InformationWeek Stories by J. Nicholas Hoover

InformationWeek Stories by J. Nicholas Hooverhttp://www.informationweek.comInformationWeeken-usCopyright 2012, UBM LLC.2013-04-08T16:11:00ZMilitary Plans Multi-Exabyte Storage CloudDefense Information Systems Agency will spend $45 million on a private storage cloud for intelligence and surveillance imagery.http://www.informationweek.com/government/cloud-saas/military-plans-multi-exabyte-storage-clo/240152481?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"> <a href="http://www.informationweek.com/government/information-management/new-yorks-32-story-data-fortress/240151545"><img src="http://twimgs.com/informationweek/galleries/automated/968/Intergate-Manhattan-Data-Center_01_tn.jpg" alt="New York's 32-Story Data 'Fortress'" title="New York's 32-Story Data 'Fortress'" class="img175" /></a> <div class="storyImageTitle">New York's 32-Story Data 'Fortress'</div> (click image for slideshow) </div>  The Defense Information Systems Agency plans to award a $45 million cloud computing contract for an intelligence and surveillance information storage cloud that could eventually require four exabytes of storage, according to a procurement document posted online. The <a href="https://www.fbo.gov/utils/view?id=2e5ebed4c7b87eb9704bd920a94cc77c">document</a>, a sole source justification, says that DISA will award the contract to systems integrator Alliance Technology Group, which claims expertise in federal government private cloud computing and has done business with NASA and the Navy, among other federal agencies. According to the document, Alliance will provide DISA's Enterprise Services arm, which provides IT services to the rest of the military, with "state-of-the-art global storage capabilities." Such storage capabilities would allow the agency to securely store "hundreds of billions of objects" in a way that users could access the data across multiple networks. Data being stored in the cloud would include standard and high-definition video, <a href="https://en.wikipedia.org/wiki/LIDAR">LIDAR</a> images, infrared and electro-optical images and Wide-Area Motion Imagery. [ Cloud storage has a lot of benefits. But what about security? Read <a href="http://www.informationweek.com/government/mobile/army-falls-short-in-mobile-security-says/240152097?itc=edit_in_body_cross">Army Falls Short In Mobile Security, Says DOD</a>. ] Many of the details of the contract have been redacted, but storage will come in 10 Pbyte units tied together via an IP network and hosted in a secure data center facility. The service will support "interface standards for ingesting, accessing and managing geospatial data" and the data will be searchable and accessible on mobile devices. While federal agencies and intelligence agencies in particular are working to deal with a <a href="http://www.informationweek.com/government/cloud-saas/cia-cloud-solving-our-petascale-data-pro/231901640">deluge of data</a>, exabyte volumes remain relatively unheard-of. The largest stores of data are still largely measured in the tens of petabytes. However, the need for exabyte storage is far from out of the question. In a call with reporters last week, National Institutes of Health director Francis Collins said that <a href="http://www.informationweek.com/government/information-management/obama-brain-mapping-project-tests-big-da/240152129">the Obama administration's new brain mapping effort</a> may require the processing of information in the yottabyte range, which would be a million exabytes. Information blacked out in the DISA procurement document include the location of the data center, part of the description of the need for a data storage cloud, the name of Alliance's service, the names of a number of government officials involved in the contract and what appear to be references to specific agencies. While DISA already operates its own data centers, the agency says in the procurement document that DISA's Defense Enterprise Computing Centers don't have the necessary capacity and that DISA doesn't have the necessary funding to deliver homegrown versions of the capabilities that the agency needs. On a website providing an overview of Alliance's cloud services, the company says that it can meet FedRAMP requirements and other security requirements and adds that its private cloud services offer numerous features and benefits, including reduced costs, audited data centers, and the ability to map capacity to demand.2013-04-04T14:00:00ZNASA Pauses Mars Missions To Avoid InterferenceNASA will significantly scale back its Mars missions in April as the Red Planet moves behind the sun as viewed from Earth.http://www.informationweek.com/government/enterprise-applications/nasa-pauses-mars-missions-to-avoid-inter/240152315?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/nasa-mars-mission-no-little-green-men-/240142965"><img src="http://twimgs.com/informationweek/galleries/automated/917/roverv2_tn.jpg" alt="NASA Mars Mission: No Little Green Men -- Yet" title="NASA Mars Mission: No Little Green Men -- Yet" class="img175" /></a> <div class="storyImageTitle">NASA Mars Mission: No Little Green Men -- Yet</div> (click image for larger view and for slideshow)</div> In an effort to avoid problems caused by interference, NASA will temporarily limit scientific observations by its Mars rovers and orbiters beginning Thursday as the Red Planet passes behind the sun as seen from Earth. The sun will appear between Earth and Mars throughout the month of April in a setup known as a Mars solar conjunction, which can interfere with communications between the two planets. Specifically, during these solar conjunctions, solar flares and charged particles being emitted from the sun can disrupt radio communications, and thus could interfere with the stream of data being sent back and forth to NASA's spacecraft and rovers on Mars. While data from Mars could be pieced together from later downloads if certain parts of the data don't get transmitted due to interference, interference could have much more negative effects going the other way, NASA's Jet Propulsion Lab (JPL) said in a recent <a href="http://www.youtube.com/watch?v=TZw74PKoajU&list=PL56421C9A51D1F427&index=1">YouTube video</a> about solar conjunctions. [ The Mars rover has hit a few bumps in the road recently. Read <a href="http://www.informationweek.com/government/information-management/nasa-curiosity-rover-hit-by-software-sna/240151092?itc=edit_in_body_cross">NASA Curiosity Rover Hit By Software Snafu</a>. ] Solar conjunctions appear every 26 months or so, each time causing temporary stand-downs of NASA's Mars missions. NASA's Mars Odyssey orbiter has gone through six conjunctions, providing NASA with sufficient experience to ensure a smooth transition. Curiosity is the only piece of equipment that has yet to be through a solar conjunction. Communications with and control of the Mars Curiosity rover and communications with the Mars Reconnaissance Orbiter will be suspended beginning Thursday, with communications with the Opportunity rover ending and Odyssey orbiter being limited beginning April 9. The spacecraft will be fully back online by May 1. The lost communication doesn't mean that the orbiters or rovers will stop working entirely. The orbiters will continue science observations on a reduced basis and will record data, while Odyssey will even send data to Earth throughout April despite anticipated dropouts. Opportunity, meanwhile, will continue some long-programmed scientific experiments, as will Curiosity. For example, Opportunity moved into a period on the rim of a crater in anticipation of the downtime. Both rovers will remain parked for the month. NASA JPL says that during the solar conjunction, teams working on the rovers and orbiters will use their time to catch up on other work or take vacations. The pause hasn't slowed the pace of NASA's public relations blitz about its NASA missions, as NASA teams have continued tweeting regularly and posting videos online. The planned temporary suspension of NASA's Mars missions comes after NASA <a href="http://www.informationweek.com/government/information-management/nasa-curiosity-rover-hit-by-software-sna/240151092">shut down</a> the Mars Curiosity rover for several weeks beginning on February 27 due to multiple system failures. In late February, the rover had to switch from its primary computer to a backup system after a memory glitch, and then in mid-March, the rover had to switch into safe mode after a file size mismatch was discovered. The hiccups and pauses come at a time when Curiosity's scientific discoveries appeared to be picking up, including the <a href="http://www.informationweek.com/government/information-management/nasa-curiosity-rover-finds-life-enabling/240150698">announcement</a> in mid-March that clay-like materials collected and pulverized by Curiosity suggested that Mars likely once held conditions that could support life. InformationWeek Government's March Must Reads is a compendium of our best recent coverage of cloud computing in the federal government. The <a href="http://www.informationweek.com/gogreen/030713mr?k=axxe&cid=article_axxt_os">Must Reads: Government And Cloud Computing</a> issue explores the federal government's cloud computing strategy, including the first government-wide cloud security authorization, various agencies' approaches to the cloud and a look at how the feds are driving cloud innovation. (Free with registration.) 2013-04-03T15:33:00ZNo Bold Moves On U.S. Cybersecurity FrameworkNew cybersecurity framework, to be created per a February Obama administration executive order, likely will draw heavily from existing cybersecurity standards.http://www.informationweek.com/government/security/no-bold-moves-on-us-cybersecurity-framew/240152223?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/security/military-drones-the-pentagons-eyes-in-th/240144476"><img src="http://twimgs.com/informationweek/galleries/automated/929/AFx37-b_tn.jpg" alt="Military Drones Present And Future: Visual Tour" title="Military Drones Present And Future: Visual Tour" class="img175" /></a> <div class="storyImageTitle">Military Drones Present And Future: Visual Tour</div> (click image for larger view and for slideshow)</div>Even after months of outreach and research, the critical infrastructure cybersecurity framework created pursuant to the recent White House executive order might wind up as an aggregation of references to other, pre-existing standards instead of a comprehensively new framework. However, that's not necessarily a bad thing, according to government and private sector cybersecurity leaders speaking at the National Institute of Standards and Technology's (NIST) Cybersecurity Framework Workshop at Department of Commerce Headquarters in Washington on Wednesday. "The framework will probably be a set of references to existing standards," NIST director Patrick Gallagher said in remarks to a room full of public and private sector cybersecurity pros. Gallagher added that the framework seeks to create a "strong common language" around cybersecurity. [ Is the nation at risk of cyber attack? Read <a href="http://www.informationweek.com/government/security/us-cybersecurity-status-weak-reports-cha/240150168?itc=edit_in_body_cross">U.S. Cybersecurity Status Weak, Reports Charge</a>. ] NIST is overseeing the development of the voluntary cybersecurity framework, which is one of a number of elements required under a February <a href="http://www.informationweek.com/government/security/white-house-cybersecurity-executive-orde/240148460">executive order</a> that aims to improve critical infrastructure cybersecurity and encourage information to be shared between public and private sectors. Government officials said they hope extensive outreach will encourage adoption. "We recognize that there are leaders in the private sector already implementing strong policies and procedures," said Jane Holl Lute, deputy secretary of the <a href="http://www.informationweek.com/government/leadership/dhs-cio-richard-spires-takes-voluntary-l/240152049">Department of Homeland Security</a>. "We believe that the companies driving cybersecurity in their own current initiatives can help create best practices for all across the nation's critical infrastructure." In a panel discussion after Gallagher, Lute and other government officials made introductory remarks, private sector cybersecurity executives echoed the need for a collaborative framework development process that draws on existing cyber standards. "The bottom line to me is that an adopt-and-go approach, even though you may have to tailor it to your own environment, is much better than building from scratch," said Reid Stephan, information security manager at St. Luke's Health System in Idaho. St. Luke's has joined the National Health Information Sharing and Analysis Center (NH-ISAC) and has adopted a risk assessment approach based on <a href="http://www.informationweek.com/government/enterprise-applications/nist-targets-energy-apps-with-green-butt/240148123">NIST</a> standards for risk assessment. Government might also spark participation with incentives to companies that adopt the framework. The Department of Homeland Security, Department of Commerce, and the Treasury plan to issue a report to the President detailing various possible incentives, and Commerce recently issued a "notice of inquiry" to ask members of the public about incentives. Initial development of the critical infrastructure cybersecurity framework will take place between now and October, when the first draft of the framework is due. The government is already actively gathering public input on a framework, with responses to a request for information due next Monday. The Department of Commerce also plans to hold at least three additional events beyond the Tuesday workshop, with the next event scheduled at Carnegie Mellon University in late May. Beyond the references to other standards, it is unclear exactly what might go into the framework. NIST plans to organize framework development around three areas: managing risk, "cyber hygiene," and tools and metrics. "These are the pieces that will be critical," Gallagher said. "How do we prepare for the threat, what are the core protections that should be in place regardless of your mission, and what are the tools and metrics to be successful?" The private sector representatives at the event proposed a number of possible content areas. Merck associate VP of IT risk management and chief information security officer Terry Rice said he'd like to see higher-order, standardized risk management metrics that draw on tactical cybersecurity data, and perhaps greater cross-industry standardization around identity management. St. Luke's Stephan called for a more risk-based than control-based framework. Whatever the case, the end product will need to be flexible enough to grow with changes in technology, said Department of Commerce deputy secretary Rebecca Blank. A well-defended perimeter is only half the battle in securing the government's IT environments. Agencies must also protect their most valuable data. Also in the new, all-digital <a href="http://www.informationweek.com/gogreen/031813gov?k=axxe&cid=article_axxt_os">Secure The Data Center</a> issue of InformationWeek Government: The White House's gun control efforts are at risk of failure because the Bureau of Alcohol, Tobacco, Firearms and Explosives' outdated Firearms Tracing System is in need of an upgrade. (Free registration required.)2013-04-02T14:21:00ZObama Brain Mapping Project Tests Big Data LimitsPresident Obama's just announced Brain Research through Advancing Innovative Neurotechnologies (BRAIN) project might require handling yottabytes of data. http://www.informationweek.com/government/information-management/obama-brain-mapping-project-tests-big-da/240152129?