Initial interviews include those of Aneesh Chopra (Federal CTO), Linda Cureton (CIO, NASA), Tim O’Reilly (O’Reilly Media Group), Nigel Ballard (Federal Marketing Director, Intel), and Teresa Carlson (VP, Microsoft Federal).
IT spending on cloud computing is increasing, with 16 billion USD spent in 2008 and 42 billion USD forecasted by 2012. With Minds in the Cloud, viewers will be able to understand more fully why cloud computing services are becoming increasingly important, and what the future may hold for citizens, businesses, and the government as this shift occurs. Candid discussion of issues related to privacy, data portability, standards development, and the social implications of cloud computing will be discussed.

Viewers are encouraged to visit http://mindsinthecloud.org to watch the latest interview, as well as to follow http://www.twitter.com/mindsinthecloud for notifications about new episodes as they become available. Minds in the Cloud will be capturing interviews across the United States in Q1 and Q2; if you’re a subject matter expert in this area, please feel free to reach out to setup an interview.

2010: It’s here already — and, as with every new year, it brings with it lots of promise and, inevitably, a few challenges, too. That’s certainly the case in the area of cybersecurity.

If 2009 was a year in which we saw cybercrime expand as never before, then 2010 looks almost certain to see an increase in threats — especially as related to government networks, social networking sites, banking security, and botnets, as well as attacks targeting users, businesses, and popular applications.

And now for the good news…

While 2010 will see us facing the same level of cyber issues we faced 2009 (albeit with the inevitable new twists), we can also expect to see an increase in the overall effectiveness of government, business and law enforcement — powered by innovative new technologies — to combat cybercrime.

With that dynamic — formidable challenges, but an increasingly powerful arsenal with which to face them — in mind, let’s make a few “predictions” for the new year. After all, anticipating what lies ahead is the first — and most important —n step in achieving success in any challenge.

5 for ’10: Our Top Five Cybersecurity-Related Predictions for the Coming Year

1 — Social networking sites may not relate directly to government agencies, but their widespread use means they “matter” for any enterprise. As such, the most popular mediums, such as Facebook and Twitter, will face more sophisticated threats as the number of users grows. The explosion of applications on these outlets will be an ideal vector for cybercriminals, who will take advantage of friends trusting friends to click links they might otherwise treat cautiously.

2 — The expansion of HTML 5 will blur the line between desktop and online applications. This, along with the release of Google Chrome OS, will create another opportunity for malware writers to prey on users.

3 — Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot.

4 — Banking Trojans will become more clever, sometimes interrupting a legitimate transaction to make an unauthorized withdrawal.

5 — Botnets will remain the leading infrastructure for cybercriminals, used for spamming to identity theft. However, recent successes in shutting down botnets will force their controllers to switch to alternate, less vulnerable methods of command, including peer-to-peer setups.

The Federal Angle

We often think of “civilian” applications and “government” applications, but the increasingly seamless nature of the world means the potential fallout of cybercrime knows no borders and does not distinguish between victims.

Given that reality, it is, inevitably, the U.S. government that has the most power to make positive changes — even if the collaborative role of the private sector, especially for technology development, is a vital one.

To that end, the U.S. government would be well served to create an entity that has the ability to transcend corporate competition. This will allow trust to be brokered and ultimately, relationships so the best counsel is provided to the national leadership before, during and after cyber attacks happen.

In addition, our leaders should focus on defining U.S. government cybersecurity standards through collaboration with the private sector, specifying process, performance criteria or functional specifications for best leveraging COTS technologies while not requiring specific products or technologies.

Of course, these aren’t the only measures that can — or should — be taken, but they represent a positive direction and, most importantly, reflect the borderless realities of the world in which we exist.

About McAfee Labs

McAfee Labs is the global research team of McAfee, Inc. With the only research organization devoted to all threat vectors— malware, web, email, network, and vulnerabilities—McAfee Labs gathers intelligence from its millions of sensors and its cloud-based reputation technologies such as Artemis and TrustedSource. McAfee Labs’ 350 multidisciplinary researchers in 30 countries follow the complete range of threats in real time, identifying application vulnerabilities, analyzing and correlating risks, and enabling instant remediation to protect enterprises and the public.

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. McAfee is relentlessly committed to tackling the world’s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. www.mcafee.com.

The federal government spends more than $75 billion annually on information technology. Due to its size and critical mission requirements, feds have often lagged behind the commercial sector in embracing new technologies. With cloud computing, however, the federal government is leading the way.

From the earliest days of his Administration, President Obama along with his technology team focused on the importance of cloud computing as a key innovation that could reduce energy consumption and enhance agility within U.S. federal agencies. Federal Chief Information Officer Vivek Kundra laid out a vision for cloud computing that addresses the “Five Pillars” of the government’s IT agenda: citizen engagement, reducing the cost of government operations, driving innovation, transparency, and cybersecurity.

Many other governments around the world are getting on the cloud now. They are interested in the United States’ lessons learned and future vision. In a short time, federal agencies collaboratively created a formal definition for cloud computing; launched the first government cloud storefront, Apps.gov; created a federal cloud computing program and governance structure; and began addressing critical success factors such as security, portability and interoperability, and education and awareness.

Cloud computing is truly a game-changing development. A few examples:

• The cloud’s scalability implies that government agencies no longer need worry about reaching the limits of their digital capacity. By transitioning to the cloud, agencies tap into an infrastructure that is as flexible as their needs are varied. 
• Cloud solutions encourage cross-agency collaboration and help government perform better for the American people.
• The federal government’s commitment to cloud computing signals to private industry that smart technology solutions are the future of government.

The General Services Administration experienced many of these benefits by moving the federal portal, USA.gov, to the cloud. GSA wanted to reduce costs and add scalability and flexibility to USA.gov in order to meet emerging citizen needs. Using a traditional IT procurement, it would likely have required six months to upgrade USA.gov to keep up with growing traffic, at a cost of approximately $2.47 million per year. In a cloud environment, GSA is able to perform upgrades in one day at an annual cost of $806,000. The transition significantly lowers GSA’s costs and improves the scalability of USA.gov, saving taxpayers $1.7 million annually.

Of course, the private sector is a vital partner helping the federal government realize the benefits of cloud computing. Companies such as those participating in the FedScoop Cloud Computing Shoot Out will play a critical role in advancing innovation and overcoming challenges. Cloud computing has a bright future, and today’s event is one more step in that direction.

#   #  #

Casey Coleman is chief information officer for the U.S. General Services Administration.  She is a co-chair for the Federal CIO Council’s cloud computing Executive Steering Committee.

I suppose you can’t have a Shoot Out about Cloud Computing without talking about Silver Bullets. So, bang, bang, here goes!

There is a lot of discussion about Cloud Computing and it has become a very popular term. Because of this, there is a lot of confusion about the definition of this evolutionary computing capability. Nevertheless, the confusion and hype do not negate the significant benefit that this technology offers. Grave budget problems are forcing most Chief Information Officers (CIOs) to seriously look at these capabilities and their potential to save costs. Furthermore, the Obama Administration, through the Office of Management and Budget (OMB), is strongly encouraging Federal CIOs to consider this and other types of innovation to address agency challenges.

The Bull – Get Past the Hype

There is so much marketing hype surrounding Cloud Computing it is very difficult to sift through issues to determine whether there is a benefit for your organization. What further exacerbates this is the … dare I say it … cloudy definition of what Cloud Computing really is. It’s always good to agree on the definition before you even start to have a conversation.

