March 10, 2013 By Bill Schrier
"The Department of No". "The Geeks in the Basement". "Expensive Projects, Always Late".
Increasingly, many IT departments – and their CIOs – are becoming irrelevant to the business of government.
Peter Hinssen is a visiting lecturer at London Business School and a senior industry fellow at the University of California Irvine's School of Business. He recently wrote a provocative article on this subject, focused on CIOs and IT departments in the commercial sector.
But, as I thought about it, many of the same criticisms apply to government CIOs and my own experience as a City CIO.
Perhaps we can really trace IT department irrelevance back to smart phones. I remember when I was approached by Seattle’s Police Chief and Human Services Department director in about 2004 regarding BlackBerrys. As those City business leaders attended conferences, they saw their counterparts doing email on their cell phones. "Bill, why can’t we do the same?"
Luckily I was smart enough to investigate RIM and lucky enough that RIM (now branded BlackBerry) had a robust enterprise solution which catered to my IT department. We quickly put up a BlackBerry Enterprise Server (BES) and at last count more than 1000 BlackBerrys powered by Sprint and Verizon were in use by City of Seattle employees.
I wasn’t unique, of course – most CIOs and IT departments embraced BlackBerrys.
The problem of course, is that danged fruit company, Apple. They launched the iPhone about six years ago and the iPad a couple years later. Apple didn’t give a dang about Enterprises. It's "their way or the BlackBerry way". No management software for IT departments. Most IT departments resisted the iPhone and iPad trend citing security, public records act, and lack of manageability. But City and County employees quickly embraced them.
Suddenly, the IT department was irrelevant. I've blogged about this before, especially when Seattle elected a new Mayor, Mike McGinn, in 2009, and he and his staff brought iPhones to work and said "hook us up". But we see this trend in many other things.
You want a constituent relationship management system? Salesforce can be up in a day for a few thousand bucks (depending on number of users. Installing a CRM in the traditional manner, especially with RFP and customization, takes 18 months and hundreds of thousands of dollars.
You want to share files? You can install and customize sharepoint, which works pretty well, or go with any one of a number of document management systems. Again, 6 to 18 months, hundreds of thousands or millions of dollars. But Dropbox or Box.com can be up and working in minutes.
You need to spin up a few dozen servers and a couple terrabytes of storage quickly to support an election application or another urgent need? You can spend hundreds of thousands of dollars and months buying and installing equipment, then configuring and patching it, or you can go contract platform-as-a-service from Microsoft Azure or Amazon Web services or others.
You need office software like word processing, spreadsheet and an email client? You can spend five million dollars and three years justifying budget, planning, installing and training users (like we did at the City of Seattle), or you can go contract for Microsoft Office 365 in the cloud or Google Apps and have it up in weeks. (In fairness to the City, we did our email/Office project before cloud services for Office products were widely available.)
I talked to a CIO last week who thankfully stopped the deployment of over 10,000 desk telephones in her organization. Desk telephones a tiny little window for displaying information and without video conferencing, presence or most other features found on even low-end cell phones these days.
Traditional IT folks will point to a variety of problems with my examples, of course – the cloud-based systems have security issues and they are not robust (supporting thousands of users). And they are not configurable to the unique requirements of a city, county or state government – although I’m convinced most of the "unique requirements" are actually just job security for those employees rather than true "requirements". That’s the subject for a future blog post.
Ok, I’ve made my point about infrastructure. It's a commodity. It’s easily purchased on the outside. This is one problem. Here’s the greater one: while CIOs and IT departments spend their time on software and services like those above, there are a ton of unmet needs. And, frankly, line-of-business departments are now tech saavy enough (thanks again to smartphones, tablet computers, and downloadable apps or software as a service), that they can go contract to meet these needs directly, by-passing the IT department. Here are a few examples:
Is there a way out of this hell and dead-end of irrelevance for the Government CIO? I think there may be, with the trend we’re seeing for Chief Innovation Officers and Chief Digital Officers. I’ll blog about that in the near future.
In the meantime, I’m going back to configuring my server!
February 4, 2013 By Bill Schrier
The New York Times had the audacity to research and write a story critical of Chinese Prime Minister Wen Jiabao’s family. In return for its journalism, the Chinese government apparently unleashed a four-month long hacker attack against the Times stealing, among other data, every one of its employees’ passwords. This effort was apparently searching for the sources for the story. Ars Technica has a short, frightening, account of the hack.
