CIO survey reveals cautious embrace of emerging trends

The presidential push for transparency in government may provide direction for federal chief information officers’ efforts, but cybersecurity concerns continue to top the list of CIOs’ biggest headaches.

For industry group TechAmerica’s 20th Annual Survey of Federal CIOs, released March 23, Grant Thornton LLP interviewed 45 CIOs and information resource management officials at 39 federal executive and legislative organizations about IT issues and policies. The topics included cybersecurity, social networking, cloud computing, transparent government and Federal Information Security Management Act reform.

Related stories:

House passes e-records management bill

Most visitors to GSA's apps.gov are window-shoppers

Management demands tag along with building a workforce

Create transparency, collaborate

President Obama’s push for open, transparent government gained momentum in December with the Office of Management and Budget’s Open Government Directive. It gave agencies about six weeks to publish three new high-value datasets on Data.gov, and 14 weeks to post an Open Government Web page and collect public comment. Deadline for posting their plan is April 7.

CIOs have pushed data to Data.gov, as well as USASpending.gov, Recovery.gov and the Federal IT Dashboard. Although the initiatives were created for different reasons, CIOs said they have a lot in common, said Paul Wohlleben, a partner at Grant Thornton, whose global public sector sponsored and conducted the survey.

“All are still maturing, and have not really reached what one CIO described as ‘an operating rhythm,’ ” Wohlleben said. “They all seem to suffer from data quality [issues], and as a result, all have low customer demand.”

To enable more collaboration and citizen participation, CIOs are looking to social media applications, Wohlleben said. “As described to us by CIOs, they for the most part have used a number of social media applications: blogs, wikis, Facebook, Twitter and so forth to attempt to connect people, communities, ideas and events.”

Although nearly half of agency CIOs are providing access to and encouraging use of such tools, “most of the uses of social media we construed as experimental,” he said.

One real-life demonstration of how these communication and collaboration tools can help came in the aftermath of the Jan. 14 earthquake in Haiti. “Social media tools were used to reach victims, to get supplies to the right place, to get around the chain of command, if you would, to get the information flow working a bit better not only for rescue teams but also among non-government relief organizations, volunteers and cross-government,” Wohlleben said. “CIOs look at this example as a way these tools could not only improve government but also save lives and improve quality of life.”

Despite the efficacy of such ad hoc use of social media tools in dealing with a disaster, security issues and the lack of policies governing use of these tools are slowing their adoption by agencies, CIOs said.

Secure the enterprise

Cybersecurity is a challenge that continues to grow, CIOs said. “They see it not as a problem they can solve, but one that they must continue to address,” Wohlleben said.

Identifying and preventing cyber attacks is a growing problem, CIOs said, but the difficulty is exacerbated by technology, such as the proliferation of thumb drives and just getting users to take security seriously and follow procedures, he said.

The sticking points also vary from one agency to another. The National Institute of Standards and Technology is a research organization, said Simon Szykman, NIST CIO. “These are people who value their intellectual freedom and want equal technological freedom.”

A key issue for all CIOs, Wohlleben said, is the difficulty in balancing security and privacy requirements with the need for access. Social media and mobile technology further complicate policy setting, CIOs said.

But CIOs seemed torn between the comfort of a check list and the freedom to wage an agile war against cybercriminals and cyberterrorists. While wishing for specific guidance like the President’s Management, they also applauded FISMA reform that would move the focus from compliance to operational readiness.

Cloudy days ahead

Cybersecurity was also a factor in CIOs reluctance to embrace cloud computing. Although 70 percent of CIOs surveyed said they were working actively on cloud computing projects or undertaking cloud pilots, 22 percent were waiting and watching, and 8 percent had no plans to use cloud computing.

With no agreed-upon cloud computing definition, however, defining the numbers would seem to be something of a judgment call. Some initiatives, such as active directory services and hosted applications, are “cloudlike, if not cloud,” Wohlleben said.

Looking at cloud computing in three sections -- infrastructure, platforms and software as a service -- helps to speed its adoption, said Michael Brown, executive director of IT Services at the Homeland Security Department. Agencies have experience with infrastructure as a service, and most or all have Microsoft's Sharepoint content management software, he said. But experience with platform as a service is more limited. “We have not so much cloud as the wisps of things that might eventually form clouds,” he said.

Workforce cubed

The workforce problems bedeviling CIOs are neither few nor simple, the survey found.

“There’s a perception that folks don’t find the federal government an interesting, challenging, innovative place to work” Wohlleben said.

But even after identifying, interviewing and striking a deal with the right person, hiring him or her often takes six months or more, CIOs said. “The hiring process is the antithesis of agile and adaptive,” one CIO told researchers.

“One CIO made the comment that HR organizations seem uninspired and ill-equipped to deal with the needs of the [IT] workforce,” Wohlleben said.

CIOs complained about HR requirements, such as forced rotations and geographic moves, that are hurting retention efforts.

On the flip side, CIOs said, eliminating non-performing employees from the federal payroll is a challenge, while removing a non-performing contract employee is easy. That dichotomy may influence decisions on how to fill a position, CIOs said.

In what Wohlleben described as almost “an indictment of the system, one CIO said that the personnel systems was set up to preserve the status quo, not to enable hiring the best and brightest.”

The road ahead

CIOs were reasonably optimistic about the future, however. IT management processes for the most part are mature, they said. And the challenges of making government more open come with opportunities. The current environment invites IT into the problem-solving process, they said.

“A stark difference between the Bush and Obama administrations, according to the CIOs, is in the area of innovation,” Wohlleben said. The current environment encourages innovative thinking, CIOs said, citing as evidence Obama’s appointment of a federal CIO with top-level access, allowing access to government data, crowd-sourcing, open government, innovation contests, use of cloud computing, social media and other innovations. Although some CIOs are reluctant to commit to the changes afoot, Wohlleben said, “most CIOs embrace this focus.”