Techwire One-on-One: CDT CIO Discusses His Role, RFPs and Procurement
Quentin Wright, chief information officer and chief technology officer for the California Department of Technology, talks about his role at CDT, an RFP to watch out for, and his more than 20-year career with the state.
Quentin Wright is chief information officer and chief technology officer for the California Department of Technology (CDT), roles he has held since March. Immediately before, he was deputy director and CIO for Technology and Administration at the California Office of Traffic Safety from May 2018 to March 2020; previously, he was an IT manager for the California Department of Motor Vehicles for more than 20 years.
Techwire: As CIO and CTO of your organization, how do you describe your role – and how have the role and responsibilities of either the CIO or the CTO changed in recent years?
Wright: I think I can definitely answer the first half. The second half – I’m not too familiar with how the past was here, because I haven’t had a chance to dive into the past. But in my current role and how I view it and how it’s been described to me is, I think it’s moreso bringing that government in, internally. My job is a departmental CIO. We have Amy (Tong) and Richard (Rogers) as our state CIO and deputy state CIO, so internally, it’s like every other organization that has a CIO, you work on what’s within. So, it’s basically firming up those policies. Modernizing … our environment is one of the things that is a big goal of mine, is to make sure that we have all the tools that people need to do their jobs, and try to automate those processes as good as possible in order for them to have that functional environment and provide that … high level of service to our California citizens. I think that’s most important.
Also, in my role as the CTO, I’m involved in firming up the state standards for our hardware lists with DGS (the California Department of General Services), in conjunction with DGS and collaborating with other departments as a first initiative Amy has given me. And we’re wrapping that up right now, where we’re – since COVID has come about, we wanted to … give a baseline for … at least 80 percent of the state’s workers who perform a multitude of functions and have devices that are quality devices and be able to have those distributed to those users to perform their function at home as well. So, that has been a big part of the technology side, walking in the door.
But I think moving forward, it’s like I said, it’s trying to (modernize) our platforms to make sure that we can bring out those cloud-based applications like Software as a Service, whereas there’s things that we are thinking about and looking at as far as Desktop as a Service, if that’s feasible for the state. Because even though I’m internal, some of the decisions that we make internally will also help Richard and Amy make decisions and work with our (Information Technology Executive Council) ITEC team to kind of like share that information with the state once we have those standards in place. So, I think, all in all, my role as a CIO is to bring in that policy, modernize the environment, make sure that we deliver the right services to the right people and make sure that my staff are working at their best ability to provide (those) services to our California citizens.
Techwire: How big a role do you personally play or may you play going forward, in writing your organization’s strategic plan?
Wright: So, I had a big role at my previous department. The Office of Traffic Safety, we just finished our strategic plan as I was walking out the door. We worked on it for about four months and I played a major role in that because like you said, I was the deputy director over their administration and the chief information officer. So, that part, I played a very big role. In my current organization, I haven’t been tapped on the shoulder to do so but I’ll be very happy to assist Amy, Richard and the rest of our executive team and staff with coming up with the next strategic plan. I know we have Vision 2020, so I know we’re on the horizon of creating a new strategic plan. So … once we begin those talks about how we’re going to go about creating that new strategic plan, I hope to be heavily involved in that. Because I have experience within that area to help them.
Techwire: What big initiatives or projects are coming in 2020? What sorts of RFPs should we be watching for in the next six to 12 months?
Wright: So, one thing that may come out as an RFP here pretty soon – I don’t have a list of all the big projects on the state side yet … but one that will probably come out here, probably within the next six to 12 months is the RFP for the (Federal Risk and Authorization Management Program) FedRAMP cloud contract, which is a refresh of that. That’s one of the big things that they’re working on, which will probably be finished by mid-2021. So, it should be soon that you’ll hear about RFPs going out for that one. Others, I would have to consult back with our state project team.
Techwire: How do you define “digital transformation,” and how far along is your organization in that process? How will you know when it's finished?
Wright: So, one thing I will say about how you know when it’s finished is – to me, I look at it as a continual service improvement effort. Where, although you transform, you don’t want to say you’re finished, because then you’ll be back into the legacy situation … . We have legacy applications that we’re modernizing. Everyone’s modernizing and I don’t think that you can say it’s complete. That project can be complete from modernizing that effort. But the life cycle of that project that you have eventually has an end date for that system. Right? So, you can say a project or an effort is finished, but I think to really get that digital transformation and keep in tune with what’s modern and how to keep your applications and systems fresh and new, is to always have in mind what that next iteration of that project or system will look like. When I look at digital transformation right now, in my past organization, when I came aboard from DMV to OTS, they’re a smaller shop so we had to change some policies regarding IT. You know, password strength, bring in more solutions for them for, like, we brought in CrowdStrike, we have the antivirus, we have protection in the cloud, we have our Salesforce application that we use for our grantee, we modernized that by doing electronic signatures. There’s a lot – we can change our security posture pretty much as a whole. When we had a military assessment in 2018 to 2019, it was a significant change in our security posture. So, I think you know, on the security standpoint, as modernizing your infrastructure to support securing, like our constituents’ and our citizens’ information, that’s first and foremost because … a big data center is a big repository of all that data.
