The Big Interview: City of Fort Lauderdale CIO Tamecka McKay
On recovering from ransomware and floods; getting closer to the business, and prioritising investment with tight budgets.
When Florida’s City of Fort Lauderdale was hit with flash floods in April 2023 it rapidly became CIO Tamecka McKay’s problem: A critical data centre was left with no power and no cooling (a flooded ground floor is not what the data centre world means by “liquid cooling”) and although server racks were on the sixth floor, applications supporting vital city infrastructure, including emergency services, were knocked offline.
She had to make some emergency calls herself – getting partners in to physically carry blade servers down the stairs of the flooded building – and a new data centre spun up in double-quick time. Over the coming days, she recalls to The Stack, a core team of roughly four engineers worked overtime to get the city’s critical IT services back online. (Working in government means working lean and finding creative solutions.)
McKay was just a year into the role when it happened. She had faced crisis before, however, when working as a technical lead and supervisor of enterprise infrastructure services at one of the United States’ largest public school systems, Broward, which was hit by ransomware in 2021.
In that incident, “not only did they encrypt everything, but they deleted our virtual Veeam server; they deleted our network devices; right before the attack they disabled our Microsoft Defender so that we couldn’t even detect them” she recalls. Mercifully – or presciently – “I’d had our admin copy the INI file for the virtual machine for our Veeam server on a flash drive; had he not done that we would not have been able [to recover].
As a result IT was ultimately, with support, “able to rebuild the environment, build up the server, point it to the storage – because the storage was unaffected – and we started restoring services one by one.”
Tough lessons to learn but ultimately, McKay says, important ones…
Raise your head!
As CIO of the city – home to 183,146 people – McKay oversees some 77 IT staff. With a budget of $26 million per year and an estate that includes approximately 500 servers, 3,000 desktops, 2,600 emergency services radios and applications running on over 90 sites including in emergency services stations, IT’s engagement with the broader city is critical.
Her team supports body-worn police cameras; IT services for an airport; the standard potpourri of corporate IT services like finance and HR. And the lessons she’s learned from these crises – ransomware, flooding – have stood her in good stead, she suggests; not least in helping bring IT and the business closer together where they had previously had an almost hostile relationship: “Never let a good crisis go to waste.”
See also: The Big Interview with Goldman Sachs CIO Marco Argenti
In her current role the flood was a particular wakeup call; both for the business to understand how important IT was and for IT to recognise the urgent need to work more closely with the business in a joined-up way.
“It was a painful and very unpleasant experience,” she tells The Stack.
“But we're capitalising on it by helping the business understand what are you going to do if the technologies are unavailable? There are some services that you can't say ‘I'm sorry, the system's down. We're not policing today.’ The business…their focus is the business, not technology.”
“But because technology is so tightly integrated into the business and the organisational goals, that collaboration is critical. Technology is an enabler [and IT in a crisis like that needs to] know what's critical that has to be running now, versus what could wait 24 hours or 72 hours.”
It's all about prioritisation: Is it the person that throws the temper tantrum?
“We don't have unlimited funding and in the event of a disaster, it's all about prioritisation. You don't have unlimited resources: We had maybe about four engineers trying to restore services for a city the size of Fort Lauderdale. And what do you do [to prioritise]? Is it the person who screams the loudest? Is it the person that throws the temper tantrum?”
“What we did shortly after the flood was have a third party do a business impact analysis. We got the business units at the table, asking ‘what can you afford to lose? How long can you afford to be down?’
“Helping them understand it's not just a technology issue: You have to tell me how much risk you're willing to accept based on what the cost of resiliency is. We had single points of failures all across the enterprise…
“[Through that analysis we learned that] maybe we want to [invest in] a redundant network connectivity at the building department, but maybe not one at parks” she says as an example, rattling off the challenges of prioritising what a cemetery needs versus a swimming pool; a finance department or a police station in the event of that kind of emergency.