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/big-data/slideshows/big-data-analytics/slideshow-unexpected-big-data-uses-use/240144221"><img src="http://twimgs.com/informationweek/galleries/automated/925/image1_tn.jpg" alt="Big Data's Surprising Uses: From Lady Gaga To CIA" title="Big Data's Surprising Uses: From Lady Gaga To CIA" class="img175"/></a> <div class="storyImageTitle">Big Data's Surprising Uses: From Lady Gaga To CIA</div> (click image for larger view and for slideshow)</div>President Obama on Tuesday announced a brain-mapping initiative that could help scientists unlock the secrets to Alzheimer's and Parkinson's Disease, strokes and even human cognition, but it won't do so without the help of significant computing power. The Brain Research through Advancing Innovative Neurotechnologies (BRAIN) Initiative, announced Tuesday morning in a presidential speech at the White House after a fleeting mention in President Obama's February State of the Union Address, will require heavy use of cutting-edge and yet-to-be-invented data processing and imaging technologies if it is to have anywhere near the same success as the Human Genome Project has had for genetics. "We can identify galaxies light years away, we can study particles smaller than an atom, but we still haven't unlocked the mystery of the three pounds of matter that lies between our ears," Obama said Tuesday. Studying and mapping the human brain, Obama said, will not only help scientists improve their understanding of human thought, learning, and memory, but could also help cure disease. [ Read about a real-time alarm that warns of rising pressure on injured brains: <a href="http://www.informationweek.com/software/business-intelligence/ibm-big-data-monitors-patients-for-brain/240150671?itc=edit_in_body_cross">IBM Big Data Monitors Patients For Brain Injury</a>. ] The new research initiative will include the <a href="http://www.informationweek.com/healthcare/clinical-systems/mayo-philips-collaborate-on-cloud-based/240145191">National Institutes of Health</a>, the Defense Advanced Research Projects Agency, the National Science Foundation, outside academics, and private companies and foundations such as the Allen Institute and the Salk Institute for Biological Studies. The White House hopes to spend more than $100 million the first year of the project, with more money coming from private-sector partners. Among other work, those agencies and organizations will be pushing the envelope on data collection and analysis technologies. "Significant breakthroughs will require a new generation of tools to enable researchers to record signals from brain cells in much greater numbers and at even faster speeds," the White House said in a press release. "This cannot currently be achieved, but great promise for developing such technologies lies at the intersections of nanoscience, imaging, engineering, informatics and other rapidly emerging fields." On a conference call with reporters after the President's announcement, National Institutes of Health director Francis Collins said that the brain-mapping initiative might eventually require the handling of yottabytes of data. A yottabyte is equal to a billion petabytes. Even collecting and processing the quantities of data that brain mapping might require could stretch the limits of modern information science, Collins admitted. "There have been some conversations about whether the amount of data, if you are going to collect data from tens of thousands of neurons in real time, can you process and store it," he said. "This is generally in the direction of the capability where things are headed." Among the specific projects being funded under BRAIN will be DARPA's Detection and Computational Analysis of Psychological Signals effort, which will require analyses of very large data sets. <a href="http://www.informationweek.com/government/information-management/darpa-funds-python-big-data-effort/240147993">DARPA</a> also will "develop a new set of tools to capture and process dynamic neural and synaptic activities," according to the White House press release. Not only will BRAIN require new computer technologies merely to perform the necessary research, but the results of the research could also be used to develop new information technologies. President Obama provided the example of developing computers that can better respond to human thought. Collins said that the research could teach computer scientists new types of information processing architectures that could provide design principles for computers of the future. A well-defended perimeter is only half the battle in securing the government's IT environments. Agencies must also protect their most valuable data. Also in the new, all-digital <a href="http://www.informationweek.com/gogreen/031813gov?k=axxe&cid=article_axxt_os">Secure The Data Center</a> issue of InformationWeek Government: The White House's gun control efforts are at risk of failure because the Bureau of Alcohol, Tobacco, Firearms and Explosives' outdated Firearms Tracing System is in need of an upgrade. (Free registration required.)2013-04-02T11:15:00ZArmy Falls Short In Mobile Security, Says DODLack of comprehensive mobile security policy and thousands of unauthorized devices are among the security shortcomings of the Army's mobile efforts.http://www.informationweek.com/government/mobile/army-falls-short-in-mobile-security-says/240152097?cid=SBX_iwk_related_slideshow_Privacy_securityThe Army has been considering wider adoption of mobile devices, but according to a new report by the military's inspector general, the Army's CIO has thus far done an inadequate job of ensuring the security of commercial mobile devices. The report, filed last week, finds that, among other shortcomings, the Army CIO hasn't developed sufficiently comprehensive security policies for the service's mobile device programs, and that Army commands have not been getting authorization for mobile pilots as required by Army policy. The report cautions that these failures could make the Army more vulnerable to cybersecurity threats. "If devices remain insecure, malicious activities could disrupt Army networks and compromise sensitive DoD information," DOD assistant inspector general Alice Carey wrote in a memo to the Army's CIO that accompanied the report. [ The Air Force is exploring ways to improve the security of spacecraft IT systems. Read more at <a href="http://www.informationweek.com/government/security/air-force-seeks-stronger-spacecraft-cybe/240151922?itc=edit_in_body_cross">Air Force Seeks Stronger Spacecraft Cybersecurity</a>. ] The Army has been among the most ardent advocates of the use of mobile devices in the military. Last February, Army deputy CIO Mike Kreiger <a href="http://www.informationweek.com/government/mobile/us-army-plots-bring-your-own-device-stra/232601375">characterized</a> the Army as "pushing the envelope and moving fast" in its mobile strategy as he announced an Army plan to move toward a bring-your-own-device strategy in 2013. The Army has also been among the government leaders in <a href="http://www.informationweek.com/government/mobile/army-launches-mobile-apps-store-prototyp/232602904">pushing</a> the development of enterprise mobile application stores. However, according to the report by the DOD inspector general, the Army CIO needs to develop more complete cybersecurity policies for mobile device management and remote device administration, use of mobile devices as removable media, and mobile device training. The report, which was limited to Android, iPhone and Windows mobile devices, found that, among other things, the Army CIO "inappropriately concluded that [mobile devices] were not connecting to Army networks and storing sensitive information," which resulted in the inadequate application of security controls to the Army's mobile device efforts. As part of the study, the inspector general visited the U.S. Military Academy and the Army Corps of Engineers' Engineer Research and Development Center, each of which has pilot and other mobile device efforts underway. However, neither organization got CIO authorization to use or even in some cases to test a large portion of their mobile devices, which left the Army CIO unaware of more than 600 mobile devices actively in use. In fact, both organizations used Army data, including "sensitive legal information" and Army email, without obtaining even an authority to test the mobile devices or the mobile data itself. The study also found inconsistent and incomplete use of mobile device management software; Army employees and soldiers storing and transferring personal and in some cases sensitive data; inadequate training; and the lack of a comprehensive security policy. Security has become one of the biggest stumbling blocks to the wider adoption of mobile devices across the federal government. Recently, for example, the Department of Veterans Affairs <a href="http://www.informationweek.com/government/mobile/veterans-affairs-byod-plans-on-hold/240151979">announced</a> that it was holding off on its bring-your-own-device strategy until concerns about privacy could be resolved. The Army CIO, which largely agreed with the Army's inspector general's recommendations to strengthen mobile security, would do well to take care in navigating mobile security concerns, lest mobile security become an even bigger problem for the Army going forward. A well-defended perimeter is only half the battle in securing the government's IT environments. Agencies must also protect their most valuable data. Also in the new, all-digital <a href="http://www.informationweek.com/gogreen/031813gov?k=axxe&cid=article_axxt_os">Secure The Data Center</a> issue of InformationWeek Government: The White House's gun control efforts are at risk of failure because the Bureau of Alcohol, Tobacco, Firearms and Explosives' outdated Firearms Tracing System is in need of an upgrade. (Free registration required.)2013-04-01T15:45:00ZDHS CIO Richard Spires Takes Voluntary LeaveHigh-profile head of the Department of Homeland Security's IT has been on leave since March 15, but the exact reason for his departure remains unclear.http://www.informationweek.com/government/leadership/dhs-cio-richard-spires-takes-voluntary-l/240152049?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"> <a href="http://www.informationweek.com/government/information-management/new-yorks-32-story-data-fortress/240151545"><img src="http://twimgs.com/informationweek/galleries/automated/968/Intergate-Manhattan-Data-Center_01_tn.jpg" alt="New York's 32-Story Data 'Fortress'" title="New York's 32-Story Data 'Fortress'" class="img175" /></a> <div class="storyImageTitle">New York's 32-Story Data 'Fortress'</div>(click image for slideshow) </div>Department of Homeland Security chief information officer Richard Spires, who oversees one of the largest agency IT budgets in federal government and serves as vice chairman of the federal CIO Council, asked for and was placed on voluntary leave of absence March 15. According to a DHS official who requested anonymity to more freely discuss personnel matters, the leave is unrelated to recent Congressional testimony Spires delivered in February or was scheduled to give in March. However, the DHS official declined to comment further on any reason for Spires' leave, or the length of that leave, again citing the fact that Spires' leave is a personnel matter. Elected leave contrasts with administrative leave, which is involuntarily imposed, often for reasons of misconduct. In testimony Spires delivered to the House Oversight and Government Reform Committee on Feb. 27, he said that agency CIOs needed <a href="http://www.informationweek.com/government/policy/federal-it-reform-are-more-laws-needed/240149618">clearer lines of authority</a>. At that hearing, Spires was asked numerous questions about DHS' federated IT management structure. [ What is the FDA doing on Facebook? Read <a href="http://www.informationweek.com/government/information-management/fda-to-track-illicit-product-trade-onlin/240151654?itc=edit_in_body_cross">FDA To Track Illicit Product Trade Online</a>. ] DHS deputy CIO Margie Graves, who is taking on the role as acting CIO in Spires' absence, testified in place of Spires on March 19 before the House Committee on Homeland Security's oversight subcommittee. However, Spires met with the subcommittee chair, and his official statement was initially posted online. At that hearing, the DHS inspector general and Government Accountability Office issued largely neutral reports about DHS IT management. Spires has taken on an active and visible role at <a href="http://www.informationweek.com/government/security/thousands-of-industrial-control-systems/240146091">DHS</a> since being appointed CIO in September 2009. In that position, he oversees DHS' IT budget and policies, and chairs DHS' CIO Council and Enterprise Architecture Board. He also acts as vice chairman of the inter-agency federal CIO Council and has played key leadership roles in the multi-year Federal Data Center Consolidation Initiative. Spires has been a vocal proponent of DHS' "One DHS" campaign, which aims to continue consolidating and aligning a federal agency that was, in the wake of 9/11, cobbled together from disparate agencies and bureaus. As part of the data center consolidation initiative, for example, DHS is consolidating dozens of data centers into two primary data centers. Other recent DHS IT initiatives include a shared services effort that has been applauded by federal CIO Steve VanRoekel. Before joining DHS, Spires led modernization efforts as CIO of the Internal Revenue Service, served as president and COO of financial services software provider Mantas, and worked for more than 16 years at systems integrator SRA International. InformationWeek's 2013 <a href="http://informationweek.2013IWgovITinnovatorspre-reg.sgizmo.com/s3/?iwid=pl">Government IT Innovators program</a> will feature the most innovative government IT organizations in the 2013 InformationWeek 500 issue and on InformationWeek.com. Does your organization have what it takes? The nomination period for 2013 Government IT Innovators closes April 12.2013-03-29T14:25:00ZVeterans Affairs BYOD Plans On HoldDepartment of Veterans Affairs will delay bring-your-own-device until it solves legal questions involving privacy with personal mobile devices used for work.http://www.informationweek.com/government/mobile/veterans-affairs-byod-plans-on-hold/240151979?