So, strengthening our security posture to make sure that we have those security controls in place to protect the data that we house, and then also modernize those services to those citizens and our other state agencies that are customers to us, to make sure that they have services that are in the cloud, it’s reachable, it’s easy to navigate through our applications that we present to those citizens and constituents. So, I think digital transformation is going from a legacy environment and modernizing your current environment to meet the needs and requirements of the people. Because it’s not about standing up the newest, latest and greatest system. It’s about standing up the latest and greatest system to meet the requirements of the people we serve. I think that’s a big deal when it comes to that. You have to have your business in mind when you think of that. There’s a lot of things that I would love to see implemented in the state environment, but I don’t think, in some instances, we’re really ready for the cutting, cutting edge. So, if you get what works for the business requirements, then solve that ... problem, and be given the solution to solve that problem, will definitely be our latest and greatest, even though it’s not the cutting edge.
Techwire: What is your estimated IT budget and how many employees do you have? What is the overall budget?
Wright: So, CDT, the IT budget is about $421,500,000 and we have 741 authorized positions. That’s our IT budget. Now, our overall budget is $443,777,000 and 872 authorized positions. So, that was as of the governor’s budget proposed for 2021. So, it’s quite a bit.
Techwire: How do you prefer to be contacted by vendors? How might vendors best educate themselves before meeting with you?
Wright: I have used LinkedIn, people have reached out to me. … LinkedIn is kind of like a central place I would say, instead of using my work email. But I would say, in ways of the vendors to reach out and self-educate themselves, I would say, mostly, know the department too, not just the person. I would say get an idea of what our department does, because not every solution that’s been thrown at me or every company that has reached out or vendor – most of them, I know, they don’t know what my role is or completely know … . I just want them to understand what the business does.
And then, there’s a way to understand what my role is and who I am, as a person to reach out to. It’s moreso, provide a little bit more information about the services you provide. Because, some people, they’ll say ‘Hey, we have information security solutions.’ And then, although they have information security solutions, can they be a little bit more specific? Now that we have so many solutions, it can be hardware-based, it can be appliances, it can be software-based, it can be cloud-based. So, if they can reach out and understand what that is about or ask a question about the environment and it’s something we can dialog about and see if that’s something worth exploring at that point. As opposed to just a cold call with services that don’t really pertain to our business.
Techwire: In your tenure at CDT or at your previous agency, of which project or achievement are you most proud?
Wright: So far at CDT, I don’t have too many big projects where it’s huge and reportable on the state level. But the projects that I have been given, it impacts the state level. I don’t have a favorite one yet at CDT. I’ll say right now, I’m working and collaborating with the other CIOs, CTOs, and ISOs that are on … our telework standards workgroup that spawned out of ITEC. Working with the other CIOs, they’re really great, coming aboard and Amy trusting me with that … project to set the standards on a state level. It’s pretty good to know that walking in, that I have a director and a chief deputy director that trust my judgment. I will say that.
And prior to CDT, I would say OTS – it’s hard to say … because I have fun with projects and I love meeting the people that I work with, so I don’t want to slight some of the people I work with. But at OTS, I had a couple of good projects there, too, where, like I said, modernizing our security posture was great. There were many facets to it. It was 15-character passwords, multifactor authentication, strengthening our email, phishing with advanced threat protection. That was huge for me at that department, because they actually really needed that. And working with the team to get that done, it’s a small shop so that team has to maintain all six domains of our state department discipline and they do it well. Switching back and forth and pivoting between positions. So, I think that was fun and I really liked that project.
DMV, where I spent 22 years of my career, an IT project that spanned over 20 years of being either a participant or leading that project, two of the ones that I led that I really liked working on were AKTE, the automated knowledge test and expansion, and I was the deployment manager on that, where we deployed 2,500 devices to about 200 remote sites, and working with the vendor to test the application. So, (there were) two parts to that project. I was technical manager over it and contract manager over the deployment side, and we had the application side. So when I was on the deployment side in hardware and getting the networking, the facilities and everything set up, working with those teams, I had to lead and oversee that effort from that end of making sure we had the power, the data, the workstations are built correctly. Because those are new testing stations, and actually going from a handwritten DMV test to an automated test online on these 24-inch devices that we put out, I think that was a big accomplishment to show the public that we can go from handwritten documents to an automated application that randomized the questions, that limited the amount of people that could cheat on the exams. So, I think that was a big project for me. It was fun, it was a big modernization effort, going from paper to automation and I think that was one of my favorites.
