How IT Modernization Can Enable Your Agency’s Mission





In the first of a three-part video segment, Nathan Brewer, Group Vice President for Sapient Consulting Public Sector,  Chad Sheridan, Chief Information Officer at the Agriculture Department's Risk Management Agency, and Jeff Weiner, Deputy Executive Officer of the National Institute of Diabetes and Digestive and Kidney Diseases at the National Institutes of Health, discuss how agencies can develop an IT modernization strategy that transforms how they deliver mission-critical services. See full transcript below.

Jason Miller: The conversation we're having today comes at a perfect time. The House recently passed the Modernizing Government Technology, or MGT, Act. The Senate is now considering the bill, and Congressman Will Hurd, the primary author of the bill, told me recently he's confident that the upper chamber actually will move on the bill. As a brief reminder, the MGT Act does two main things. It authorizes a central fund of $500 million for agencies to apply for through business cases, and it creates working capital funds in each agency where they can stockpile savings from moving off legacy IT systems.

Getting the bill passed and setting up those funds actually may be the easy part. Agencies will have to think hard about how they can not only lift and shift from old technology to new platforms, but also provide services much differently. The government currently is spending about 69 percent of its IT budget on legacy systems. This means the aging hardware and software are costly and pose significant security and operational risks. The Office of Management and Budget has been pushing agencies over the last two years to shift their spending and get off old systems. The recent cybersecurity executive order calls on agencies to make it even more of a priority by moving to concepts like cloud and shared services. Meanwhile, OMB is emphasizing agencies address change management, user experience, communications and other strategic components as a part of a successful modernization initiative.

Now, all these pieces are coming together. Agencies need to consider the opportunity before them. How can they develop a modernization strategy that transforms how they deliver mission-critical services? This is not a discussion about technology; it's about moving off of old technology, and how that can lead to better and less expensive citizen services. That is what our panel will break down today.

So with that context in place, let's turn to our guests. Chad Sheridan, the Chief Information Officer of the Agriculture Department's Risk Management Agency; Jeff Weiner, the Deputy Executive Officer of the National Institute of Diabetes and Digestive and Kidney Diseases at the National Institutes of Health; and Nathan Brewer, the Vice President for Sapient Consulting Public Sector. Let me start with Chad. You guys have been working on this modernization effort for quite some time. Let's just talk about what does IT modernization mean for you guys today?

Chad Sheridan: Well, it's twofold. I look at our business of IT in two different realms. One is things that directly support and enable the mission and those things that are supporting functions that are ripe for shared services. One way we look at modernization is to better deliver mission value. So I bucket a portion of our business into that, and that is all about mission value. The other part of our business is about performance at what cost. That's where you look at what performance best enables us to do the things we do every day and at what price point are we willing to pay for that?

And so, all of those things that are hosting, are end-user services. That's not the business of agriculture. The business of agriculture in the risk management agency is crop insurance. So I need to look at these two things differently. For our business systems, modernization is about retiring technical debt. We built things differently. Legacy systems or even systems we built five years ago were developed with a model that didn't think about the total lifecycle cost of these systems. You know, if you look at various research agencies, they say you'll spend up to five to six times what you spend at development on operating and maintaining. We've got to be able to reduce that cost. We've got to build them right up front.

JM:  I think the point of saying, “build them right up front,” means you have to understand what the needs are, and it's not just, “OK, we have this, we can move to the cloud so let's move to the cloud.” You've got to ask yourself those questions. Does it make sense to move to the cloud or does it make sense to keep it on premise or so many other pieces and parts? That's where that mission side has to come in.

CS:  I think it looks at our principles, we don't believe we should be in the business of running a data center. I definitely can say that for the risk management agency, but you could ask the same question to the broader agriculture department. Farmers don't care that I run a data center; they care that I provide federal crop insurance. We believe that our long-term strategy and roadmap is, let's get out of that business. It's not that we're doing a bad job, it's just this is a service we can buy that is going to be more secure provided we take care of our own equities. Lift and shift doesn't work in that context. We've got to look at that roadmap and say these are the things that can go right now and these are the things we're going to have to re-architect for that kind of hosting environment.

JM:  It’s interesting you bring up the idea of data centers. I was at a conference recently and someone asked the question, “Who can afford the best people to run your data center?” And there's a question to the audience, and everyone kind of looked at each other and said, “right, not us, the government.” It's always the vendor. So that's a good point.