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/mobile-government-10-must-have-smartphon/240149858"><img src="http://twimgs.com/informationweek/galleries/automated/958/01_Spacex_tn.jpg" alt="Mobile Government: 10 Must-Have Smartphone Apps" title="Mobile Government: 10 Must-Have Smartphone Apps" class="img175" /></a> <div class="storyImageTitle">Mobile Government: 10 Must-Have Smartphone Apps</div>(click image for larger view and for slideshow)</div>  The Department of Veterans Affairs, which has been planning to let VA employees use their own mobile devices in the workplace, will not move forward with those plans until it can resolve legal issues surrounding confiscation and investigation of personal devices in cases that may merit those actions. Legal concerns are just the latest in a series of questions that have arisen throughout government as a growing number of federal agencies tackle bring-your-own-device (BYOD) policies. The Federal Chief Information Officers Council <a href="http://www.informationweek.com/government/mobile/feds-give-agencies-more-byod-advice/240006167">drew up</a> a 43-page document last year in an effort to help agencies navigate the challenges of moving toward BYOD. "If I have that device and it's mine, what are my rights as a private individual, and what are my rights and responsibilities as an employee, and how does that play with the information, if you will, on a dual-use device?" acting VA CIO Stephen Warren said in a press call Wednesday. "We actually haven't gotten a clean read on that." Warren said that the agency will be holding off on its BYOD plans until it has dealt with that question. "I would hate to lay out false expectations for the department as to what [information it] can get to, or to our employees in terms of privacy," Warren said. [ BYOD concerns extend to businesses and agencies of all shapes, sizes and sectors. Is this <a href="http://www.informationweek.com/hardware/handheld/the-end-of-byod-as-we-know-it/240151270?itc=edit_in_body_cross"> The End Of BYOD As We Know It?</a> ] In detailing the agency's concerns, Warren pointed to questions about how personal devices and personal information would be handled in the case of investigations by the agency inspector general or general counsel. For example, questions arose as to whether and to what extent investigators may confiscate personal devices and then investigate private, personal information on those devices, and whether any such investigation must take place pursuant to a subpoena of personal as well as VA information on the device. The VA has been working through numerous concerns as it has inched toward a BYOD policy for the agency. Last year, the agency took a significant first step by issuing a contract for a mobile device management (MDM) system that Warren said has been delivered and is up and running. According to Warren, the MDM system is being used with a number of pilots, including iPads that VA caregivers use. Warren said that the VA is also wading through questions about how to prevent mobile device sprawl. Since mobile devices require software licenses for enterprise software just as if they were desktop computers, costs could quickly add up if employees were issued or bringing into the office three or four devices per employee. 	 "We're on this path of, you don't get three devices, you have to winnow it down and make a decision on what you're going to do from a care delivery or work delivery standpoint," Warren said. "We're just trying to make sure folk aren't running around with four different devices with four sets of licenses, because there is no value to the taxpayer with that."2013-03-28T13:55:00ZAir Force Seeks Stronger Spacecraft CybersecurityAir Force is looking for cutting-edge research into improved security for spacecraft IT, according to newly released procurement documents.http://www.informationweek.com/government/security/air-force-seeks-stronger-spacecraft-cybe/240151922?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/10-space-technologies-that-help-on-earth/240151059"><img src="http://twimgs.com/informationweek/galleries/automated/966/2013Mediphan_tn.jpg" alt="10 Space Technologies That Help On Earth" title="10 Space Technologies That Help On Earth" class="img175" /></a> <div class="storyImageTitle">10 Space Technologies That Help On Earth </div>(click image for slideshow)</div>The Air Force is looking for ways to improve the cybersecurity of spacecraft IT systems, according to new procurement documents. According to a new call for research released last Wednesday by the Space Electronics Branch of the Air Force Research Laboratory's Space Vehicles Directorate, the Air Force wants to improve its understanding of industry research into spacecraft cybersecurity with the intention of <a href="https://www.fbo.gov/index?s=opportunity&mode=form&id=30b579356c7d2b4e4eb4f54fa90f6f83&tab=core&_cview=0">funding</a> such research in the future. The RFI, which the Air Force says is for "space systems cyber resiliency," asks for research in 13 different areas, many of which are further broken down into a number of different elements. The areas of investigation focus on everything from hardware to software and secure architectures to the supply chain. [ Are we cluttering space? Read <a href="http://www.informationweek.com/government/enterprise-architecture/darpa-takes-aim-at-space-junk/240146741?itc=edit_in_body_cross">DARPA Takes Aim At Space Junk</a>. ] Specifically, the areas of research include, among other things: -- Spacecraft cyber defense-in-depth, which would focus on avoiding threats by patching vulnerabilities and on allowing even compromised missions to continue unabated through "graceful degradation" in the face of cyber attacks. -- An array of secure hardware, including embedded flight computers, chips, field-programmable gate arrays, and networks. -- "Analytical tools and frameworks" to improve both the Air Force's current understanding of vulnerabilities and future abilities to engineer more secure systems. -- Technologies to distinguish cyber attacks from other system anomalies such as system failures or problems caused by environmental effects. -- Intrusion and cyber attack detection technologies. Spacecraft systems, as the Air Force Research Lab defines them, include spacecraft mission systems, networks and busses, ground operations systems and more. The Air Force is looking for research across multiple levels of classification, from unclassified to top secret. Although it is the Air Force that is interested in this research, NASA has recently been under increased scrutiny for its cybersecurity efforts, albeit not directly because of any perceived weakness to spacecraft security. NASA had to <a href="http://www.informationweek.com/security/attacks/stolen-nasa-laptop-had-unencrypted-emplo/240142160">scramble</a> to encrypt computers after an unencrypted laptop was stolen last fall. More recently, NASA restricted access to a technical database after a Chinese citizen was detained by the FBI with sensitive data in his possession. A 2011 report, however, found vulnerabilities in "six computer servers associated with IT assets that control spacecraft" that, according to NASA's inspector general, could allow hackers to "take control of or render [the servers] unavailable," possibly thereby interfering with spacecraft missions. "Until NASA addresses these critical deficiencies and improves its IT security practices," the inspector general wrote at the time, "the agency is vulnerable to computer incidents that could have a severe to catastrophic effect on agency assets, operations, and personnel." No such risk explicitly underpins any of the Army Research Lab's latest foray into research into spacecraft cybersecurity, but cyber attacks against spacecraft could clearly have devastating and even life-threatening effects. InformationWeek is conducting a survey on security and risk management. Take the <a href="http://informationweek.2013strategicsecurity.sgizmo.com/s3/?iwid=pl">InformationWeek 2013 Strategic Security Survey</a> today. Survey ends March 29.2013-03-28T09:06:00ZU.S. Agencies Told To Share Financial SystemsObama administration hopes to save money and development time by pushing agencies toward shared services for all future financial systems.http://www.informationweek.com/government/enterprise-applications/us-agencies-told-to-share-financial-syst/240151849?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/10-space-technologies-that-help-on-earth/240151059"><img src="http://twimgs.com/informationweek/galleries/automated/966/2013Mediphan_tn.jpg" alt="10 Space Technologies That Help On Earth" title="10 Space Technologies That Help On Earth" class="img175" /></a> <div class="storyImageTitle">10 Space Technologies That Help On Earth </div>(click image for slideshow) </div>Executive agencies will be required to consider the use of shared services for all future financial systems, according to a new Obama administration policy announced earlier this week. Specifically, agencies will have to consider shared financial services -- including cloud systems -- in analyzing any proposal to upgrade their core accounting systems, payment and invoice systems, procurement systems, grant systems, property management systems, travel systems and other systems that support financial functions. The Office of Management and Budget, in turn, will look negatively on any agency-specific approach to upgraded or new financial systems. Historically, individual agencies have tackled financial systems modernizations on their own, but those modernizations have often been plagued by cost overruns, delays, poor data quality and systems that are so complex that they are hard to upgrade after their initial deployments. The piecemeal approach to federal financial systems has also led to inconsistent data and a lack of interoperability. [ Do IRS practices endanger your privacy? Read <a href="http://www.informationweek.com/government/security/irs-leaves-taxpayer-data-insecure-gao-fi/240151190?itc=edit_in_body_cross">IRS Leaves Taxpayer Data Insecure, GAO Finds</a>. ] "New approaches are needed that will allow the government to lower the costs of new systems and <a href="http://www.whitehouse.gov/sites/default/files/omb/memoranda/2013/m-13-08.pdf">realize more value</a> from each implementation," Office of Management and Budget controller Danny Werfel wrote in a memo issued Monday to the heads of executive branch agencies. "The cost, quality, and performance of federal financial systems can be improved by focusing government resources on fewer, more standardized solutions that are implemented and operated by more experienced staff. This can be achieved through the federal government making wider use of shared services for common system and transaction processing needs," he said. As part of the new effort, the Department of Treasury's Office of Financial Innovation and Transformation will evaluate agency proposals for new or upgraded financial management systems to ensure that they meet the White House requirements, and will work with other agencies to expand the capabilities and improve the governance models of existing shared service providers. According to Werfel's memo, the new policy should: reduce the risks to new system development, keep development initiatives on track, improve data quality, make federal finances more transparent and "better enable the government to strategically source" service providers and vendors. The push to use shared services for financial management in government dates as far back as 2004 and has been subject to numerous battles and only spurts of progress. Federal agencies have long shown reluctance to use shared systems, often pointing to the complexity and uniqueness of each agency's financial accounting. However, the Obama administration has continued to work throughout its tenure to reform financial management systems, taking such steps as creating an Office of Financial Innovation and Transformation within the Department of Treasury to lead the government-wide push for federal financial reform and temporarily holding up new financial modernization efforts and forcing program reviews on 30 others to fix cost and schedule overruns. The White House will issue additional guidance in coming months to provide more detail on technology, procurement and process requirements for financial systems stemming from the new policy. InformationWeek's 2013 <a href="http://informationweek.2013IWgovITinnovatorspre-reg.sgizmo.com/s3/?iwid=pl">Government IT Innovators program</a> will feature the most innovative government IT organizations in the 2013 InformationWeek 500 issue and on InformationWeek.com. Does your organization have what it takes? The nomination period for 2013 Government IT Innovators closes April 12.2013-03-26T15:10:00ZCongress Curtails Government IT Purchases From ChinaContinuing resolution bars some government agencies from buying IT equipment from Chinese-owned or -subsidized companies without FBI or other approval.http://www.informationweek.com/government/security/congress-curtails-chinese-it-purchases-f/240151739?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/security/military-drones-the-pentagons-eyes-in-th/240144476"><img src="http://twimgs.com/informationweek/galleries/automated/929/AFx37-b_tn.jpg" alt="Military Drones Present And Future: Visual Tour" title="Military Drones Present And Future: Visual Tour" class="img175" /></a> <div class="storyImageTitle">Military Drones Present And Future: Visual Tour</div> (click image for larger view and for slideshow)</div>The continuing resolution funding the federal government through the end of September, which is now sitting on the President's desk and ready for his signature, bars government purchases of IT equipment produced by Chinese government-owned or -subsidized companies without prior consultation with the FBI. The bill reflects continued and rising concerns about Chinese hacking and other risks of Chinese technology. The Obama Administration recently has picked up rhetoric about Chinese hacking as reports continue to pour in about the <a href="http://www.informationweek.com/security/attacks/china-denies-us-hacking-accusations-6-fa/240149058">Chinese government's connection to cyber espionage</a>. Specifically, the bill prohibits a short list of specific government agencies, including the Departments of Commerce and Justice, NASA and the National Science Foundation, from using funds made available as part of the continuing resolution to buy any IT unless the FBI "or other appropriate federal entity" has assessed the risk of "cyber-espionage or sabotage" that derives from the equipment being produced in connection with the Chinese government. [ Should your company worry about Chinese hacking? Read <a href="http://www.informationweek.com/security/attacks/china-hack-attacks-play-offense-or-defen/240150482?itc=edit_in_body_cross">China Hack Attacks: Play Offense Or Defense?