Editor’s note: This story was updated to reflect Terry Halvorsen’s status as both a political appointee and career employee, and his allowance to continue in his position past Jan. 20.
Defense Department CIO Terry Halvorsen is retiring Feb. 28, he announced Wednesday at a roundtable with reporters in the Pentagon.
Halvorsen was politically appointed as DOD CIO, but since he is also a career federal employee — spending time as Navy CIO and deputy commander of the Naval Network Warfare Command — he is not required to resign at the end of the current administration like other politically appointed CIOs, according to a DOD spokesperson.
Halvorsen will stay on for a brief time past the Jan. 20 inauguration of soon-to-be President Donald Trump, serving in the new Republican administration for about a month under a likely new boss — retired Marine Corps Gen. James Mattis, Trump’s pick to head the Department of Defense, pending Senate confirmation.
Since joining DOD as CIO in May 2014, Halvorsen set ambitious goals for the department, leading it on a path to migrate all systems across the Pentagon and the military services to Microsoft Windows 10 by January 2017. He also set a goal to eliminate DOD’s common access card in two years.
[Read more: DOD plans to eliminate CAC login within two years]
During Wednesday’s roundtable, Halvorsen implied that the Defense Department won’t quite hit that mark for Windows 10 migration, but it is making progress.
“Just my own office is now at 90 percent of transition,” he said. “I really think we’ll hit some numbers in the early part of this year, not where I would have liked to have been, but showing good progress. And I will continue to push stretch goals on that.”
He estimated that by the end of this fiscal year, the department will be “well into the 80-90 percent done.”
Halvorsen recently unveiled his vision for the department’s future, which included plans to establish an on-premise cloud service capability by the fourth quarter of fiscal 2017.
“The vision that I have is that it would probably be a third-party-managed cloud and it will provide us a set of enterprise services that’s everything from email, records storage, video, chat, file share, collaboration space,” Halvorsen, a FedScoop GoldenGov award winner, said at the time.
The progress on the Windows 10 migration, Halvorsen said Wednesday, “sets the stage” for other conversations, such as migrating to this cloud environment the department wants, which he described as “everything from an on-premise — what I’ll call baseline cloud supported by hybrid clouds — [to] in some cases your commercial clouds.”
Halvorsen noted the department is “looking at more and more commercial.”
“[Commercial providers] can operate generally at less cost than we can; that’s not saying that the government is not efficient, it’s just that they have less concerns than we can, they can do things at bigger scale and they can sometimes do things faster, so it makes sense for us to use it,” he said. “And we will continue, in general, to push commercial solutions where they make sense for the department.”
Replacing the CAC card
The department has started a couple of pilots of technology to replace the CAC card, Halvorsen revealed at the roundtable.
While he didn’t want to get into specifics, he did say his office is doing pilots around biometrics and behavior, which are “going well.”
Halvorsen reiterated what he said in August 2016 — that the CAC card replacement will likely be a combination of biometrics, behavior and personal data.
“One of the things that’s really hard to mimic is how you actually interact with your machine,” Halvorsen said in August. “Everything from the way you search files to the way, time you spend on different files, all of that stuff is the stuff we can track. And should track. And would be very helpful in determining if you are you on the machine.”
The new identification system, he said Wednesday, would likely have around 10 available authentication factors, but the system would choose a randomized set of only a few — Halvorsen said maybe five — of those to authenticate a person’s identity each time.
Halvorsen noted Wednesday that the Pentagon’s innovative outreach “startup,” Defense Innovation Unit Experimental, has been a helpful part of the CAC card elimination process.
“A lot of this is from new companies, it’s new technology,” Halvorsen said. “[DIUx has] been exceptionally good at pulling those together, organizing some of the opportunities and I would say initial testing of the technology to see which ones would get to the next stage. They have been phenomenal in supporting this.”
During his tenure both as DOD CIO and as Navy CIO, he worked to bridge the gap between the department and innovative West Coast companies through annual trips, which he expanded this year to include officials from NATO and some allied countries.
Before last year’s trip to the West Coast, Halvorsen said prior visits, evolving technology and DOD’s allies’ using different systems for identity management all contributed to his decision to get rid of the CAC card.
“One of the other reasons is none of the other allies use it,” Halvorsen said. “So if we’re going to go in partnership, how do you move forward, keeping the same or better — and I actually think in this case the technology is going to push us to a much better level of security without the CAC card.”
Transitioning the department
Though Halvorsen is leaving at the end of February, he noted that the other deputies are sticking around.
“Everybody else as of right now is staying, and if they make a decision to leave, it would be part of normal retirement, that’s all,” he said. “But I am very comfortable that we have a very strong staff in place.”
Halvorsen said John Zangardi’s moving into the Defense Department’s principal deputy chief information officer role was in good timing with his own departure.
[Read more: New DOD principal deputy CIO starts work]
“Obviously I think if Zangardi is acting for awhile, obviously I think he’ll put his own style, make some changes,” Halvorsen said. “I think the new secretary … will put their own stamp [on DOD IT], but I do believe that where we are headed, the emphasis on mission effectiveness and efficiency, will continue.”
He also complimented Essye Miller, who recently took over as the department’s chief information security officer, noting that she is well prepared for the new role.
[Read more: Army’s cybersecurity director takes over as DOD CISO]
“Essye was with the Army doing similar work — we’re glad to have her,” he said. “She’s got big shoes to fill, but I think she’s very, very well prepared to do that.”
Looking forward to a new administration, Halvorsen said that from his dialogue with the transition teams and others it “seems to be that we are on the right track.”
Contact Samantha via email at firstname.lastname@example.org, or follow her on Twitter at @samehlinger. Subscribe to the Daily Scoop for stories like this in your inbox every morning by signing up here: fdscp.com/sign-me-on.