Not Your Typical Government CIO
Contracting customers are changing. With her tech startup and intelligence agency experience, Air Force CIO Lauren Knausenberger is a great example.
By Michael J. West
It’s clear that Lauren Knausenberger is a different breed of senior executive from the moment you see her official photograph. She appears in front of the American and U.S. Air Force flags smiling and sporting not the traditional blue suit and pearls, but a burgundy leather jacket with an off-center zipper.
Knausenberger laughs as she recalls an Air Force Tech Sergeant seeing the red leather jacket and chasing her down the E-ring at the Pentagon, saying, “Ma’am? Ma’am? Do you want to change before taking your picture?”
Outside the Box
At just 41 years old, Knausenberger is the Department of the Air Force Chief Information Officer – one of the youngest members of the Senior Executive Service. But when she says she is different, she’s not referring to her youth or her fashion sense.
“When I say different, I mean I was hired because I think differently,” she explains. “People wanted someone they knew was going to jump in and shake things up and not be afraid to try new things, especially in technology. I calculate risk differently.”
She certainly has done that. In her five years with the Air Force, Knausenberger has been a driving force behind the service’s information technology (IT) modernization efforts. Her initiatives include launching Digital University1, rapidly scaling DevSecOps2 in the Department of Defense (DoD), pioneering Fast Track Authorization to Operate (ATO) and Continuous ATO (two revolutionary new ways to do cybersecurity authorizations), rapidly expanding CloudOne3 and maturing its enterprise services, and championing the Enterprise IT as a Service (EITaaS) program.
She has also spearheaded the design and implementation of Zero Trust1 digital architecture. Not only has Knausenberger been highly effective in communicating the importance of Zero Trust as a core capability for future competitive advantage; she has marshalled the resources to get it done.
She was the founding director of Spark Tank, an annual competition based on the reality TV show Shark Tank. Each year, Airmen and Space Force Guardians are invited to submit innovative ideas, culminating with six uniformed finalists pitching to a panel of Air Force senior leaders and industry partners (George Steinbrenner IV and Mark Cuban have judged in the past) to win funding.
In addition, she was instrumental in the early design of AFWERX, the Air Force innovation organization known for its creative use of Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) contracts and physical innovation hubs to attract emerging tech companies to the defense market.
Air Force IT initiatives require a robust acquisition effort and an expansive team, Knausenberger says. “Even if we come up with the best idea, we can’t do it alone; we have to have partners and suppliers. There are a handful of large cloud service providers that are some of the best software companies on the planet. We need them in the fight. We also need our growing traditional and nontraditional defense industrial base partners to innovate continuously on our next generation of capabilities.
“And of course we need the best of small business innovation too. There are also some things that should be super boring, and we just need to acquire them well, like enterprise software licenses and endpoints.”
Knausenberger adds that her organization needs the acquisition community to help make sure they have all those things, can provide them to Airmen and Guardians easily, and that they are consumable and meet warfighter needs.
Even this, however, Knausenberger approaches from a unique perspective – and encourages her team to do so as well.
“We have a few folks who have true commercial experience and bring a wealth of knowledge. I’d love to have a team of people who can consistently bring that perspective, but we don’t have many,” she says. “We also have some younger folks who have never had any type of industry or commercial experience. But they read a lot, pay attention, bring in new types of advisors and ideas, are fearless, ask the experts, and want to try different things. Oftentimes, those are the people who I want on the deal.”
A Different Path
Knausenberger’s open mind and willingness to challenge tradition are byproducts of an unconventional career path that started before she graduated from high school.
“All of those intern programs in government where they say ‘Get ‘em young?’ It’s so true, and I am one of those people that the government got young,” she says.
At just 17 years old she was recruited for the National Security Agency (NSA) Gifted and Talented program. Knausenberger applied, took a battery of tests, and netted an internship. She was a teenager with a Top Secret security clearance, working with INFOSEC and SIGINT.
After graduating from the University of Maryland, Knausenberger took a position as a business analyst with American Management Systems (AMS), then migrated to CACI when it acquired the AMS Defense and Intelligence Group in 2004.
During 11 years at CACI, she worked on global technical and financial programs with the CIA and went back to school, earning an MBA from Wharton. She also launched her own venture, a startup focused on solving problems and funding commercial technologies for the national security sector.