And, of course, the Chinese government succeeded – would people crticial of the regime dare to talk to the New York Times now, knowing its technology can be hacked?
There are many related and frightening stories – the Wall Street Journal was attacked, a power station in the United States has been offline for three weeks due to an attack based on a USB drive, and, of course, Anonymous (or someone) has been hard at work with denial of service and web defacing attacks on banks and government agencies. Could a City, County or State government be subject to a similar attack?
A few years ago, when I was CIO in Seattle, I would have dismissed the notion out of hand.
A City government does not hold the secrets to making a nuclear weapon in its digital vaults, nor do cities have active networks of foreign spies (with the possible exception of my friends in the Big Apple) whose identity needs to be uncovered by foreign powers.
Today I feel exactly the opposite.
Cyberwar is real. Cyberwar is happening today, even as I’m writing this. And the New York Times attack is only the latest. The evidence is everywhere. Nation-states (and perhaps others) are creating malware with the express purpose of attacking other nations or private company. Stuxnet is one example, as is the malware which fried 30,000 computers at ARAMCO in Saudi Arabia. Many governments have been compromised with malware to steal money from their accounts by stealing finance officers passwords.
Why would anyone – other than a criminal botnet out to hack finances and bank accounts – target a City or County or State government?
The New York Times attack highlights the reasons clearly.
Suppose a Mayor or Governor publicly opposed allow trainloads of coal to pass through their city or state, in order to be loaded onto ships, sent to China, and used to power the Chinese electrical grid. Wouldn’t such opposition essentially constitute economic warfare and potentially provoke a cyber response?
Suppose a Mayor or County Executive, hoping to combat a rash of gun violence, initiates programs for a network of video surveillance cameras and gunshot detection technology (read: microphones) in a City. Could that provoke Anonymous or a similar organization?
Defacing a City or County website is bad. Stealing taxpayer money from government bank accounts is worse. Compromising SCADA systems to shut down a water supply or electric grid is dangerous. But we haven’t yet seen the worst potential attacks, such as bringing down a 911 telephone network or freezing a police or fire computer-aided dispatch system or perhaps crashing a public safety radio network.
And these overt acts pale by comparison to covert actions which may be occurring undetected – systematically compromising and falsifying utility bills, or hacking into and changing criminal and court records. We have no evidence such covert acts have ever occurred, but given the myriad of different levels of government and many repositories for the information, such databases must represent a juicy and lucrative target for criminal networks, Anonymous and even nation states. All these potential threats indicate cities, counties and states cannot be complacent, but rather need active cyber security programs, preferably in cooperation with other agencies.
Yes, Dorothy, a City could be hacked to its knees. Worse yet, it might not be discovered for months or even years after the act.
January 3, 2013 By Bill Schrier
Although Congress continues to put off really dealing with the so-called "Fiscal Cliff", the budget deficit, and a host of related issues (at least as of this writing), in the last week of 2012 both Republicans and Democrats agreed to extend FISA – the "warrantless wiretapping" law. FISA – really the "FISA Amendments Act" - essentially allows the federal government to eavesdrop on email and other communications without a warrant. The Senate even rejected amendments which would require some transparency in the process, such as revealing how many Americans are monitored in this fashion. This same law also gives telecommunications carriers blanket immunity when they turn over records or allow wiretapping of citizens.
On a slightly different issue, the National Rifle Association is reiterating its adamant opposition to the banning of assault weapons or other restrictions on the purchase and ownership of guns, despite the death of 20 young children to gunfire in Newtown. The NRA supports, however, a national registry of the mentally ill. And, of course, the Gun Control Act of 1968 prohibits gun sales to individuals who have been committed to a mental institution or "adjudicated as a mental defective." Because individual states have a wide variety of laws (or lack of them) which implement this provision, it has few teeth, hence the NRA’s call for the registry.
Recent advances in technology promise unprecedented ability to further monitor and pry into the private lives of citizens. The law is still murky about the GPS information in your cell phone, but some courts have ruled a warrant is not required for law enforcement to obtain it. Congress also approved a new law in 2012 which allows commercial pilotless aerial vehicles ("drones") to populate our skies. And technology is being developed to allow your TV to monitor your viewing habits, perhaps even via a camera which watches YOU and is embedded in the TV. This information could be reported back to advertisers and others for further targeting you as a consumer. Given the FISA extension (which protects telecommunications carriers who turn over information to the government), such data might also be available to government authorities. (More detail on drones, phones and TV monitoring here.)
