CIO: Proactive approach to risk is essential

Related Links


Dale Meyerrose sees his role and office as cage-rattlers for the federal information technology community.

“The law that created our office was intended to disrupt the status quo,” said Meyerrose, associate director of national intelligence and chief information officer at the Office of the Director of National Intelligence (ODNI). The goal is to improve the best intelligence system in the world, he said.

Meyerrose spoke today at a meeting sponsored by FedSources and FCW Media Group.

Meyerrose is the first person to hold his position, which was created in December 2005 through the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004.

He said he got his job in ways that bypassed two principal reasons for CIO failure: a lack of authority and an inability to align CIO activities with the organization’s business mission. Meyerrose was a political appointee, and the IRTPA spelled out specific responsibilities for him.

“This is an elevation and [it] put a spotlight on an area that needs a lot of work,” he said.

A proactive approach to risk management is essential to serve people who need intelligence and to protect the information itself, Meyerrose said.

“By the time something is patently obvious, it’s too late,” Meyerrose said. “By then, the situation is out of hand. By then, an adversary has the means to exploit you. By then, you don’t support someone.”

To avoid IT procurement failures, federal agencies must recognize that most IT acquisitions are procurements made by thousands of different people across an enterprise, Meyerrose said.

“We have to think big, start small, fast,” he said. Product cycles should be spirals that take 16 weeks at most, not months or years, he said. In each spiral, the CIO should see what works and what doesn’t.

Federal agencies that strive to improve information sharing must balance both privacy and security, Meyerrose said. “You can’t have information sharing without the others, and if you don’t have the others, there’s no point in information sharing,” he said.

As they advance information-sharing initiatives, federal agencies should move away from standardizing on some products or making too many standards, Meyerrose said. Instead, they should focus on creating simpler, universal standards, he said.

“We play the world’s greatest music on four strings of a violin, 88 keys on a piano,” he said.


  • FCW Perspectives
    zero trust network

    Can government get to zero trust?

    Today's hybrid infrastructures and highly mobile workforces need the protection zero trust security can provide. Too bad there are obstacles at almost every turn.

  • Cybersecurity
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    NDAA process is now loaded with Solarium cyber amendments

    Much of the Cyberspace Solarium Commission's agenda is being pushed into this year's defense authorization process, including its crown jewel idea of a national cyber director.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.