</a> ] In addition, the law prohibits those agencies from using funds to buy IT systems produced, manufactured or assembled by companies or other entities owned, directed or subsidized by the Chinese government unless the head of the FBI or whatever agency is doing the assessment has both determined and reported to Congress that the acquisition is "in the national interest of the United States." The provision could affect government purchases of technology from Chinese companies such as Huawei, ZTE and Lenovo. The House Intelligence Committee last year warned in a report about national security threats posed by <a href="http://www.informationweek.com/government/security/why-huawei-has-congress-worried/240008681">Huawei and ZTE</a>. However, the bill could also affect components built by smaller Chinese companies. It's unclear from the text of the provision why the White House asked these particular agencies to be cautious. Other big users of IT include the Department of Defense, Department of Homeland Security, General Services Administration, Department of Health and Human Services, and Department of Energy, among others. If it is signed, the bill wouldn't even represent the first time Congress has made its opinion known about U.S. government IT operations vis-à-vis China in the last two weeks. Last Monday, Rep. Frank Wolf, R-Va., announced that a contractor who had been working at NASA Langley was arrested with what federal agents believe to be sensitive government information. During a press conference announcing the arrest, Wolf urged NASA to temporarily shut down online sources of technical data to remove controlled documents from widely available systems. Other tech-related provisions in the continuing resolution include specific funding and attached requirements for the Department of Homeland Security's National Protection and Programs Directorate; requirements that any tech bought under the law block pornography; funding for Department of Agriculture IT; and requirements that the CIO of USDA approve significant IT spending. A well-defended perimeter is only half the battle in securing the government's IT environments. Agencies must also protect their most valuable data. Also in the new, all-digital <a href="http://www.informationweek.com/gogreen/031813gov?k=axxe&cid=article_axxt_os">Secure The Data Center</a> issue of InformationWeek Government: The White House's gun control efforts are at risk of failure because the Bureau of Alcohol, Tobacco, Firearms and Explosives' outdated Firearms Tracing System is in need of an upgrade. (Free registration required.)2013-03-25T15:52:00ZFDA To Track Illicit Product Trade OnlineFDA will monitor 10,000 sites a year to uncover illegal marketing and selling of FDA-regulated products from drugs to tobacco.http://www.informationweek.com/government/information-management/fda-to-track-illicit-product-trade-onlin/240151654?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/10-space-technologies-that-help-on-earth/240151059"><img src="http://twimgs.com/informationweek/galleries/automated/966/2013Mediphan_tn.jpg" alt="10 Space Technologies That Help On Earth" title="10 Space Technologies That Help On Earth" class="img175" /></a> <div class="storyImageTitle">10 Space Technologies That Help On Earth </div> (click image for slideshow)</div>The Food and Drug Administration plans to monitor the Internet to ensure that prescription drugs, tobacco and other regulated products aren't illicitly traded or marketed online. In <a href="https://www.fbo.gov/index?s=opportunity&mode=form&id=8afc40b8d805159be6e977157205bd6e&tab=core&_cview=1">procurement documents</a> posted online March 21, the FDA plans to hire a contractor to look for a laundry list of illegal activity involving FDA-regulated products, from prescription drugs for sale online contrary to U.S. law, to the sale of stolen blood. The monitoring would cover websites that sell products, process payments, perform direct marketing or order fulfillment services, and even in some cases merely provide information online. The monitoring effort is an outgrowth of the work of the FDA's Office of Criminal Investigation, which investigates a wide array of possible crimes that deal with the distribution of FDA-regulated products, from fraudulent Alzheimer cures to designer drug deals. According to the procurement documents, the monitoring will include sifting through mounds of publicly available information on websites, online bulletin boards, chat rooms, social networks and even email spam in order to find and report websites that might be engaging in illegal trade or marketing. [ Can better analytics improve food and drug safety? Read <a href="http://www.informationweek.com/healthcare/policy/fda-hops-on-big-data-bandwagon/240145602?itc=edit_in_body_cross">FDA Hops On Big Data Bandwagon</a>. ] Although the FDA will monitor social networks, acting on tips and FDA knowledge and the like, it will not actively participate on any site it monitors as a way to gather more information, the documents said. The contractor might, however, engage in straw purchases online to help the FDA investigate the purchase process and movement of funds in suspected illegal transactions. Monitoring will be limited to 10,000 websites a year. It's unclear whether this means 10,000 domains, or merely 10,000 discrete websites. In earlier documents, the FDA said it planned to use the National Cyber-Forensics & Training Alliance as the contractor, saying that the non-profit cyber investigative and data collection organization is the only one with the capabilities to meet the FDA's requirements. The group uses a proprietary database and collaborates with law enforcement and industry to help capture data. The FDA's monitoring of the Internet for illegal trafficking in regulated substances is only one of the Internet monitoring activities in which the FDA is planning to engage. On another front, the FDA on Saturday <a href="https://www.fbo.gov/index?s=opportunity&mode=form&tab=core&id=3de8819a45dd2f6f6a8536f9de003c76&_cview=0">awarded</a> a contract to health data collection and analytics company Epidemico to mine social media data to track FDA drug safety efforts. According to procurement documents, that effort more specifically intends to "assess the usefulness of unstructured social media data mining from a variety of sources in FDA" drug safety efforts, including development of tools and methodologies to make it easier to track health information on social networks. A well-defended perimeter is only half the battle in securing the government's IT environments. Agencies must also protect their most valuable data. Also in the new, all-digital <a href="http://www.informationweek.com/gogreen/031813gov?k=axxe&cid=article_axxt_os">Secure The Data Center</a> issue of InformationWeek Government: The White House's gun control efforts are at risk of failure because the Bureau of Alcohol, Tobacco, Firearms and Explosives' outdated Firearms Tracing System is in need of an upgrade. (Free registration required.) 2013-03-22T13:45:00ZFederal Reserve To Hire Chief Data OfficerAppointment would make the Fed another in a growing number of governments and government agencies with chief data officers.http://www.informationweek.com/government/leadership/federal-reserve-to-hire-chief-data-offic/240151553?cid=SBX_iwk_related_slideshow_Privacy_securityIn what appears to be the start of a trend, the Board of Governors of the Federal Reserve System is calling on the Federal Reserve System to hire a chief data officer to usher the organization through the big data era. In a new strategic plan, the Federal Reserve board makes "redesign[ing] data governance and management processes to enhance the board's data environment" one of its six strategic deliverables through 2015. As part of that effort, the board urges that the Federal Reserve System create an Office of the Chief Data Officer. By creating such an organization and position, the Federal Reserve System would join a short but growing list of federal agencies that have placed a high priority on structured management of agency data. [ Out with the old, in with the new -- government IT needs to think more like a startup. Read <a href="http://www.informationweek.com/global-cio/interviews/we-must-run-government-it-like-a-startup/240146629?itc=edit_in_body_cross">We Must Run Government IT Like A Startup</a>. ] Among those agencies, the National Institutes of Health is the next newest addition to the list. The NIH announced in January that it planned to hire a new associate director for data science. The Federal Communications Commission has an agency-wide chief data officer as well as chief data officers for each FCC bureau. Other federal agencies that have chief data officers include the Army and the Consumer Financial Protection Bureau, and the Commodity Futures Trading Corporation. The Securities and Exchange Commission has also called for the creation of such an office. Earlier this year, the SEC <a href="http://www.informationweek.com/government/information-management/sec-makes-big-data-push-to-analyze-marke/240149214">named</a> its first associate director of the agency's Office of Analytics and Research. Numerous state and local governments have been adding chief data officers as well. Colorado, both New York State and New York City, San Francisco, Philadelphia, Chicago and Los Angeles County, Calif., all have chief data officers to oversee their governments' data efforts. Chief data officers have been a regular staple in some parts of the private sector, such as the financial industry, for <a href="http://www.informationweek.com/data-managers-climb-the-ladder/163703270">years</a>, but have lately <a href="http://www.informationweek.com/aroundtheweb/globalcio/your-csuite-needs-a-chief-data-officer/376a6b3369757171356e656f77694466766644784c773d3d">become</a> particularly salient with the rise of big data. This is true in government as well as in the private sector. In October, industry trade lobby TechAmerica called on the federal government to "name a single official both across government and within each agency to bring cohesive focus and discipline to leveraging the government's data assets." As for the Federal Reserve, the board says that the new chief data officer position should have "clear roles and responsibilities" and should address everything from managing the massive quantity of data that the Fed is collecting and analyzing to sharing that data, making Fed employees more aware of what data is available, setting policies for data security and controls, and ensuring better data quality. A well-defended perimeter is only half the battle in securing the government's IT environments. Agencies must also protect their most valuable data. Also in the new, all-digital <a href="http://www.informationweek.com/gogreen/031813gov?k=axxe&cid=article_axxt_os">Secure The Data Center</a> issue of InformationWeek Government: The White House's gun control efforts are at risk of failure because the Bureau of Alcohol, Tobacco, Firearms and Explosives' outdated Firearms Tracing System is in need of an upgrade. (Free registration required.)2013-03-22T09:06:00ZAmazon-CIA Deal Would Fit Intel Community StrategyReported deal for Amazon to help develop CIA's private cloud infrastructure squares with intelligence community strategy to work with public cloud vendors.http://www.informationweek.com/government/cloud-saas/amazon-cia-deal-would-fit-intel-communit/240151424?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/security/spy-tech-10-cia-backed-investments/240142519"><img src="http://twimgs.com/informationweek/galleries/automated/912/01_extra_tn.jpg" alt="Spy Tech: 10 CIA-Backed Investments" title="Spy Tech: 10 CIA-Backed Investments" class="img175" /></a> <div class="storyImageTitle">Spy Tech: 10 CIA-Backed Investments</div>(click image for larger view and for slideshow)</div>A report that the CIA has turned to Amazon to build and manage a private cloud computing environment for the agency is consistent with the IT strategy outlined by intelligence officials over the past two years. The CIA declined comment on the report by government tech trade publication FCW that the Central Intelligence Agency has agreed to a multi-year deal with Amazon to help the CIA build a private cloud computing infrastructure, nor did Amazon respond to InformationWeek by publication time. However, such a deal aligns with plans, publicly discussed by the CIA and <a href="http://www.intelligence.gov/">Intelligence Community</a> (IC) officials over the last two years, to bring commercial cloud computing technology and methodologies inside IC firewalls. "As a general rule, the CIA does not publicly disclose details of our contracts, the identities of our contractors, the contract values or the scope of work," a CIA spokesperson told InformationWeek. The CIA also offered no comment on whether the agency is, more broadly, integrating or planning to integrate public cloud computing technology into the CIA's own private cloud computing infrastructure. [ Recent VMware cloud announcements have caused a stir. Read <a href="http://www.informationweek.com/cloud-computing/infrastructure/will-vmware-challenge-amazon-head-on/240150783?itc=edit_in_body_cross">Will VMware Challenge Amazon Head On?