Let’s add these new technologies to many which already exist – a proliferation of video surveillance cameras in both private and public hands for example, as well as a massive library of video and still images collected on sites such as Flikr, Facebook, Pinterest and YouTube. Most such sites encourage "tagging" of individuals by name in the images. Many private companies are developing facial recognition technology to allow these "tags" to proliferate to images across the Internet. Governments are also building facial recognition technologies and applying them at least to mug shot databases of criminals or suspects. License plate recognition (LPR) is now widely used by transportation and law enforcement. Indeed, between LPR and facial recognition, there might very well be a time when anonymity is essentially dead – whenever you leave your house your whereabouts will be known, tracked and entered into either a public or private database.
Add to all this the explosion of "big data" and "data analytics" such as the Domain Awareness System (DAS) developed by Microsoft for the New York City police department. DAS and similar technologies promise an unprecedented ability to analyze a vast variety of information about criminals – and citizens – to build a profile of each and every individual in the nation.
Now let’s circle back to the NRA.
At first thought, the idea of a national database of the mentally ill – who would then be prevented from at least purchasing and, perhaps, owning, weapons – seems an attractive thought. Clearly anyone who would brutally kill 20 first-graders – or murder a dozen theater-goers in Aurora – is mentally ill. Yet neither Adam Lanza or James Holmes were diagnosed prior to their acts. In retrospect, almost all perpetrators of large-scale massacres show signs of mental illness, but are rarely diagnosed before the crime. Some would argue that most cold-blooded murderers (as opposed to those who commit murder in a fit of passion or rage, or under the influence of a drug), are mentally ill.
How do we determine who is mentally ill, and therefore goes into the national database, and is then prevented from buying or owning guns? Ultra conservative groups like the NRA, who would never support government officials registering weapons, are, apparently, more than willing to allow deep violations of privacy to determine if a person is mentally ill. Do we need to build that nationwide profile of every single person living in United States (or perhaps the world), looking for those tell-tale signs of a killer? Do we need to put those cameras on every TV in every house? Do we need to wiretap and analyze every telephone or Skype conversation? And do we then use our business intelligence and big data analytics to create those profiles?
What’s amazing is not the potential for building such a database, but how far we’ve already allowed it in law, with FISA and the FISA Amendments Act and the Patriot Act and the use of our present technology. Even more amazing, is the ability of the far right and the far left, the liberals and conservatives, Obama and Boehner, Republicans and Democrats, all to sign on and support it.
We go willingly into this deep, dark night.
December 10, 2012 By Bill Schrier
I've worked as a public sector employee and a manager of government technology workers for three decades. While public sector workers share many attributes and work attitudes with their private sector counterparts, there are also some things unique to public sector employment. In writing this, I was inspired by two recent blog posts by Steve Radick including "Ten Things You Should be Saying to Your Boss."
First, government is, in the minds of many people, synonymous with bureaucracy. I've blogged about this before, but all large organizations, public or private, are painted with the bureaucracy brush. The bigger the organization, the more bureaucracy – and this applies to banks, manufacturing companies, the software industry and, well, everything where there are at least two people working together.
What should public employees be saying to their CIO bosses? When I was a CIO in a large City government, what should my folks have been telling me? And again, thanks Steve Radick for the inspiration for many of these. www.steveradick.com
1. "Don't worry about it – I got it." It is really great when, as a manager, I know an employee is going to handle something – take care of it, keep people informed and get the job done. Erin Devoto, my deputy at the City of Seattle and now the acting Chief Technology Officer (CTO) there, is a living, breathing, example of this. She took so many projects and drove forward to make sure they were accomplished.
2. "Here's a problem - here's what I'd recommend and why." Some of my worst experiences as a public sector manager were "monkey transfers". That’s where an employee recognized a problem or potential issue, brought it to my attention and then walked out of the office – transferred the monkey from her/his back to mine. But some of my best experiences were when employees recognized an issue, worked with their team to brainstorm some potential courses of action, and laid them out for a decision. Usually those employees, after the decision was made, walked out of the office saying #1 above – "I'll handle it". What a relief. I'm going to especially call out Mr. Stan Wu at the City of Seattle on this one, as he did this many times for me on projects ranging from fiber optic networks to radio networks and others.
