Deborah Youmans, 娇色导航at MITRE Corp., joins host Maryfran Johnson for this 娇色导航Leadership Live interview. They discuss cyber incidents, enterprise data governance and GenAI success, leveraging 'outsider' 娇色导航status to encourage more IT innovation, coping with nonstop federal regulatory requirements and more.
Register Now
Maryfran Johnson
Hi, good afternoon and welcome to 娇色导航Leadership Live. I'm your host, Maryfran Johnson, CEO of Maryfran Johnson Media and the former editor in chief of 娇色导航magazine and events.
Since November of 2017 this video and audio podcast has been produced by the editors of cio.com and the digital media division of foundry, which is an IDG company.
Our growing online library of past interviews, which are all openly available on cio.com and on our YouTube channel, includes more than 150 chief information technology and digital officers from mid sized to large companies across every industry joining us.
That esteemed lineup of CIOs today is Deborah Youmans, who is the 娇色导航of MITRE Corporation. Founded in 1958 MITRE is an independent, not for profit organization that provides technology research and development.
It's based in Bedford, Mass., and McLean, Virginia, and has over 10,000 employees operating at six different federally funded R&D centers, and those centers are sponsored by a long list of government agencies responsible for everything from national defense and aviation safety to financial systems, healthcare and cyber security.
Deb joined MITRE in August of 2023 to lead more than 400 IT professionals in the enterprise technology division. The tech organization is responsible for a broad range of miters work in innovation and experimentation, information security, enterprise, it business and knowledge services.
Before her current role, she was the Vice President and deputy 娇色导航at Booz Allen Hamilton, where she led enterprise solutions across the firm's 30,000 users.
Before that, Deb directed Booz Allen information systems for more than a decade earlier in her 25 year it career, Deb held software project manager and implementation manager roles at ca CI international and American Management Systems. Welcome. Deb, that's quite a resume. We're glad to have you here.
Deborah Youmans
Thank you so much for having me. Maryfran, I'm very excited to be here. Maryfran Johnson
All right, now, in the year and a half that you've been the 娇色导航miter has had a lot going on. You have changed the CEO. You have dealt very openly with a major cyber security attack.
And I'd like to start with just some of your perspective on all that, what it's been like, and what sort of activities you are most engaged with around that. Deborah Youmans Absolutely.
Yeah, I was thrilled to join miter a year and a half ago, and it was an amazing experience coming in. I kind of thought I knew what I was going to be getting myself into accepting the job, and it has been that, and so much more.
The the change within miter has been amazing to watch and be part of.
As you mentioned, we have a new CEO that started last fall, and then prior to that, we had this, this very large cyber incident, and watching how miter responded to this, and helping lead through the response was really different than what I had seen in other companies.
Often, you know, it can be very similar in in companies, and there are many things that are extremely similar, the difference of miter and what has been, you know, the learning process for me is that, as an independent research and development company, our goal is to operate in the public interest.
And so, you know, in the scenario of our cyber, cyber incident, we very quickly went public because we thought it was in the public interest to know and to learn.
And so that was a real turning point for me to understand how miter works and where our mission and focus is, Maryfran Johnson
yes, well, and it's that openly discussing, and there were several blog posts, because this was actually a Chinese nation state adversary that attacked, and just kind of displaying the openness around all that was something, not only that, I'm sure a lot of fellow IT and business professionals have read about, but it's something that you would hope would inspire other companies to deal with their cyber security incidents in this way, so that everybody can keep learning.
Absolutely, the 娇色导航community is one that is extremely welcoming. And also, you know, at most companies, there's one CIO, there's not many CIOs. And so to learn and to share knowledge, it often happens outside your own company.
And so when we, when we released the fact that we had had a cyber breach, which is a hard thing for a company to announce. Else, right? Almost every company has a a stellar cyber program, and they pride themselves in that.
And so to say we too had had an attack was really humbling, extremely humbling. And the support that I got from the 娇色导航community was amazing.
Not only like, how can we help you, but tell us what you've learned so that we can prevent this at our own company.
And so it was a combination of an offer for help and, you know, an offer back on my side, to help and share the knowledge that we had so that we could all improve together as an industry, you know, from a 娇色导航perspective.
