Remarks as prepared for delivery
Good morning. Thank you, Federal Computer Week for having me today.
I am honored to be here to talk about this great topic and share some of our accomplishments at the Department of Justice and food for thought for those thinking about digital transformations. We are living in an exciting and challenging time in the federal government – technology is rapidly changing; our workforce is more mobile now than ever; every device is connected to the internet; artificial intelligence is embedded into everything; data is growing exponentially and most is encrypted: cyber-attacks are more sophisticated than ever; budgets are constrained; and yet, customer expectations remain high.
Further complicating the situation, roughly 80 percent of the department’s IT budget is spent on operating and maintaining legacy systems. These legacy systems have most likely missed whole generations of technology advancements and contain inherent vulnerabilities, increasing agencies’ attack surface area.
I am excited about all the initiatives we are seeing from the White House and support from the Hill that provide CIOs the opportunity to address these challenges head-on. To includes the President’s Management Agenda’s focus on modernizing IT; implementing a robust and integrated federal approach to data management and use; reskilling and redeploying the current workforce and recruiting top talent to support mission needs.
Within the Department of Justice, we view modernization as a continuous evolution with the goal of creating additional integrated services while aligning IT with the mission and ever-changing business needs. However, digital transformation is much more than IT modernization. If we were to just modernize legacy technology and processes, we would miss huge opportunities to revolutionize the way things are done. Two weeks ago, I was out on the West Coast where I saw first-hand how 3-D printing can fundamentally change manufacturing. For example, we will be able to simultaneously print and combine components that used to be done in separately.
Modern IT services strengthen our cybersecurity posture, reduce operating costs, enhance capabilities and provide the impetus and foundation to adopt leading-edge technical solutions. This morning, I will highlight some of our foundational work, our strategy moving forward, how it all ties together, and close with ways our industry partners can help us.
Before I talk about our strategy moving forward, I would like to highlight a couple of accomplishments that provide a strong foundation for the future. Since 2010, we consolidated the department’s footprint from 110 data centers to 28 data centers. This includes the recent closure of the department’s largest data center, a 91,000 square foot facility where we had to detangle 30 years’ worth of installations and firewalls. We reduced the number of disparate email systems from 23 to one highly secure cloud-based solution – saving the department tens of millions annually and facilitating cross-component collaboration. We established a unique cloud-optimized trusted internet connection service providing high-speed and secure connections directly to cloud service providers. We prioritized continuous improvement and achieved ISO 20000 certification—only the third Federal entity to achieve this—in order to continuously improve service delivery, and established a Technical Reference Architecture to clarify expectations, advance reusability and improve IT investment decisions. We also consolidated 19 telecommunication fair opportunities to a single solicitation under GSA’s Enterprise Infrastructure Service and when we issued this solicitation last month, were the first major agency to do so.
On the mission side, the FBI is delivering new search capabilities and algorithms to a system deployed nearly 20 years ago. The enhancements, to include use of biometrics analysis and identity confirmation, will enable faster and more accurate determination of gun purchase eligibility. The United States Marshals Service and ATF are replacing their legacy case management systems with an integrated suite of solutions. The new systems are built on the same platform – enabling code sharing and cost avoidance for the department. My office provided over 200 federal and tribal criminal justice agencies and 100 civil agencies access to law enforcement databases, delivered DOJ IT security services to 21 federal agencies, and developed additional service offerings to market to a wider customer base. Overall, we’ve achieved $334 million in cost savings/avoidance.
Given the environment I just discussed earlier, DOJ is faced with the daunting task of efficiently managing routine operations while driving our enterprise modernization. Prioritization of enterprise modernization efforts are driven by performance and cyber and operational risk. Funding and the acquisition process are the pacing functions. And even when we have funding – limitations in how it can be used reduces our ability to quickly respond to changing operational needs and advances in technology, while the federal acquisition process is often cumbersome and slow.
In light of these barriers, my strategy is to drive information and technology at the pace of American innovation, build agility into services, support achievement of the DOJ mission, and guide the department’s initiatives and activities, while being brilliant at the basics. With help from the DOJ CIO Council, composed of Component CIOs and IT managers, I will issue an updated IT strategic plan which will reflect many of the thoughts you are hearing today. While it is not finalized, I would like to give you a sense of where I think we will end up. One of the most notable changes is we will go from five goals to four. Let me outline them.
