So far this year, at least 15 states and territories have new CIOs. With many new to their roles — and for some, new to the public sector — these IT leaders must quickly learn about their agencies and set future direction, all while keeping the lights on.
Many incoming government CIOs have approached me for advice throughout my tenure as CIO for Pennsylvania and after I left that post. What follows are my recommendations for how to handle the challenges of the state CIO’s very demanding job.
Familiarize yourself with the current landscape of major IT projects in progress. While these projects may not have been initiated by the incoming administration, they’ll still have significant impact. Stopping or delaying them could do more harm than good.
Master the schedule, major milestones, specifics about each vendor and contract terms and conditions. Get to know the contracting and project teams and pick their brains about the issues and concerns.
Don’t alienate yourself from your team members because they can make or break your term as CIO. Make the B team your A team — these folks were here before you arrived and will be onboard after you leave.
Meet with state agency CIOs and get a feel for who’s on board with the current direction or the new direction you want to set.
Ally with major agency CIOs and understand how the reporting structure works. In Pennsylvania, all CIOs of agencies under the governor’s jurisdiction reported to me. Some state CIOs aren’t so fortunate, so relationship building is key to your success.
Understand the condition of the current IT infrastructure and future demand. When is the environment due for a refresh? How much of a capital investment will you need, and is that funding in the budget?
Infrastructure requirements can wreak havoc on a budget. Explore a consumption-based cloud computing model to procure hardware and storage on demand. Make that decision early.
Know your role politically. The state CIO is appointed by the governor and therefore, highly visible. Understand your relationship with the general assembly. It may be helpful to pore through testimony of previous CIO hearings to get a feel of what’s in store for you as you present to legislative committees.
Become well versed in the cybersecurity landscape. A data breach during your watch is a game ender. Don’t take this lightly.
Understand the state’s layered defenses and network security, as well as the latest security tools available to help organizations. Evaluate data security policies to ensure they’re in line with guidelines from the National Institute of Standards and Technology. Meet with the chief information security officer and confirm that you’re comfortable with that person and have confidence in his or her skill level.
Above all, think outside the box about what the state can do to strengthen security.