Federal agency CIOs worried about cyberattacks, budget cuts, survey shows

Federal chief information officers listed cybersecurity as their top concern this year, even as they also struggle with looming budget cuts and a long list of policy mandates from the White House, according to a new survey released by TechAmerica industry group.

TechAmerica interviewed 40 federal agency CIOs and top IT officials for its 22^nd annual survey, released on May 3. Grant Thornton LLP assisted in preparing the survey.

Cybersecurity was listed as the top concern by 20 percent of the respondents; followed by controlling costs, listed by 15 percent; human capital, 12 percent; central agency policy, 10 percent and mobility, 7 percent.

The number of cybersecurity incidents on federal systems has risen nine-fold in the last six years, from about 5,000 in fiscal 2006 to 41,000 in fiscal 2011.

“I was pleased that cybersecurity was listed first, and not budget,” Teri Takai, CIO for the Defense Department, said in a panel discussion at the event. “At DOD, cybersecurity is the number one priority.”

DOD is transitioning away from a view of protecting systems at the perimeter, and moving toward re-architecting systems, moving systems to the cloud and managing data differently, Takai said.

Budgets and cost-cutting were listed in second place as a top concern among the CIOs, as the IT executives face the possibility of additional budget cuts, following two years of flat-lining budgets. Federal IT spending actually declined from fiscal 2010, for both defense and civilian agencies, TechAmerica said.

Many of the changes being planned at DOD will address both security and cost-cutting, Takai added. “The end game will help us with both.”

At the Homeland Security Department, IT managers have been asked to carry out a 10 percent across-the-board cut in the IT infrastructure budget for fiscal 2013 as an austerity measure, Richard Spires, CIO, said during the panel discussion. Planning is beginning on the fiscal 2014 budget, and there is not much more room for reductions, he said.

“I am in the squeeze. There are not a lot of discretionary dollars,” Spires said. “In the tight budget environment, IT tends to get really hammered.”

DHS is reviewing all its IT acquisitions to leverage its buying power and cut costs, and also moving to cloud services and virtualization so that it is less reliant on purchasing desktops, he said.

“I am a huge believer in shared services and cloud-first,” Spires said. “They are just starting to show significant cost savings.”

The survey revealed some mixed feelings among the CIOs about ongoing guidance and mandates from the Office of Management and Budget, including the 25-Point Implementation Plan to Reform Federal IT that was released in 2010.

Considering the plan as a whole, the survey respondents rated it a 3.1 out of 5 on value to their organization. The highest rated features of the plan were reforming and strengthening Investment Review Boards, rated 3.9; adoption of IT acquisition best practices, rated 3.9; and developing a cadre of IT acquisition professionals, rated 3.9.

The features rated lowest in value to their organizations were “TechStat” rollouts at the bureau level, rated 2.8; becoming buyers or sellers of data center services to other agencies, rated 3.1; and developing shared service strategies, rated 3.3.

A number of respondents said that 25 goals was simply too much and reflected too many unfunded requirements for the agency CIOs, the survey stated.

“Some OMB directives are unfunded mandates that drain money from core work, so funds should be provided to implement them,” the survey summarized.