First, we must continuously improve our service delivery, providing a better customer experience by adding more intelligent and autonomous processes. That will require improving our strategic relationships with our business and industry partners.
Second, in these times of fiscal limitations, managing our budget efficiently must continue to be a priority for us. That will mean more shared services and more focus on the use of spending authorities to drive toward more efficient and modern systems.
Third, protecting DOJ’s networks, systems, and information will remain a top priority for the department, and will focus on several aspects of security: continuous monitoring, automated incident response, centralized identity management, and resilient systems. These increased capabilities will also deliver efficiencies in how we do identity management, which means we will concurrently deliver more value to our mission community by improving our ability to share information in a secure manner. DOJ will continue to build and improve our cybersecurity services for other federal agencies in support of promoting the use of shared services.
Fourth, while achieving excellence at the basics, we must keep our eyes on opportunities to maximize mission capabilities by driving forward smart, easily accessed data and use of advanced cognitive analytics and machine learning.
We selected these goals because they crosscut through many of the larger challenges facing us. To be successful, we must also foster a high-performing, nimble workforce that can keep pace with the technologies. This will involve re-skilling with relevant training, re-evaluating the federal compensation packages to stay competitive with industry labor practices, and recruiting and retaining top talent.
A common strategy and agile workforce will help guide the department in further adoption of centralized and commodity IT services – resulting in resilient, secure, and cloud and mobile optimized services tailored to the individual and with the ability to support new technologies.
To support the new technologies, we are building a robust and scalable network backbone, which will ensure availability of information when our folks or mission partners in the field need it. This backbone will allow us to co-locate data and advanced analytics with scalable computing and enhance our mission capabilities. However, just as important, we can reduce our IT operating costs to reprioritize resources to support the mission. In alignment with what we are seeing in the private sector, we are exploring ways to authenticate, authorize, and encrypt all workflows. This zero-trust model uses a combination of unique data and behavior metrics to identify the device and user. Under the Federal CIO Council’s Services, Strategy and Infrastructure Committee, my co-chairs and I are sponsoring a working group to explore implementing this model for the federal government.
One challenge we are finding is for zero-trust model to be successful, you need a strong identity management model that establishes an enterprise digital identity with enhanced attributes integrated with agencies, their components, and mission partners’ active directories, as well as work planned around mobility to offer simplified access. To fully exploit the value of the data we need a cohesive approach to data management and simplification of information sharing across the enterprise and with mission partners. Likewise, in order to accelerate innovation and take advantage of advanced and autonomous technologies, DOJ must ensure strong information management is consistently practiced across our IT environment. We must simplify access to information held in any combination of DOJ and mission partner systems whenever and wherever required, limited only by law or policy, not technology.
To that end, my office is developing a Strategy for Information Management, Access, and Sharing as the next step in DOJ’s efforts to optimize the value and power of information. The strategy focuses on three aspects of information sharing: Data Management, Identity, Credential, and Access Management and Information Exchange Standardization. A comprehensive information management strategy is long overdue. This strategy will build on our successes, while emphasizing our commitment to continued progress in this area. My strategy provides a framework for ensuring that DOJ technology efforts are synchronized with the needs of our mission partners and contribute to national dialogue about our shared long-term vision and strategy for improving the national criminal justice information sharing architecture. We are modernizing my office’s technology to make operation and maintenance less complex, improve user interfaces, fully embrace mobility, improve security, reduce administrative burden of ownership and administration, and reduce technical complexity.
I came today not only to tell you about our challenges and plans, but also to recruit you to help us excel in executing our plan. To our academic and non-profit partners, I ask that you help us reap the benefits of your research and insight. To our government mission partners, please continue to engage with us to identify economies of scale opportunities and maximize whole-of-government solutions. I have reserved my biggest ask for our industry service provider partners: help us build common solutions for common problems in an agile manner; facilitate our understanding of the business case for new technologies and how to measure, manage, and optimize their value proposition; aid us in innovating our acquisition and procurement processes to keep pace with the technology curves; encourage us to use commercial, consensus-based standards wherever possible; provide us with insights from within state and local governments on how they are using technology; and perhaps most important, as reductions in federal spending occur, let us work together to unleash the power of American creativity on our highest national priorities in the most efficient and effective manner.
I look forward to seeing the better future we build together.