The White House’s American Technology Council Wednesday released its final report to the president on federal IT modernization, which focused on network modernization and the increased use of shared services as the vehicles for achieving a more modern federal IT landscape.
“Agencies have attempted to modernize their systems but have been stymied by a variety of factors, including resource prioritization, ability to procure services quickly, and technical issues,” the report said. Recommendations to address the aforementioned issues are grouped into two categories of effort: the modernization and consolidation of networks and the use of shared services to enable future network architectures.”
The report reiterated the advice of industry experts, who have long said that policies set up to defend the network perimeter rather than the data on the network are outdated and inefficient.
“Current policy, agency prioritization, and associated investments prioritized through the budget process have emphasized perimeter network-based security protections,” the report said. “This is manifested most visibly through the Trusted Internet Connections (TIC) and National Cybersecurity Protection System (NCPS) programs. This report recommends emphasizing a layered defensive strategy in governmentwide programs, through increasing emphasis on application and data-level protections.”
The report recommended moving away from TIC-based FISMA metrics and toward automated metric collection that leverages existing capabilities under the Continuous Diagnostics and Mitigation program.
The report also called out duplicative and expensive contracting, and called for acquisition platforms that leveraged the buying power of the whole federal government.
“Significant contract duplication means that agencies award multiple contracts for similar goods and services, often leading to hundreds, if not thousands, of contracts for the same requirement with the same vendors,” the report said. “In order to reduce cost, improve operational efficiencies and cybersecurity, the federal government must shift toward a consolidated IT model. This includes adopting shared services for non-mission specific functions, as well as BIC contracts, commodity IT, such as email, and other collaboration productivity, and security tools.”
The American Technology Council first released a draft of the modernization report in August 2017, which featured the same two categories of effort as the final version.
To facilitate rapid agency response to these categories, the report requires nearly 20 actions to be taken by agencies over the course of the next year, including updated implementation and security guidance, a data call for agency systems ready for cloud migration, identification of Security Operations Center-as-a-Service capabilities and the piloting of new acquisition tactics for cloud acquisition.
The report also calls for the Department of Homeland Security’s CDM program to address cloud-hosted solutions, though DHS and GSA officials have said that the new phases of the program are already set to incorporate cloud solutions.
Members of the private sector have voiced their support for the American Technology Council’s reccomendations as a first step in overhauling the federal government’s outdated IT systems.
“We have long advocated for the modernization of federal government IT and we applaud the Trump administration’s continued focus on this effort,” said IT Alliance for the Public senior vice president for the public sector Trey Hodgkins. “The completion of this report is a step in the right direction to begin an overhaul of the archaic IT that costs tax payers $60 million a year to maintain. Modernization is essential to achieving a range of technology objectives, including bolstering America’s cybersecurity efforts, sustaining technological superiority for national and homeland security, and adopting innovative technologies to deliver better services to the public. We believe that this focus will keep us on a path to achieving these goals.”
“Achieving these goals will require an active shift in the mindset of agency leadership, mission owners, IT practitioners, and oversight bodies,” the report said. Federal agencies must consolidate their IT investments and place more trust in services and infrastructure operated by others. Such a change in outlook will allow for greater utilization of shared services, consolidated infrastructure, and cloud-based collaboration tools that can deliver improved functionality and drive cost efficiencies to improve government operations and citizen services.”