3. "What can I do to help?" There are few better experiences for anyone – employee or boss – than being faced with a difficult situation, and having the team come together to figure out a solution and implement it. Willingness to proactively help address issues or problems – not waiting to be tasked with an assignment, is a hallmark of a great employee.
4. "Playing the 'Angel's Advocate' ..." I've been in so many meetings which go on and on as employees raise one potential issue after another with a proposed course of action or an idea. I used to cringe when someone said "Playing the Devil's Advocate …" and then went on to describe some low probability stupid scenario about how a course of action might fail. It's almost like the employees had a pool or a bet on who could come up with the most issues or the most unlikely scenarios to kill the plan. Give me an "Angel's Advocate" – a proponent – any day of the week. And if it is a legitimate issue or problem with the idea, suggest a way to mitigate it (see #2 above).
5. "I just read/watched/heard … and it got me thinking that…" As the boss, I love new ideas, and with all the changes in technology we've seen in the last 20 years, such ideas abound. In government it is relatively easy to find ideas which haven't been tried – usually private sector companies are first to adopt new technologies such as online services or mobile applications. Figuring out creative ways to use those in the government's service to constituents is something every employee can do.
6. "This idea has some risks, here they are, but I’d like to try doing it … " Government employees are notoriously risk adverse. I never quite understood that – most are protected by civil service or seniority rules or union bargaining agreements. Perhaps the risk aversion rises from fear of a newspaper headline or wasting taxpayer money. Frankly, I think bad bosses have a role to play too – ones who steal ideas for themselves or have a negative attitude about anything new. In any case, an employee who is willing to risk their reputation on an innovative solution can be a breath of fresh air.
7. "You know how we've been doing X? Why do we do it that way?" This one needs little explanation. We call it "paving the cowpath" when we apply technology or automate some business process without examining how to improve the process itself. Whether it be procurement or personnel actions or decision making or delivering a service, we should always look at the process first. This is even more important in government organizations where culture can be hard to change and existing business processes have very deep roots. No amount of technology or automation will materially improve an outmoded process.
8. "How am I doing?" Frankly, I used to cringe at employees who asked me this. Giving feedback – and honest feedback – is hard. Many employees don't want to hear bad news and many bosses don’t want to give it. But regular sessions of feedback are much more important than formal performance evaluations. And, of course, the flip side of this coin is willingness to accept that feedback, including #9 below. And employees don't need to wait for the boss to initiate such conversations.
9. "Here's what I learned and how I'll do it better next time". It is hard for many bosses to give feedback to employees on performance. It's much easier if the employee recognizes their own strengths and weaknesses and proactively brings them forward for discussion. This requires, of course, a high level of self-awareness, which is difficult for many people. (I had a long-standing employee who was totally delusional about his technical skills and abilities.) Going through post-mortems on projects and honest self-evaluation is important, and then vetting it with the boss is, again, more important than formal performance evaluations.
10. "Here's how I feel about that … " It takes a lot of guts for an employee to come forward to his/her supervisor, manager or director and give their honest opinion. The other side of this coin is that your opinion should be well considered and logical, not just some unsupported personal opinion. And it should be YOUR opinion, as an employee. I hated it when an employee said "And everyone else feels this way too". Oh yeah? Where are they at? And who appointed you as the spokesperson? Of course, some supervisors don't want to hear what their employees have to say, which is a subject for a different blog post.
11. "Yes, Boss, sometimes I know you'll move my cheese … " Change is a constant in any technology organization, or, indeed, any organization which uses technology at all. Whole industries are undergoing upheaval – just ask anyone in the newspaper, photography or land-line telephone business. Employees need to expect change, even in government, and sometimes it won’t be an improvement. But, conversely, the boss needs to explain the changes and the rationale for them.
And speaking of bosses, just like with Steve Radick's columns, my next blog post will be about what the CIO or boss should be saying to Public Sector Employees.
October 11, 2012 By Bill Schrier
(This column is updated from the original version.)
Robert Reich* had an interesting piece this week on NPR’s* Marketplace: "Is Technology to Blame for Chronic Unemployment?" He talked about the imminent end of many jobs and professions in the developed world, and specifically the United States, due to massive changes in technology. Read or listen to it here.
The logic of his arguments is quite clear.