She also was also an early member of NextGen Angels, a group of angel investors under 40 that funded early-stage technology companies. It was later successfully acquired by Brown Advisory.
Just as she was getting comfortable in the entrepreneurial world, her husband got a call from an Air Force captain he’d previously worked with. “He said, ‘Hey, can I have a beer with your wife? We need more companies like hers in defense.’ So, I went and had a beer with him,” Knausenberger recalls. “We talked through a whole bunch of different roadblocks to innovation, and I drew out a number of different concepts on a bar napkin down at Blue Jacket Brewery at the Navy Yard in Washington, DC.
Some of those concepts would later contribute to the founding of AFWERX – using SBIRs to do staged venture investing, challenges with industry to get to an MVP (minimally viable product), and having common software environments where [industry and government] can work together.”
That bar napkin soon became a PowerPoint presentation that worked its way up the ranks to Lt. Gen. William J. Bender, then the Air Force CIO. “He said, ‘When you talk about these things, I believe we can accomplish them. I really hope you’ll come and work with us,’” Knausenberger remembers. “That hit me right through the heart and I think I said something like ‘the odds are approaching zero but I’m honored and will give it some real thought.’ He and Maj. Gen. Ret. Kim Crider (who later became the first Air Force Chief Data Officer) read me like a book and pulled me right in. They asked if I missed the mission and wanted to take this chance to solve problems I clearly cared a lot about. The rest is history.”
Important Lessons at the Table
After two years as Director of Cyberspace Innovation, Knausenberger became the Air Force Chief Transformation Officer in 2019, then Chief Information Officer in 2020. This put her across the negotiation table from the industry she used to be a part of. She brings some important lessons learned with her.
“My first job out of college was developing financial systems for the government,” she says. “That comes down to user-centered design, understanding software and requirements, understanding what customers want and need, and how we price things both to win and to drive value. When I came back to corporate, I spent a lot of time in proposal rooms in addition to running my part of the organization.”
Knausenberger says the experience taught her how to win and price work within the government, and how prime and subcontractor relationships work. “I also learned what strategies people use in the vast majority of the defense industrial base, and how an RFP can sometimes drive responses from primes that perhaps were not intended.
“Certainly, when we’re looking at buying things, I have had moments where I will read something that we are going to put out to industry, and I look at the way that we’re going to make a decision, and I think, ‘Okay, this is what you think you’re seeing; but this is exactly what we’re going to get; and this is exactly where it’s going to go wrong. The more we can engage in two-way dialogue with industry and focus on capabilities over requirements, the better. This is easy to say and is said a lot – we have a hard time managing contracts this way in practice.”
Her own experience in the commercial world led Knausenberger to prize government contracts and acquisition colleagues who share that experience and the propensity to approach acquisition regulations with skepticism and a light touch.
“I would rather work with folks who are predisposed to using commercial models and the parts of the FAR that allow us the greatest flexibility,” Knausenberger says. “I’ve definitely had the pleasure of working with some fantastic people who think this way in the Air Force.”
Of course, the FAR isn’t going anywhere. The drive for acquisition reform – which, Knausenberger points out, has gone on longer than any government modernization initiative including IT reform – hasn’t reduced the need for people who know their way around contract clauses and regulations. What it has done, however, is change the playing field to the point where that knowledge is simply not enough.
For Knausenberger, it’s important to have professionals with experience making deals on the commercial enterprise side. “We don’t have enough people in government who have worked commercial enterprise deals.” A side effect is less understanding of commercial marketplace expectations.
“It is really tough to write deals the way that we do because we try to hit every detail up front from the government side,” Knausenberger says. “[For] commercial deals, you tend to go to a broker to see what’s the best practice, what is the market getting, what is the typical service level agreement, and what are the specific needs of my business. And then you go buy. We need people who have that commercial experience.”
Knausenberger certainly considers a commercial knowledge bank to be an asset. However, the skillset that’s really important in the current acquisition environment is more of an intuitive one: flexibility, resourcefulness, and readiness to adopt different perspectives and new ways of solving old problems.
“If you ask me what we need from contracting and acquisition professionals, we either need people who have that commercial experience or who are completely open minded and ready to try new approaches to buying, especially in IT,” Knausenberger says. “There is a lot of flexibility in the acquisition process, and we have some great folks who really know how to use it. I’d like to see that become the mainstream and the way we approach acquisition every day.