Cloud Computing is a style of computing where scalable and elastic capabilities are provided as a service through Internet capabilities. Elasticity is the most important attribute and is looked at from the perspective of the consumer of the service. Capabilities are acquired at the consumer’s (end user) discretion and are automatic, demand-focused, with no manual intervention. There is no need to place a call or make an order; these capabilities are done in an automated fashion. The elasticity provides for a “pay as you go” concept that negates the need to build infrastructures for new products or new development projects. The cost savings are achieved through this elasticity. Its security model is designed to operate in a hostile environment and focuses on flexibility. The security model is best described as rather than building a big secure moat around a computing environment to protect data, have “armed guards” escort data every where it needs to go.

CIOs should strongly resist the allure of the hype and look at this style of computing as a means to an end rather than the end itself. It’s not the style of delivering the technology that is important, it is the mission and business value. However, if CIOs are not sure about the mission and business value, piloting a few small initiatives to get your feet wet in any new innovation can always have the potential of delivering great results.

The Silver Bullet – Determine If This is Appropriate

Cost savings is typically a strong driver for considering use of cloud services. However, it is not always cost effective. As CIO of NASA, I can’t overlook the economic attraction of obtaining, for example, email services through a cloud service provider. Many of these providers can meet or exceed my service levels for a fraction of the cost of providing the services internally. However, the complexities of internally provisioning cloud services for other less appropriate applications may drive costs higher when compared to traditional computing methods.

Efforts requiring new design, new integration, and development are well-suited to cloud computing. However, large-scale transaction processing may be better suited for traditional computing methods. As NASA CIO, I have a strong interest in the suitability for scientific and technical requirements early in the development and concept stage. This is very attractive also for negating the need to invest and build complex infrastructures before the requirements are fully developed or before they are needed.

The Silver Lining – Do What is Right for Your Organization

Obtaining services through cloud computing can deliver radically lower cost when compared with traditional environments. Not every organization will find appropriate needs to use Cloud Computing. However, CIOs should strongly investigate the usefulness and potential cost savings that this computing environment may offer. Here are three strategies to start:

Strategy 1: Begin to consume cloud services

Investigate high value areas where cloud services are appropriate. Specifically look at cloud services for opportunities to reduce fixed-cost services or explore it as an alternative to investing in the high entry costs for development efforts.

Strategy 2: Build internal private clouds

Private clouds mitigate many of the perceived and real security and risk issues. Do this thoughtfully because many cloud service providers are making significant progress in addressing and mitigating these risks. You may see, for example, many service providers close to receiving their Federal Information Security Management Act Certification and Accreditation.

Strategy 3: Develop cloud-centric solutions

Educate your agency enterprise architects on the efficacy of cloud capabilities and make a determination about the appropriateness of cloud when designing solutions.

Regardless of the strategy or approach you use, strive to get past the bull, don’t expect that this is a silver bullet, and look for the silver lining.

When taking a look over the current information technology (IT) landscape, it is clear IT will be integral to any business solution. According to both Gartner and Forrester Research, during 2009, the United States (US) will spend over $600 billion. The total global IT spend is $3.2 billion which makes the US 20% of the total global IT spend. If you look at the GDP of the US, it is $14 trillion which makes IT 4% of the GDP. However, IT is driving almost all contributors to GDP and providing for some of the highest paying jobs. IT will play an important role in the economic recovery of the nation.

The challenge will be in the financing of these solutions. Sure there are venture capitalists (VCs). VCs will fund the IT leap ahead solutions in the areas of nanotechnology, health IT, cyber security, and wireless apps…the next killer app!! We will use it too…just like we use Google Search, iTunes, Facebook, Twitter, etc. But, what about the back office operations? Especially in the public sector?

In order to look ahead, let’s take a look back. On June 28, 1966, President Lyndon B. Johnson wrote a memorandum for the Heads of Departments and Agencies clearly stating the value of computing. Included was the following:

The electronic computer is having a greater impact on what the Government does and how it does it than any other product of modern technology.

The memorandum states his commitment to manage the huge investment efficiently and the Federal Government must give priority attention to:

• Establishing better and more effective procurement methods
• Making fuller use of existing facilities through sharing and joint-use arrangements before acquiring additional equipment
• Re-utilizing excess equipment whenever feasible
• Achieving, with industry cooperation, greater compatibility of equipment.

The investment in IT is now nearly $75 billion for the Federal Government which is not necessarily inclusive of all mission funding. Just during my tenure, the investment grew from $63 billion to $71 billion. Sure, there was better reporting but there was also the recognition of the importance of IT to the departments’ and agencies’ missions.

The Clinger-Cohen Act of 1996 and the E-Government Act of 2002 codified many aspects of the federal IT management practices as well as the promise of properly managed and implemented IT initiatives.

The current Administration will be releasing their budget soon. All of us are anxiously awaiting the Analytical Perspectives Chapters to read the future directions for management performance and IT. We have seen definition of initiatives beyond what was included in Fiscal Year 2010’s Presidential Budget Request. These initiatives included Cloud Computing, Cyber Security, Work at Distance and Procurement Reform along with meeting the objectives of Transparency and Accountability. In order to implement these initiatives, the departments and agencies who propose solutions which define the funding mechanisms should be a better investment.

And what will these funding mechanism be? Always getting appropriations? Establishing a “fee-for –service” model? And where do state and local governments fit in? Maybe it is time to re-look at the “public-private” partnership models and government-to-government models? The federal government has matured and has greater information now about their operations. Maybe the “share-in-saving” model could actually be implemented now. The E-Government Act of 2002 included in Section 210:

The term `share-in-savings contract’ means a contract
under which–
“(A) a contractor provides solutions for–
“(i) improving the agency’s mission-related
or administrative processes; or
“(ii) accelerating the achievement of agency
missions; and
“(B) the head of the agency pays the contractor an
amount equal to a portion of the savings derived by the
agency from–
“(i) any improvements in mission-related or
administrative processes that result from
implementation of the solution; or
“(ii) acceleration of achievement of agency
missions.

Wouldn’t this be a true a partnership if these objectives could actually happen? The time has come for innovative solutions and partnerships really need to mean something for the American people. As we close out this decade, we need to look back to the LBJ memo for lessons learned. He laid out the same objectives which are needed today. The “business as usual” model should be replaced along with what we traditionally called “public-private partnerships.” Congress should consider new funding authorities for the federal government which will allow for new partnership models to develop. These new partnership models need to meet the challenges of improved services along with accountability and transparency while reducing overall operating costs. IT continues to evolve…Federal agencies continue to evolve…their partnerships need to evolve…..and this includes their ability to fund their services. So, let’s look back…in order to move forward.

As I poured through the volume these last two days, I came back again to the view that for at least the last 30-plus years in federal government we’ve been over-led and under-managed. Our focus has been on leadership, vision, inspiration, modeling the way, etc. But what we have really needed is to manage, to better execute.

Ironically, earlier that same day I had attended the monthly luncheon of AFFIRM. The program focused on the General Services Administration and the Networx transition. Over 40+ months into the transition to newer, more powerful, and cheaper telecommunications technologies, only 33 percent of all services have been disconnected from FTS 2001 and about half of all agencies still need to award a contract to a provider. Karl Krumbholz, who guides the Networx vehicle for GSA, contrasted this with America’s experiences in the World War II – when it took 44 months to defeat the Axis powers and win the war.

So tomorrow I start work on my companion volume to the Eggers- O’Leary volume. My working title: “How Can we Get Big Things Done in Government When We Can’t Even Get Small Things Done?”

In the FY 2010 Analytical Perspectives volume, the new President outlines a management and performance agenda. That agenda is organized around the following themes:

1. Putting performance first: Replacing the Bush era Performance Assessment Rating Tool (PART) with a new performance improvement and analysis framework;

2. Ensuring responsible spending of Recovery Act Funds;

3. Transforming the federal workforce by reforming the current hiring process and hiring several hundred thousand civilian employees during the next four years;

4. Managing across sectors (e.g., private and nonprofit) and collaborating across levels of government;

5. Reforming federal contracting and acquisition; and,

6. Transparency, technology and participating democracy.

Stay tuned to future issues of Fed Scoop for more on these themes.

