OMB: Focus on cybersecurity before new projects

The Office of Management and Budget has told 18 agencies not to develop, modernize or enhance IT systems until their cybersecurity problems are fixed.

OMB administrator for IT and e-government Karen Evans today said agencies must stop layering new projects on top of vulnerable IT infrastructures, and do a better job of managing their IT portfolios.

“Agencies need to secure what they have, and if they do it efficiently, they will have remaining dollars to meet other priorities for modernization efforts,” Evans said during a press briefing on the IT budget in Washington.

“The whole premise of this is to look at your IT portfolio, don’t just look at things in segments and pieces. You have to look at what your IT program is, if you are a CIO at department level, what are you doing, how are you managing this throughout entire department, what are the priorities of the department and how to go forward. The priority of this administration is cybersecurity.”

The 18 agencies have requested $8.1 billion for fiscal 2005 and plan to spend $8.5 billion in 2004 on development, modernization and enhancement efforts. Evans said agencies could fix their cybersecurity problems by using this money, which does not include funds for general systems operations and maintenance.

Eight agencies—the Commerce, Defense and Energy departments and Environmental Protection Agency, NASA, National Science Foundation, Nuclear Regulatory Commission and Office of Personnel Management—are exempt from this requirement because OMB determined that they have good security programs.

“If it only takes $1 million to remediate their IT security problems, they would discuss it with us and clearly demonstrate they have shown progress in their cybersecurity programs so that we have confidence they can achieve the goals outlined in their cybersecurity program,” Evans said. “And then the rest of the money is allowed for them to go forward with their development and modernization efforts they outlined.”

OMB also is putting a hold on development and modernization efforts for human resources, financial and grants management systems. Evans said agencies requested $266 million for grants systems; $1.78 billion for financial management systems; and $391 million for HR systems in 2004 and 2005.

“We are not telling agencies to stop implementing HR or financial systems if they are close, but if the systems are in the beginning stages of planning, they should see if they can use the money for a common solution,” Evans said. “For those agencies about to implement a system, they have to add a clause to the contract that says this system will be migrated to the common solution when it is defined.”

OMB director Joshua Bolten will send a letter to agency heads later this month creating an interagency task force for HR and grants efforts. OMB already created a task force for financial systems, case management and health architecture, which are the other lines of business consolidation projects OMB is working on.

“The task force will make policy recommendations and work with industry to get their input on implementing a common solution,” Evans said. “We want the task forces to focus on standards, architecture and potential cost savings.”

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.