“Unfortunately, there are also things that are outside the control of our acquisition folks. For instance, our EITaaS wave 1 award was held up for over nine months by the Small Business Administration, despite having more than 30% small business content. We got to a place that made everyone comfortable, but that meant nine more months of delay getting capabilities to our warfighters and frankly, it delayed revenue to small business by nine months too.”
The other problem is that so many efforts are protested. “You pretty much have to include a protest in your acquisition schedule at this point. It’s good that businesses can protest if they think we’ve done something incorrect in our process, but often companies protest just because there is no reason not to. That, too, delays capabilities from getting to our warfighters. I’d love to see an approach like in pro football. You ask the referees to review the play and if you’re right you get a different outcome. If you’re wrong you lose a time out. There needs to be a limit and cost to protests that are not upheld, and they’re usually not.”
Knausenberger’s different approach to buying doesn’t just extend to delivering capability for warfighters. It also involves purchases for the day-to-day activities inside the Pentagon.
Knausenberger acknowledges there is truth in Michael Kanaan’s now famous “Fix Our Computers” plea to DoD leaders on social media in January 2022. (See the sidebar, “Fix Our Computers,” on page 23.)
She cites DoD’s 2015 mandate to implement Windows 10 across the department by 2017. It resulted in a huge purchase of personal computers across the DoD. They turned out to be underpowered machines, likely procured at the lowest cost. Then, the computers were burdened with heavy cybersecurity software that sapped their meager resources. Now, they are simultaneously reaching the end of their serviceable lives.
“So, everything’s reaching end-of-life at the same time,” Knausenberger says. “We’ve been really pushing hard and have had a 19-point increase in our user experience scores over the past year. We’ve updated end-of-life equipment, fixed some user experience issues with Adobe and with our Microsoft products, and streamlined the way our security tools protect the endpoint.”
Knausenberger says, “We’ve really been looking at the data and saying, ‘Where do we need to invest to make things better?’ A lot of our end-of-year money went toward end-of-life laptops and end-of-life network equipment because we identified these areas as the easiest and most impactful way to improve user experience and cybersecurity in one action.”
Time for Change
Something had to change. By the time the #FixOurComputers came out, the Air Force already had been working hard to measure user experience and get after the most pressing issues. It brought even more public attention to something that was already a huge priority for Knausenberger and was a result of decades of underinvestment across the DoD.
The first step was to raise the quality standard for IT equipment. “Even if we buy lowest price technically acceptable, ‘technically acceptable’ needs to actually support the warfighter,” she says. “The new standard allows you to do everything you need to complete your mission. The specs would even support gaming on your laptop if you really needed to. It still will take some time to replace all the endpoints and that will be a continual refresh cycle. In the meantime, we’ve completed a number of initiatives to streamline the way we manage our endpoints. Some of our older machines are seeing a 200% improvement due to our efforts.”
The other more labor- and resource-intensive steps were to upgrade circuits at dozens of bases, update cybersecurity configurations for network boundaries, and centralize device and application management within the cloud, which went into full swing in May 2022. The next step is to create a central IT store: a one-stop shop that serves the entire Air Force. This last piece will be available once EITaaS Wave 1 goes into production.
“You’ll be able see all of the software approved for use, what’s best to use, and how to get it on your laptop right now,” Knausenberger says. “I don’t have to pay anything because I have an enterprise license. I don’t need to ask anyone’s permission to put it on my laptop because it’s in the cloud. And I’m leveraging this at IL-54 so I can use all of my data, and I can go on my merry way. We’re pushing through a category management charter right now that is a huge part of signaling to the enterprise.”
While this all is very much a reinvention in the federal space, it is already standard operating procedure in the commercial world. “These are absolutely common-sense things that every corporation in the world does,” Knausenberger acknowledges. “We’re still on the journey. We have operated for a long time like a group of smaller organizations that came together into one, and we are now figuring out how to truly be an enterprise. Even in the commercial world that’s a tough problem and we’re doing it at huge scale. We’re making a lot of great progress, but we’re not there yet.”
Hence the need for a new, more commercially minded way of thinking in DoD procurement.