</a> ] The Office of the Director of National Intelligence said only in response to a similar query that it plans to use "cloud technologies" as part of the broader IC enterprise IT strategy, and that such plans would involve "leveraging partnerships with industry partners." An effort to work with large public cloud computing vendors to bring their technology in-house squares with past statements by IC officials about the cloud computing plans of the CIA and the IC. Those statements indicate that the IC has been working toward something similar to the deal reported by FCW, which FCW estimated at 10 years and as much as $600 million. The idea of working with a public cloud computing vendor might have first publicly surfaced in October 2011, when <a href="http://www.informationweek.com/government/cloud-saas/cia-cloud-solving-our-petascale-data-pro/231901640">CIA CTO Gus Hunt said</a> at InformationWeek Government's GovCloud event that the CIA was looking to work with vendors to bring their public cloud computing environments inside IC firewalls. Hunt said at the time that he was looking to "work with commercial cloud vendors to bring, inside our world at the classified level, some level of the efficiencies and scales that they have developed outside." Hunt added that vendors had been receptive to the idea. Days before the GovCloud event, Hunt spoke about the CIA's cloud computing plans at Amazon's AWS Gov Summit conference, though, at that event, he made no mention of bringing Amazon technology inside the CIA. In May 2012, <a href="http://www.informationweek.com/government/leadership/50-most-influential-government-cios/229700199?pgno=44">U.S. Intelligence Community CIO Al Tarasiuk</a> said that the IC more broadly was <a href="http://www.informationweek.com/government/cloud-saas/10-developments-show-government-cloud-ma/240002578">developing "an architecture</a> where we're going to bring some commercial cloud capabilities inside our fence lines," and would use "the provider's business processes with the provider driving those to help us" alongside some government-managed cloud technologies. This work would be part of a broader IC plan called the <a href="http://www.informationweek.com/government/leadership/intelligence-agencies-must-operate-more/240146055">Intelligence Community IT Enterprise</a> to integrate and consolidate intelligence community IT and turn the five highest-spending intelligence agencies into IT service providers for the rest of the IC. Tarasiuk said in an August interview with InformationWeek that the idea to bring "commercial cloud capabilities" inside IC firewalls originated with the CIA, which, he said, "was on a path to leverage commercial industry to bring within their fence line an Internet-scale [cloud computing] capability." Even if the specific deal between the CIA and Amazon continues to go unconfirmed, given recent remarks of intelligence officials, an effort to work with public cloud computing vendors in some way is likely underway.2013-03-13T15:03:00ZDOD Reaches 1 Million Users On Cloud EmailMilitary expects another 500,000 users on the Defense Information Systems Agency's DOD Enterprise Email by summer 2013.http://www.informationweek.com/government/cloud-saas/dod-reaches-1-million-users-on-cloud-ema/240150737?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/mobile-government-10-must-have-smartphon/240149858"><img src="http://twimgs.com/informationweek/galleries/automated/958/01_Spacex_tn.jpg" alt="Mobile Government: 10 Must-Have Smartphone Apps" title="Mobile Government: 10 Must-Have Smartphone Apps" class="img175" /></a> <div class="storyImageTitle">Mobile Government: 10 Must-Have Smartphone Apps</div>(click image for larger view and for slideshow)</div>  The Department of Defense now has one million users on a consolidated private cloud email platform, making it one of -- if not the -- largest of all independent email systems worldwide. Two years after beginning the push toward enterprise email for the Department of Defense, the military has almost fully migrated one service, the Army, to enterprise email; has begun moving a series of other DOD agencies and military commands to the system; and is engaging in deep discussions about the move with the Air Force and Navy. DOD expects that the next half-million users will be much faster to come by than the first million. In a press release, the Defense Information Systems Agency, which hosts DOD Enterprise Email (as the system is known), said that it expects to reach 1.5 million users by summer 2013. DOD is increasingly using DISA, which has long provided networking and other services for the military, as an IT service provider. The Army has been at the forefront of the move to DOD Enterprise Email, and has now migrated 967,000 users to the platform, including 28,000 users on the classified SIPRNet network, according to a recent blog post by Army deputy CIO Mike Krieger. The Army is migrating Army Medical Command and Army Reserve users to DOD Enterprise Email, and will soon begin moving Army National Guard users. [ What effect does sequestration have on America's cybersecurity? See <a href="http://www.informationweek.com/government/security/budget-fight-threatens-us-cyber-commands/240150621?itc=edit_in_body_cross">Budget Fight Threatens U.S. Cyber Command's Growth</a>. ] Other services and DOD agencies have also begun the move to DOD Enterprise Email, including the Joint Staff, U.S. European Command, U.S. Africa Command, U.S. Forces Korea and DISA itself. There are also pilot users within Air Force Reserve. Alfred Rivera, director of enterprise services for DISA, said in a press conference Wednesday that the Air Force is now "working on migration strategies," and that he is "optimistic" about further developments with Air Force. DOD CIO Teri Takai said last year that the Air Force had signed on for a future move to DOD Enterprise Email. The Navy is likely further from moving to the system due in part to unique concerns with shipboard email. However, the Navy Recruiting Command moved its mobile recruiters to DOD Enterprise Email in October because it is both cost effective and accessible anywhere. Rivera mentioned in the press conference that DISA is also in discussions with the Defense Logistics Agency and Defense Finance and Accounting Services about possible moves. Overall, DOD has touted enterprise email for its cost savings and ability to connect users across multiple services and military agencies. The military has said that enterprise email saves the DOD millions of dollars via economies of scale alone. Rivera estimated that the Army saves $70 million annually with DOD Enterprise Email as compared to the Army's previous set of highly siloed systems. Enterprise email lowers costs thanks to DOD's massive buying power, consolidated hardware and more efficient maintenance and administration, DISA said in a press release. Enterprise email also gives users access to the DOD Global Access list, rather than merely a list of users within an individual service or agency. DOD Enterprise Email is powered by Microsoft software. It runs a standardized version of Outlook and Outlook Web Access on Exchange 2010, and provides users with 4 Gbytes of storage. While DISA currently manages the implementation itself on DISA servers, Rivera hinted that DISA stayed with a standard, relatively uncustomized email suite to leave room for flexibility and changes to that model in the future. "We see a day when we could transition this to a commercial provider for the Department, and staying away from customization allows that to happen more easily," Rivera said.2013-03-12T15:00:00ZBudget Fight Threatens U.S. Cyber Command's GrowthCyber Command commander Gen. Keith Alexander says sequestration will lead to furloughs; wider budget conflict will delay efforts to strengthen Cyber Command.http://www.informationweek.com/government/security/budget-fight-threatens-us-cyber-commands/240150621?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/security/military-drones-the-pentagons-eyes-in-th/240144476"><img src="http://twimgs.com/informationweek/galleries/automated/929/AFx37-b_tn.jpg" alt="Military Drones Present And Future: Visual Tour" title="Military Drones Present And Future: Visual Tour" class="img175" /></a> <div class="storyImageTitle">Military Drones Present And Future: Visual Tour</div> (click image for larger view and for slideshow)</div>The military unit charged with defending the United States in cyberspace will have to furlough a third of its workforce as a result of across-the-board budget cuts forced by sequestration, and is seeing its development held back by Congressional failure to pass a budget, Cyber Command commander Gen. Keith Alexander said Tuesday. Testifying before the Senate Armed Services Committee, Alexander said that because a third of Cyber Command's workforce is civilian, the organization could be hard hit by one-day-a-week civilian furloughs that military officials have said will begin in late April. Military personnel are exempt from the cuts. "By singling out the civilian workforce for furloughs, we've done a great injustice," Alexander said. "We're trying to get people to leave industry to come work for us, but now that they're furloughed, they're asking if they made the right decision. That's a big impact across our workforce." [ The Department of Defense faces big challenges in keeping the nation safe from cyber attack. Read <a href="http://www.informationweek.com/government/security/us-cybersecurity-status-weak-reports-cha/240150168?itc=edit_in_body_cross">U.S. Cybersecurity Status Weak, Reports Charge</a>. ] Sequestration isn't the only source of the pinch on Cyber Command. Congressional failure to pass a fiscal 2013 budget means that Cyber Command must operate under a continuing resolution that holds the organization to its fiscal 2012 budget. That holds up a quarter of Cyber Command's proposed budget, which, Alexander said, will hinder Cyber Command's continued development and negatively affect the organization's ability to do the technical training necessary to defend in cyberspace. In particular, Alexander said that failure to pass the fiscal 2013 budget could delay the creation of a number of "cyber mission teams" of offensive and defensive cyber specialists that Alexander analogized to Army battalions and Navy squadrons, capable of acting on their own. The budget woes come with Cyber Command a relatively new unit dependent on new funding to improve its capabilities, having just <a href="http://www.informationweek.com/government/security/us-cyber-command-opens-doors/228200182?token=c76c4f4ed332f69880a96f440c8ef75d">reached </a> full operating capacity in late 2010. Cyber Command has plans to continue to develop its capabilities and to add thousands of new workers to its payroll. The woes also come with cybersecurity an ever-increasing government priority. In separate remarks before the Senate Intelligence Committee, director of national intelligence James Clapper listed cyber attacks first in his annual threat assessment to Congress, a change of pace from the previous decade in which terrorism was regularly listed first. Alexander said that Secretary of Defense Chuck Hagel is considering elevating Cyber Command to be a Unified Combatant Command, a move that would solidify cybersecurity as a priority of the highest order for the military. Cyber Command is currently part of U.S. Strategic Command, which holds responsibility for a mix of functional missions ranging from military space operations to missile defense. Alexander said in his remarks that state-sponsored cyber hackers are exploiting critical infrastructure networks "on a scale amounting to the greatest unwilling transfer of wealth in history." In a speech Monday, President Obama's national security advisor, Tom Donilon, called <a href="http://www.informationweek.com/security/attacks/china-hack-attacks-play-offense-or-defen/240150482">cyber espionage coming from China</a> "unprecedented" and said that "the international community cannot tolerate such activity from any country." China has since said that it is open to "dialogue" with the United States on cybersecurity. The Enterprise Connect conference program covers the full range of platforms, services and applications that comprise modern communications and collaboration systems. Hear case studies from senior enterprise executives, as well as from the leaders of major industry players like Cisco, Microsoft, Avaya, Google and more. Register for <a href="http://www.enterpriseconnect.com/orlando?_mc=IWKPREM">Enterprise Connect 2013</a> today with code IWKPREM to save $200 off a conference pass or get a free Expo Pass. It happens March 18-21 in Orlando, Fla. 2013-03-11T16:18:00ZWhite House Supports DOD Spectrum ResearchWhite House support for military research into spectrum sharing furthers White House efforts to open spectrum for commercial use.http://www.informationweek.com/government/mobile/white-house-supports-dod-spectrum-resear/240150508?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/mobile-government-10-must-have-smartphon/240149858"><img src="http://twimgs.com/informationweek/galleries/automated/958/01_Spacex_tn.jpg" alt="Mobile Government: 10 Must-Have Smartphone Apps" title="Mobile Government: 10 Must-Have Smartphone Apps" class="img175" /></a> <div class="storyImageTitle">Mobile Government: 10 Must-Have Smartphone Apps</div>(click image for larger view and for slideshow)</div> As part of its push to make more spectrum available for use, the White House is lending support to a new military research effort that aims to improve sharing of "cramped radio spectrum." The Defense Advanced Research Projects Agency's Shared Spectrum Access for Radar and Communications (SSPARC) program, announced last month, seeks research proposals to develop "revolutionary" advances in spectrum sharing. High-speed wireless Internet access and other wireless technologies are widely available around the United States, and mobile services contribute billions to the American economy, but airwaves are increasingly crowded by services offered by an array of private sector stakeholders and by government, from transportation systems to law enforcement. [ How are other countries dealing with shrinking spectrum? Read <a href="http://www.informationweek.com/mobility/3g/uk-attempts-to-solve-looming-spectrum-cr/240148681?itc=edit_in_body_cross">U.K. Attempts To Solve Looming Spectrum Crunch</a>. ] "Building on U.S. leadership and promoting even greater economic growth requires that the Nation make ever <a href="http://www.whitehouse.gov/blog/2013/03/11/supporting-innovative-approaches-spectrum-sharing">more efficient use of spectrum</a>," White House deputy CTO for telecommunications Tom Power and assistant secretary of commerce for communications and information Lawrence Strickling wrote in a blog post. "Ensuring adequate spectrum to support the expected growth in commercial and non-commercial uses poses technical challenges." To that end, SSPARC <a href="https://www.fbo.gov/utils/view?id=10fd956a1c23d2894f2e78cf85025644">seeks</a> to support spectrum sharing between military radars and military and commercial communications systems. To share spectrum with commercial systems, SSPARC is focusing on low-power wireless access points, known as "<a href="http://www.informationweek.com/mobility/smart-phones/wireless-capacity-crunch-answers-at-mwc/240150308">small