Interview With DHS CIO Richard Spires: Securing Cloud Computing

Richard Spires, DHS

WashingtonExec had the opportunity to interview Richard Spires, the CIO of the U.S. Department of Homeland Security (DHS). We asked Spires how he balances cloud-computing innovation while also heavily evaluating the security risk associated with switching any IT infrastructure. Spires discussed working with multinational corporations that have already effectively implement private cloud-based networks as well as what he hopes to see from the new Federal CIO, Steven Van Roekel. WashingtonExec also asked Spires to reflect on some of his personal and career achievements.

Before joining the U.S. Department of Homeland Security under the Obama administration, Spires worked at the Internal Revenue Service (IRS) for 4 ½ years and left as the organization’s CIO.

WashingtonExec:  What are your thoughts on cloud computing?  How does the issue of security tie in for you?

Richard Spires: Security is in our name, so we are worried about security.  That being said, we are very aggressively pursuing what we call our private cloud strategy. The best example is we just awarded through a GSA contract, for infrastructure as a service, to start to move our public facing websites out of our facilities into a public cloud capability.  Of course, those being publicly facing websites the data that is housed in those websites is not sensitive data.  It is data that we want the public to access.  We think it is a way to get experience in leveraging public clouds; there are always security issues but if you will start out slowly, start out with things that give us experience at a relatively low risk.

I believe that the federal government will begin to leverage more and more public cloud services over the next few years, particularly for systems that we would classify as low or moderate from a security perspective.  I believe that it is going to take off here, particularly as FedRAMP matures and starts to certify a number of public cloud services from a security perspective.

WashingtonExec:  You mentioned that you used to work in the private sector.  What do you think DHS needs from the private sector in terms of cloud computing or other technologies?

Richard Spires: On the one hand I certainly would not say we are an industry leader here at DHS in leveraging IT but on the other hand we very much are studying what major corporations are doing; large multi-national corporations or large organizations that are federated like we are with many divisions. I routinely am talking to leaders in the private sector that run large IT organizations in order to get lessons learned but sometimes they learn from us as well.  We are doing some very aggressive things here at DHS in moving into private clouds.  We are also further ahead in the implementation of security than just about any private organization I see. For instance implementation of what we call trusted Internet connections is something that puts us well beyond what many private sector companies have implemented.

WashingtonExec:  What do you hope to see from the new Federal CIO?

Richard Spires: I should first say that I do believe that the initiatives starting under the former Federal CIO – I’d like to see Steve carry those forward, both the open government initiative, things like – I think are very important for government to be more transparent, to provide data that should be accessible to the public a way to get it to the public and also the 25 point plan for IT reform. Carrying out all 25 doesn’t solve every issue we have in federal government IT and I think what we are finding as we are carrying out these reforms is that we learn.  We are going to need to adapt.  I would hope and expect that Steve will provide the leadership in his role as the Federal CIO in helping us aggressively continue to improve federal IT; how we execute it, how we oversight it, how we fund it and budget for it – these are very key issues that we face in order to be more agile and more able to support our business partners as they carry out the missions of their particular agencies.

WashingtonExec:  What is something that you are most proud of, either professionally or personally?

Richard Spires: I am most proud of my family; my wife of twenty-two years and my children.  On a professional basis I would say the time that I spent at the Internal Revenue Service, I was there for 4 ½ years.  I believe that, and it is not just myself but the whole team, that the changes we made, particularly on the business systems modernization program, really improved the IRS’ ability to modernize its legacy IT systems which is very key to the IRS’ ability to more effectively administer the tax code of the United States and its Administration.  I certainly hope that I can, in my tenure here, do something very similar for us as we look to more effectively leverage IT to help out the missions of Homeland Security.  I’m hoping that – I can’t say it yet because it’s been two years, we are in the middle of some major changes here in how we manage IT but I’m really hoping that during my tenure I will be just as proud of what I’m doing here as what I did at the IRS.

Comments are closed.