New Jersey Chief Technology Officer Dave Weinstein has his work cut out for him, and he knows it. But the challenge of reforming the way the Garden State thinks about and uses technology is a fight he is more than willing to take up.
In late June, Gov. Chris Christie tapped Weinstein as the state’s CTO and set into motion an aggressive course of action that will no doubt become a model for other states.
Amid heavily inset ways of conducting IT operations, funding issues and mounting security threats, Weinstein admits the course ahead will take altering the very fabric New Jersey public-sector culture — but will also establish the New Jersey Office of Information Technology (NJOIT) as a more efficient, cleaner-burning engine.
When all is said and done, Weinstein is optimistic that the strategy will mean better IT governance, an improved security foothold, and better partnerships with industry and the state’s some 500 municipal governments.
A Focus on the Future
One of the key priorities for Weinstein is the positioning the state to compete as a service provider both internally and externally. As overseer of 15 high-level departments and dozens of independent agencies with varying degrees of autonomy, assessing operations and categorizing risk is a first-tier priority.
New Jersey's first Chief Technology Officer David Weinstein, left, accepts the appointment from Gov. Chris Christie. Photo courtesy of the state of New Jersey
Additionally, efforts to move away from aging legacy systems have put the spotlight squarely on the efficiencies and savings found in cloud services.
While the CTO said the knee-jerk reaction of many in the IT space is to recoil from the technology, he noted that there are benefits that simply cannot be ignored if the state is to compete as a professional service provider.
“We are very focused obviously on embracing and adopting a cloud-first framework here in New Jersey," he said. "That means two things: the first is enabling agencies in state government to access external cloud marketplaces to be able to leverage major third parties for application hosting and storage, but also to have an on-premise, cloud-like infrastructure as an alternative hosting environment for agencies to take part in it.”
This effort will require continued investment in and consolidation of state data centers to achieve scalability and agility goals similar to those of third-party providers in the marketplace.
In terms of relationships with agencies outside the typical state purview, Weinstein said he is optimistic the state will be able to extend services to municipal partners once his agency takes on the role of central IT service provider.
“If you ask me where I think there are growth opportunities, I would say that it’s probably within the 500-plus municipalities that reside across the state," he said. "So if I put on my business development hat for a second, that’s where I see growth for us as an enterprise technology services provider.”
Identifying Risks and Preparing for Threats
Though Weinstein has only been on the job as CTO since June 20, efforts to put his cybersecurity prowess to good use are already underway. As the former chief information security director of the New Jersey Office of Homeland Security and Preparedness, he said his new role has been heavily influenced by his former position.
Just over six weeks in, teams are already evaluating the risks and compliance level of each agency under the NJOIT umbrella.
“We’re going to be classifying certain agencies as high risk, moderate risk and low risk, and based on that classifications, we’ll be rolling out a number of assessments," he said. "Some of those will be highly technical in nature, so performing compromise assessments to identify indicators of compromise on the network, and some will be more strategic, kind of high-level IT security governance assessments with an emphasis on various cybersecurity domains."
Weinstein said a governance and risk compliance solution is being rolled out to help agencies get a better handle on their respective levels of compliance.
Clarifying the NJOIT's Role
The governor’s move to bump the CTO to a cabinet-level position has allowed for the NJOIT to clarify its role in the larger IT framework. Though the agency’s directive is setting policy and ensuring compliance, disconnection in the federated system has allowed for some gaps to form.
“The elevation of the New Jersey Office of Information Technology to a cabinet level agency has helped us solidify our role, vis-à-vis the agencies when it comes to IT governance and setting the policies and standards for the executive branch of government as it relates to IT as well as really essentially defining the role of our organization,” Weinstein said. “For a long time there has been a lot of confusion about the roles and responsibilities of my organization vis-à-vis the agencies. I think this recent move by the governor has helped to remove some of that ambiguity, defined more concretely the lanes in the road, and created frankly a more symbiotic relationship between us and the agencies.”
In addition to setting statewide standards, the CTO hopes to pull the individual organizations away from managing technical infrastructure and draw their focus back to managing business needs.
“We want to be the ones managing infrastructure," he said. "We leave the application development and the business case development to the agencies themselves.”
As Weinstein sees it, his new responsibilities have also allowed him to position the NJOIT to respond to the business needs of internal customers. Interactions with commissioners and IT directors allows his office the information needed to better tailor technology to business needs.
Ramping up for Competition Internally and Externally
From the processes for procurement to the very fabric of New Jersey’s IT, Weinstein is focused on improving operations. As with many states, his faces the issue of reforming not just process and technology, but organizational culture as well.
“Probably one of my first observations stepping into this role was that technology was going to be the easy part, culture was going to be the hard part," he said. "A good chunk of what we are reforming in New Jersey around technology is how we do business and how we organize ourselves."
As the main “choke point” for procurement, the NJOIT is also reviewing low-level procurement policy in order to speed up the time to deployment, employee workload and provide a better picture of state cost.
“I can tell you that there is a great deal of room for reform. We’ve already instituted some policy revisions around our oversight and approval of low-level IT procurement,” Weinstein said. “What we’ve found is that the vast majority of the procurements that come through my office for approval are approved, it just takes a long time because we are essentially a choke point for all IT procurements executed by the state of New Jersey.”
Looking Past Politics to Priorities
There is no denying Gov. Christie’s ambition extends past the state level government, as we saw with his presidential run and coinciding support for the Republican nominee Donald Trump. Though being a part of Christie’s cabinet comes without the luxury of time, Weinstein said the expiration of Christie’s term as governor in January 2018 is an artificial deadline that doesn’t play into the task at hand — it’s more the need to “catch up.”
“From that respect, there is no artificial timeline, this isn’t a political motivation, it’s really the recognition that New Jersey, and again we are not unique in this respect, but New Jersey has some catching up to do,” he said. “We recognize, frankly, that the aggressive road map that we’re putting together … particularly as it relates to embracing cloud and migrating off of legacy infrastructure will continue well beyond January 2018. In New Jersey and Trenton in particular, there is always pressure to get the job done and get it done yesterday, and in that respect, this is just another summer in Trenton.”