cies that are oriented around the function of execution and deliver- ing at the mission space, where the technology folks are sitting there with the mission folks and are exe- cuting to deliver that outcome — I think they’ll have an easier time.”
“Certainly, we met with the CIO, and we met with the systems expert and chief technology offi- cer and asked for their feedback,” said another participant who had launched a mission-owned initia- tive. “But it wasn’t a centralized Garden of Eden that’s going to deliver an outcome. It’s a decen- tralized capability where you con- trol the systems. You have the funding. You have a couple of folks who work for you who have really deep knowledge in cybersecurity. You’re able to build and innovate very quickly. And I think that’s the difference.”
“That’s exactly the right model,”
a third participant said. “And by the way, that puts the risk management closer to the front lines, where it should be. Managing risk from the CIO shop sometimes is problematic.”
Two other executives said that model resonated strongly with them because, as one put it, “we’re mov- ing in the wrong direction, toward a completely centralized model. I don’t want to say it’s the entirely wrong direction, but I think it’s a direction that limits flexibility.”
The group was sympathetic to the pressures on agency CIOs to instill some sort of structure and process, even as they pushed back against “a cookie-cutter approach.”
“I think that the changes in the CIO function around process have been because they didn’t have vis- ibility into spending,” one partici- pant said. “So that drives the cul- ture. But you’re irrelevant if you’re
“I think that the changes
in the CIO function around process have been because they didn’t have visibility into spending. So that drives the culture.”
January/February 2019
FCW.COM 41