And for your listeners, you know, they the cyber attacks are what keep us up at night and so. So when it happens, making sure that we can share our knowledge is really critical. Maryfran Johnson
Well, it's always hard to find any kind of significant upside from a cyber attack like this, but when you then go take the risk of being able to publicly talk about it.
The upside, one of the upsides you discovered, was how quickly it brought you deeply into that, that network of CIOs, not just in the research and development centers working with the feds, but probably all over McLean, all over the Boston area. Deborah Youmans Yes, yes.
And it was a combination, too. I learned a lot about our own company, right? And the cyber experts we had working within miter, because they came forward immediately and asked, let me help you. How can I help you? I do this with my sponsor.
I can share this knowledge here. And then other of my peers in industry were saying the same things. How can we help you? What do you need from us? Is there anything we can do? It's really just an amazing, amazing process for us all to learn together.
Yeah, Maryfran Johnson
well, and I can't say I'm too terribly surprised about the generous community type response from CIOs, because we always see that, and have seen it so much in the past, whenever we'd have our big events, or our regional events, you have a table full of eight to 10 CIOs from different industries, even competing industries, and they're all trying to solve the same problems.
They're all like the talent retention and cyber security issues and how to deal more effectively with their vendor partners. And there's so many, there's so much common ground, I think is what it comes down to. And oddly enough, you don't see that among the other C titles.
I mean, maybe when CEOs get together, they talk like this amongst themselves. I don't know if marketing folks do it and that kind of thing, but it's always been very common with CIOs. It Deborah Youmans
really has, and I've, I've noticed that through through forums I'm part of. You know the industry can change, but the problems are the same. We are all fighting the same problems, trying to tackle the same problems, looking for lessons learned across the board.
Because it doesn't matter kind of what industry you're in, the technology that you have to solve for is often similar, and the large problems that are facing all of us are very similar.
So it's it is been kind of eye opening to see how supportive it Maryfran Johnson is.
Yeah, now, one of the things we talked about earlier as we were preparing for this interview were the kind of changes that you have instituted in that year and a half, which included dealing with this major, very publicly discussed cybersecurity incident, and you mentioned moving to more scalability, and also to the kind of the way a cyber breach exposes internal frailties, and how those are addressed.
Talk about kind of the practical outcomes that you have been driving or that your teams have been driving since that all happened? Absolutely, Deborah Youmans
yeah, and it's, you know, I, I joined an amazing team at Miter. Our enterprise technology team is really fantastic, and they have their goal is to provide technology to all our miter employees, make sure that they have the technology that they need.
We're about a 10,000 person company and and looking toward how do we scale this? How do we make sure that the solutions we provide are not customized, one off solutions, but more costs, scalable solutions that we can roll out to 10,000 people in an agile and scalable manner?
The other thing we learned too is the need for enterprise governance. So this definitely came out of our cyber instance. So the instant happened in one of our research and development lab environments. So a prototype environment. We have a fair amount of this.
We are a research and development company, but talking, talking through, how do we want to maintain enterprise governance across our organization has been a true outcome of of the cyber incident. To say, as an organization, we need to take a look at our technology.
We need to take a look at our decision making and make sure that we're making decisions not on an individual project basis, but on a what's the best situation for. Miter. How can we scale?
We may have technical solutions in multiple places that could serve one common need, and so we've set up an enterprise governance council to talk through and specifically focused on it. So this one is focused on it, but what we did is we got representation across miter.
So this is not anything that is just my organization on its own. Yeah, I can tell you it would fail if it was me on my it was if it was just a council of my own organization, you would not be successful.
And so when we're trying to say, like, let's get coordination between our groups around it, how do we buy it? How do we manage it. What's the operational sustainment for it?
So we we've just kicked that off at the start of this calendar year, but we have great representation from every part of the business and decision making around how are we collectively going to decide how we want to invest for our technology, and where do we want to stop investing because the market has shifted, or the needs have shifted.
So that's helped to make some some better decision making, because we're coming there with data, and we're getting everyone has a seat at the table. Now, Maryfran Johnson
do you run that? Or have you talked to one of your business colleagues into running the whole so I Deborah Youmans do run it.
I run it.
And, you know, we are, we are able to take many real key decisions through that council so that we get buy in that also will help us, as we start to roll changes out across the enterprise, we'll be able to say this was vetted by the governance council.
You know, we have way in from all the sectors, so that way, the council members can also help champion any change across the organization. When, when employees are like, Why did you make that change? They will know that.
