Halvorsen not satisfied with data center savings

Defense Department CIO Terry Halvorsen on March 22 told Congress he is "not yet satisfied" with the amount of money the department has saved by consolidating data centers, one of his signature initiatives.

DOD is "taking steps to aggressively drive more savings" than the projected $1.8 billion through fiscal 2018, Halvorsen said in written testimony to the House Armed Services Subcommittee on Emerging Threats and Capabilities.

The department's IT budget request for fiscal 2017 is $38.2 billion, according to Halvorsen's testimony, which is on par with the fiscal 2016 enacted amount. That 2017 request includes $6.8 billion for cyber, a $900 million increase over the previous year.

Appropriators have indicated a general willingness to fund DOD cybersecurity initiatives, but are still keen on seeing return on investment.

Rep. Jim Langevin (D-R.I.), the subcommittee's ranking member, expressed concern that the department's embrace of cloud computing has slowed "due to laborious certification requirements."

More cloud contracts could be on the way. DOD has allowed commercial vendors to run their cloud solutions on military facilities, and Halvorsen told lawmakers he wants to keep using that model. "I will have some RFIs out here in the next month," he said.

The Pentagon's fiscal 2017 request includes $95 million to build a new background-check system overseen by the Office of Personnel Management. Langevin sounded a note of caution on that project. "I am concerned the DOD is assuming all the risk by providing the resources and assuming responsibility for decisions made outside the department," he said.  That concern has been raised by other legislators as well.

After the hearing, Langevin told reporters it would have been a "cleaner" transition for the new background-check agency had it been completely overseen by DOD, but added, "we will see how it unfolds."

The Rhode Island Democrat also said he is not satisfied with the level of accountability for the hack of the 2015 Joint Chiefs of Staff, which has been blamed on Russian spear phishers. "I don't think that you've heard the end of this investigation," Langevin told reporters.

During the hearing, Halvorsen said that DOD personnel responsible for opening the malicious email that initiated that breach have been identified and held accountable. Despite the hack knocking out the Joint Chiefs' unclassified email network for about two weeks, Halvorsen characterized the breach as causing "very limited exposure."

A recent National Defense Authorization Act gave Halvorsen's office "authority, direction, and control" over the National Security Agency's Information Assurance Directorate. But Rep. Joe Wilson (R-S.C.), the subcommittee's chairman, said at the hearing he was aware of a Pentagon proposal to move oversight of the IAD to the undersecretary of Defense for Intelligence.  

"Candidly, I would have some concerns about moving [IAD oversight] away" from DOD CIO, Halvorsen said in response.