Decades-old government IT systems could be in for an overhaul.
Both original co-sponsors of the Modernizing Government Technology (MGT) Act say they will soon reintroduce the bill aimed at ridding the government of outdated IT systems.
The bill sailed through the House last year in the lame duck session but hit a snag on its way to Senate. The Congressional Budget Office (CBO) priced the bill’s cost at $9 billion over five years, slamming the door on its chances.
Though modernizing IT infrastructure would save money, the CBO does not speculate about those savings, resulting in a cost estimate that did not take into account the bill’s cost benefits.
“What we've been doing is understanding CBO and how CBO scored it and figuring out how we can tweak the bill so it doesn't get an outrageous CBO score,” said Rep. Will Hurd (R-Texas), who co-introduced the bill with Rep. Gerry ConnollyGerry ConnollyBudget woes hinder US cybersecurity buildup Our IT system is dying: Here’s how President Trump can save it What Democrats want in shutdown fight MORE (D-Va.).
“We think we have a potential fix, and we're going to sample that around with all the relevant staff and members and hopefully get this reintroduced fairly soon”
Both parties have backed IT modernization. When the Trump administration briefed the press about its still-unsigned cybersecurity executive order, bolstering IT infrastructure was one of its initiatives. And the modernization act contains what may be the last Obama administration priority still under consideration in Congress — a $1.5 billion fund to upgrade agencies’ equipment, paid for with money saved by using the new equipment.
Upgrading systems is popular because it generally allows agencies to fulfill their functions more effectively, safely and cheaply. New technology can provide better features and security, and can pay for itself by reducing maintenance costs.
The longer agencies wait for funding to upgrade, the more difficult it will be to make the upgrades.
“In five years, over 30 percent of the people who understand [our] system will be eligible to retire. If we want to upgrade, this is the last chance to do it while people who know the legacy system will be around to help,” Social Security CEO Robert Klopp told The Hill in 2016.
Social Security still uses 40-year-old systems.
Klopp noted that, while his funding has been cut since 2012, the demand on Social Security’s systems continues to grow. He did not believe upgrades would be feasible without specific federal funding.
The IT modernization act actually contains two mechanisms to pay for upgrades, each of which was introduced in competing bills. A general funding pool stumped for by former President Obama Chief Information Officer Tony Scott was introduced by Rep. Steny Hoyer (D-Md.) last session. Meanwhile, Hurd backed a plan to let agencies keep the cost savings from IT upgrades and use that money to purchase more upgrades.
Richard Spires, a former chief information officer at both the Department of Homeland Security and the IRS who now heads IT training company Learning Tree, believes that Hurd’s additions could have been particularly useful because it produces a fund that would not be at risk during year-by-year budget deliberations.
“If we had ‘one-year’ money, we could not guarantee to a contractor that we would be able to fund the program. When we received special appropriations — ‘three-year money’ — it made a huge difference,” Spires said.
He points to e-filing taxes as something that could only be achieved by knowing the money would continue to be there every year.
“My only concern is that MGT is focused too much on savings. Sometimes you are looking to improve mission capabilities in ways that don’t save money,” he said.
The move to reintroduce the IT modernization act comes during a government hiring freeze. Though the freeze could expire before the act would take effect, a focus on cutting costs could still cut down on new hires.
“We’re already seeing increased demand,” said Jeff Engle, vice president for the government sector of the Florida-based United Data Technologies.
“IT modernization would only increase that. There are opportunities for contractors whenever there is increased demand to be innovative but an inability to hire new talent.”
President Trump's administration appears to have latched on to security concerns over outdated IT.
In one leaked draft of the executive order — one that the administration neither publicly confirmed nor denied — the president calls for upgraded IT equipment to improve cybersecurity.
“Effective immediately, it is the policy of the United States to build a more modern, more secure, and more resilient Executive Branch IT architecture,” the draft read.
The order goes on to encourage consolidation of information technology and commissions a study on how to modernize systems.
Out-of-date software and hardware are often no longer supported by their manufacturers and don’t receive security updates. Modern security platforms frequently cannot be retrofitted to run on older systems.
Intel Security Chief Technology Officer Steve Grobman believes that improving security through modernization and other means should be the first item on the legislative cybersecurity agenda, which frequently focuses on law enforcement issues, including encryption, instead.
“Every ounce of energy we put into the encryption debate, we're removing opportunity costs to focus on other issues. The front and center thing we need to be talking about is making sure our government systems and critical infrastructure systems are able to lower their overall risk profile,” he said.
— Katie Bo Williams contributed.