Alan P. Balutis
Director and Distinguished Fellow
Business Solutions Group, Cisco Systems Inc

One of the biggest challenges for CIOs is preparing their agencies to work in the “new” world of collaborative technology and services. Citizens already are quite comfortable in the new world. We now use the Internet for everything from bargaining for and purchasing items that are delivered by the next morning to reconnecting with old friends and even collaborating on a family tree. Business services and our personal lives have changed rapidly, so it only makes sense that government services are changing in order to remain relevant.

Collaborative technology (Web 2.0) has been embraced by the federal government. Blogs are commonplace and internal wikis are going strong in many agencies. These are good steps, and I would argue that blogs and wikis done well can help foster openness. But technology is the easy part – creating truly collaborative services is much harder and brings big changes. True government collaboration means being open and transparent with data, assumptions, debates and decisions. It won’t be easy, and in some ways its counter to the culture of federal agencies. The mission of many agencies is to regulate in one way or another, thus their natural tendency is not to share and educate.

Collaborative services, on the other hand, bring people together to improve or advance their community goals. And that means giving away knowledge that is not normally shared. Apple’s iPhone is a great example. Apple’s goal is to sell phones to a wide variety of consumers. Those consumers want to maximize the use of their phones. In order to make consumers happy and to reduce its own investments, Apple decided to expose the code that runs iPhones enough to allow others to build applications (a.k.a. apps) that will work on the phone.

These mobile apps, can be developed for fun –like the one that turns your iPhone into a light saber–or to be useful—such as the one that helps find nearby restaurants. Apple encourages developers to create apps by making sample code publicly available. The applications, in turn, inspire more people to buy iPhones. So Apple meets its goal while satisfying consumers.

This kind of exposing and sharing of data is the first step toward true collaboration. I’ve long advocated making government data more available in usable formats. Agencies spend so much time collecting data it only makes sense to leverage and use it, or to let others do so.

Over the years, I’ve seen citizens, companies, and organizations tie themselves in knots trying to obtain and use government data in reports, analysis and tools. Traditionally, federal data lived in information management systems that made it hard to extract. Those who sought to use it tried to export the data into spreadsheets, or re-enter into their own tools. People always have tried to use government data – it just hasn’t been easy and the contortions they went through to retrieve it often compromised its quality.

This tortured history makes Data.gov all the more important. Data.gov is a site people can go to obtain government data in usable, retrievable formats. Data.gov is finally forcing government agencies to design their systems so they can share data, not just collect and enter it. Whether or not Data.gov survives and thrives in its current form, its impact will endure.

Exposing data in usable formats challenges government. With more people using government data in new ways, errors will crop up and people will draw incorrect conclusions because they don’t understand the real purpose and intended use of the information. The big stumbling blocks for federal data exposure and sharing always have been quality and context.

But if the federal government can withstand the media and political criticism that assuredly will come with the new era of openness and collaboration–and already has been seen on Recovery.gov–data and understanding of it eventually will be improved. The discomfort of this first phase of collaboration just might force federal agencies to invest the time to improve their data, the process by which it is obtained, and the context in which it is presented. Exposing data already serves this purpose in the private sector.

Once data is made available, government will need to decide its future role in collaboration. Do agencies want to follow Apple, whose iPhone apps are being developed by consumers, organizations, and other companies? Apple approves apps it hasn’t developed and lets customers download them onto their iPhones. The company even allows the app creators to charge for downloads. Apple does not support the apps, but rather links to the developers’ sites for resolution of problems. Some of developers provide little support, but when apps are free or inexpensive, most iPhone users are willing to assume the risk and don’t get too upset if applications sometimes don’t work perfectly.

This raises some interesting questions: Can government be this collaborative? Do citizens want it to be? Do agencies want to be?

The Sunlight Foundation is holding an open contest for developing apps using federal data available from Data.gov. Federal Chief Information Officer Vivek Kundra held a similar contest when he was Washington, D.C.’s chief technology officer. Just like iPhone applications, some contest submissions will be toys, others “nice to haves”, and a few will add real value. It’s the latter that most interest Kundra and other open government advocates. It is my hope that by exposing its data to collaborate with citizens, government will be pressured to improve, gather and provide the data people really want and need, and come up with some valuable new apps. Citizens and companies are building applications that use this data in new ways that are fun, interesting or important to them.

Once the contest is over, will people continue to develop apps for government, especially as more data becomes available on Data.gov? If so, will government be expected to manage these apps as Apple is doing for the iPhone? Will this become a new government service? If it does, how will the federal government determine which apps to accept and which to reject? If an app fails due to poor development or bad data, will citizens be as accepting as they are of faulty free apps for the iPhone? I doubt it.

A few agencies have developed widgets. I will loosely define them as a kind of app that can be easily downloaded and placed on consumer Web sites. Widgets can help citizens track a hurricane or display the countdown to Earth Day on their websites. But they were developed in-house or through traditional procurement or contract vehicles. The more collaborative approach being used in the private sector challenges traditional government partnerships and procurement rules. If the federal government decides to begin to collaborate more broadly, then policies, procurements, and rules will need to change.

I’m not sure government or citizens are ready for or even thinking about the implications of collaboration. For many citizens, the idea triggers fear of Big Brother government knowing too much about them. For many agencies, it triggers fear of bad publicity, privacy breaches and violations of regulations, if not the law. Despite our fears, the future surely will be more collaborative, so we all need to begin imagining how.

Your shiny new car is delivered – it’s normally a cause for celebration! The sales literature assured you it will be an altogether more rewarding experience than your last ride. That’s how I felt about my first opportunity to vote in the last elections. As a shiny new American citizen I was, and remain, chock full of hope. First time voter, long time fan!

Spending time in Washington in this new administration, one does indeed get the sense that there is a new sheriff in town. I’ve observed a new energy and an urgency of execution.

I’m pleased to see west coast IT luminaries play a role and be part of the IT transformational solution. Tim O’Reilly and Craig Newmark come to mind, and I’m certain there will be many more west coasters raising their hands to assist.

It was a great pleasure to meet Vivek Kundra, the new Federal CIO. His message is clear and consistent: he wants openness and operational efficiency, and gone are the days of crazy contracts to design something bespoke, when a perfectly good commercial solution is out there and available for delivery today. Imagine a virtual storefront of ready-made government apps to choose from, pick one and go. We clearly all have a role to play in marching to the efficiency drum, be it operational efficiency, natural resource efficiency or even human capital efficiency.

Vivek exudes a sense of much needed urgency, aware that technologies change rapidly, and procurement needs to keep pace with those changes.

An early example of that accelerated execution was the Federal dashboard. No sooner was the notion floated, than it seemed to appear for all to see and benefit from. And if that wasn’t enough, it is both pleasing to the eye and doesn’t require a decoder ring to understand. Try searching for Federal IT spending by state, then rank by single source contracts. It’s easy and truly gives an everyman view into how our tax dollars are being spent.

I’m something of a fan of his five pillars. His putting a stake in the ground (well, five in this instance!) gives the rest of us something to march to. Nobody can look back in anger and say, “I didn’t know what the plan was, or where you were taking us, Vivek!”

I’m pleased to work in an exciting technical sector where our solutions clearly advance on a generation-by-generation basis. From a data center perspective, it isn’t the cost of buying new servers that folk need to worry about, but the cost of keeping the old ones powered up and cooled down. Those who shore up ‘old iron’ instead of investing in an energy efficient fully virtualized network lag behind their peers in other agencies, who have a defined refresh cycle, crunch their numbers faster, and use far less electricity in the process.