This involved IT looking up from keeping the lights on too and starting to communicate more strategically with business stakeholders, she adds, saying particularly in local government there’s a legacy of the bad old approach to the “IT of 20 years ago where we came out of the room once a year for the Christmas party, and they slid us food under the door…”
70% of our storage was EOL, 50% of networking
That approach was reflected in some creaking infrastructure: “When I started, over 70% of our storage was end of life; 50% of our network devices were end-of-life; we were using a 50 year old financial system. This was an organisation [which had] not embraced or understood the importance of investing in technology,” she added to The Stack.
That should have been – and was – a wakeup call for IT too, she added.
“We have an opportunity as IT professionals, to help the business leaders and executive leadership understand the importance of proactively investing in technology and engaging themselves. We have to work together and be closely aligned to achieve the organisational mission.”
“Get out there!”
That’s been arguably the biggest lesson of her career, she reflects; getting IT to look up and see the business: “From the technical level, you want to make sure that your teams are trained, that they're engaged,” she says.
“When I got to Fort Lauderdale, I had teams who had never even been to a conference, or user group, or had any kind of training or any certification for 10 years. The first thing I did was [say] ‘get your head out of the keyboard, get out there and go see what's going on!’
“Because chances are what you're dealing with what someone else is dealing with. Honestly, I tell them that they’d been in a time-warp. I had team members who didn't even know that they had a technical training budget as part of their compensation package” she says emphatically.
“That goes back to leadership: Helping them understand the importance of ‘yes, things are going crazy, but you have to take that time to see what's out there.’ Invest in yourself, in professional development, training, you know, networking, getting out there, see what's going on.”
Three pillars
“That goes back to what are my three pillars [as a CIO]; cybersecurity, modernisation, and human capital. From the human capital standpoint that’s relationships, investing in staff, investing in good products.”
It’s also, she adds, about “making sure that you're speaking to your vendors not once a year, when it's time to renew. I hold my vendors accountable! I tell them, ‘I don't want to see you one time a year when it's time to renew, you need to check on me, check on my product, see if I'm maximising my ROI, that's what a partnership is. It's not one-sided…”
Ride-alongs with the fire service
One way she has personally worked to be more business-centric is proactively engaging; even taking a ride-out with the fire service.
That saw her witness them tackle an incident in which someone was in a coma, and observe how critical comms tech her team supports was to ensuring a hospital had they details they needed to save a life.
(Among other recent tech-led public safety initiatives, the City is rolling out Shotspotter detection systems. As McKay notes: “A good number of times that a firearm is discharged, nobody's calling 911. So if we didn't have those sensors out, and using that technology, we would not be aware of it. A lot of times we can have an officer out before they even placed the call, and starting on an investigation. So tech is a big part of increasing and enhancing public safety and public services in general.”)
From help-desk to CIO
Tamecka McKay wasn’t born into a tech-centric family. She was, she says candidly, the child of a teenage mother: “My aspiration was just to graduate high school, which was more than my parents did” she says.
With a doctorate in progress and multiple degrees including in Computer Information Systems it is clear that she blasted through that ceiling and then some; working her way up from help-desk to sysadmin to CIO.
She’d actually planned to go into law, she admits: “I had a guidance counsellor in high school, she took me on a field trip to Seton Hall Law School in New Jersey where I actually saw people that looked like me.
She started taking college classes and “got a part-time job working as a law clerk… At the time, I had a best friend who got her Novell [networking] certification, and she was just bragging and telling me, ‘oh, you're still gonna be in law school, and I'm gonna be making $60,000, which was a lot of money back in 1993. I saw her go through her certification, earn a good income and thought ‘maybe I can try this to get through law school’. To cut a long story short, I just fell in love with tech!”
Back to the present, as well as helping to upskill her team, hold vendors to account and run a strategic modernisation programme, she works closely with an increasingly tightly knit network of government CIOs and other digital leaders, she says, to collaborate and shared experiences, not least those around resilience. (She's now, perhaps unsurprisingly, a staunch advocate for well-configured and robust backups and a close partner of Veeam, whose conference The Stack spoke with the CIO at.)
“We meet formally twice a year but we are in contact probably two or three times a week on Slack. I’ve tried to get my team involved in that too. It's like, ‘Yo! You don't have to figure this out yourself! You're not in this alone, don't reinvent the wheel, leverage networking, community…”