They'll know the reason why, and they'll be able to help explain it with their employees. Maryfran Johnson
Okay, well, I know in a lot of organizations, the 娇色导航group and the CSO group, the security operation, may be reporting to different executives. They may be working side by side.
What was kind of the before and after with your own CSO and the security organization at Miter, absolutely. Deborah Youmans
So we've made a couple changes there. So so I as the CIO, a peer of mine is the chief security officer, and when I started, the Chief Information Security Officer worked for the CSO. So this CISO worked for the CSO. After I started, we changed that.
This, this chief information security officer, the CISO came and worked in my organization, and that was a key part of a change that I made coming in. And why? You know, everyone could say, Why did you make that change for us?
It was really important that the information security group and the enterprise technology work group worked as one, that they were not two separate teams, because they, in the past, they had, you know, they had been separate teams.
And I will say I've seen all sorts of organizational models around this, and there's no right answer, right so, you know, you could, I've seen a 娇色导航report to a CISO. I've seen a CISO report to a CIO. I've seen CIOs report to directly to CEOs.
There's no right answer. It's what is right for the organization.
In our situation, we had a little bit of a divide where it was, you know, right hand, left hand type conversations, and we wanted to make sure that our priorities were aligned going forward, that there was not, you know, security wasn't making changes that are separate from the technology group.
And then we have a we have our chief security officer that is my peer, and we work through changes together, which is really good, because we have a nice sounding board together to kind of make sure we're making risk informed decisions.
One of the big things we're taking on, you know, and preparing for, is the cyber maturity, cyber security Maturity Model certification, which is cmmc.
That is a, you know, being driven out of DOD, but that's a key component of work we are doing, driven from cyber security, but impacting all of technology.
And so when we approach these as one program to how are we going to manage our technology and our security going forward, it creates, it creates a cohesive program that really makes sure that we operate quickly and with with one, you know, one central focus, yeah, it's interesting.
There's been so many business operational models that IT organizations have experimented with over the years. I'm sure you saw that in previous private sector roles. And there are some where you're basically you're driving everything with the business in charge, and there's others where it's more side by side.
And some of them are the federated model, or some of them are individual departments. Does is what miter is operating. Under essentially live stream of the federated model. Or is it something different? Yeah, Deborah Youmans
and it's interesting, because we have a couple different scenarios, right? So I the 娇色导航organization runs the majority of the technology our employees use, but we also have some business systems that are run by the function. This the functional component.
So like our finance system is run through our CFO office, so in but the key point is that we all have to work together. We have to make decisions together.
Often the same data is feeding all the systems, and so when the data breaks down, or there's an integration problem, it's all of our problems.
And so making sure that even if there's some different parts of the organization that are also doing it work, that we have standard operating procedures, that we have standard guiding principles that say this is how we'll do work. This is how we'll move things into production.
This is how we'll decide what's important. And I'm making sure that we get to that, and that'll be an ongoing evolution, right?
It's always a work in progress, but I do think getting getting the right people at the table to make decisions is where, where you'll succeed, regardless of where they are organizationally, Maryfran Johnson okay?
That's a that's a great approach. Is that an approach that you have used throughout your own career, or is there a special version of it now that you're operating at Miter? Deborah Youmans
Yeah, so I think the difference of miter is the the R and D aspect of it. So you know, everything we're doing is research and development on behalf of the Government sponsor, and because we operate multiple ffrdcs, that means we have multiple large scale sponsors.
We have differing requirements. And so if we try a one size fits all, it will likely fail. And so we have to give people enough flexibility so they can meet the specific needs of their sponsor while securing it at an enterprise level.
And so that's the that's the challenge, and the difference here that I found coming here versus in public sector before, where we weren't doing as we were doing different technology work, but it wasn't the same scale of research and development that we do here.
And so that's been kind of the change and learning how miter operates as a company. Yeah, Maryfran Johnson
the shock to everybody's systems, right? Yours.
And in fact, along those lines, you are Myers, first ever female CIO, but probably even more significantly, you are someone from outside the organization, an organization that is well known for promoting from within, and and a company culture that does not easily open its arms to outsiders.
So what did you do? We've talked about some of the things, obviously, that you got going, but as you were delving into even before the cyber security breach, how did you get a better understanding of the culture?