Intel has been only too pleased to share our IT knowledge and best practices with Government agencies, or anyone for that matter looking to do IT better. At the end of the day, Intel’s concerns aren’t too different from that of Federal agencies: keeping the unwelcome out of our internal systems while allowing our employees appropriate access privileges, all on a global basis with about 100,000 servers operational today (yes our network is that big!) while supporting Teleworking, mobility and cloud computing where appropriate.

On a recent government VIP tour of one of our data centers, the VIP asked the question, how many people work in this building? The answer was just one, and that one person is tasked with building security. Gone are the days, for us at least, where admins roam up and down the server racks manually plugging in CAT5 cables whilst precariously balancing laptops.

On the subject of the cloud, another word needs to come into the equation: interoperability. Our customers are already asking us to help create an open standard that will run across all hardware platforms. It doesn’t exist today, and getting there won’t happen overnight. Disparate cloud-based networks must be capable of seamless and secure data transfer with each other; otherwise we’ll engineer ourselves into an expensive VHS/Betamax corner.

Cloud computing from an operational flexibility and cost savings perspective is clearly attractive, but it is not in my opinion the all-encompassing IT panacea. Let me explain.

If your agency embraces mobility as an efficiency tool as much of industry does, then you must be aware that the pipe (connectivity) is not realistically available 100% of the time, and when the next natural or manmade disaster strikes, then connectivity can and probably will go down. Katrina comes to mind as a prime example, with the American Red Cross entering the details of the thousands of displaced persons into the local database residing on numerous laptops that had no connectivity to the outside world, and wouldn’t have for many days.

If you have a mandate saying you must have a Continuity of Operations Plan (COOP), achieving that will probably require localized storage and data execution, as absolute reliance on remote connectivity during a disaster is unrealistic. All it takes is one backhoe at the end of the day.

Our new President has been very vocal about his support for Telework and the work/life balance, and I’m right there with him. The benefits for both employees and employers so far outweigh the negatives. A recent piece of editorial from Harvard Business publishing spoke well on the subject, and makes for a good and concise read:
http://hbdm.harvardbusiness.org/email/archive/managementtip.php?date=073009

I’m out of time, if you made it this far I thank you, and if my jumping from subject to subject threw you a bit of a curveball, then just take comfort in the fact that I’m far more random in the flesh!

These are of course my own thoughts and mutterings and do not constitute official statements by Intel.

You can find me on Twitter as ‘Bowlieweekender’ just don’t expect every tweet to be IT related, I do have a life outside of Intel and I do value my work/life balance!

Cheers,
Nigel

But, this means more than just putting data up on static websites, posting irrelevant blogs or inane Twitter posts. Leading in a transparent way has the atomic advantage of being able to be exposed to a huge set of diverse ideas that can thus hasten innovation and creativity. However, the cultural challenges associated with leading in this environment require a new kind of personal leadership. I call it Naked Leadership. I will talk about three of the key qualities of Naked Leadership – courage, self-awareness, and accountability.

The Courage to Expose Yourself

I had the pleasure of moderating a panel on virtual worlds for the FOSE 2009 Conference. This panel was going to be conducted in the virtual world Second Life. I had to get an avatar and learn some basic things like walking, sitting, flying, and dressing.

While practicing and setting some things up in the familiar venue of NASA/JPL Explorer Island, I decided that I wanted my avatar to look like me – African American non-skinny female with brown hair, etc. I was surprised to find out that up to that point, I was a man and not a woman. I fixed that. I thickened up my body and lips. Then I had to decide what to wear. I struggled with basic things like the difference between a blouse and a jacket, etc. To make a long story short, I took off more than I planned to take off and ended up topless in a surprisingly anatomically accurate way. I was mortified. Fortunately, there were only deer around.

The point here is that as we operate and lead in transparent ways, you might be exposed in non-complementary ways. It may also mean, especially in this day and age of increased risks associated with data security, some stuff just should not be exposed. And finally, what does what you’re hiding expose about you as a leader?

"Man is least himself when he talks in his own person. Give him a mask, and he will tell you the truth."
– Oscar Wilde

Naked Leadership means that you may make a few mistakes…but you’ll have to take it on the chin. Some could be knock out blows. However, managing the risks appropriately can lead to championship results.

Don’t Believe the Hype You’ve Got to Know Yourself

So this guy decides that he will don a new transparent wardrobe. Everyone wrote comments in the Emperor’s blog about how great his transparent threads were. A courageous follower told him he had no clothes.

You may find a lot of people with varying levels of sincerity who tell you that you’re doing a heck-of-a-job. Similarly, you may even find some people in a mean-spirited way tell you that you are awful. So, brace for impact, get prepared to have your feelings hurt and immunize yourself against flattery.

"But I, as Emperor, was OVERPOWERINGLY stupid… I, as Emperor, was more stupid than you all, because I was responsible for all this stupidity!"
– 1987 Movie: The Emperor’s New Clothes

With Naked Leadership goes the responsibility of doing honest self-examination and having high emotional intelligence. It also requires seeking out and nurturing courageous followers who will tell you are indeed you have no clothes.

Who Told You That You Were Naked? – With Knowledge Comes Accountability and Responsibility

I once went to a church where the Pastor would always say … “I wish I didn’t know these things!” Once you know right from wrong, you have the responsibility to chose right. And once you know, you have to do something and it has to be the right thing. It might be better to not know.

"Knowledge also imposes responsibility"
- W.M.L. Jay

Diverse opinions from a diverse set of people may breed conflicts. Naked Leadership will require strong conflict resolution skills. Some information may not be relevant. Naked Leadership will need to be able to discern that. But, if you ask for perspectives, you better be prepared to actually listen and try to understand. If appropriate, you will need to act.

Operating in a transparent way helps provides a lot of value. Expanded perspectives from a diverse set of employees or constituents can produce better end products. Successful Naked Leadership will need to learn to navigate these waters in order to obtain true transparency.

Linda Cureton, CIO, NASA/Goddard Space Flight Center

Overall, what we’re talking about is reinventing government from the bottom up, where web workers and ordinary citizens engage via the Net in large scale online grassroots democracy.

Note that these are organizational matters; the technology is secondary, and comparatively easy.

Our Founders created a flawed representative democracy, but with improvements it serves us well. However, we’re complementing that system via the Net with grassroots efforts which will create new checks and balances and accountability.

We’re seeing movement from mere words to reality, and by bearing witness to that progress, I hope to help accelerate that progress, with actual results.

Our goal involves:

• Increasing government accountability
• Everyday engagement between government workers and the public for customer service
• Everyday engagement between the public and their representatives regarding ongoing government policy

This has to be manageable, particularly when considering that millions of citizens will be clamoring for the attention of hundreds or thousands of representatives and workers.

We’re talking about three general groups of participants.

Realistically, very few people are interested in governance. Most of us are just happy to get through the day, and like myself, prefer to enter couch potato mode. However, there are people who have a real sense of public duty and engagement, and some, like myself, feel a need to stand up. There’s also the millennial generation, which seems to be committed to civic engagement, much like the Depression/WW II generation.

On the government worker side, I’ve directly observed a lot of people who are committed to superior public service, who believe in its nobility.
These are folks who not only want to do their job, but feel they’re part of something much bigger. They’re starting to transform their teams, from the bottom up and inside.

Finally, the leadership of our country includes elected officials and people who run major agencies and departments. Many of our leaders understand that something new is happening; it’s the future reality, the arc of the moral universe. I’ve chatted with many who understand and are committed. Some have seen that the way they do business will change, and will go with that flow.

A lot of managers will fear these trends, particularly transparency, will expose problems in their departments that have been long in developing, warts and all. This actually provides the opportunities to repair their areas in a fairly no-lose manner, since everyone expects a lot of problems to surface. As citizens, we need to be prepared to give such managers a break.

As a nation, we’re already heading to our shared goals, mostly via many grassroots, spontaneous efforts, often involving informal collaborations between the citizens and government workers.