cells</a>," that can extend cellular coverage. SSSPARC looks to "improve performance or reduce interference when sharing spectrum" at an "acceptable cost" by, for example, identifying devices causing interference and changing how they are transmitting information to help prevent that interference or by developing hardware and methodology to improve separation of the radar and other data. The Obama White House has been a vocal supporter of freeing up spectrum for use and has said that American leadership in developing wireless services is "an important part" of the Obama administration's job creation and growth strategy. The government under the Obama administration has taken a number of steps to free up wireless spectrum. President Obama in 2010 issued a memorandum instructing the National Telecommunications and Information Administration (NTIA) to identify federal and commercial spectrum that could be reused for wireless broadband, and the NTIA uncovered a number of bands that could be made available. The FCC under Obama has catalogued and freed up so-called "white space" spectrum between TV channels for unlicensed use, has begun to reform the Universal Service Fund to help extend broadband Internet connections, and has removed barriers to the use of certain other spectrum. However, the efforts of the last few years have not come without criticism. The 2012 Republican Party platform criticized President Obama for making "no progress" toward universal broadband coverage since the end of the Bush Administration, for example. SSPARC and the White House support for it and similar programs might not end Republican criticism, but it could help spark better ways to use and free up spectrum. InformationWeek's 2013 <a href="http://informationweek.2013IWgovITinnovatorspre-reg.sgizmo.com/s3/?iwid=pl">Government IT Innovators program</a> will feature the most innovative government IT organizations in the 2013 InformationWeek 500 issue and on InformationWeek.com. Does your organization have what it takes? The nomination period for 2013 Government IT Innovators closes April 12.2013-03-07T09:46:00ZU.S. Cybersecurity Status Weak, Reports ChargeDOD report says the military is "not prepared" for cyber war, while a White House report says agencies fall short of federal cybersecurity goals.http://www.informationweek.com/government/security/us-cybersecurity-status-weak-reports-cha/240150168?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/security/military-drones-the-pentagons-eyes-in-th/240144476"><img src="http://twimgs.com/informationweek/galleries/automated/929/AFx37-b_tn.jpg" alt="Military Drones Present And Future: Visual Tour" title="Military Drones Present And Future: Visual Tour" class="img175" /></a> <div class="storyImageTitle">Military Drones Present And Future: Visual Tour</div> (click image for larger view and for slideshow)</div> The Department of Defense is "not prepared" to defend against sophisticated international cyber attacks, and government-wide, agencies have failed to meet some White House cybersecurity targets, according to two new reports. Although the reports differ in tone and structure -- one demands urgent action by the military and the other is a straightforward compliance report -- together they underscore the hard work the government still has ahead of it as it faces an onslaught of increasingly sophisticated cyber attacks. The report on the military, a <a href="http://www.acq.osd.mil/dsb/reports/ResilientMilitarySystems.CyberThreat.pdf">study by the Defense Science Board</a>, a civilian committee providing solicited scientific and technical advice to DOD leadership, finds that the Department of Defense is woefully unprepared to fight in cyberspace due to "inherently insecure architectures," fragmented efforts, "inadequate" intelligence and the sheer limits of today's technology. [ Will the finger pointing only get worse? Read <a href="http://www.informationweek.com/security/attacks/china-targets-us-in-hacking-blame-game/240149649?itc=edit_in_body_cross">China Targets U.S. In Hacking Blame Game</a>. ] "Without an urgently implemented and comprehensive strategy to offset the cyber security threat, U.S. national objectives will be nearly impossible to achieve in times of crisis," said the report on the military. "Additionally, the long term loss of so much intellectual property and capability will result in a serious competitive disadvantage to the U.S. economy." The report warns of cyber attacks that could disrupt military actions by turning U.S. weapons against its own troops, and of civilian attacks that could disrupt food and medical distribution systems and make transportation systems "useless." Despite the committee's concerns, however, the Defense Science Board says it thinks the challenges manageable. "The Department can effectively manage the risks presented by the cyber threat," the report notes. In order to meet the challenges, the report prescribes a set of actions the military must take, from more aggressive pursuit of cyber intelligence to the use of deterrence to improved cyber defenses, to the adoption of metrics to measure performance against the military's cyber goals. The report calls on the military to develop offensive cyber capabilities, including the development of a formal career path for both civilian and military workers involved in offensive cyber "actions"; strengthen the "cyber resiliency" of military vehicles and weaponry from submarines to bombers; and establish an enterprise security architecture. The report also encourages the DOD's CIO to work with the military branches to create an "enterprise security architecture" that includes minimum standards to ensure a "reasonable" level of defensibility, and to increase the probability that attacks are detected. The report recommends these standards be integrated as requirements in new acquisitions and that existing systems be audited to ensure that the architecture is in place. Putting the report's recommendations into place will not come cheaply. The report estimates that just providing the resources necessary to secure the U.S. nuclear arsenal will cost more than $500 million annually. Implementing these changes will also take time. The report predicts that it will take "years" for the military to execute an "effective" multi-part response to cyber threats. The <a href="http://my-goals.performance.gov/sites/default/files/images/Cybersecurity%20CAP%20Goal%20-%20FY2013%20Quarter%201%20Update.pdf"> White House report</a>, meanwhile, says agencies have seen a drop in compliance with White House goals over the last year, although the report notes that this is "associated with adjustments and improvements to measurement methodology" as opposed to any actual weakening of the government's cybersecurity readiness. The recalibration should help improve agencies' cybersecurity stances, but the need for recalibration itself shows that the White House has been operating with a less-than-complete picture of agencies' cybersecurity. Regardless of the reason behind the decrease in agencies' compliance scores, the metrics aren't all rosy. Only half of the agencies measured reached the fiscal 2013 goal for automated asset management, and a third of agencies reported actual decreases in automated vulnerability management, for example. The report also tracks compliance with a requirement that employees and contractors use Personal Identity Verification (PIV) cards to access federal IT systems. Most agencies fall short of this requirement. The DOD and General Services Administration are heavy users of PIV cards, but at half of the agencies surveyed, only 2% of employees were using the cards to access agency IT systems. The White House report said that the Office of Management and Budget and the White House's National Security Staff will work with agencies that appear to risk failing to meet White House cybersecurity performance standards, either through metrics-heavy CyberStat meetings with top agency IT staff or by "other appropriate action." Overall, the picture appears mixed for federal agencies. For example, agencies appear to be meeting or close to meeting minimum targets on continuous monitoring, strong authentication and the Trusted Internet Connections network connection consolidation effort. The White House projects that agencies will far outstrip initial goals by early next in fiscal 2014. The government in recent years has been aggressively pushing to improve cybersecurity and to make sure that the military is ready for disruptive cyber attacks. Although the White House and DOD reports indicate less-than-complete progress toward those goals, they also by their very nature inch the government closer to meeting those goals. Still, the reports show that much work is left to be done to bring agencies fully into line with White House goals, and perhaps more work is left to ensure that the military is able to adequately defend the nation in cyberspace.2013-03-02T09:06:00ZNASA Missions Face Triple Whammy Of GlitchesSpace station resupply mission, the Mars Curiosity rover, and the International Space Station itself all have had problems in the last few weeks.http://www.informationweek.com/government/mobile/nasa-missions-face-triple-whammy-of-glit/240149829?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/nasa-mars-mission-no-little-green-men-/240142965"><img src="http://twimgs.com/informationweek/galleries/automated/917/roverv2_tn.jpg" alt="NASA Mars Mission: No Little Green Men -- Yet" title="NASA Mars Mission: No Little Green Men -- Yet" class="img175" /></a> <div class="storyImageTitle">NASA Mars Mission: No Little Green Men -- Yet</div> (click image for larger view and for slideshow)</div>An unmanned <a href="http://www.informationweek.com/government/mobile/spacex-resupply-rocket-aims-for-space-st/240149625">resupply mission</a> to the International Space Station experienced a thruster problem on Friday morning, only a day after NASA announced computer glitches with the Mars Curiosity Rover and less than two weeks after a space station communications hiccup. Shortly after entering orbit subsequent to an on-time liftoff this morning from Cape Canaveral, private spaceflight company SpaceX CEO Elon Musk tweeted that his NASA-funded resupply mission to the International Space Station had trouble initiating three of its four thruster pods, which delayed deployment of the Dragon spacecraft's solar arrays. Mission controllers eventually were able to deploy the solar panels on two thruster pods, but as of 2:30 p.m. Eastern, Musk still had not reported that the other thruster pods had come online. The cargo is scheduled to reach the space station on Saturday. The SpaceX mission to the International Space Station is the second of 12 missions as part of a $1.6 billion contract with NASA. The first mission was five months ago. This flight's cargo includes materials for scientific experiments, food, computer parts and equipment for air purifiers. [ Satellites the size of softballs? Read <a href="http://www.informationweek.com/government/mobile/nasa-to-send-cube-satellites-into-space/240149818?itc=edit_in_body_cross">NASA To Send Cube Satellites Into Space</a>. ] Just yesterday, NASA reported that the Mars Curiosity rover had switched to a backup computer after the rover's primary computer had failed to fall asleep as planned. NASA Jet Propulsion Laboratory credited the problem to corrupt flash memory. The backup computer on Curiosity, known as the B-side computer, actually acted as the primary computer on the way from Earth to Mars, while the other, A-side computer, has been operating Curiosity since the rover's August 2012 landing. After switching to the backup computer, NASA put the rover into "safe mode" for a few days, during which time the space agency will troubleshoot the problem and the rover's scientific instruments will remain idle. Curiosity, which is looking for signs of Mars' habitability, had recently begun investigating the first sample of rock powder collected from underneath Mars' surface. These back-to-back glitches themselves come on the heels of a three-hour <a href="http://www.informationweek.com/government/mobile/nasa-reports-space-station-communication/240148835">communications lapse</a> between mission control and the International Space Station on Feb. 19 when a data relay system malfunctioned during a routine flight computer update. In that instance, the computer controlling critical station functions faulted over to a backup, and the space station continued operating as normal, albeit without communication with operators on the ground. Astronauts were able to make brief contact during the outage via radio. Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple Deployment at the NEW Mac & iOS IT Conference. Use Priority Code DIPR03 by March 9 to save up to $500 off the price of Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies, and the latest technology. Register for <a href="http://www.interop.com/lasvegas/?CID=MP_ILV_IWK_Article_TL&_mc=DIPR03">Interop</a> today!2013-02-28T14:42:00ZPredictive Analytics Improve Miami City ServicesMiami-Dade County is partnering with IBM to improve city policing, transportation and parks through predictive analytics.http://www.informationweek.com/government/information-management/predictive-analytics-improve-miami-city/240149707?