First, the miniaturization of electronics coupled with the consumer technology revolution (smartphones and tablets) is really just in its infancy. Gee, the smartphone, for example, is just five years old, and the tablet computer (in its very usable, iPad-type format) is not even three years old. We’ve just begun to tap their potential.
Next, we are seeing more and more data and information squeezed into ever smaller spaces. While the first personal computers had less than 640 kilobytes of memory*, today we have widely available thumbdrives with 64 gigabytes of memory. Service members and others can carry their entire medical history on a chip in a credit card.
Indeed, Reich said, we may very well, in the future, carry an "all purpose" device, the "I-Everything" as he dubbed it. It could contain all relevant information about you, ranging from medical history to financial information to personal preferences (all suitably encrypted, one would hope!). Using a personal-area-network it could communicate with many other devices in or on your body to monitor your health, allow self-diagnosis of medical issues and even carry on most routine financial transactions and interactions. The I-Everything.
These revolutions in technology have already terminated many kinds of jobs. Word processors and data entry jobs are gone and secretaries, if not gone, are highly endangered. Telephone and switchboard operators, and many newspaper jobs, are gone.
More jobs will fall victim to technology. Bank tellers are endangered, as are travel agents. Retail store clerks are still employed in great numbers, but a decline must set in as more shopping goes online. Even restaurant servers may be somewhat endangered as iPads and other devices become common at tables.
This change will strike at professional jobs too. Sloan-Kettering medical centers have been testing the use of IBM's Watson to help diagnose medical conditions and, starting soon, it will start dispensing medical advice.
(You undoubtedly remember Watson from its appearance on the Jeopardy television show.)
We can see many other professional jobs which will be suspectible to the "artificial intelligence" powers of computers such as Watson. Such jobs might include attorneys and finance. Lawyers research and interpret laws, but computers are vastly better at raw text-based search. And artificial intelligence as demonstrated by IBM’s Watson computer can do much, if not all, of the interpretation and preparation of legal documents and briefs.
My title "Death of Lawyers" is a little dramatic. Lawyers aren’t going to die, but their profession will rapidly and significantly shrink. I suppose we’ll need trial lawyers for a while but almost all the "clerical" work of legal documents, wills, property transfer, tax preparation and so forth will fall victim to information technology. Most law schools and paralegals will soon follow. Indeed, most of the process of adjudication (“judges”) can probably follow as well.
IBM has 200 people working on applying applying Watson's abilities to commercial problems like medicine and finance. And my purpose in writing this column is not to "raise alarm" and cause people to "rise up against the machine." Computing is going to keep advancing and hundreds of companies and thousands of people are working to make that happen. Smarter machines will have many applications to improve our quality of life.
Many professions, however, will experience resurgence. Plumbers, electricians, carpenters and auto mechanics are definitely not susceptible to replacement by Watson -- or to outsourcing to China and India either, for that matter. But the sophisticated computers embedded in homes, appliances and automobiles will dictate more sophistication in these professions. Child care, nursing and elder care will still require "real people." Demand for, and the valuing of, these professions will rise.
Computers such as IBM’s Watson will eventually merge with the "I-Everything", I think, to produce a true digital assistant, able to interact and transact much of the routine business of your usual life. The only trouble is that, with so many people out of work, who will be able to afford one?
Well, this is, actually, supposed to be a blog about the use of technology in government. What do these revolutionary changes mean for government workers?
It’s hard to see how the "I-Everything" with integrated Watson can replace cops, firefighters, water pipe workers, electrical line workers, emergency medical techs, pothole-fillers, and parks and recreation staff. Spouses angrily fighting with each other, throwing kitchen utensils and pulling out knives and guns -- and then calling 911 -- are not exactly susceptible to Watson-like reasoning. "Bureaucrats," in the sense of employees who process documents, issue licenses and permits, and manage finances, may see their jobs in jeopardy.
And, of course, we’ll always need elected officials. Who would want to go to a public meeting and yell at a computer?
Or, perhaps, we’ll just send our I-Everthings to the meeting to yell at the electeds’ I-Everythings!
*Robert Reich is former Secretary of Labor for President Bill Clinton and presently professor of public policy at University of California – Berkeley.
*NPR – gee, you know what NPR is – its that public broadcasting service which includes Big Bird and Jim Lehrer and others who may be sacrificed to the god of Federal Deficit Reduction.
*Bill Gates did NOT say “640k of memory should be enough for anybody” - see here.