Toward increasing real progress, some specifics:

Elected and appointed leaders in government need to commit to helping these efforts, specifically:

• Committing to hearing what they hear from their workers and from the public, and then acting. That is, feedback needs to get actual results, involving changes to policy and government operations.
• Changing regulations and guidelines that might have made sense in the past, but now need revision. Specifically, government workers need to be able to use the same Net-based tools that consumers use.
• A methodology where experiments in service are performed with the acceptance of failure; in new areas, there will be attempts to provide superior service, and the first attempts will fail.
• Training government workers to provide customer service via direct engagement with citizens.
• Preparation for and acceptance of failure for unintended consequences.
• Transparency of government data, wherein all will be made available to the public, online, in standard format and searchable.
• Transparency of campaign financing data, all online and searchable
• Working with the providers of Net based tools to modify Terms of Service as needed

This is what the new democracy is about- building upon existing structures with serious engagement from the public, and from genuinely dedicated public servants.

The Obama Administration is quite forward-thinking in its use of technology. From the creation of new positions within the Executive Branch (including the CIO, CTO, and cybersecurity czar) to the use of social media for public communication, IT security has become a paramount initiative. On Wednesday, June 24, I sat down with Federal News Radio host, Tom Temin, to discuss the challenges facing the Department of State during this progressive time in the Federal Government.

Using technology to facilitate citizen–government dialogue, simplify government services, increase government transparency with public information, and public diplomacy are top priorities for the Administration’s new Federal CIO Vivek Kundra, but secure IT systems are key to these initiatives. Challenges in information security are numerous, but they all share one common feature: security starts with the user. When users are educated about best practices and develop situational awareness, they increase the security of their system and agency networks. The Bureau of Information Resource Management (IRM) works diligently to protect Department information through training, communications and tools.

In the Department of State, it is the program offices in Washington that develop tools and policies to enhance cybersecurity, but integration and maintenance of our global networks depend on the IT professionals in our 265 embassies and consulates around the world that implement these measures. There are some locations where infrastructure challenges make it extremely difficult to maintain secure networks and the IT professional staffs work tirelessly to keep the Department’s systems assured. The teamwork throughout the Department has created a symbiotic relationship for the ever-improving cybersecurity environment.

Working closely with our Deputy CIO/CISO, John Streufert, and Information Assurance’s Chief Computer Scientist, Dr. George Moore, has been critical to the security of Department networks. Engineered by a team under the guidance of Dr. Moore, a Site Risk Scoring program was implemented as a tool to provide a dashboard and detailed reporting of the vulnerabilities that exist on every computer and user account. Centralized vulnerability and compliance scans gather this data from a variety of tools hosted in Washington and the results are distributed to the embassy or consulate for remediation. My Global Oversight staff provides the customer service interface to successfully implement the Site Risk Scoring program and a Tiger Team has been developed to help system administrators around the world increase their site scores, thus lowering the risk to the Department’s data.

Problems with the network are not only technical; there is a physical security aspect that must not be overlooked. IRM and the Bureau of Diplomatic Security coordinate closely to integrate the necessary physical security and cybersecurity. Physical inspections are performed by Diplomatic Security officers and the application of technical controls is handled by Information Management Specialists.

While the challenges facing information assurance at State are considerable, with dedicated staff and coordinated efforts, we aim to secure our networks to support the vision of our new Administration. Emphasizing user responsibility will be a key message in the age of Government through technology and the public will benefit with improved access to government dialogue, services, information, and announcements.

To learn more about these initiatives, listen to the entire interview located at the following link: http://www.federalnewsradio.com/index.php?sid=1703823&nid=56.

Industry brings green IT options to government by offering various technology-based solutions for data and applications – the focal point of most, if not all, government services today.

Green IT can reduce exponentially the consumption and costs associated with critical, energy-intensive government IT functions, like the datacenter and the desktop. With datacenters showing no signs of diminishing in importance, their growing energy consumption must be addressed. The Environmental Protection Agency estimates that the energy consumption of federal servers and datacenters accounts for approximately $450 million taxpayer dollars a year. Green IT, such as virtualization technologies, can bring the datacenter’s skyrocketing energy use – and the related costs – back down to earth.

While government commitment and industry innovation have created a green-aware IT environment, a few more steps must be taken in order to bring green IT to bear on responsible energy consumption. Three keys can help government and industry achieve the maximum public sector benefit from green IT:

1. Government needs to build clear, specific green IT requirements into procurements. Until industry sees green IT contract language, including meaningful metrics for success, industry will not be adequately motivated to bring green IT solutions to important procurements.

2. Industry needs to develop green IT solutions as reliable as previous, less green solutions. Advancements in virtualization and other green technologies enhance performance and meet federal security protocols; industry must demonstrate these advances to government at every opportunity. By providing demonstrations, advice, proof-of-concept and implementation assistance, industry can help government “go green” faster.

3. Individuals must take personal responsibility for energy consumption. Every day, personal decisions have dramatic impact on the state of green government. Actions as simple as powering down desktops, printers and other peripherals significantly impact government’s energy use. If just one percent of government’s 1.8 million civilian employees turned off their computers and peripherals overnight, government would save an average of 234,000 kilowatt-hours – which translates into a cost savings of about $23,400 in a single night. Power IT Down Day, which reminds individuals of the importance of powering down IT equipment at the end of the day, comes on August 27 of this year. Sign up at www.hp.com/go/poweritdown, mark your calendar and make a difference.

Green IT comes down to one essential tenet: we want to leave behind a better environment than we inherited. By working together, government and industry can adopt green IT solutions that are more flexible, more adaptable while addressing a wide range of government initiatives without sacrificing speed or performance. Considering the possibilities of green IT, the benefits are universal, from the agency to the contractor to the taxpayer.

“Last year, over 2,800 government and industry employees pledged to power down their computers, printers and monitors when they left their offices for the evening, which resulted in over 37,000 kilowatt-hours saved,” said Tom Simmons, Citrix area vice president for Government Systems. “Imagine the number of kilowatt-hours we could save this year if just half of the 1.8 million civilian employees registered for Power IT Down Day.”

Personal action, combined with new computer settings, can make significant impacts. Built-in power saving settings and automatic shut down capabilities in Microsoft’s Windows Vista and the upcoming Windows 7 showcase such advances in power savings.

“Individual choices for responsible energy consumption can have an enterprise-wide effect,” said Teresa Carlson, vice president of Microsoft Federal. “Power IT Down Day creates the perfect opportunity to highlight the collective impact of individual and enterprise power-saving actions in government and industry.”

Last year’s Power IT Down Day results showed what can happen when government and industry do indeed power IT down. With the new administration leading the charge for the reduction of government’s carbon footprint, Intel, HP, Citrix and Microsoft see great potential for 2009 as another successful year for Power IT Down Day.

“HP is investing in technologies that simultaneously address customers’ business issues, such as lowering operating costs, and support environmental goals, including carbon reductions,” said Tom Hempfield, vice president of the U.S. Federal Business Organization at HP. “Through HP’s own experience with renewable energy programs and investments in Research and Development in HP Labs, we move closer to operating in a sustainable IT ecosystem.”

“We can’t just sit back and leave it to the next person in line to fix the planet,” said Nigel Ballard, federal marketing manager for Intel. “By turning off our own computers each and every night, we make a positive environmental impact, and we proved that last year. At the end of the day, we’re in this together so let’s power IT down on August 27 and be part of the solution.”

On the world stage, the U.S. has always been a powerful engine of innovation. Defined broadly, innovation occurs when we generate new ideas that continue to challenge and push the current thinking forward to make a positive and lasting impact.