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/big-data/slideshows/big-data-analytics/slideshow-unexpected-big-data-uses-use/240144221"><img src="http://twimgs.com/informationweek/galleries/automated/925/image1_tn.jpg" alt="Big Data's Surprising Uses: From Lady Gaga To CIA" title="Big Data's Surprising Uses: From Lady Gaga To CIA" class="img175"/></a> <div class="storyImageTitle">Big Data's Surprising Uses: From Lady Gaga To CIA</div> (click image for larger view and for slideshow)</div>Miami is getting smarter. Miami-Dade County and IBM this week announced a partnership to leverage predictive analytics software to make better use of the city's data -- and to prevent problems even before they present themselves. As part of the partnership, Miami-Dade will use IBM's Intelligent Operations Center dashboard, SPSS predictive analytics software, and Cognos business intelligence software to analyze data coming from the city's police databases, water meters and IP cameras, among other sources, in order to better address everything from leaky pipes to traffic problems and criminal activity before they get out of hand. The push is expected to not only improve Miami-Dade's county operations and service to the county's citizens but also save money. Miami-Dade CIO Angel Petisco estimates that just one piece of the initiative, which ties into the county's parks to track leaks and broken pipes, could save the city $800,000 to $1 million. [ Big data has value that's often not reflected in the books. Read <a href="http://www.informationweek.com/big-data/news/big-data-analytics/whats-your-big-data-worth/240144449?itc=edit_in_body_cross">What's Your Big Data Worth</a>? ] Many IT initiatives spring from specific problems, but, according to Petisco, this one arose as city managers "kept hearing about smarter cities, smarter communities, and started looking at the landscape of what was available, what they could be used for." The first place that made sense, Petisco said in an interview, was the park system. "Parks were using way more water than you would think for keeping foliage green, and we suspected they had leaks," he said. A pilot system put in place helped determine in real time where leaks might be, and Miami-Dade then extended the system to the entire county park system. Next, Miami-Dade moved on to crime data. Before IBM entered the picture, Miami-Dade already had a crime data warehouse, a product for geocoding, and crime maps. However, the police department knew it could get more from the data that it was collecting. Now IBM's Intelligent Operations Center software cobbles together data on evidence and crimes and allows police to make quicker conclusions by reducing the time to identify leads, investigate crimes and solve cases. Now, according to Petisco, the police "can't get enough of this stuff." The next step in Miami-Dade is to use Intelligent Operations Center to help manage traffic in the county, which at 2.5 million residents spread across 35 municipalities, is the seventh most populous county in the United States. That means crowded roads. The transportation initiative will begin with a pilot project to analyze traffic flow to help drive customers to local businesses in Miami-Dade's Brickell community. This will be done in part by determining, based on data, the most economically beneficial place to locate a new public transportation stop. In the future, Petisco said, Miami-Dade plans to use camera feeds and other systems that register traffic volumes and combine that data with event data, such as sports or entertainment schedules, to determine when and how to adjust traffic signals and bus routes to best keep traffic flowing. According to Chris O'Connor, VP of Smarter Cities software at IBM, that data could also be combined with the police data to help law enforcement better manage events. Miami is only one of a number of cities with which IBM has Smarter Cities initiatives. Although O'Connor says that Miami is unique in how far it is going with the data, IBM has worked with cities from New York to Zhenjiang, China, on Smarter Cities projects. It's not just IBM, either. This week, Seattle announced that it would use geotagged crime history and software designed at the University of California Los Angeles to determine where crime is likely to occur and when. Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple Deployment at the NEW Mac & iOS IT Conference. Use Priority Code DIPR03 by March 9 to save up to $500 off the price of Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies, and the latest technology. Register for <a href="http://www.interop.com/lasvegas/?CID=MP_ILV_IWK_Article_TL&_mc=DIPR03">Interop</a> today!2013-02-28T09:06:00ZFederal IT Reform: Are More Laws Needed?Efforts by Rep. Darrell Issa, R-Calif., could lead to significant reform of federal IT management and acquisition.http://www.informationweek.com/government/policy/federal-it-reform-are-more-laws-needed/240149618?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/leadership/iw500-15-top-government-tech-innovators/240006582"><img src="http://twimgs.com/informationweek/galleries/automated/861/01_Intro_tn.jpg" alt="IW500: 15 Top Government Tech Innovators" title="IW500: 15 Top Government Tech Innovators" class="img175" /></a> <div class="storyImageTitle">IW500: 15 Top Government Tech Innovators</div> (click image for larger view and for slideshow)</div> There's a move afoot to use legislation to reform federal IT acquisition and management, an idea that appears to be gaining some steam. Congressional hearings frequently pass with nary a whiff of consequential reform, but two hearings in the last month -- both punctuated by a bipartisan tone and proposed legislation -- indicate that the House of Representatives is serious about using 2013 to overhaul the way the federal government spends money on and manages IT. The charge has been led by Rep. Darrell Issa, R-Calif., chair of the House Committee on Oversight and Government Reform. Issa said Wednesday at a hearing of that committee that he plans to introduce the Federal Information Technology Reform Act (FITARA) within the next three weeks. In September 2012, Issa and Rep. Gerry Connolly, D-Va., floated a now widely-circulated draft version of FITARA. The draft bill would give more spending power to agency CIOs, codify federal data center consolidation and open-source and cloud-computing guidance, encourage strategic sourcing, establish a Federal Commodity IT Center to coordinate IT acquisition and manage government-wide IT contracts, and strengthen the federal IT acquisition workforce, among other effects. [ How effective has Obama been at changing the way the government uses IT? Read <a href="http://www.informationweek.com/government/leadership/obamas-it-transformation-is-a-work-in-pr/240008500?itc=edit_in_body_cross">Obama's IT Transformation Is A Work In Progress</a>. ] In hearings in January and again on Wednesday, members of the committee, including ranking member Rep. Elijah Cummings, D-Md., and Rep. Danny Davis, D-Ill., expressed bipartisan support for Issa's efforts. "We are talking about how do we get the most mileage out of the money we spend, how do we create the systems and the workforce that will give us the results," Davis said at the hearing. Although there has been no similar legislation introduced in the Senate this year, Sen. Tom Carper, D-Del., introduced the Information Technology Investment Management Act during the last session of Congress. Carper's bill covered similar ground to Issa's bill. Roger Jordan, VP of federal professional and IT services trade group Professional Services Council, wrote in an op-ed late last month that Carper is "widely expected" to soon reintroduce a version of his bill. A number of Issa's proposals were met by guarded approval by the former and current government officials and private sector execs assembled as witnesses at Wednesday's hearing. For example, Dan Gordon, the former head of the Office of Federal Procurement Policy and current dean of government procurement law at the George Washington University Law School, said he supported certain elements of Issa's bill, such as efforts to strengthen the federal acquisition workforce and calls for more strategic sourcing. Issa's bill got no direct endorsement from Department of Homeland CIO Richard Spires, who was also testifying at the hearing, but Spires voiced no real criticisms, either. Spires applauded the Department of Veterans Affairs' model of IT management, which includes a strong centralized CIO and rigorous program management. Not everyone is likely to buy in to every part of Issa's plan. In testimony before the committee last month, federal CIO Steven VanRoekel said that, in his opinion, additional legislation isn't needed to overhaul federal IT management. However, he <a href="http://www.informationweek.com/government/leadership/federal-cio-qa-security-sequestration-an/240149343">conceded</a> in a later interview with InformationWeek that "there potentially is room for legislative motion" in the CIOs' budget authority, although even that would be fraught with concern because of the sometimes bureaucratic way budgets are allocated inside of agencies. Carper's plan also has numerous distinctions with Issa's bill. It's unclear how or when the House will reconcile its efforts with those that could soon be reintroduced in the Senate, and even the details of Issa's bill remain to be worked out. However, it's clear that Issa is committed to pushing something forward. "Accomplishing major reform will not be easy," Issa said in a statement. "But streamlining our obsolete approach to federal IT needs to be at the heart of our effort to protect taxpayer dollars from further waste, fraud, abuse and mismanagement." Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple Deployment at the NEW Mac & iOS IT Conference. Use Priority Code DIPR02 by March 2 to save up to $500 off the price of Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies, and the latest technology. Register for <a href="http://www.interop.com/lasvegas/?CID=MP_ILV_IWK_Article_TL&_mc=DIPR02">Interop</a> today!2013-02-26T15:47:00ZPentagon Unveils Secure Mobile Device PlanMilitary releases a new plan to accelerate the adoption of mobile devices and apps for both classified and unclassified use.http://www.informationweek.com/government/mobile/pentagon-unveils-secure-mobile-device-pl/240149496?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/news/galleries/government/mobile/240002124"><img src="http://twimgs.com/informationweek/galleries/automated/811/01_Smokey_tn.jpg" alt="10 New Mobile Government Apps" title="10 New Mobile Government Apps" class="img175" /></a> <div class="storyImageTitle">10 Great Mobile Government Apps</div> (click image for larger view and for slideshow)</div>  The Department of Defense on Tuesday released a plan to accelerate the adoption of commercial mobile devices and secure mobile applications in the military for use with both unclassified and classified information. The plan, which follows up on a mobile device strategy <a href="http://www.informationweek.com/government/mobile/pentagon-outlines-mobile-device-plan/240002173">released in June 2012</a>, grows out of an increasing recognition by top military officials and in high-level military strategy documents that mobile technologies will play a key role on the battlefield and for broader U.S. military success via improved collaboration and information sharing. "This is not simply about embracing the newest technology," <a href="http://www.defense.gov/releases/release.aspx?releaseid=15833">DOD CIO Teri Takai said</a> in a statement accompanying the plan. "It is about keeping the Department's workforce relevant in an era when information accessibility and cybersecurity play a critical role in mission success." Takai added that military personnel are increasingly reliant on mobile technology "as a key capability enabler for joint force combat operations." The plan itself says that it aims to establish a "framework to equip users and managers with mobile solutions that leverage commercial off-the-shelf products, improve functionality, decrease cost and enable increased personal productivity." [ What are Steven VanRoekel biggest government IT challenges? See <a href="http://www.informationweek.com/government/leadership/federal-cio-qa-security-sequestration-an/240149343?itc=edit_in_body_cross">Federal CIO Q&A: Security, Sequestration And More</a>. ] A calendar of deliverables is included in the plan, including developing enterprise mobile device management and app store platforms, rolling out mobile devices able to access secret and top secret information, and deploying thousands of centrally managed mobile devices. Part of the plan will be a series of pilots, many of which are already underway. Those include the Army's Army App Store and <a href="http://www.informationweek.com/government/mobile/army-expanding-soldier-smartphone-progra/228800712">Connecting Soldiers to Digital Applications</a> program; the Navy's Digital Seabag and 4G/LTE Sea Trial; Special Operations Command's SECRET BlackBerry; the Marines' Trusted Handheld; DARPA's Secure iPad; and NSA's TIPSPIRAL. As part of the plan, DOD will pursue a "<a href="http://www.informationweek.com/government/mobile/dod-pushes-militarys-mobile-strategy-for/240010603">unified MDM architecture</a>" to ensure mobile security and ease of maintenance. It will also create a centralized mobile application store, a development platform with a code library and development and testing tools, a centralized app approval process, and a centralized governance process to establish mobile standards and policies for the entire military. However, the strategy seems to leave room for significant flexibility. The strategy is intended to be device-agnostic, encourage cross-platform app interoperability and allow military services to buy devices themselves or from the Defense Information Systems Agency or General Services Administration. The military services similarly would be allowed to run their own app stores and mobile device management platforms or use centralized services and platforms provided by either DISA or GSA. In part, DOD hopes that the strategy will help cut costs by leveraging the DOD's buying power as a huge institution. The military already has more than 600,000 mobile devices on its networks, including 470,000 BlackBerrys, 41,000 Apple iOS devices and 8,700 Android devices. As part of the plan, the DOD CIO will conduct a semi-annual audit on the total military-wide cost of mobility. Still, it's unclear how across-the-board budget cuts as a result of <a href="http://www.informationweek.com/government/policy/federal-cio-details-concerns-on-looming/240148415">sequestration</a> could affect the execution of the military's plan. Takai's memo mentions in its introduction that the plan "is contingent on available funding."2013-02-26T09:06:00ZFederal CIO Q&A: Security, Sequestration And MoreBiggest challenge in realizing agile, efficient government IT continues to be the required cultural change, says Federal CIO Steve VanRoekel.http://www.informationweek.com/government/leadership/federal-cio-qa-security-sequestration-an/240149343?cid=SBX_iwk_related_slideshow_Privacy_security<div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/software/enterprise-applications/ibm-smarter-cities-challenge-10-towns-ra/240142572"><img src="http://twimgs.com/informationweek/galleries/automated/913/01_Smarter_Cities_tn.jpg" alt="IBM Smarter Cities Challenge: 10 Towns Raise Tech IQs" title="IBM Smarter Cities Challenge: 10 Towns Raise Tech IQs" class="img175" /></a> <div class="storyImageTitle">IBM Smarter Cities Challenge: 10 Towns Raise Tech IQs</div>(click image for larger view and for slideshow)</div>In the 18 months since he was appointed federal CIO, Steven VanRoekel has been a change agent in government IT, overseeing a half-dozen tech initiatives launched by his predecessor, Vivek Kundra, while introducing new projects of his own. As the Obama administration enters its second term, VanRoekel plans to "follow the themes" established during the administration's first term rather than going in some new direction, VanRoekel said in an interview earlier this month with