Nathan, Sapient is bringing an interesting perspective. You guys are not a typical technology firm. That's why I said it's a little bit different of a conversation. Let's talk a little bit about what you're seeing with your federal customers. How are you helping them with their IT modernization?

Nathan Brewer:  I think Chad hit on a couple of good things there, and it really comes back to the question, what is the mission impact of your technology investment? For us, when we work with our clients and look at a number of different organizations, we see many different agencies at different levels of maturity. While some, as Chad talked about, are well along the path towards modernization, others are still trying to deconstruct, asking themselves, “What am I trying to maximize here with this modernization effort? Is it just preventing future cybersecurity threats? Is it maximizing my financial return on investment?” That’s where we

 begin with clients. What are you trying to enable through this modernization effort? If you're able to do that more effectively, then it's a worthwhile investment.

JM:  Given the attention on cybersecurity, post-OPM hack and now with this latest WannaCry ransomware attack, do you get a sense that people are too focused on  protecting systems and they're not focused enough on how transforming your business through IT will protect your systems better because inherently there's better security built in?

NB:  Yes, I think it's twofold. I think within the government, security is almost just like electricity. It has to be there. It's not an option not to have a secure system. I think for the public, I don't know about you, but at home, I have a file in my desk drawer that is every letter I get of my personal information getting hacked. So I'm a little skeptical of, you know, it’s security at what cost and to what point. But yes, it's absolutely essential. I think for the agencies that are doing really nice things with technology in this modernization effort, they're looking at, “What is the core mission and how am I enabling that not just with serving my end users or the citizenry better, but also my internal stakeholders? Are my employees able to do their jobs more effectively and efficiently overall?”

JM:  I think that's the question that a lot of people are starting to ask. When I talk to CIOs, one of the things that comes up time and again is the customer service, the citizen service angle and how the CIO office has changed. It's not just, “Well, we've hooked this server up or changed this, but really how can I serve it better?”

Let's turn to Jeff Weiner. Jeff, talk a little bit about your work at the NIDDK. Talk a little bit about how you guys are looking at IT modernization.

Jeff Weiner:  So for us, modernization is this holistic process. It's evolution for us. We have always used technology. We had mainframe computers. Obviously, the world has changed. What drives us is the science. What do the scientists need? What are the kinds of activities they're doing? What kind of images and data and information are they generating? It’s huge amounts of data. We have to find ways to create the opportunities and the infrastructure to support that and to help science. It's not just data science in a remote place.

We also have, to a very good point, a very significant public presence. A large part of our mission is about providing medical research information and disease information and therapy information and options to the American public. For us, IT is really an enabler. It's really part of how do we reach the public, how do we deliver the services that our scientists and our collaborators at various universities and hospitals are providing? For us, it really is just part of our mission in all parts.

JM:  Chad, jump in.

CS:  I love what Jeff said because if you look at this, part of the difficulty of these conversations—and we're grateful to have them—is we keep talking this inside baseball language. We talk about FITARA, we talk about FISMA, we talk about now MGT's the new one. We keep talking about the IT-centric things that are going on because that's part of our daily job as CIOs. The problem is getting buy-in from our mission leaders. We've got to speak the mission language, and I think actually it's the biggest impediment in the security space and also in the modernization space. We talk about modernization in IT language, instead of, “If we do this, now our mission is more secure.” We changed our security discussion from IT security to mission risk.

I had a great administrator in my past boss, and we got him to understand what does security mean to RMA. The idea is farmers don't like giving the government their data. If we have a breach, whether it's in one of my systems or if it's in one of the companies that we partner with to deliver crop insurance, now I don't want to give my data, which means I don't want to participate in the program. Well, insurance is about a broad-based risk. If I start participating in the program or I get bunches of people that stop participating, all of a sudden, I go from a security breach to a mission kill. We don't need our mission leaders to understand our business. We need to take our business and put it in terms that the business leaders can understand and enterprise risk and enterprise modernization.

JM:  Jeff, you're shaking your head. How are you able to do that? Because when you talk about disease and you're talking about much more complicated signs. I mean, farm insurance, we all get insurance. We all get farm, hopefully, our farmers and what they do. But when we talk about scientific and research and disease, it's much more complicated.