In this economy and beyond, innovation is exactly what we need. Improvements that drive productivity are critical, and technological innovation will play a major role in putting the financial stability of the nation back on the right track. History indicates that the countries and companies that invest in innovation and R&D during an economic downturn will be best positioned to benefit when the economy recovers. Innovation has been one of the leading drivers of economic growth for the past few generations. Technological advancements have helped create a global economy, raise average incomes in many countries and lifted millions of people into the middle class for the first time.

So, where do we get new ideas? They come from an inspiration to do something bigger and better – an inspiration that improves the way we do things. At Microsoft, our innovative spirit is part of our culture and engrained in everything we do. The U.S. Patent and Trademark Office recently awarded Microsoft its 10,000th U.S. patent. Microsoft is also increasing its investment in R&D to $9 billion this year from $8 billion last year. Fully one-third of Microsoft’s employees—32,000 people in 48 countries around the world – are engaged in R&D. Microsoft also has partnerships with hundreds of universities around the world. Microsoft’s Live Labs gives creative thinkers an opportunity to experiment with their ideas and determine the efficacy of pursuing them.

Collaboration with our industry partners is a constant source of innovation, helping us to deliver the best products, services and solutions to our government customers. Our patents, and those across the technology industry, help the federal government speed the adoption of new technologies. Whether it is cloud computing, Green IT, cyberwar systems or other technological advancements in government, innovation will always be at the core of our government’s role in protecting and serving citizens, while helping communities collaborate in efficient and cost-effective ways.

With the Obama administration’s vision to create a more open and transparent government responsive to the needs of its citizens, technology is an enabler of that vision. Now, more than ever, innovation has the power to change the way our government does business. And it is why, even now in tough economic times, we will not pull back on the investment.

The challenges facing social entrepreneurs in moving great ideas to scale in the public sector often center on issues of funding and support. Funding typically comes from grants or contracts, both of which can be considered government procurements. But, the public procurement process is designed to be as much a controlling process as it is a facilitating process. By this I mean that the centralized control that governments exercise over expenditures is meant to ensure the public ‘gets what it paid for.’ The foundations of central financial controls in government embrace and support the concepts of public trust, deliberation, full and open competition, and the primacy of process.

Focusing on process at the expense of results is shortsighted. The process that procurements typically go through is absolutely fine for buying goods and general services, things that can be easily defined in the form of a functional specification. When more complex services are being sought, for example construction of a public building or acquisition of an enterprise IT application, the procurement profession came up with the concept of competitive sealed proposals. The use of proposals, competitively solicited through an RFP, allows the use of evaluation criteria that permit the government to state the relative importance of various factors, other than price, that will be considered when making the award to the best (not necessarily lowest cost) supplier.

Even the routine proposal process, however, fails to meet the need for an effective way to fund and support inventive solutions to complex problems that governments face every day. Recognizing that the public procurement process is overly prescriptive, and frequently forces our solutions partners (grantees or awardees) to subscribe to our established patterns of thought is counterproductive. If we could really write a prescriptive contract or grant, we would – in essence – have already solved the problem we are seeking help in solving. If we want to solve intransigent problems at the fully operational level, not simply proof-of-concept or pilot programs, we must recognize that inventive programs thrive in the non-profit sector and that our most viable solutions will likely come from that entrepreneurial arena.

How, then, do governments select, embrace, and foster the growth of the solutions that social entrepreneurs manage every day? There are certain concepts that will help:
Adopt the view that what we are doing today does not allow success of inventive programs at the large scale. Understand that the partners we seek to solve our most complicated problems are not organizations or people that are constrained by process. They are, rather, organizations that are driven by results. Once this is understood, some fundamental changes in the procurement process must occur to find, select and engage these solutions partners.

Dump the long and laborious RFP template. Substitute a simple problem statement that encourages the most innovative thinkers to want to do business with us. Sure, our terms and conditions, as a legal matter, will still be important. Incorporate those later in the process once you have selected the best solution you can find. Learn to excite the organizations we want to do business with. Show them that we are open to creative thought. Through a results-based selection process, find the best solution to the problem we seek to solve, and then become true partners with them. Avoid the arrogant, arms-akimbo stance that we typically take with our trading partners and, instead, accept that once you have carefully selected the right partner through the new and flexible procurement process, you have entered a new relationship that has to be based on trust between the two parties.

Communicate openly and continuously throughout the selection process. Realize that we in government cannot anticipate all the questions or concerns that the solutions community might have. The consequence of being non-communicative during the selection process, or over-controlling communications, is that we might drive away the best partner out there. Learn to be fair but open in communicating with potential partners.

Consider innovative funding approaches. The growing realm of public-private partnerships in development programs may serve as a viable model for some more complicated public transformation programs, such as education reform. The investment model in the private sector is oriented toward long-range strategies, and might be difficult for governments – operating on short term, cyclical budgets – to readily embrace. Partnering for funding with private entities could well be a solution that helps specific programs, and at the same time engages public procurement professionals in more strategic thinking.

Invest in programs that work. Governments are pretty good at pilot programs, but often toss the now-proven (though on a limited scale) solution back onto the arcane and treacherous process of procurement. Why would we do that? If the purpose of a pilot is to find what works, why should government not nurture and inspire the working solution as it grows to scale? This is the essence of partnering, but seems to require courage that is rare among government leaders. The material recommendation here is to treat a pilot as the de facto solution for the full-scale problem. Operate under the presumption of success when determining at the outset who will be the pilot partner. Make the original selection process fair and completely open, with the expectation that its success will result in a partnership that lasts much longer and creates the enterprise solution that you are really seeking when you start the pilot program. This may be a case where the procurement process, as opposed to the grant process, can be used at the origin of the project. Grants can often be given more freely than contracts, and therefore there may be more discretion allowed in the selection process for a grant, which in turn might have “political” consequences.

Share in the investment. Even at the early stages, at the small scale pilot if that is the method used to find the solution, respect the environment of your solutions partner. There may be costs associated with moving a solution into place, which will require investment in support of the program. Discuss those matters openly with your now-selected partner, and share fairly in the reasonable expenses associated with getting a solution in place. Putting an unfair share of the startup costs on the solutions partner creates a misalignment of investment at the very beginning of a program that can only be counterproductive to the relationship that you must establish for success.

Learn to listen actively. It is common in the public procurement profession to be defensive when approached with new ideas. The dilemma we face is that our customers expect us to facilitate them getting what they need, but we more frequently see ourselves as being controllers of the public purse. Both perspectives are valid, but we tend to lean heavily to the control function rather than providing trusted business advice and service to the agencies and departments we serve. We often begin formulating the reasons why not, even while listening to our customers asking for our help. As a profession, we must become more active and participatory listeners, leaning toward yes during every discussion with our constituents about our service. Our value in public service is to know the best right way to get our customers what they need.

Operate for results. In the complex procurement environment of inventive solutions, stay away from prescribing methods or processes. George S. Patton said, “Never tell people how to do things. Tell them what to do, and they will surprise you with their ingenuity.” These words ring true for anyone who has ever operated in the fluid environment of a battlefield, yet are lost in what should be the fluid environment of public procurement. They certainly do not apply when buying sticky notes, but should be taken to heart when seeking innovation, inventiveness, entrepreneurial thought. Teaching and enabling procurement professionals to adopt a rear-looking model of success, one in which every day starts with a statement of the results they need to deliver, and works backwards from those results to the steps necessary to achieve them, is a shift in thinking that is long overdue.

Can we make this happen? Absolutely! By selecting a good test project, mustering and motivating the necessary support, leading a pilot courageously, and having the fortitude to steward it through to completion, I believe we can prove the concept that a new model of contracting can support delivery of cutting-edge solutions to full enterprise implementation. Consider one possibility… Washington DC, our Nation’s Capital, is in the midst of a notable transformation in its governance. Under the leadership of a charismatic and energetic mayor and the clear-thinking and talented city council chairman, the District is actively seeking and pursuing best (and more importantly, innovative) practices in service delivery to citizens. New methods of procurement and information sharing are already being tested. The recent contract developed for a new evidence handling solution for the Metropolitan Police Department is a good first step (see: evidence.ocp.dc.gov). The next step needs to be institutionalizing the methods that have worked for the evidence system, for example using simple problem statements to solicit proposals, and using common technologies to keep the procurement process open 24/7, rather than only during traditional business hours.

