Work on sweeping, critical Department of Homeland Security tech initiatives from data center optimization to network modernization continues despite the department concurrently dealing with the COVID-19 pandemic, Acting Chief Information Officer Elizabeth Cappello said.
Cappello, who has been serving in the role since November, joined the Government Technology & Services Coalition and Women in Homeland Security last week for a webinar presentation discussing not only the tech path forward for DHS but how her career path led to her deputy CIO position.
Before moving to DHS headquarters, Cappello served as deputy CIO and acting CIO at Immigration and Customs Enforcement. Her lengthy career in federal service began with nearly seven years on active and reserve duty in the U.S. Marine Corps. Her path through the U.S. Customs Service took her to the birth of DHS after 9/11, and into a new field support organization at U.S. Customs and Border Protection.
Cappello counted herself “lucky to have had opportunities early in my career that shaped where I am today.”
“U.S. Customs helped me focus on what I really wanted to do with my career,” she said. “I found that I absolutely loved the mission, I loved supporting the operators, and I loved being able to provide those technologies that improve their lives and made their duties even easier.”
Cappello said she would “highly recommend” that anyone in the technology field “understand the mission you’re supporting to the greatest extent possible — open your aperture, get to learn the folks that use your technologies. The more you understand it, the better you can serve your mission.”
“I know that I’ve been lucky or blessed … but I also think that I did enough preparation that when an opportunity presented itself I was able to capitalize on it,” she said, noting that keys to preparation include “knowing that mission and knowing what you want to do.” Cappello recognized that it was “very clear to me that I wanted to serve,” and a couple times she considered a move to the private sector “but frankly my heart wasn’t in it.”
Continuous learning is also critical, and in a new environment “sometimes it’s easy to pull back and be very conservative … get out there, jump in with both feet.”
Cappello noted that a very large data center optimization contract is out right now “and we have some other data center optimization efforts that are going on with the data center II contract vehicle — this work has not slowed down even though we’ve moved into a telework posture.”
The network modernization contract vehicle change “will support that network modernization effort,” she said.
“We have an architecture in the DHS-area-wide network that is somewhere between 12 and 16 years old and it was designed to support the fixed data center construct, and as DHS has migrated to the cloud and is really embracing the cloud adoption. We need to look at ways to modernize that network infrastructure to support a hybrid cloud environment,” Cappello continued.
Priorities include “adopting zero trust as a mechanism to support cloud adoption.”
“We need to really change the way we do most of our enterprise operations to support these new models,” she said, adding, “And I’m happy to say all that work is continuing even though we’re in the middle of also supporting this national crisis.”
On the department’s security operations center optimization initiative, the cybersecurity service provider assessment program has been established. “We recognized in DHS we wanted to establish a baseline of what and how a security operations center should operate. And it’s modeled very much on the DoD model,” Cappello said. “And then begin to assess our security operations centers across DHS to ensure that they’re meeting the mark. To date we’ve assessed several – ICE, TSA, CISA – and by the end of the year we will have assessed all of the security operations centers across DHS.”
“And one of the things that comes out of this is if a security operations center meets the bare minimum then they’re authorized to continue as a security operations center. If they exceed the minimum and meet the center of excellence standards, then they can become a security operations center service provider maybe to other parts of DHS that don’t want to invest in raising their security operations center up to the required levels,” she said. “So through that process we hope to begin to optimize the security operations centers across DHS and ensure that we are meeting standards that support the cyber requirements for DHS.”
Another part of that SOC optimization initiative is “homogenization of the tools across DHS so we can improve visibility and information-sharing across the various security operations centers and then specifically for DHS headquarters.”
“Another component of the SOC optimization initiative, I have recently integrated our Tier 1 security operations center with our network operations center, and the objective there is to enhance our security posture by closing some visibility gaps, doing knowledge-sharing between the network operations center and the security operations center and also providing a career path to the workforce,” Cappello said. “Security specialists, they’re tough to come by and we’re facing a lot of competition from both the private sector and internal government competition for those security professionals. So one of my objectives is to try to grow our own, if you will, and develop our own in-house talent and offer a career path starting in the network operations area and migrating into security operations.”