JW:  Agreed. We have, by our nature, a very collaborative community. Our scientists, they collaborate with people outside and people internationally. Our history has been that of working with other people toward solutions. Our leadership, who grew up in the science field now lead our institutes and understand the mission. We recognize that part of our mission is inside. It's in the labs. It's doing inventions. It's working with the clinical patients to try to develop new therapies. But if we don't share that information with the public and with the medical provider community, then the value of this incredible organization isn't realized. Our leadership is very actively involved in our IT decisions and our IT strategies, and they don't think of it as an afterthought. It's really part of how we do our research initiatives.

JM:  Were you a researcher who fell into IT or have you been an IT guy who now fell into research?

JW:  I'm a businessman who fell into IT. But because I've spent 25 years at the National Institutes of Health and several different institutes. I have been the CIO of several different groups, I've gained an appreciation over time for the incredible diversity of the science and the activity. How it is so integrated because, as we increasingly know, IT has become more and more expensive. Making these decisions is very impactful, they're expensive and they have a long life. The way we organize ourselves and provide these resources really does help us move our scientific mission forward, and at NIH, it's all about the science.

JM:  Nathan, let me turn to you. When you work with clients, are you starting to see the agency turning the IT to the mission versus the mission to the IT? Is that change happening more and more?

NB:  I think both Chad and Jeff represent the best of government here in the sense of talking mission first. I mean, how many times have each of you talked about the end users and the ultimate mission? I think the change we've seen over the years is technology is no longer an afterthought. It's a key enabler to what organizations are doing. It impacts all levels of the organization. All levels are getting more and more involved, they need to have a point of view, and I think that's where the role of the CIO is not just as an advocate for technology and having the necessary tech tools to help the agency, but also just be an advocate for where are we going long term. What investments can we make today in technology that are going to enable the mission well into the future, long after we're all here, and really set the organization up for the next wave of success? So yeah, I think that's where we're seeing it.

One interesting thing, just to go a little further, is that you hear some organizations or some commentators talk about getting the right skill set evolving the workforce and everything else. What I think is fascinating, is that we're working with several clients now who are really trying to take  subject matter experts that have 30 to 40 years of expertise in an agency and use that not as a blocker to transforming technology, but actually leverage all that institutional knowledge to help inform certain business rule decisions as well as those made at a systems level years ago and why they're important and how they need to evolve going forward.

JM:  That's a great point about the institutional knowledge. There are so many people in government who've been there a long time, who we keep hearing about the retirement wave, and the tsunami that's coming. Unfortunately, or fortunately, it hasn't come yet. Chad, are you guys dipping into that, the knowledge base a little bit and saying, here's what we think we should do but let's talk to the people who have been doing this for 30 years?

CS:  Absolutely. I think we've got to take advantage of both the people that are coming into the workforce now that are bringing new ideas and new techniques, and the people that have been there and done that. What we try to balance is bringing historical knowledge not just of what we've done on the systems side, but understand how the agency has evolved. Whether it's talking to mission leaders that have been there the whole time or people on my staff that have been there for 30-plus years. It’s a recognition of the context of history, but we also need to have a short memory of we can't do that because we didn't do it before or, you know, it's a combination of bringing forward the lessons, but having a short memory so that we're not dwelling on what worked or didn't work in the past.

JW:  I'd like to extend what Chad's saying. We have our workforce, our federal workforce and all the experience and knowledge they have. We also spend a lot of time talking to other federal agencies, trying to mine their knowledge and their experience when they launch technologies and how did it work, where were the stumbling blocks and what their real challenges were. But what we've also done is we've created some really intensive partnerships with different private firms because some of the consulting expertise, some of the real knowledge about what's happening in the broader world, the trends, how you really get things done, comes from private industry. We've been very open and receptive to partnering with groups that do represent some of these best practices and insights.

JM:  Do you find that if you said, "Chad, what are you working on?" Well, that maybe works for Chad but may not work for your agency as much? Or is it, because we're talking IT and mission, kind of coming together, it's like if you're a CIO at one, you can be a CIO anywhere.

JW:  I think it is. You have to bring it home. Because technology's technology, but how does it fit into your culture? Are you ready for it? Is your infrastructure prepared? Are your people prepared to support this? And so for us, it really is a matter of looking at fit, but you have to start with this broad view of exploring options.

To view all three panel segments, please visit