The message is clear…if we are seeking inventive thought to help us solve complicated and intractable problems, which is by definition impossible to specify at the beginning of a procurement process, then we must be flexible in our procurement approach. Fair treatment of the inventive entrepreneur we must have to solve complex social problems is fundamental to the growth of good programs into great enterprise solutions. The public trust issues are still there, and should be addressed up front through full, open and continuous communications about the program. Create an environment of true partnership, from the very outset of your attempt to define and find solutions to the problem, through the selection process that so stymies us, through the small scale and finally to the large scale deployment of that solution.

Social technologies like YouTube, Facebook, and Twitter used to be collectively termed “new media” – but that adjective isn’t accurate any longer. Rapid, online, multimedia information flow about conflicts in Mumbai and Gaza, a dramatic plane crash in the Hudson river, the presidential inauguration and more have made it clear that new media is now more aptly called “now media,” as I remarked on January 20th (http://twitter.com/cheeky_geeky/status/1134754342).

But it would be misleading to suggest that social technologies are simple merely because they are prevalent – they’re anything but. Social media is a rapidly evolving ecosystem (http://flickr.com/photos/35468142410@N01/1925555485/). The experts debate constantly at conferences and in the blogosphere. There’s no rule book. Social media is a giant, chaotic experiment.

So, for a government newcomer to using these tools, everything can seem overwhelming. Many people ask me how to use these tools to communicate what their office or agency is doing. There is no one, simple answer, but perhaps the most important thing to keep in mind is that social media is social – it is about the conversation that people are having now (http://twitter.com/unmarketing/statuses/1147262119), perhaps about you or your interests, whether or not you’re a part of it.

Here, I want to advance the notion that citizens are not mere receiving vessels for press releases and whatever you put on your government website. They’re not a captive audience (http://journalism.nyu.edu/pubzone/weblogs/pressthink/2006/06/27/ppl_frmr.html). They are groups of individuals having conversations with their families, at the proverbial water cooler, and on popular social media sites like the blog ReadWriteWeb (http://readwriteweb.com), the microsharing site Twitter (http://twitter.com), and the video conversation platform Seesmic (http://seesmic.com). Social networks people form online are becoming an increasingly important and powerful force in their lives (http://www.briansolis.com/2009/02/ties-that-binds-us-visualizing.html) and one need only look to the election of President Obama to see the effects that they can have.

Once you acknowledge that citizens are conversations, what do you do next? Generally, you want to find people talking about your topic of interest, listen to what they’re saying, participate in the conversation, and then start new topics of conversation (http://nowisgone.com/2007/10/01/the-seven-principles-of-community-building/). Generally, you want to tip-toe into the chaos in the order outlined above. As a DC-based communications consultant once wrote: blog last (http://www.livingstonbuzz.com/2008/12/17/blog-last/). Below, I briefly outline some other tips to guide you into the world of citizen social media.

It’s good to be a RAT: Unless you’re a computer programmer, social media isn’t really about technology. It’s about people talking to people. Social interactions have a lot to do with personality and trust. As wine entrepreneur and social media maven Gary Vaynerchuk suggests, try as much as possible to be a social RAT: real, authentic, and transparent (http://spitwine.com/2008/06/11/the-vaynerchuk-factor/).

Street smarts count more than book smarts: A lot of social media is learned by doing, and more importantly through trial-and-error experimentation. Speaking in a transparent manner with a human voice can’t be taught easily in a book or at a conference. The same is true for building and maintaining trusted relationships with people (http://www.elixirinteractive.com/blog/building-trust-through-social-media/). Useful metaphors can be found in organizations as diverse as old-school journalists and the mafia or other crime organizations.

Citizens are talking about your brand: Traditional public relations unidirectional, and has been called things like “outbox only” and “fire and forget.” Government entities need to pay more attention to their brands, and who is talking about them (http://mashable.com/2008/09/03/government-brand/). Organizations should talk to the people with whom they hope to create relationships, because word of mouth is still the most powerful force for spreading trusted information (http://www.pronetadvertising.com/articles/social-media-is-the-new-wordofmouth34528.html). If you don’t know who’s out there talking about your brand, how to you know who to influence when the time comes?

Deploy ambassadors on a lethal generosity mission: Organizations should belong to a community and allow some employees to be individually empowerful. By being the most generous member of a community, they may become the most trusted (http://redcouch.typepad.com/weblog/2008/10/using-lethal-ge.html). Ambassadors should have knowledge but also great personalities, exhibiting openness, transparency, accuracy, honesty, and respect. They can build valuable new relationships, cheaply (http://www.briansolis.com/2008/07/comcast-cares-and-why-your-business.html).

Engage minds with indirect, intimate influence: Return-on-investment (ROI) is quickly becoming return-on-engagement, or ROE, because personal engagements with people and their word-of-mouth are the new “reach” of messages. Use indirect, intimate influence (http://www.pbs.org/mediashift/2009/01/government-20-how-social-media-could-transform-gov-pr005.html) to get that ROE. Influence people through being a valuable member of their community.

Seek out government role models: Colleen Graffy from the State Department successfully used Twitter to connect with overseas journalists as part of her public diplomacy mission (http://www.washingtonpost.com/wp-dyn/content/article/2008/12/23/AR2008122301999.html). The Transportation Security Administration (TSA) uses a public blog called Evolution of Security (http://www.tsa.gov/blog/) to listen to travelers and their complaints – and overtly discuss policies and problems with them. Representative John Culberson from Texas uses live-video service Qik (http://qik.com/johnculberson) to better communicate with his constituents. What these three people, and others, have in common is that each one of them is a RAT (in a good way) and that they have learned, through trial and error and experimentation, the lessons above.

As top-down decisions trickle throughout government (http://www.whitehouse.gov/the_press_office/TransparencyandOpenGovernment/) and grassroots efforts propagate upward (http://www.government20club.org/2009/02/government-20-camp-pre-camp-field-manual/), are you prepared to join the conversation? It’s happening (http://steveradick.com/2009/02/15/twenty-theses-for-government-20-cluetrain-style/) with or without you.

For those of you in the Federal IT community who are not engaged in the area of IT security as your primary pursuit, I thought you might be interested in hearing about some of the innovative tools and techniques that we employ at the Department of State to secure our worldwide wide network.  This is the first of a series that will hopefully inform and enlighten the IT Federal community, resulting in an exchange of ideas.

In this fast-paced world of information technology, new threats appear daily that result in volumes of lost personally identifiable information and crimes including identity fraud.  To enable the Department’s mission of foreign policy and diplomacy while protecting sensitive information, the Department’s IT security professionals are working non-stop to prevent cyber attacks and engage Department staff in actively thwarting efforts to hack systems.

Reporting directly to the Chief Information Officer at the Department of State, the Information Resource Management Bureau’s Office of Information Assurance (IRM/IA) has instituted several initiatives to proactively address cyber security risk and assist IT professionals in managing their bureau and post information system security.  These initiatives include the Site Risk Scoring program, customer toolkits, and the Joint State-USAID Solution (JSAS) for cyber security awareness training.

Site Risk Scoring

The initiative known as Site Risk Scoring is helping the Department increase security awareness and reduce risk at sites connected to our global network.  Site Risk Scoring monitors system vulnerabilities and compliance settings to alert system administrators as well as senior management of the risk associated with their network site.  Notification of these system weaknesses prompt immediate attention where the need and risk is greatest.  Since program inception, risk scores have steadily decreased across the Department by 50%.

