A Roadmap for Innovation – from Center or the Edge?

Fact:   In marking its five-year anniversary earlier this month, the Department of Homeland Security released a fact sheet touting the department’s accomplishments in that time, including “establish[ing] the Computer Emergency Readiness Team (US-CERT) to provide a 24-hour watch, warning, and response operations center, which in 2007 issued over 200 actionable alerts on cyber security vulnerabilities or incidents. US-CERT developed the EINSTEIN intrusion detection program, which collects, analyzes, and shares computer security information across the federal civilian government. EINSTEIN is currently deployed at 15 federal agencies, including DHS, and plans are in place to expand the program to all federal departments and agencies.”

Analysis:  I’m not going to write, in this post at least, about US-CERT and EINSTEIN in particular. I will point out that some writers have been skeptical of “Big DHS” progress on cyber security up to now, and the anniversary was an occasion for much cynical commentary. 

cnet-news.jpgCharles Cooper in his popular Coop’s Corner blog on CNet wrote that “when it comes to network security, DHS appears to be more of a wet noodle than even its sharpest critics assumed… Talk with security consultants and former government officials involved with DHS and you come away wondering what these folks do all day.”

I wouldn’t go that far, and even Coop acknowledges that “The government-led effort to shore up the nation’s cybersecurity still remains a work-in-progress,” which leaves room to run for people like newly-appointed National Cyber Security Center director Rod Beckstrom. 

In response to my recent post about Rod and his published thoughts on the value of decentralization, I got an email from a reader, well-placed within the DoD bureaucracy to have witnessed many foibles of centralized IT management, asking the following:

Do you think IT organizations in general can be (or should be) centrally managed and still be innovative at the same time? Do you think we get it right by consolidating all IT resources?  Or do you think we [therefore lose] some of our ability to be innovative in our enterprise consolidation efforts?  Would like to get your unbiased opinion.

I’ve written about the balance between smart central enterprise planning, and innovation before; I do believe that the one can lead to the other.  It ain’t necessarily so, of course, but the alternative (anarchic or polyarchic autonomy) is just way, way too messy and expensive from an enterprise standpoint – especially in a government setting, where regulatory and budgetary concerns are enormous.

So how do you balance?  I am a big believer in “IT Centralization” and yet also a big and firm believer in “Innovation Decentralization.”  Not that paradoxical, as I’ll sketch briefly….

The following activities can and should be successfully centralized, given visionary and consistently determined (i.e. “strong”) leaders:

  1. Infrastructure design and provisioning
  2. Operations management
  3. Network design, provision, management
  4. Data centers design, provision, management
  5. Back-office systems (HR, Finance)
  6. Commodity hardware choice and purchasing
  7. Utility/middleware software choice and purchasing/licensing
  8. Configuration Management
  9. Information Security (including architecture, all IS/IA systems, patch management etc.)
  10. Enterprise architecture
  11. Data architecture and metadata standards
  12. SOA design and governance
  13. Provision within SOA of a rich set of services on a flexible user-friendly development platform (as examples, think PopFly, Silverlight, AJAX, Ruby on Rails, etc.), with easily-learned code libraries and gadget-tools.

I believe that if the former are all done in a determined way, and I mean DONE not just talked about, then you have the opportunity for the following: total decentralization of everything else.

One valuable product of that list, if it’s done well, is essentially the creation of “Enterprise Cloud Services.”

To continue, I believe that the following activities should and can be controlled in local fashion, i.e. by end-users and distributed business-unit leaders (you can read that in a DoD context as extending down to individual soldiers or intell analysts, frankly):

  • Autonomous development and management of dynamic combined-services “systems”
  • Creation of any end-user “tools” (using a Software + Services approach)
  • Collection and tending of any user-specific data; given #11 above, this will allow enterprise-wide or network-wide discoverability of all data, but end-users will “manage” the data they care about
  • Bandwidth allocation on dynamic basis (prioritization delegated to local or unit managers in managed-voting schemes)

The latter list, I could go on and on with… but you get the point. In general, I think a well-run cost-effective centralized enterprise can provide a really flexible and powerful platform for the periphery to “innovate” on. 

In some ways, you do it so they never know the difference, those creative types at the edge; they may even think they’re being very rebellious and whipping up their own solutions, when in fact they’re using enterprise-paid-for software platforms and an enterprise “Cloud” of services to assemble them.   I honestly believe that any COCOM J2, for example, would be happy not having to worry about where the servers are, or if they’re hot, as long as he/she can pull the data needed in an immediate way and see it correlated with some other data feed or plotted on a navigable map, all to his or her own liking. 

(I like saying “he or she” because one of the smartest J2s I ever met was Gen. Mary Legere of US Forces Korea, now assistant deputy chief of staff for intelligence, Multi-National Force–Iraq.)

This overall schema — strong central management enabling common-platform innovation anywhere — was our guiding principle while I was at DIA, and while we never achieved all of it, we were certainly well on the way to putting the major pieces in place by 2007 thanks to a great CIO, Mike Pflueger (who himself moved on to SAIC).

Email this post to a friend

AddThis Social Bookmark Button

6 Responses

  1. […] to making that odd structure work well.   I have written before about the challenges (”Roadmap for Innovation: From the Center or the Edge?”), and the wise applicant will try to talk with insiders about the state of play internally […]

  2. […] I’ve argued about its challenges and sub-optimality before: see my previous pieces on “Roadmap for Innovation: From the Center to the Edge,” and more specifically “Puncturing Circles of Bureaucracy.”  In that latter […]

  3. Hello!
    Very Interesting post! Thank you for such interesting resource!
    PS: Sorry for my bad english, I’v just started to learn this language😉
    See you!
    Your, Raiul Baztepo

  4. Hello !!! ^_^
    I am Piter Kokoniz. Just want to tell, that I like your blog very much!
    And want to ask you: will you continue to post in this blog in future?
    Sorry for my bad english:)
    Thank you!
    Your Piter

  5. […] in 2007-08 like “Pentagon’s New Program for Innovation in Context,” or “A Roadmap for Innovation – From the Center or the Edge?” or “VC-like Beauty Contests for […]

  6. My children were looking for a form several days ago and found a business with a lot of sample forms . If people are wanting it too , here’s http://goo.gl/u9MNxs.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: