Hurd warns against rigid IT budgeting

Rep. Will Hurd (R-Texas) has warned against rigid IT budgeting that he said can lead agencies to make bad spending decisions.

The notion that "if you don't spend it, you lose it [is] the wrong kind of incentive to have in purchasing IT goods and services," he said in an April 12 interview.

"Philosophically, if an agency realizes savings, they should be able to use that savings to do other things in their network," added Hurd, who is chairman of the House Oversight and Government Reform's IT Subcommittee.

Hurd spoke with FCW the day after House Minority Whip Steny Hoyer (D-Md.) introduced a bill to set up a revolving $3.1 billion fund that agencies could draw on to upgrade outdated IT systems. The White House put forth the legislative proposal last week, claiming that the initial $3.1 billion in funding for fiscal 2017 would cover at least $12 billion in projects over 10 years.

During a speech at the FireEye Government Forum cybersecurity event in Washington, Hurd expressed optimism that Hoyer's bill could win bipartisan support.

When the Office of Personnel Management suffered a devastating hack that exposed the personal information of at least 22 million Americans, Hurd, a former CIA officer with private-sector cybersecurity experience, was sharply critical of then-OPM CIO Donna Seymour's handling of cybersecurity.

Seymour resigned in February, and the agency brought on Clifton Triplett, a military and industry veteran, as a cybersecurity adviser in November.

Asked if OPM had the right leadership to improve its cybersecurity, Hurd said, "The current leadership is significantly better than the previous leadership."

The Obama administration has requested $95 million for fiscal 2017 for the Defense Department to build a new background-check agency overseen by OPM. Hurd questioned whether that much money is needed, given that the OPM hack was not sophisticated.

"It doesn't take $95 million to ensure you have two-factor authentication," he said. "It doesn't take $95 million to review the permissions of your users."

In his speech at the FCW-sponsored cybersecurity event, Hurd also blasted DOD and the Department of Veterans Affairs for what he said was their failure to deliver full interoperability of electronic health records.

DOD and VA "are the two largest health care providers in the world," he said, "and if they were able to figure out how to get their electronic health records to talk to each other, that's probably going to be a standard."

He also urged agencies to continue to empower their CIOs: "The CIO should not be sitting in the basement when the agency head's on the fifth floor."