Customer Toolkits

IRM/IA developed online toolkits to assist IT professionals understand how best to complete IT security requirements designed to better protect Department information. These toolkits are organized in an easy-to-understand question-and-answer format, and are continually updated to reflect new policies and procedures.  The toolkits aim to create secure, cyber-savvy environments throughout Department offices, thus making IT security more accessible, understandable, relevant, and timely.
The topics covered by the toolkits include how to inventory information systems; the process of Certification and Accreditation; tracking and closing Plan of Action and Milestones; conducting Annual Control Assessments, and Site Risk Scoring.

JSAS – Providing Cyber Security Awareness Training 

Selected by Office of Management and Budget as one of only three providers for the Information Systems Security Line of Business (ISSLOB) for information security awareness training, JSAS provides a joint State Department and USAID solution for cyber security awareness training. JSAS provides an automated, yearly cyber security awareness training course and a recurring cyber security “Tip of the Day” program.
The annual cyber security awareness course provides real-world scenarios that help users understand how best to apply information security policies.  The course annually tests users’ knowledge and understanding of policies and procedures to ensure comprehension.

The “Tip of the Day” application provides a recurring security reminder and can be implemented for all network users or specialized groups of users.  Each time a user logs in, a pop-up window opens with a security question that must be answered in order to close the screen. Responses to the security questions are recorded along with user IDs, so that managers can track progress.  Combining the data from the tip of the day questions and annual security awareness course allows management to detect and remediate weak spots in cyber security awareness.

Because technology changes daily and users need to be aware of new security requirements when they arise, not months later, the Tips of the Day tool provides the flexibility to insert tips on timely threats.  Site Risk Scoring, customer toolkits, and the JSAS cyber security awareness training are all tools in the Department of State’s effort to educate users and reduce risk. One of the Department of State’s missions is to continually assess standards for improvement to protect Department information while supporting Department business needs.

I am about to embark on a two-week TDY assignment to Southern Africa to visit our missions and gain a better understanding of overseas posts’ operating realities and mission.  During my visit to South Africa, Swaziland, Mozambique and Botswana I want to better understand how we can serve our diplomats in securing the Department’s information.  Look for my reports from the field as I experience this wonderful journey!

I suppose that it may be a bit irreverent to suggest, by implication, that the CIO has been not relevant. Perhaps. But relevance is relative – and varies from CIO to CIO according to her mission. Consider this Esai Morales quote:

I love being irreverent. But I hate being irrelevant. I love being irreverent because at the end of the day your actions belie your intentions.

What actions should a relevant CIO take?

Remember, good service delivery means being forgotten.
Love may mean never having to say you’re sorry, but if you spend a lot of your IT service delivery capital apologizing, life is going to be rough. Delivering IT services in an exemplary manner will NOT make you relevant, but delivering poorly will make you irrelevant. If you do a good job, no one will notice.

Think and act strategically.
We need to be able to envision what IT our agencies need to meet their goals. We also need to shape their demand for IT. Finally, CIOs must anticipate what technology can do and must innovate to deliver more value and capability.

Where you sit isn’t as important as where you stand.
Should the CIO have a “seat at the table”? Who should the CIO report to? The Agency head? The CFO? In the scheme of things, sitting at the table with the Agency head is not as important as standing with the Agency head’s mission – wherever that is. Feeling their pain, understanding their needs, and helping them use IT effectively. As you stand, you have to be prepared by putting on the whole armor of leadership – courage, change management, communication skills, people skills, and business acumen, to name a few.

Certainly, the full dimension of CIO effectiveness requires more than three seemingly simply steps – be forgotten, be strategic, and be with the mission. But, what a great start.

When I became the Chief Information Officer at GSA in mid-2007, I spoke with many of the OCIO team to understand how I could help my new staff succeed. The big issue that I heard was improved communications. We had recently undergone a reorganization, consolidating many regional IT positions into the central CIO organization and almost doubling the size of the OCIO. These new team members across the country did not feel that they were connected to their new home organization and didn’t know about news and developments that affected them.

To address this need, I started an internal GSA CIO blog in September 2007. GSA already has an excellent internal web site, InSite, but it serves a different purpose, primarily as a source of longer-term reference materials. With the blog, I found a communications tool that could be directed specifically to the CIO organization and be used as a way to share information in near-real time. In my first post, I announced that the blog would be “a location where my direct reports and I will post news and information relevant to the issues we are facing here in Office of the Chief Information Officer (OCIO) and GSA.” I encouraged readers, as members of the OCIO community, to read the blog, to comment on postings, and to read the comments of co-workers. Later we expanded the usage so that anyone within OCIO could originate new material on the blog.

Since the launch, I have continued to post information about two or three times a week. Topics include items such as: the minutes of our weekly senior staff meetings, copies of technical briefings, information on the presidential transition, and my informal observations on technology trends or on conferences I have attended. For example, when I attended the Gartner Symposium in October, I reported on Gartner’s top 10 technologies for 2009. One of those, client virtualization, generated a lot of interest as it pertains to GSA’s support for teleworking, a top priority for the agency. As a consequence of that initial posting we have had follow-on briefings from analysts and industry experts and are studying the feasibility of a client virtualization proof of concept. I have also used the blog to pass on interesting sites such as public blogs on leadership and ethics, and to remind staff of training requirements.

There are no restrictions on topics or comments, other than that they be of interest to the CIO organization and use an appropriate and professional tone. I started with three objectives: improve communications (and thus teamwork and morale), give employees a forum for communicating back to me and the senior staff, and recognize success stories and outstanding contributions publicly.

So almost a year and a half later, how well have we met those objectives? The GSA CIO Blog has proven to be a real success story. It is a source used across my organization for reliable information on what is happening at senior management levels and foster continuing education on emerging technologies and management and leadership issues. It has a robust readership, and interest continues to grow. I will also measure its effectiveness when we receive our employee engagement survey results soon, to see if OCIO employee satisfaction has risen due to the blog.

Surprisingly, however, there are few comments posted in response to my blogs. It is not used as a discussion forum as I had hoped; many people read it, but few respond online. My readers make comments to me in person on what they have read, rather than reply online for all to see. Staff use it as a way to start conversations with me one-on-one. What this tells me is that we are changing the culture, not just introducing a new tool, and culture change takes time. I believe that social media tools such as blogs will help us to develop a more connected and empowered workforce over time, and will aid our recruiting and retention efforts.

I have not made any special efforts to force comments or readership. Over time, the blog will mature and evolve within its own timetable. However, I am directing more and more communications to the blog, and rarely send out group emails any more. If you want to know what is going on with personnel changes, new policies, organizational developments or weekly news updates, check the blog, don’t send me a question via email!

I am also about to launch an external blog called “Around the Corner” that is focused on the theme of innovation. My first entries are just being posted, so I do not yet have any information on readership or comments. Clearly, a public-facing forum requires a great deal more review and preparation prior to launch, and indeed the launching of the site has been a multi-step process. In the spring of 2008 I began to research topics, get the appropriate clearances, develop a usage policy, and identify the standards for launch. Mine will be the first GSA agency blog, so I worked with our General Counsel’s Office to establish an agency-wide blog policy. Thanks to work done at the State Department for its DipNote blog (blogs.state.gov) and GSA’s own Gov Gab site (blog.usa.gov), we were able to craft a simple, direct policy that is applicable to all GSA staff who want to start a blog. I also worked with our Office of Communications to get the look and feel that met GSA standards. By the way, GSA’s Gov Gab is a terrific source for information and services available to the general public from the entire federal government.

My experience in using blogging as a management tool has been very positive, and I would encourage those who are considering blogs and similar tools to jump in. Whether internal or external, blogs can complement other communications channels, help foster a more productive work environment, and aid in recruiting and retaining talented employees who want to be part of a top-notch organization.