IT, cyber challenges loom for next administration

Although big policy changes appear to be on the horizon under the Trump administration, cybersecurity and IT modernization will be perennial issues in the coming four years, according to presidential transition and federal technology officials.

"Cybersecurity has become an enormous issue" in the last election cycle, said Martha Joynt Kumar, director of the White House Transition Project. "It forced early work on the transition" between the two presidential candidates and the White House as the election season wore on, she added in remarks at FCW's Big Issues Conference titled "Federal IT After the Transition."

Kumar said the General Services Administration set up secure office space in Washington for the transition teams, but President-elect Donald Trump has chosen to work out of his office in New York City during the transition. Although that decision is not unprecedented, it presents cybersecurity challenges, she added.

The panelists at the conference agreed that complex IT issues will bedevil the incoming administration, just as they did the outgoing Obama administration.

For instance, the Federal Risk and Authorization Management Program's plan to significantly increase the number of approved cloud vendors could complicate federal CIO's decision-making process, said Stephen Rice, CIO at the Transportation Security Administration. New vendors require scrutiny by the agencies that plan to use them, and the nuances of how cloud technology works need to be explored and addressed, he added.

David De Vries, CIO at the Office of Personnel Management, said how agencies define "legacy systems" will be crucial in light of the possibility for modernization funding. Defining a specific system that requires an upgrade can be difficult if that system is more capability than hardware. An identity verification system might tap a dozen systems at other agencies, which makes it tricky to determine which one needs the upgrade to make an application faster or more efficient.

"That's the conundrum of 'legacy,'" he said. "Updating a legacy system may lock me into a corner." It's better to look at the framework that supports systems for upgrades, he added.

Beyond the high-profile cybersecurity issues, agency officials said IT and how it is used to fulfill missions will be the key to making sure the coming administration can unlock technological potential.

Big data and federal agencies' ability to analyze it, for instance, could be the cornerstone for some of the Trump administration's biggest policies, according to federal data experts.

"Big data can tee up issues" for the White House, said Wes Wilson, a recently retired senior intelligence officer who formerly served at the National Counterterrorism Center and now works in intelligence community and federal law enforcement business development at IBM Federal Software Group.

Data from law enforcement and other sources can help frame issues such as illegal immigration, Wilson added, but only if the data comes from a variety sources and is used within privacy and other legal parameters.

Data has also become essential to some agencies' missions. "Everyone wants our numbers," said Michael Valivullah, CTO at the Agriculture Department’s National Agricultural Statistics Service. NASS provides detailed data that farmers use to more efficiently work their land.

"I don't expect any major changes" under the Trump administration, as long as NASS can continue providing data in efficient ways, Valivullah said. One of the agency's biggest concerns is having enough people and adequate infrastructure to handle the increasing volume of data from commercial providers, he added.

Cloud technology will also be a constant at federal agencies as the new administration takes over. Ashley Mahan, agency evangelist for GSA's cloud security program, said FedRAMP officials want to more than double the number of authorities to operate in the coming year -- from 325 to 750.

She added that the FedRAMP Accelerated program has shortened a lengthy 18-month approval process to less than 15 weeks. Additionally, a new program called FedRAMP Tailored will focus on authorizing low-impact software-as-a-service offerings and tailoring baselines to specific use cases.

"FedRAMP Tailored looks at data being ingested" by an agency and suggests where strict protection of less sensitive data isn't a requirement, thereby simplifying the process of choosing a cloud service, Mahan said.