On the second Friday of each month, the Technology Association of Iowa hosts an informal networking event at West End Salvage in downtown Des Moines for entrepreneurs, educators, technologists, business leaders and government professionals.
During each event, Brian Waller, President of the Technology Association of Iowa, does a sit down Q&A with a local tech executive. This month, Waller spoke with Matt Behrens, CTO and Deputy CIO at the Iowa Office of the Chief Information Officer (OCIO).
After each interview, Waller presents the guest with a vinyl record of their choice for, “Vinyl Friday.” Hemme’s record of choice was “Rainbows” by Kesha.
Their Q&A is below and edited for conciseness:
Hometown and high school?
Cedar Falls, Iowa and Cedar Falls Highschool.
How long have you been with OCIO?
I’ve been with the state for 18 years and have been in a lot of different departments during that time. OCIO was formed as the state’s central IT organization in 2014 and I was responsible for creating that agency and moving out of the Department of Administrative Services.
What college did you go to and what was your first job out of school?
I went to UNI for a little while and that’s really where I started working in enterprise IT, larger scale IT deployments. I’ve done some consulting, but I’ve never worked in a startup or anything like that. My main emphasis has always been on larger-scale government and corporate environments. So I went to UNI and my boss got hired to come down and be the state CIO and I got the phone call to follow him down. So I followed him and transferred to Iowa State and got a Bachelors degree in Liberal Studies. Then I did my MBA at Iowa and a Master’s degree in Human-Computer Interaction at Iowa State and am now in a PhD program at Iowa State now.
What were you interested in as a kid and how did you find your way into tech?
I always wanted to be a paleontologist but that didn’t work out. I always had a computer with me. Even back in the eighties, you could buy a reasonable home computer. There was a huge opportunity to be a hobbyist then and learn. So we had an IBM PCjr and I learned how to program BASIC.
You had to work at it then. I’ve heard people say who are not in technology that we’re all technology workers now. And I’ll say, no you’re not. You can use tools and the tools are easier to use than ever before, but what’s the recursive algorithm used to implement that. And that’s my background, how are those tools made available? There is specialty related to IT and I think we need to celebrate that branch on the tree of knowledge.
Talk about what you’re responsible for and what OCIO’s responsibility is?
My portfolio is strategy, public policy, and administration for the office. I was COO before this job where I was making sure systems were online and working.
Cybersecurity. Where is that in your level of day to day? And what tools do you have to fight security threats?
Cybersecurity is a huge part of any large enterprise IT organization. The state is a target just like everyone else is. We track something like 600 thousand incidents a day and an incident has different definitions. This is across hundreds of thousands of vulnerabilities on the host that we manage. We provide monitoring and learning services for local governments and schools. That’s all managed and coordinated through Chief Information Security Officer. It’s an enormous undertaking and its expensive.
We can’t say as a community how secure we really are. Nobody can. The challenge is knowing whether each dollar you spend on cybersecurity is a good dollar or a bad dollar and maximizing the return on investment when spending on cybersecurity. Because there are so many places to spend money in the information security marketplace. You can spend it all over so we’re interested in spending out how we can spend that dollar as wisely as possible.
What is the budget of the state for Information Technology?
I’m responsible for about $65 million and I have a regulatory responsibility for about $250 million.
What is regulatory responsibility?
The budgets for IT are distributed across fifty different agencies. The way to think of the state of Iowa is to think of it as a corporate umbrella with fifty independent lines of business.
The challenge from a regulatory standpoint is all those lines of business have different missions. They also have different funding sources and different stakeholders and requirements. So each of them are going to approach IT in a different way. My challenge is to figure out how to standardize that to the extent that it can be standardized. One of the things I do is review all the positions for hire in the state of Iowa for IT to make sure that they’re appropriate to the general strategic direction of the state. I’m also responsible for issuing the statewide contracts for technology that all the agencies can use to make sure that they continue to write provisions for security.
By doing those things, we help ensure to a certain extent that each individual state agency has some common things that they’re all doing from a security and compliance standpoint.
It talks a huge team to deploy the dollars and responsibility you have. Talk a little about your team?
I have about 200 employees in my agency and the state overall has another 500-700 IT workers, so we’re about 700-900 IT workers statewide.
We have a lot of different areas of expertise. We’re big into specialization. One of the benefits of working in government is that we’ll give you the opportunity to put your hands on equipment early. We don’t want you to be a jack of all trades. We want you to learn the practice around your area fo specialization rather than doing eighty-five different things.
How up to date are rural locations and other municipalities in Iowa?
Two parts there. Every government whether you’re local, state or federal is challenged by not having enough resources to do everything you want to do. One of the opportunities we have in our office is that our charter allows to offer certain services like security to local enterprises. So city governments can come to use and we can provide that at the price the state gets.
In the local broadband context, it’s a patchwork. One of my responsibilities is the state’s IT public policy footprint which includes the state of Iowa’s broadband office. The broadband office’s role is to incense the private sector to begin to put a network in places where it isn’t. In 2015, the legislature passed a bill that identified and target service areas in the state where it’s really a broadband dessert.
We have programs that are designed to help solve the problem. One of them is property tax exemptions and another one is grants. We hope that through those programs and by partnering with the federal government, and really working together with everybody, that we can figure this out together. It’s going to take an Iowa solution. No one’s going to solve this problem for us.
What stress you out at this job?
A lot of things. My job is to worry so it’s hard to say one thing. This week, I’ve had a couple of unexpected retirements and a couple of positions I haven’t been able to fill on our .NET side of the house.
Give advice to 18-year-old Bryce?
Be willing to try things you don’t think you can do.
Star Wars or Star Trek?
Favorite curse word?
Gosh darn it.
What did you want to be when you were a kid?
I really did want to be a paleontologist. I was crazy about dinosaurs.
Favorite caffeinated beverage?
You are out of town, crashing at a friends house or staying at a hotel?
Depends on the friend. Usually a hotel.
What is your least favorite word?
Comedy club or dance club?
What sound or noise do you love?
My wife laughing.
What sound or noise do you hate?
I have three kids. My daughter is 5 and has the ability to scream at a level that will make the china rattle.
What profession would you like to attempt someday?
I wouldn’t mind being a teacher someday.
What profession would you never try?
If heaven exists, what would you like to hear God say when you arrive?
You did such a good job you get a second shot.