Making progress with the critical mission of modernizing federal IT

Making progress with the critical mission of modernizing federal IT
© Getty Images

We may well remember 2017 as the year the government finally sent a strong message on the importance of modernizing federal IT. The message is bolstered by funding to which Congress and the Trump administration agreed. Rep. Will HurdWilliam Ballard HurdSunday Talk Shows: Lawmakers look ahead to House vote on articles of impeachment, Senate trial Congressional Hispanic Caucus campaign arm endorses two Texas Democrats Group of veterans call on lawmakers to support impeachment, 'put country over politics' MORE (R-Texas) is the principal architect and lead advocate of the congressional effort, with sustained support from Reps. Robin KellyRobin Lynne KellyHillicon Valley: FCC moves against Huawei, ZTE | Dem groups ask Google to reconsider ads policy | Bill introduced to increase data access during probes Dems call out Oracle for lack of diversity on its board Overnight Health Care: GOP senator says drug price action unlikely this year | House panel weighs ban on flavored e-cigs | New York sues Juul MORE (D-Ill.) and Gerry ConnollyGerald (Gerry) Edward ConnollyTrump abandons plan to dissolve Office of Personnel Management: report Democrats debate scope of impeachment charges House Democrats rebuke State Department for 'reversal' on Israeli settlements MORE (D-Va).

Hurd’s Modernizing Government Technology Act, part of the 2018 National Defense Authorization Act recently signed into law, was the vehicle that advanced the modernization objective, establishing a $500 million central modernization fund that agencies can borrow against to update legacy systems, as well as working capital funds they can use for future modernization projects. This bipartisan bill is one of the largest IT reform packages passed in decades, and it enables federal agencies to retire, replace and modernize outdated IT systems.

Yet Congress was not the only significant player in IT modernization. As Morgan Chalfant of The Hill recently wrote, OMB issued formal guidance to federal agencies on implementing part of the White House’s initiative to modernize information technology across the federal government.


The administration also staked out a thoughtful position in its IT Modernization Report released in December. Called for by President TrumpDonald John TrumpRepublicans aim to avoid war with White House over impeachment strategy New York Times editorial board calls for Trump's impeachment Trump rips Michigan Rep. Dingell after Fox News appearance: 'Really pathetic!' MORE’s executive order on cybersecurity in May, the report outlines a plan to move the country toward a more secure future and emphasizes the importance of endpoint security. It recognizes our past over-reliance on network-level defense, an approach that has limited the overall security posture of the U.S. government and has made the transition to the cloud more difficult. The report also focuses on the importance of protecting data where it is processed.

Like the executive order on cybersecurity, the modernization report emphasizes the importance of agency leaders truly owning and being accountable for IT and cybersecurity outcomes. The report also focuses on the need to have all departments align around an enterprise architecture to further drive economies of scale.

Other salient points that set the right course for cybersecurity modernization:

  • Proper "cyber hygiene" is as critical to an organization’s security as brushing one’s teeth is to dental health: it simply must be done. Any plans to modernize federal IT must include a serious focus on operational maintenance.
  • Federal organizations can’t be expected to do everything themselves. They’ll have to use shared services, including migration to the cloud, and agencies will need to be flexible.
  • The public and private sectors alike need to consider the effects of quantum computing on data security. Algorithms such as RSA, used to encrypt and decrypt messages, will not be safe once quantum computers are available.
  • Organizations need interoperable security tools to protect against threats. As cybersecurity solutions become interoperable, they become more efficient and cost-effective. They are also easier to maintain than an IT environment of disparate systems.   
  • Finally, and very importantly, there’s a great need for an updated acquisition process, which will enable federal agencies to keep their cybersecurity solutions up-to-date so the government can address adversaries’ constantly changing techniques and tactics. That means adopting flexible procurement rules for software to upgrade programs.

As the government moves forward, we encourage collaboration with the private sector to realize a truly modernized, open and interoperable cybersecurity ecosystem. It is the industry’s shared responsibility to support modernization initiatives, continue to work with agencies to help the government strengthen its cybersecurity posture, and work with policymakers to develop initiatives that will ease the transition.

Tom Gann is chief public policy officer at McAfee, where he manages the company’s U.S. and international advocacy activities.