How did you figure out the best way to succeed as an outsider in coming into miter, Deborah Youmans yeah.
And I think I, you know, people come to miter and, and they build their careers here because the the work is so interesting, you know, the mission is so important and Maryfran Johnson so varied.
I mean, they're not just doing the same thing, right? They're not just creating, you know, machinery, Deborah Youmans right, right?
You know, we are here to solve the nation's toughest challenges in the public interest. And so that creates this drive to come here and stay here for the mission, which is impressive, and it's also the thing that that attracts people to miter.
It's one of the reasons I wanted to come here, you know, is just the unique nature of the company. And I think taking the time to understand why, what's the difference of miter? Why miter?
And really know the company, understand the culture, and then listen when people say, hey, that type of change won't work here, or this change would be more successful actually listening and taking feedback, I think, is really important, because there's things that may work at other companies, and I would say that's true everywhere, right?
Something, understanding the company culture is really critical, even as the culture is going to change, right? Culture is it will change over time.
And you know, different leaders will change things, how decisions are made, how the culture works, how business happens, but paying attention to that and really taking the time to get to know the people here, I will say the team was extremely welcoming.
The leadership team was extremely welcoming to say we're bringing in some outside leaders for specific reason. We want to have a balance. We want to have a balance of people that have the longevity at Miter, because that is part of, you know, what makes us essential.
But also, let's get some outside perspectives to look at those best practices and say, Are there ways we could do things better? Yeah, we've grown pretty you know, we're at the 10,000 employee mark right now, and. And that you hit a scalability factor, right?
We've got to do things on a larger scale, and so that's where some best practices come in, but also understanding what would work here is really important. Maryfran Johnson
Yeah, are you using the enterprise governance council that you're now running? Is that a significant part of keeping a finger on that pulse, or is it just one of the many missions, it's one of the Deborah Youmans
many but I will say, even when I started, I heard, like, as we started talking about governance, I got a lot of feedback initially, that this would not be a welcome change. And so I had to say, Okay, tell me why.
And they said, like, we've tried it in the past, and it's been slow and bureaucratic, and no one saw value.
And so I think that is a real key for me to keep in mind, is that if we slow things down to where the business can't get work done, we are not adding value, and no one will follow this path. Right?
I will lose everyone at the table immediately. And so keeping that in mind, I think, is really important. The other focus we've had recently is around data. So we've brought in a Chief Data official to help us really wrangle the data.
And that kind of gets us into, you know, the world of AI, why everyone is interested in AI and where things are going, and really your success or failure of AI is all about the data. Are you managing it well? How are you cataloging it?
How are you using it to your advantage? And so we have, we, we have a data, a Data Challenge to tackle, which is why we have a Chief Data official to really help us define that path forward, to make sure we're leveraging that.
So those are, those are some of the big initiatives we're working on around governance and data. Yeah. Maryfran Johnson
And now you're saying a cheap data official? Do you have? Is it a cheap data officer, like a CDO version of you as a CIO, or is it someone more on the business side, Deborah Youmans
so they are on my team, but it's an official, it's not an officer position. Oh, Maryfran Johnson
interesting is that because of the not for profit nature of miter? Deborah Youmans
No, I think it was just more in terms of, we wanted it to be part of the IT organization, Maryfran Johnson and that's it.
Fit there. You can only have so many officers. Yeah, you have to have some enlisted at some point. I know we've talked about your tech organization, and the enterprise tech group is, you know, all the work it's it's doing and tackling.
Now, there's also a CTO organization at my correct Technology Office organization. How is the work divided between you two, and how is that different from what you're doing? That's one of those.
CTO is one of those interesting titles that I've seen move around a lot during my own career.
You know, where CTOs were always tech guys running the R and D labs, or in other companies, they were the top especially startups and industry, tech industry companies the 娇色导航might report to the CTO. So yes, tell us about Deborah Youmans that.
Yes, yes. So I have a great partnership with our CTO and at Miter, the CTO runs what we call miter labs and so, so within the CTO organization, they run the research and development environments that are delivering to our sponsors.
So the way I think about it in my head and kind of just the easiest way to break it up is I provide the our team provides the technology to our employees.
So if you think of the all the baseline things that everyone needs when they come to work, the you know, their laptops, all the everything on it, everything they need to do, to do their work, CTO organization provides the technology that they need to deliver to the sponsors.