“For the enterprise buys, we’ve got to use commercial best practices,” says Knausenberger. “We are a huge enterprise, and we need to look at how the other huge enterprises buy. And we need to have deals that are scalable and affordable and fair. We don’t want to pay a whole lot more than Walmart, but we also don’t want to pay a whole lot less, or we’re not going to get the same level of support.
“For the enterprise, we do have to be strategic and methodical. We have to leverage those best practices, think end-to-end, and ask ourselves if we’re solving the problem we set out to solve,” Knausenberger says. “But that doesn’t mean we can’t be agile and that we need to take an unreasonable length of time.”
Knausenberger is admittedly actively searching out alternative ways of doing things in the federal space. But she is no fluke. She was previously in the commercial space and the Air Force sought her out, not vice versa. Her flair for disruption is a feature, not a bug. Luckily, more and more DoD executives realize how high the stakes are and are doing their part to move things forward and take calculated risks.
Knausenberger is not a rogue wave but part of a sea change in how the government deploys both personnel and technology. She and her peers are shaping the future, and she is excited to work with acquisition professionals and operators in a new way of doing business. CM
Michael J. West is a writer and editor in Washington, D.C.
Digital University is a joint venture started between the Air Force and Space Force and available to members of the DoD. It provides anytime access to Silicon Valley accredited technology training and fosters a community of learners for tomorrow’s warfighter.
DevSecOps is a trending practice in application security (AppSec) that involves introducing security earlier in the software development life cycle (SDLC). It also expands the collaboration between development and operations teams to integrate security teams in the software delivery cycle.
Cloud One is an Air Force provider of cloud computing platforms, technologies, approaches, and solutions. It provides common, secure computing environments; standardized platforms; application migration and support services; and data management. https://cloudone.af.mil/#/#platformoverview.
Impact Level 5 security accommodates national security system and U.S. controlled unclassified information categorizations up to moderate confidentiality and moderate integrity.
“Fix Our Computers”
On January 25, 2022, Michael Kanaan, the Director of Operations for the Air Force’s Artificial Intelligence Accelerator at MIT, took a shot across the Pentagon’s bow with a message on LinkedIn and Twitter. He pleaded to end the computer agony of DoD employees and invest more to upgrade their basic, everyday IT hardware.
“Oh man, Michael Kanaan. I echo your open plea to fund IT. It’s the foundation of our competitive advantage and also ensures every single person can maximize their time on mission,” commented Department of the Air Force CIO Lauren Knausenberger, one of many Air Force and DoD leaders to commiserate with Kanaan’s lament.
You tell us to Accelerate change or lose,
then fix our computers.
Before buying another plane, tank, or ship,
fix our computers.
Yesterday, I spent an hour waiting just to log-on.
Fix our computers.
Before spending another dollar on a request for proposals from industry asking for the same thing you asked for last year, fix our computers.
Want innovation? You lost literally HUNDREDS OF THOUSANDS of employee hours last year because computers don’t work. Fix our computers.
Are you reading inputs from any of the various idea/innovation programs? Fix our computers.
I Googled how much the computer under my desk costs in the real world. It was $108 dollars. Would you ever buy a $100 dollar computer?
Fix our computers.
Are you a senior leader visiting a unit?
Ask if its computers work.
I wrote an email the other day that took over an hour to send. Fix our computers.
I opened an Excel file today … my computer froze and needed to be restarted. Fix our computers.
I turned on my computer and it sat at 100% CPU usage. Fix our computers.
Tanium battling McAfee for scans all day takes up 40% of the processes inside the machine.
Fix our computers.
My computer updated and restarted 10 times today. Fix our computers.
We’ve been doing more with less for too long.
Fix our computers.
Want to recruit the generation of the future?
Fix our computers.
What happened to the cloud? Fix our computers.
Why am I using Internet Explorer? Fix our computers.
Making computers so useless that nobody can hack them is not a strategy (yet they hack them anyway). Fix our computers.
We’re the richest and most well-funded military in the world. Today it took 1 hour and 20 minutes from logging in to opening Outlook. Fix our computers.
Ultimately, we can’t solve problems with the same tools that made them … and yet somehow fundamental IT funding is still an afterthought. It’s not a money problem, it’s a priority problem.
Sincerely and on behalf of,
Every DoD employee