, innovation, OMB, Web 2.0, Web Services.