So if there's a lab environment that needs to get set up, that's where the CTO organization leads that effort. We work in great partnership, because basically they take, you know, the baseline technology we provide, and then layer on top of it.
And so that's been it's a good partnership between our teams. And the way that the miter labs organization works is, then their team is is supporting the sponsors. And so they matrix those, their employees, out to the sponsor teams to deliver the work. Okay, Maryfran Johnson
in a kind of a before and after scenario, with before the big cyber breach, and then afterwards, what were some of the more significant changes, and maybe new areas that were created, or new responsibilities divided up?
I think at one point we were talking, you said, data and AI were both those organizations were stood up after the cyber breach. It was, where do they fit in?
And we are inevitably going to have to talk about AI, because, yes, I feel like that's a federal requirement now to find out. CIOs, what do you think of AI? What do we do? Deborah Youmans
Yeah, so one big change that we haven't talked about yet is that we created a chief engineer position within my organization, and that role in.
Took all our we had chief engineers within the team, but we combined them into one team, and have them focused on ensuring secure by design from the beginning of every project, right? So we are putting extra emphasis on security every project should start with.
How are we securing it? Not as a last step in the process. Often people think of security as almost similar to how I just mentioned governance, like, is it value? Is it adding value to what I need to do, or is it just slowing me down?
And so the Maryfran Johnson
balance house, are we now locking the doors? Bingo. And so Deborah Youmans
now I'm saying, do it from the beginning, right? Don't wait till the end to think about it. Build it in every single step of what you're doing. So it's not hard to to make sure it's secure and really think that through from the beginning.
So that was one of the big changes we made. We also stood up the the data and AI to have a group really focused on it. We, at the time, had had data and AI sprinkled throughout the organization, because it is really embedded everywhere.
But we wanted to have a focus and make sure that we were keeping that focus top of mind going forward. So some of the those are the two big changes.
I would say culturally, the biggest change is that it is security has always been top of mind for this organization.
We are a cyber security expert in the organ in the industry, but I think it just added extra priority to that, because it it showed us we are not immune. No one is immune, no and so it just, it gave extra priority and significance to it.
Okay, Maryfran Johnson
now I want to pivot over to talking some a very important word that I always end up talking about with CIOs is innovation.
And one of the minor innovations that has been written about a lot in the last year, not just by cio.com but also other tech publications and business pubs, is the chat GPT tool that earned you guys a 2024, cio 100 award for the innovation tell us about that, about how it's being used, and what that has been like as a learning experience for the organization.
Deborah Youmans Yes, thank you.
So we Yes, we integrated something that we're calling miter chat, or M chat, into our intranet, and what we have a private instance of Azure open AI to do our chat GPT.
That means that people within miter can use our instance of M chat to to to leverage the AI capabilities in Ace in a protected way so it's, you know, prove it's approved up to a certain sensitivity label.
Which is critically important when you're doing anything with AI, is making sure that people understand what data can they put there, how can they leverage it, and what are good use cases for them to leverage it?
Because that was the other piece is not only making sure the technology was available, but making sure people understood how to use it. Because you'll have all sorts of adopters, right?
You're gonna have the people that dive in the first day and say, I can't wait to get my hands on this, and then you're gonna have people saying, I'm not sure I trust it.
And so we've done several different things over the past of the past year, we between the CTO and myself, we wrote the AI strategy paper for the company, and identified like this is how we're going to use AI, with a goal of making miter an AI native organization.
And so the goal there is really like making sure that people view AI as one of their tools that they can use every single day.
It's not something to replace employees, but it's something to make you more efficient, and then explaining to them, like, what are good uses of AI, how could you How could you use it? What are ways that could help you with your sponsor?
And then if you do use it, what's the responsible citing for it? Right? So if you're going to use it, how do you actually let your sponsor know, or how do you make sure it's okay, right?
And and so making sure we've put out some guidelines around that to make sure that we're following our sponsors business case around that, and making sure that we're using it appropriately. We hold regular AI sessions.
We hold AI technical exchange meetings on a quarterly basis across the company to really get, get this company, and, you know, more involved with the technology that a lot of them really want to use, Maryfran Johnson okay?
And then one of that secure by design, kind of exactly yes, Deborah Youmans yes.
