Jun 10 2019

Minnesota’s New CIO Outlines His Priorities

Tarek Tomes shares his thoughts on tackling cybersecurity, a new registration and licensing system, and other challenges.

On April 29, former St. Paul Chief Innovation Officer Tarek Tomes stepped into his new role as commissioner of Minnesota IT Services and state CIO, replacing Johanna Clyborne, who left the position in January.

After spending the bulk of his career in the private sector, Tomes transitioned to government in 2008, initially as assistant commissioner for the Minnesota Office of Enterprise Technology, which has since been reconfigured as Minnesota IT Services. 

StateTech recently spoke with Tomes about his new position, cybersecurity challenges facing state governments and the future of the Minnesota Licensing and Registration System, or MNLARS, which has cost the state more than $100 million to develop to date.

MORE FROM STATETECH: Explore new tools that state CIOS can use to get up to speed.

STATETECH: What do you view as the state’s current IT priorities?

TOMES: As the internal shared services technology provider for the executive branch, I want to be able to sit side by side, allowing agencies to innovate with us. That intimate relationship is really important because if you’re not careful, you end up just serving as a technology provider.

Photo: Courtesy of MNIT
Tarek Tomes, Minnesota CIO

There’s also absolutely a priority surrounding value and how we deliver technology initiatives across the executive branch. In addition, as is true for every state and the private sector, there is a tremendous focus now on cybersecurity. CISO and Interim CTO Aaron Call put together incredible groundwork for the state’s cybersecurity policy and how it will approach cybersecurity measures. 

STATETECH: What do the state’s cybersecurity plans include?

TOMES: There’s a large cultural component — educating the legislature as well as business partners so security is not an add-on but a lens everyone views everything they do through.

I had a chance to spend a little time with Atlanta city officials, so I’m aware of the devastating impact certain cybersecurity breaches can have; last year’s incident really crippled Atlanta’s critical systems for an extended period of time. Certainly, incidents in the public sector are publicized much more broadly. One can deduce that for every public event, there are probably 100 or 1,000 private-sector events — those don’t, of course, get shared because of the reputational connotations. 

Making sure you understand what the critical systems are and how you can recover is certainly a focus for us. Our ability to shorten the impact timeline and contain incidents is really paramount. There’s no finish line with cybersecurity; it’s an ongoing investment. 

Cybersecurity Insights

STATETECH: Have you been able to enact any initiatives since becoming Minnesota’s CIO?

TOMES: We announced a pretty large strategic directional change to how we deliver driver and vehicle applications. In 2017, the state launched a new system that was probably introduced a bit prematurely. MNLARS, the Minnesota Licensing and Registration System, didn't have all the features and functionalities a launch should have, and that led to significant issues and backlogs both to the citizens and many partners that used the system to facilitate services — deputy registrars and others. 

Our team recently released the seventh release of the solution and it now has a really stable platform. The governor tasked an independent expert to review the work that remained to be done on the project, really at the moment where significant additional investment was needed to finish it, and the review findings suggested purchasing a vendor-based solution would be in the best long-term interests of the state. We can use a vendor who invests millions in research and development relating to future versions of the software. We made a strategic decision to pivot from custom-building the solution. 

STATETECH: What is the implementation timeline for the new solution?

TOMES: The next steps are, together with our business partner, the Department of Public Safety, we’ll release an RFP and select a vendor. During the implementation phase, we’ll run the current system simultaneously for about 20 months or so, and then go live with the future system. 

MORE FROM STATETECH: Watch a video interview with former Minnosota CIO Johanna Clyborne on Minnesota's cybersecurity concerns.

STATETECH: How would you say your previous roles prepared you for your current position?

TOMES: Certainly, on the delivery side, working for private-sector organizations was helpful. With successful project delivery, the utmost priority is customer satisfaction and engagement; that taught me how important understanding where they’re going and delivering on those expectations was. 

My most recent role as chief innovation officer underscored the need to keep people at the center of our solutions. That approach helps us both validate problems we’re trying to solve and understand the stakeholders we’re crafting a solution for. 

STATETECH: What’s different about being Minnesota CIO?

TOMES: The size and dimension — it involves helping to mature an organization that’s democratizing technology to provide people with a voice

I hope to really facilitate and promote the use of digital opportunities to change the way citizens engage with the state. That means making sure we create the right data visualization and business environment — using artificial intelligence, for instance, to lift up all the transactional data — that can allow us to see where investment areas are that we should continue to support, and how we can shift the investment of taxpayers’ dollars for the most effective possible use.

The state has an open information portal and will continue to try to highlight how groups can share data and metrics. A little bit of that also involves encouraging and helping our business partners — including executive branch agencies, boards and commissions, public schools, and other organizations we provide services to — to understand the importance of connecting meaningful measurements with the services that are provided, so the outcomes are what we expect.

Getty Images/ Scruggelgreen