The other one was the document authenticator devices. And I did oversee that one as well, working with Gemalto at the time. And we put those machines out in the field offices as well. So, I would say DMV’s top two projects would be the AKTE, I loved that, and I can’t knock my deployment efforts for just refreshes within the department. Being that we have over 10,000 PCs in 200 locations, my staff worked really hard to deploy those workstations along with NWNL, the vendor. I know you asked for one, but it’s an assortment of projects, I would say. It’s the people that mean the most to me. And knowing that, when we get together and work on a project that it’s a team effort, so even though I may have led those efforts, I always want to give back to the teams that helped me get that effort done because you can’t do it without the team.
Techwire: If you could change one thing about IT procurement, what would it be?
Wright: One thing I would say, the speed of delivering the services, like from end to end, from creating that P.O. to receiving the service. Just that level. And I’m not saying that because I’m not convinced of the state’s process. I think it’s just moreso one of the things that, in certain areas, if it’s an immediate need – and I know we do a good job, like I say, with COVID – we did a great job at procuring that as a state. When we need those devices and everything that we changed accordingly with the time, and we met those timeframes to get those deadlines. So, I do appreciate the procurement process that the state put together. It’s just … in that process, if we can just automate it and make it more automated where, across the state on a whole level, that we can feed into a system that can assist us and to automate those processes a little bit more.
Techwire: What do you read to stay abreast of developments in the govtech/SLED sector?
Wright: So, it’s a variety of sites. Sometimes, I’ll look at … it’s different websites, I’ll just jump in and look into. Like one is just CIO Tech World, I do read Techwire. I do look at the e.Republic* sites that you guys have. Mostly it’s news. I read a lot of blogs like Reddit Trends. I … stay abreast of multiple types of technologies, so I would say any platforms regarding, like, Windows, Technet sites, I’ll do different things. Like if it’s Apple sites, if it’s app-related blogs or Windows-related blogs or Linux, Unix or just different types of electronics. One of the things … that I do look at is just where trends are going, period. So, I don’t just dedicate to just one site to do that. I do rely on some information from the Gartners and the Info-Techs (Research Group), but then I find myself just reading different articles and different types of innovative … things that people (are) doing. Like, I read a lot of science magazines and different things. Most of those science magazines will talk about the latest technological trends that (aren’t) really available to public sector and stuff like that. … So, if you look at those types of devices that they may have and what they’re using, how modern those are … (they’re) leaps and bounds above what we can publish as the public sector. And if you can start tapping into those types of technologies and the companies that build them, maybe a solution can come out of that, that can be some type of public-sector device. So, it’s moreso looking beyond what’s out on the market.
At the same time, it’s just saying, ‘How can we leverage that on the public side … .’ Like, retinal scans and things like that came out years ago and now they’re starting to be part of our phone technology and things like that so, I mean, the ideas that were created 20 years ago are finally coming to fruition. … That’s the types of things I like to read. If it is 20 years down the line, if there’s a demand for it in the public sector or in the consumer-based sector, can we make that line or that timeframe come faster than … it would possibly come, if we can show in the public sector, that’s something that would possibly be beneficial to the state? Or to all states? The Internet of Things kind of changed that too. You never thought you would talk to your refrigerator, your dishwasher and your dryer and washer at the same time … . Reading those articles, reading those sites and just pulling in that data of the possibilities of what’s to come and some of the things that are out there that can benefit us.
Techwire: What are your hobbies, and what do you enjoy reading?
Wright: So, I’m big on documentaries. … I really watch, like, now The History Channel is changing, but The History Channel was one of the big things that I watched. Documentaries, like National Geographic. I’m a movie buff and music as well. I like music, I like entertainment. As far as reading, like I said, I can get lost in a day switching from blog to blog, just reading about technology. Electronics is really big, so that’s why I said I’d get into it later. Just devices, gadgets. One of the things, just, even as a kid, my first computer was a Commodore VIC-20, then a Commodore 64. I know I’m dating myself, but I was like, 9 or 10 years old, learning how to use those devices. I’ve always been involved in technology at some point in my life, even as a kid. Always been into video games and stuff like that. I’m not a big gamer now. I do still tend to dabble but just, the well-rounded thing of just, music, technology, reading movies and documentaries and my kids. Hanging with my kids.
*e.Republic is the parent company of Techwire.
Editor’s note: this interview has been lightly edited for style and brevity.