And then the big thing last year that we did was a large partnership with Nvidia to build the federal AI sandbox. And so that, that is a technology where we have purchased an NVIDIA super pod to leverage and let the government use.
And so the whole goal of that is to help the. And understand what are the right training models to use with this this significant level of compute and and also share lessons learned, like, if they were to want to buy a super pod, what does that look like?
And how do you go from the idea of thinking you want to buy a super pod to actually being in operations? And what does it take to run that so we are not, we aren't set up to, like, run super pods. That's not the goal.
The goal is to be a test ground, right?
That's why we called it a sandbox, so that people can our government sponsors can come in with their data, run it in the model, see what they get out of it, and see if it's what they want to take into a production use. Maryfran Johnson Okay, that's interesting.
I don't think I've heard anyone talk about becoming an AI native organization? Now it may be that I'm just like falling out of touch here.
I often have conversations with CIOs about becoming more digital native, and that is again, about educating their entire workforce in it naturally, but outside of it as well.
Are you using AI native organization, in that same kind of mental mindset that a couple of years ago, CIOs were trying to get more digital tools into the hands of willing employees in the companies and like, Yes, I'm down with upgrading myself on this tool, that kind of stuff.
Yeah, Deborah Youmans
it's very so it's very similar, and we've had conversations of, you know, is AI native, the right term? What does it mean? And then how do people know, if they're they're moving on that path, right? And then, what will the next thing be? Right?
It's aI now, 10 years from now, what will it be? But really, just making sure we have the right tools for our employees, and we're training them and giving them the opportunity to actually learn and use those with their with their work. And Maryfran Johnson
so when you say AI native, you really mean AI very comfortably and assuredly. You know, I understand what it is, how I'm using it, where it's coming from, all that sort of thing, comfort and education going Deborah Youmans on exactly.
And understanding like this is the right use of AI, this is going to help me. Yeah, because just using AI to use AI doesn't do anything for anyone. That's Maryfran Johnson true.
Yes, I know I've had so many CIOs over the years say that. Well, the last thing you want to be accused of is technology, for technology's sake. That's exactly right.
And I don't think I've ever run into anybody who would admit to doing that, but you know, it's just then again, you're dealing with engineers and scientists and technical people who really do enjoy playing with technology.
I think you said that there were, that there were a whole lot of digital tools that you had, almost a digital sprawl that you've been working on.
Is that at the kind of part of the new rationalizing around, you know, like, what needs to get transferred over and cut back is it just the extensive use of every tool out there that's, I've heard CIOs call that data modern modernization, but it will be digital modernization in a way.
So what are you doing around that? Yes, Deborah Youmans yes, yes.
That is a big that is a large challenge for us. To be very honest. We have technology sprawl everywhere, and there isn't, as you should, minor core, yes, yes. And there's not an engineer here that would say, I don't need that tool.
Or if one would say it, someone else would say, no, wait, that's my favorite. And so we have, you know, as most CIOs, we have significant pressures around rising software costs and and decreasing budgets, right year over year.
The goal is to say, how do we, how do we make ourselves as efficient as possible?
How do we make sure that every penny we are spending is delivering value, and how do we do it when, when vendors have escalation clauses that increase, you know, from a maintenance perspective, even if you're just buying the same your prices are going to go up.
And so making sure that we're making smart choices and for the benefit of all of miter, so often, we have to say, okay, maybe this tool is good for this group of people, but is it good for everyone at Miter, and is it giving them value for everyone at Miter?
And looking at different cost models? So, you know, there's a cost model that everyone pays for everything, and then there's a cost model of, well, if this is a bespoke tool for a certain subset of users, maybe only those users pay for it.
I've seen a couple different models, you know, outside, you know, prior to coming here, as well as here, there's different models you can apply in terms of how do you want to manage the IT spend?
We've also spent a considerable amount of time doing it benchmarking, so taking a look at our costs compared to our peers, taking a look at where do we spend money, and making sure that it's actually, at the end of the day, giving value, and so that gets to being transparent about the costs and having a really good communication line with the people that are using your products, so they can say, Okay, well, that's that's a good value for what we're spending.
well, and there's a real human element in that, where you have to explain and justify to the. People that you're taking away a tool. Yes, I'm sorry. You can't be doing that on SharePoint anymore. That kind of thing, Deborah Youmans right?
