by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : November and December 2015
People 18 November/December 2015 FCW.COM The theft of personal information on 21.5 million federal employees and their families from the Office of Personnel Management, including the breach of the database of forms on employees seeking security clearances, was the most devas- tating cybersecurity event to strike the U.S. government to date. The infiltration, discovered in mid-April, upended Scott’s plans for an orderly execution on existing policies and spurred a governmentwide “sprint” to tighten up cybersecurity, with a focus on two-factor authentication and the use of personal identity verification (PIV) cards. Scott didn’t exactly see the OPM hack coming, but he wasn’t totally surprised either. In a recent interview with FCW at his office in the Eisenhower Execu- tive Office Building, Scott said he knew going in that the vulnerability of federal systems needed to be addressed. “When I first came on board, one of the things I had a strong sense of is cyber is one of the areas that we’re going to have to double down and really pay a lot of attention to,” he said. “You could look around you and see in the retail sector, in the banking sector, in the media and entertainment sector, to name a few, that there had already been a series of pretty eventful occurrences. To believe that the government was somehow immune from that was probably not credible.” He added that the OPM hack “put an exclamation mark on the work that I already thought we were probably going to need to do. At the end of the day, I don’t think it changed things all that much, although there were a few weeks in there where obviously we got some extra work to do.” As part of a longer-term initiative to protect networks, Scott released the Cybersecurity Strategy and Implementa- tion Plan for federal civilian agencies on Oct. 30. That document offers definitions for what constitutes a “major breach” and gives agencies a blueprint for responding. It is complemented by the 2016 Federal Information Security Modernization Act guidance and a long-awaited update to OMB’s Circular A-130. Agencies are now required to identify “high-value assets” that need special protection, and CIOs are tasked with identifying systems that rely on older infrastructure and are due for modernization. “Coming out of this sprint we asked people to look at your high-value assets,” Scott said. “Then we asked [CIOs and chief information security officers] to make a risk-based assessment about whether things are adequately protect- ed or not.” There is more antiquated technology in government than Scott would like to see, but he takes a realistic view about where modernization activity should be focused. “I would love to see all Windows Serv- er 2003 systems upgraded or replaced,” he said. “But if they’re not in a place where it’s the highest priority threat or there’s any threat at all, then I care a lot less about it.” Scott is also realistic in accepting that — despite the best efforts of his team at OMB and IT shops across government — federal systems will continue to be targeted. “I don’t care if you’re the local 7-11 store or the U.S. federal government,” he said. “The number of attacks is going up.” At the same time, Scott stressed that feds are improving their batting average when it comes to deflecting attacks. Agency IT leaders have generally given Scott high marks in return. “I think he’s done a very good job — especially when it comes to keeping important work moving in the face of so many potential distractions,” Federal Communications Commission CIO David Bray said. Scott has also put much-needed emphasis on cultivating leadership in the IT ranks by not just recruiting from the private sector but also developing talent internally, Bray said. “We need to think about how we can work with the folks we already have,” he added. Indeed, while the hiring and deploy- ment of the digital services teams — which were pioneered in the wake of the HealthCare.gov launch debacle — con- tinue, Scott stressed that there is still a lot of work to be done. “I think the digital services are a great example of the surgical use of a very spe- cial kind of talent to act as a catalyst for certain things,” Scott said. “Where the digital services teams have done work, they’ve really made some important contributions in the most critical of the consumer- or citizen-facing services.” However, he said, those teams “are not designed today to do the heavy lift- ing of taking these old, siloed systems and moving them to a modern platform.... Mostly we’ve focused them on citizen- facing kinds of services, where frankly there was a lot of work to do as well.” From Silicon Valley to the Oval Office Scott said he was happy as CIO at VMware and didn’t give much thought to government work. Even though he worked at a leading cloud vendor when “cloud first” was the declared goal of the Obama administration, Scott focused on technology and not the marketing of VMware’s services to government. “Coming here, I had to get up to speed as quickly as one can on the ways that government buys stuff,” Scott said. He was first approached at a technol- ogy conference in September 2014 and asked to help with White House efforts on diversity and nontraditional hiring in technology. He invited some friends and CIOs to a conference, after which, Scott said, “I naively thought I was done.” Instead, he was recruited by U.S. CTO Megan Smith, a former Google executive; Todd Park; Beth Cobert, who was OMB’s deputy director for management at the time; OMB Director Shaun Donovan; and others in the West Wing. 1215fcw_016-019.indd 18 11/17/15 9:07 AM