Security, funds occupy CIOs' minds

TechAmerica’s annual federal CIO survey usually does a good job of identifying what’s on the minds of federal IT professionals. The latest survey, released earlier this month, finds the IT community worried about costs as budgets dwindle and concerned about cybersecurity as threats grow.

“I was pleased that cybersecurity was listed first, and not budget,” on the ranking of priorities, said Teri Takai, CIO at the Defense Department, in a panel discussion at a TechAmerica conference associated with the report. “At DOD, cybersecurity is the No. 1 priority.”

DOD is transitioning away from protecting systems at the perimeter and moving toward redesigning systems, moving them to the cloud and managing data differently, Takai said, as quoted in Alice Lipowicz’s article in Federal Computer Week.

The two priorities are intertwined, of course. With less money to spend, investing in cybersecurity becomes more difficult. According to some analysts, the people who control agency purse strings might see cyber threats as remote, almost invisible, until a successful attack belatedly shows its importance.

“IT security isn't easy to pull off, especially when IT and IT security groups don't get the support of their non-tech bosses,” wrote Eric Chabrow in “The Public Eye” blog at GovInfoSecurity.com. “Risk, as the report points out, is a difficult [concept] for most people to grasp, but it is one that is important to convey to users, executives and, in the federal government, to Congress.”

Kenneth Corbin, writing at CIO.com, pointed out that prioritizing the funds that are available for cybersecurity is important.

He noted that cyber threats include “attacks from outside entities and internal risks, such as lost or stolen laptops, sharing passwords and other lax security practices or employees who shift roles but retain access to sensitive information from their former position. Some respondents pointed to an imbalance that sees the majority of some agencies' cybersecurity resources directed toward external threats, while most serious data breaches are attributed to internal factors.”

Enhancing the 25-point plan

One section of the survey report lists the respondents’ suggestions for improving the Obama administration’s 25-Point Implementation Plan to Reform Federal IT Management. Here are the recommendations.

  • Shift from a policy focus and measure tangible successes instead.
  • Group the plan into key focus areas because it is too hard to do justice to all 25 points.
  • Return to a focus on lines of business as was done before 2009, such as human resources, finance and payroll, which would give a boost to cloud computing and shared-services initiatives.
  • Work closely with the President’s Management Council when doing investment reviews.
  • Encourage government entities to be ruthless in setting priorities, as private companies are.
  • Provide seed money for some initiatives that will generate long-term savings but have short-term costs not tenable in the current budget crunch.
  • At the Office of Management and Budget, develop a better partnership among the federal CIO, chief financial officer and chief procurement officer.
  • Encourage Congress to fund more projects on a two-year basis.
  • Require OMB to do more cost/benefit analyses on implementing the plan.
  • Pick activities that can be done in one year and be ready to regroup because “there will be changes at the top regardless of the political views of the administration.”

About the Author

Technology journalist Michael Hardy is a former FCW editor.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.

Featured

  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above