Exactly. And there's, there is, you know, for every person you ask, you're going to get a different answer. And so each tool is here for, for a reason. There's a reason that someone bought something.
And so making sure we get to the bottom of that so that we can say, All right, so if we have two tools doing the same thing, let's pick one, yeah, and that'll be the primary going forward. Okay, Maryfran Johnson
well, along those lines, since we're kind of skirting around all the people issues that you have to deal with as a CIO, tell me about your talent acquisition and retention programs. I know that your CEO's tagline, your new CEO's tagline is mission first.
People always, Yes, that sounds very lovely. It sounds very lofty, but it probably also translates into something to do with hiring and talent development and all that. So talk about that Deborah Youmans absolutely.
And I'm, as I mentioned a little earlier, people come here for the mission. They are, they feel firmly about making sure that we are tackling the nation's toughest challenges and solving these problems for our sponsors. And so they come here for that mission.
But the you know, the people always part of it is, how do we make sure that we are providing what our employees need to develop their careers.
We have a healthy intern program that we have some high school interns as well as college interns that are that is a huge pipeline for us in terms of getting people into our workforce.
So, you know, we have repeat interns that come year over year and then end up being hired and then really, we have a significant kind of employee education program, many advanced degrees here, so a strong emphasis on making sure that our employees have the knowledge that and the training that they need to further their skills, so that we can Make sure we are always having the current technology, we have the right technology and the right knowledge to help our sectors and our sponsors deliver on their goals.
So a lot of what we're focused on is system engineering and really making sure that we're taking a systems approach to problems and but like everyone else, there's always a retention problem, right?
It is always hard to find, find talent in in industry, and then keep that talent and so making sure that you've got the right programs for the that the employees need going forward. Maryfran Johnson
Yeah, well, I think, and I don't know if this will be discouraging or encouraging, or encouraging, but in the couple of decades that I've been following it leadership and CIOs, there are top three issues that we always have been talking about.
Is talent and cyber security, and then business alignment, yeah and yeah.
And then when it gets a little it can almost get a little boring, you know, from a from a media standpoint, because it's like, oh, that again, yes, yes, of course, of course, we need to, but, but, of course, under the technology, and it's funny how it's not technology.
It's not like the latest and greatest technologies. It's all about managing people and managing the IT spend, and making sure you're supplying for the business. But speaking of that, I think we've talked about your most strategic business and tech priorities.
So far I know the CM, CM, MMC certification, making the Fed AI sandbox operational. Is there anything else on your list of really very strategic things that are happening in your under your purview, as the CIO, that I should have asked about, but haven't so far. Deborah Youmans
I mean, we are always, one of the big things is around modernizing our infrastructure and making sure that we are prepared for what's next. You know, as we think, as we think about what, what will we need for agentic AI, quantum computing.
You know, the minute that we go down a path of one, you know, of like the federal AI sandbox, the question is, okay, so now, what is next? Where are we headed next, and how do we make sure that we're prepared for what's next?
And I think that actually gets into some of the reason why governance is so important if we don't make sure we're making really good decisions. We won't be prepared for what's next. We won't be ready to take on what's next because we're so busy keeping the lights on.
And I think that is the common problem you know, across CIOs is, how do you balance innovation with just sustainment and operations of what you have today, and making sure you have the right mix?
You have to be able to do both and make sure your portfolio is balanced, but often the sustainment and operations take over all of it and really making sure you can carve out enough for the transformation to be prepared for what's coming next. Yeah, Maryfran Johnson yeah.
Actually, that's one word we haven't used a lot of in this, and yet you've been talking. Out. A lot of it is transformation, about moving organizations along.
I remember one of our events years ago, the, I think it was the 娇色导航of the General Motors had been interviewed many times about an ongoing transformation, and we had one of the reporters was on stage interviewing, and then asked me, said, Okay, they'll, you know, the Wall Street Journal's written about the big transformation underway.
When's it going to be done? And any left out loud, you know? And he said, It is never done, because the minute you stop transforming, it's like sharks that stop moving, you know, you're dead in the water, correct? Deborah Youmans Yes.
And there's, there's always something new coming. And so I think the and, and at every company, people only want to work on the new stuff, right? They don't necessarily want to keep the care and feeding of the old.
Is the hardest part to get people to keep working on so and it's also the hardest thing to retire, right? No one wants to let go of it. They'd like to keep it forever.
