Cloud, RPA, Zero Trust: FEMA’s Scott Bowman’s Tech Roadmap to Modernization

Scott Bowman, FEMA

Scott Bowman, FEMA

In his 20 years with the Federal Emergency Management Agency, Scott Bowman has seen some big changes — most of them digital to improve efficiencies, but always sticking to the mission. 

In the beginning, “we definitely didn’t have smartphones. All of our disaster applications from disaster survivors were taken over the phone. We didn’t even have an internet capability for registrations,” he said.

By the time hurricanes Harvey, Irma and Maria blew through in 2017, FEMA had more than 90% of its disaster survivor applications coming in through the internet and its mobile applications. 

As FEMA’s acting deputy chief information officer, Bowman is helping to keep the agency ahead of this wave of technological change. 

High on his radar is moving to the cloud. The agency already has 15 systems running in the cloud and while Bowman said he’s eager to go further, he is moving ahead judiciously, conducting a comprehensive assessment to determine how best to make the transition. 

“We don’t want to just lift and shift everything in the cloud,” he said. “We’re trying to make a determination of how cloud ready [systems]are, and if they’re ready, we’re willing to do that in an expedited fashion. We want to fully leverage everything that’s available in the cloud, all of the elasticity and the capabilities that exist there.” 

And while Bowman explores the cloud compute environment, he’s also looking at the infrastructure needed to get there. 

“Another focus area in relationship to the cloud is continuing to extend our current network securely into the cloud,” he said. “We’re establishing a pipeline for the remaining FEMA applications to ensure that we’ve got that robust, secure connectivity.” 

To nail down cloud and while also pursuing a range of other modernization efforts, Bowman has been working to strengthen coordination and collaboration across the agency, in an environment where IT decision-making has previously been fragmented.

“We’ve re-established our IT governance board with agencywide senior leadership representation, and we’re working with that leadership to render decisive and collaborative enterprisewide IT decisions,” he said. 

Under the recently restructured communication paradigm, top-level people have begun rowing together. 

“The win there is the collaboration at the senior leadership level to ensure that we’re all going in the right direction, and all working on the same agenda,” Bowman said. “Then we also have sub-boards underneath that, that report up to the IT governance board, to ensure that you’re not only at the senior leadership level but also with the actual subject matter expert levels.” 

Among other things, he’s leveraging that momentum to tackle the ongoing cybersecurity workforce challenge that plagues many federal leaders. 

“Everyone is hiring cybersecurity talent, so the job market for that skillset is challenging,” Bowman said. “We’ve exercised the cybersecurity workforce hiring authorities that are available to us, some of the direct-hire capabilities. We’re also looking at enhanced pay for cybersecurity professionals, trying to implement that.” 

While special hiring authorities help with recruiting, and ongoing training can bolster retention, Bowman said the work itself is his strongest selling point among cyber pros. 

“The FEMA mission is a very unique mission,” he said. “It’s very fulfilling. We have a lot of staff that come and join the agency and stick around for years because they find that they love the mission, they love helping people.” Part of his job is to “help them see the broader picture of how what they’re doing has an impact agencywide.” 

While other feds walk the same road, Bowman has a slight edge: He can send people out to disaster sites to see for themselves why it all matters. 

“What we see when people come back from the field is: They are energized, they are excited about the mission,” he said. “They typically come back very enthused and happy about the mission and the work that they’re doing.” 

On the technology side, Bowman said he’s beginning to implement robotic process automation as a means to reduce repetitive and mundane tasks. He’s starting with invoicing — it’s boring, manual and ripe for an RPA improvement.

“From there, we’ll grow it and see how it goes,” he said. 

In the longer term, Bowman is following the development of the zero trust security approach.

“We have a lot of data and we want to ensure that we’re doing everything we can to secure that data and protect it,” he said. “So, we’re looking into zero trust, and starting to explore how we move forward to leverage that to secure data at its lowest level possible.” 

Bowman said he is especially eager to see how this could support the security needs of a highly mobile workforce. 

“The data used by the staff are on mobile devices nowadays, laptops all over the place, and they need access to it all the time,” he said. “We have to ensure that we’re not just protecting our networks at fixed facilities, but that we’re also protecting the data on any device that it’s on.” 

Bowman joined FEMA as a contractor and quickly took a staff role, and he’s been in the CIO’s office since — but it was the time spent on site at disasters that helped to solidify his commitment to the agency and its efforts. 

“I’ve been closely integrated with several of our program offices over the years, and deployed to the field with them — with our response and recovery staff, with our inspection services staff — actually going out and doing housing inspections of damaged dwellings for disaster survivors and ensuring that the software worked,” he said. Through that work, “I really got hooked on the mission and all of the different challenges over the years. Turned around and all of a sudden — it’s 20 years later!” 

Subscribe to The DailyGet federal business news & insights delivered to your inbox.