The Biden Administration recently issued its request for 2022 spending. This practice is really more of a policy effort than actual budgeting, but serves to illustrate administration priorities to inform agencies as to what is likely to get approved in the final budget. The 2022 budget request has a number of IT-specific priorities, starting with the funding of the Technology Modernization Fund (TMF) at another $500 million for fiscal 2022. This would be in addition to the $1 billion that was invested as part of the American Rescue Plan Act--money that helped support the ongoing effort to digitize government services and operations.
The $58.4 billion in IT spending includes marked increases in the IT budgets of the Treasury Department, Department of Veterans Affairs, and the Department of Homeland Security. NASA and the Department of Commerce had small reductions to its IT budgets.
Both of these documents define the specific roles and responsibilities of data officers and provide a framework for working with and securing data. Of course, each agency has unique requirements and missions, leaving the CDO to work out how to apply this guidance and standards to their organization.
Agencies are meeting these guidelines and integrating CDOs in different ways. The Department of Homeland Security (DHS) recently announced a department-level CDO office to better integrate data into its operations and those of other agencies. The need for this level of coordination was underscored as DHS launched a department-wide COVID-19 vaccination campaign in partnership with the Department of Veterans Affairs health centers. DHS needed to identify, contact and manage responses from workers, which meant collecting and reconciling many different datasets from across the department.
Shared Services in government is nothingnew. The idea began in the 1980s with the consolidation of payroll and some other administrative functions. In the '90s the focus was on creating entities that could provide common business functions across government and, in that effort, become a cost center.
The 2000s saw the rise of the term 'Line of Business' that looked at common business functions across government to identify opportunities to transform, streamline and share. The Obama Administration looked specifically to IT as a shared service, releasing the Federal IT Shared Services Strategy that provided federal agency chief information officers and key stakeholders guidance. This guidance focused on the implementation of shared IT services as a key principle of their efforts to eliminate waste and duplication, with the intention to reinvest in innovative mission systems.
The Department of Homeland Security's Continuous Diagnostic Mitigation Program (CDM) was developed as a guideline process for agencies to fortify their ongoing cybersecurity plans and tactics. Agencies have worked through the stages of the program, first identifying what and who is on their network and then looking at what is happening on the network - really identifying the who, what, when, and where. Today, the focus is to put all that information to work in developing plans that address the "how" of secure networks including:
Reduce agency threat surface
Increase visibility into the federal cybersecurity posture
Improve federal cybersecurity response capabilities
Streamline Federal Information Security Modernization Act (FISMA) reporting
According to a recent survey, in the seven years since its inception, the CDM program has met its mission of making government IT systems more secure. But this success does not mean the work is done. Legislation has been introduced that will make CDM permanent and expand its reach to meet the ongoing cyber threats that face government agencies. Moving forward, the CDM will help agencies focus on taking what has traditionally been a piecemeal approach to cybersecurity and creating a more integrated approach that ties to the an overall cyber strategy.
The Department of Homeland Security (DHS) may be the newest cabinet-level department, but it is still facing the same modernization challenges felt across government. The agencies pulled under the DHS umbrella in 2002 came with legacy systems. While a good deal of integration and modernization happened while DHS was being formed, systems have to keep evolving to keep up with the ever-changing threat landscape and the technologies used to threaten the homeland.
Cybersecurity, as it relates to the protection of the national infrastructure and government systems, is a huge focus for DHS. In fact, The DHS Secretary recently said that nation-state adversaries "are at the highest levels since the Cold War, largely but not exclusively due to leveraging cyber to conduct espionage and influence operations and disrupt services." As part of their efforts to strengthen their cybersecurity posture, the Department is leading the Continuous Diagnostic Monitoring (CDM) efforts across government to provide capabilities and tools to identify cybersecurity risks on an ongoing basis, prioritize these risks based on potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first.
With a broad mandate to support election security, DHS has been collaborating across the government to ensure the security of machines and records for national elections. New technologies such as Albert sensors, technology designed to detect suspicious IP addresses and malware signatures, will be in place in 90% or more of voting machines used in November. Continue reading →