It's like you never want to give away the things you know, your favorite sweater, similar to that. Maryfran Johnson
It's kind of hard to innovate if you're not willing to change anything correct, because the very nature of innovation is that. And so many CIOs of the year have said that, well, you know, right now we're probably 80% keeping the lights on at 20% innovation.
And I'd like it to be more 5050, you know, if you had to put percentage numbers on it at Miter right now, where are you and where would you like to end up? Right? I Deborah Youmans
mean, I would from a dollars and cents.
We might be on the 9010 I'd love to be 8020 I would love to be 8020 and I think the question is, you know, it is the carving out, it's carving out the time and the money and the investment for the new and so some of that, a lot of times the innovation comes from, like a Strategic Innovation Fund, right?
Not the original, IT operations fund, but then it moves into it once it's in operations, which then means you've got to make room for that.
And so that's the preparing for the operations kind of going forward, which is really critical as you as you plan, to kind of keep your the ecosystem always current. Maryfran Johnson Yeah.
And do you feel like that in the in this that plays into my final question about what you've learned about your own leadership style moving from private sector 娇色导航into this not for profit model at Miter, but the money really matters.
You can say not non profit and not for profit, but at the every dollar is still being kept track of. Yes.
So is there anything you feel like you've been able to bring from the private sector that has really helped you in your role as the 娇色导航at Miter? Deborah Youmans Absolutely.
I think that, you know, there's so much that I learned in the private sector, you know, before coming here at Booz Allen and Cici, that applies here. So much of it is the same, right? The managing people, managing budgets, managing technical implementations, those are all the same.
I think the key that I've learned kind of coming here is really trust my intuition. That's been a key thing.
You know, I the the experience I have is very relevant here, and also empower the teams they we have just great teams here that are willing to take on those challenges, and the more that you can listen to them, empower them and embrace the challenges together.
You know, it's just an amazing it's amazing to watch as the teams take on these challenges, because it's what excites them. It's what makes people interested in coming to work every day. No one wants to come to work.
If it's boring, the challenges are what make it interesting, and so making sure that you know, for I'm providing enough guidance, but also letting the team tackle those challenges, because they're they're the experts at it, and they can really thrive in that capacity. Maryfran Johnson
Yeah, well, and if they feel respected and acknowledged for their contributions, they're probably a lot more willing to listen to all that boring talk about Deborah Youmans governance.
Yes, that's exactly right. That is exactly right Maryfran Johnson
that you say, we had so many arguments over the years at 娇色导航magazine when we'd be coming up with cover story ideas, and inevitably, somebody will say, you know, we could do a cover story on governance and all these very non technical editors and writers around the table.
We everybody just grown Yes, oh God, but governance is so boring. It's so essential, isn't Deborah Youmans it?
It is. It is so essential, but it's definitely something you've got to have everybody on board or it will just be boring and someone will see it like as a paper exercise. I know Maryfran Johnson
we gotta come up with a better word for Yeah, yeah. I know. Maybe just start calling governance innovation. I mean, everybody loves the I word, G Deborah Youmans
word, yeah, that's very true. That is very true. Maryfran Johnson
All right, so I'll leave you with that as my brilliant passing idea. You know, rename your enterprise governance organization as the enterprise innovation organization. Perfect. Thank you so much for joining. Me here today. It's been a really great conversation with you, and I've really enjoyed it.
Deb, Deborah Youmans absolutely.
Thank you, Mary Fran, for having me. I really appreciate it. Good, Maryfran Johnson
good and keep up the good work at Miter, which I know you will. Yeah. Thank you. If you joined us late today or just came across this on your LinkedIn feed, do not despair. You can watch the full episode.
We'll be here on LinkedIn for probably the rest of today. And then you can also find this interview on cio.com and on CIOs YouTube channel. CIOs leadership live is also available as an audio podcast, wherever you find your podcast.
And I hope that you enjoyed today's conversation with 娇色导航Deborah humans of miter Corp as much as I did.
If you want to be sure you don't miss any of our future shows, take a moment to subscribe to that YouTube channel, and you'll find the on there more than 150 episodes of other 娇色导航leadership live interviews, along with several international editions of the podcast that have spun out and are now featuring CIOs from Canada, India, the Middle East, New Zealand and Australia.
Thanks so much for joining us. We'll see you here again next time you.
Sponsored Links