Strength in fewer numbers
GCN Hall of Fame inductee Karen Evans leads federal efforts to streamline operations and improve security
A DEFINING MOMENT IN KAREN EVANS' 27-YEAR
career in government technology came in the mid-1990s,
when she was assistant director of information services
at the Justice Department. Working feverishly to complete
a mandate from then-Attorney General Janet Reno
to give every employee at Justice access to the Internet
and e-mail, Evans and her team didn't fully address the
security risks involved.
In August 1996, a hacker broke into the department's
Web site, posted obscenities and anti-government graffiti,
and replaced a photo with an image of Adolf Hitler.
The news made headlines nationwide. For Evans, it was
a momentous event that would alter the way she thinks
about systems security.
'You only have to have your team on the front page of
the Washington Post once in order to realize that everything
is a risk-based approach,' said Evans, now administrator
of e-government and information technology at
the Office of Management and Budget. 'When you
make decisions about delivering services, you've got to
balance the risk against those services.'
Alan Paller, director of research at the SANS Institute,
has said that since that incident, Evans has had a more
positive impact on government cybersecurity than almost
any other federal official. Paller and Evans teamed
to compile a list of lessons learned from the event to
share with other agencies, which also inspired the institute's
annual Top 20 security vulnerabilities list.
For Evans, the incident confirmed the notion that it's
often the things that go wrong ' and how you respond
' that teach the most valuable lessons.
'All IT professionals'have had projects that were near
career-ending because the IT people are always looked at
first when something doesn't work right,' she said. 'But it's
what you do with those situations and how you respond to
the pressure that's coming from all directions. [In my case],
each and every one of those [situations] were learning opportunities
that helped me prepare myself for the next job.'
Evans has been in her current job since 2003. In effect,
she is the government's chief information officer and top
IT executive, and she has helped drive a steady transformation
in the way federal agencies approach their missions.
'The federal government has really changed from
when I first came into the job,' she said. 'The focus used
to be agency-specific ' how an agency can deliver services
to its constituencies. Now we're working as one unit
and delivering solutions as a single government entity.'
OMB's Trusted Internet Connections initiative, which
requires agencies to develop plans for reducing the number
of government gateways to about 100, is one example.
'Eight years ago, we would have gotten every reason
why you can't do that,' Evans said. 'Now everybody is
working [together] and making it successful because it
makes sense not to re-engineer things.'
Clay Johnson, deputy director for management at
OMB, said Evans has played a critical role in propelling
that change under the President's Management Agenda,
which mandates the deployment of cross-agency e-government
initiatives and common frameworks.
'Karen and the OMB staff have helped federal agencies
increase agency performance, transparency, citizen services
and cost savings,' Johnson said. 'She has been an invaluable
member of the president's management team.'
Evans came to OMB from the Energy Department,
where she was CIO for 19 months. During that time, she
was elected vice chairwoman of the CIO Council, an organization
that she credits with helping to push much of
the change that has occurred in government IT in the