InformationWeek Government. He cited "incredible progress" in federal IT reform and transformation. That doesn't mean VanRoekel won't shake things up. At $79 billion, the federal IT budget has been flat for four years, and spending might get even tighter. In planning for fiscal 2014, VanRoekel advised the CIOs of federal agencies to plan for 10% budget cuts. With downward pressure on tech spending and the specter of sequestration looming, federal IT teams have little choice but to work differently. [ Want to know the secret sauce to government IT success? <a href="http://www.informationweek.com/global-cio/interviews/we-must-run-government-it-like-a-startup/240146629?itc=edit_in_body_cross">We Must Run Government IT Like A Startup</a>. ] VanRoekel laid out his IT priorities and plans for the year ahead and for the Obama administration's second term. He discussed the need to innovate and to bolster cyberdefenses, while arguing against the need for new legislation aimed at federal IT reform. InformationWeek Government: In recent testimony on Capitol Hill, <a href="http://www.informationweek.com/government/policy/federal-cio-outlines-second-term-it-prio/240146906 ">you outlined three priorities</a> for this term: innovating for the American people, improving the return on investment for federal IT and enhancing cybersecurity. VanRoekel: Innovate, deliver and protect. If you look at the history, the way you looked at IT spending in federal government is that to do new things, we built a culture where we had to spend money. In the prior administration, we were growing IT spending about 7% a year on a compound annual rate, and if you draw that curve out into the future, we'd be well over $100 billion in spending now on technology. The President took it flat, and under my watch we took it down a little bit. All of that at a time when we couldn't be more dependent on technology and the pressures on the federal government to deliver around technology couldn't be more important. The citizen expectations, smartphone growth, cybersecurity, the fiscal pressure -- technology is part of the solution to all those opportunities and challenges. So we had to work on a mechanism to go out and find a way to live within our means, to continue to promote and advance innovation in technology, and do that in a cost-neutral or cost-negative way. If you look at the things we've been doing, we have been saying, 'Let's go out and ruthlessly save on things we can.' The big highlight there was PortfolioStat, where I saw the low-hanging fruit in getting rid of commodity duplication. We're going to keep advancing that this year, thinking about how we move up the stack, starting at commodity -- how many email systems you have -- and with those investment dollars, pour that back into the cap-ex column and really understand how we're going to spend that on new ways of doing things. We have to change the way we build, deploy and use technology inside government. That's really the innovation agenda: thinking about digital, mobile, all those things, and being very deliberate in our budget guidance telling agencies to cut a certain percentage and reinvest a certain percentage. We told them to cut 10% and reinvest 5% automatically, in these new ways, but to use PortfolioStat as a way of finding that. Then, of course, cybersecurity, given the evolving threat, is important enough that it needs to stand alone. InformationWeek Government: You mentioned three initiatives: Digital Government, PortfolioStat and CyberStat. Where are you taking those going forward? VanRoekel: PortfolioStat was always intended to have a focus on continuous improvement, to think about how we keep the ball moving forward. A critical element on our team was standing up a new effort internally by building a small analytics team that can go out and gather data across the federal portfolio and understand what they're doing. Congress gave us some modest funding last year. That team is going out and thinking about not only what exists in each of these departments, how many email servers are running, how many this, how many that, but also starting to look at how much should email cost … so that we can try to set a baseline that we can run at and try to figure out how we can maximize the savings and the ROI of our investments. PortfolioStat -- we'll do a major check-in on deliverables from last year, like, 'Where are you on commodity IT,' and then we'll start to move up the stack. What we learned as we started doing PortfolioStat is that agencies fall into one of four categories. They're either the Wild West where every department, every subagency does their own thing, procures their own stuff and there's a lot of fiefdoms. Then you've got the next level that's rationalized commodity IT, where they'll run one email system, have one way to procure computers or mobile devices. The third is where they've started to rationalize the mission side of government. The top level -- and we're starting to see some early indication of this happening at some of the agencies -- is a service orientation. Say you come to me from some far corner of the department, and I'm the CIO, and you say, 'I want to build a mobile app.' I say, 'Great, here's a ready development environment, a test environment, a deployment environment,' and I give those to you as services. By developing in those environments, you snap to my enterprise architecture, my cyberinfrastructure. As we think about that commodity [direction] and building mission-based solutions, there's a lot to be said to move up that stack. There was also a big focus in PortfolioStat on the establishment of investment review boards to get agencies to think about IT as a piece of a broader puzzle in managing their departments. So we're going to continue to think about strategic planning. The Digital Government Strategy is continuing. It launched in May as 12-month strategy with a bunch of deliverables. The intention was to start to change the culture around the way we treat data, build mission systems, embrace mobile, think about security and privacy on the mobile platform, and really turn the dial on citizen-facing services. A lot of the deliverables are tactical, but they're in search of this objective of thinking about a more modular government, a more open, standards-based data approach, and about citizen services in a way that's much more open. InformationWeek Government: The Open Data Policy is part of that. When should we expect something there? VanRoekel: Forthcoming. I won't predict anything in terms of time, as there are clearance processes, but you should expect some stuff pretty soon. The spirit of that is machine-readable [data] becoming the default, thinking about standardized schemas, rethinking data.gov -- all of those are things that you should expect in 2013 coming out of the Digital Government Strategy. The strategy is a piece of a broader innovation agenda of the administration that includes the Presidential Innovation Fellows program that [federal CTO] Todd Park and I are working through, and rethinking the impact of those efforts to build platforms to scale inside government, things like MyUSA to think about citizen-based access to government or how we present medical records to veterans in a new way. All of that is around an agenda that is centered on open data, open platforms and building in new ways. InformationWeek Government: What's next with CyberStat? VanRoekel: We have a close working relationship with the national security staff, including federal cybersecurity coordinator Michael Daniel. One of those things is that the tenets of CyberStat are the right things -- continuous monitoring, Trusted Internet Connections, HSPD-12 cards and multi-factor authentication. All the elements of CyberStat are going to be consistent [moving forward]. You'll see continued progress on that. FISMA only gets us so far, checking your cybersecurity posture every several years through a FISMA audit is not even close to real-time enough, so the big effort we've been putting forward is turning the dial on continuous monitoring. How do we set up a government-wide vehicle for agencies not only to pipe their traffic through a trusted connection and monitor that connection through our efforts with the Einstein project, but also think about the network itself? A lot of the threats come when someone plugs a USB device that's been compromised inside the network, so continuous monitoring will cover a broader range of the threat surface. We just put out a contract to [the Department of Homeland Security] and [the General Services Administration] that not only covers the federal government but has partnerships that reach down to state, local and tribal, so we're going to combine the buying power of a big entity to go out and tackle this challenge. This year, you're going to see lots of progress on it. FedRAMP is a big category of it as well, as we think about the continued evolution of cloud computing. The second vendor has been authorized on FedRAMP. I think we're going to see a pretty steady clip. We have about 70 vendors or more standing right behind them in line.InformationWeek Government: You and others have said that once FedRAMP is operating, we might see it expanding beyond cloud computing. VanRoekel: We're definitely looking at that. I think mobile would be the first thing in that space. Pre-authorizing the risk and management of these programs is proving to be not only really cost effective, but being able to preclear a bunch of stuff once and then scale that across the federal government is proving very fruitful. One of my fears with mobile is that our security checks don't keep up with the pace of technology. We've got a new device coming out more than once every six months. The way we could keep up is do that from a more central standpoint, as new devices come in, authorize them. Once a central agency or host agency does that, they can say, 'This is trusted across the federal government.' InformationWeek Government: This interview comes before the release of the federal budget. Can you give us a sense of the broad outlook for federal IT spending going forward? VanRoekel: I can't quote any numbers or say anything specific, but the spirit is really around my budget guidance. To some extent, we're still at a point where IT is viewed as a discretionary thing. The President doesn't share this view, I don't, <a href="http://www.informationweek.com/government/leadership/white-house-names-new-federal-cto/232602357">Todd Park</a> doesn't, and I'm sure you don't share it. The private sector went through this inflection five to 12 years ago, depending on the industry, where IT moved from just this ability to do file and print and move emails around to this strategic asset to do business. It became the way we connect to customers better, build solutions better, control inventory, market our products. In government, we're still in the midst of this. IT is this discretionary thing. We've been promoting the notion that IT gives you a 'lever up' ability. It gives you efficiency. You can do things better, faster and cheaper if you deploy IT in a smarter way. If you go back to look at the history books, over half of the Fortune 500 companies were started in difficult economic times. You trace that back to what was going on at that time, IBM, P&G, Microsoft in a recession in the 70s, and it was always some inflection in technology that allowed them to catapult forward. I think our time is now to look at that [and ask] how do we drive innovation both inside and outside of government, to create that next Fortune 500 company, to foster that next wave of innovation in this country. The spirit of our budget guidance really follows that. On a flat or declining budget, we need to find ways to save money. We need to steal from the cap-ex column to give to the op-ex column to drive innovation. If we just sit on our hands and do less with less instead of do more with less, we wouldn't make the progress we want to make. InformationWeek Government: We're getting closer to the deadline on sequestration. Agencies have obviously started planning for that, regardless of what's going to happen. VanRoekel: We're working with agencies on planning and thinking about what they do. The interesting thing from my vantage point is that while you have IT and the budget is out there, it's never just a standalone line item. It's part of almost everything we do, so as programs get considered for cuts, it's a part of all those things. It isn't just a specific tactic, like we need to go and cut here. The general fear I have is that, by cutting technology or the IT budget, it's going to put us into situations where we stagnate progress or delivery of these things. I would worry that efforts would stall -- we heard that the VA and DOD's medical records effort is going to be stalled in a sequestration scenario -- so it puts us on our heels from a forward progress standpoint. The other place it puts us on our heels is cybersecurity. Cybersecurity is such an evolving threat that we have to be ever-vigilant, proactive, investing dollars and engaging smart contractors to help us think about how do we really lean forward on this stuff. Sequestration could create scenarios where we bring it down to where we were without forward progress. In the case of being on your heels, being reactive, you could create a scenario where it's not where we need to be.InformationWeek Government: When you talked to Congress, it seemed like you said that additional legislative reform for federal IT management isn't really necessary at this point. Is this an accurate assessment? VanRoekel: It is, totally accurate. I did come out and say that I think legislation isn't necessary, that there is room within the existing law to do what we need to do. I think we're making incredible progress. The fear I always have is that legislation is a snap in time. There are many laws on the books that affect how we do things online, but that don't even mention the Internet. Good laws leave room for interpretation, but technology [laws] are kind of touchy. You have to think about how you manage this stuff so you don't accidentally create a vendor preference or a technology preference that might be outdated in a year or two. While we're making incredible progress, I don't think that additional legislation is needed so that we can keep that progress. InformationWeek Government: Given that, how do you provide CIOs with the right level of budgetary authority? You have also expressed concerns about dealing with the single-year budget. VanRoekel: Where there potentially is room for legislative motion is thinking about budget authority and how we do budgeting. If you look at agencies that have capital budgeting, for example, they have a lot more flexibility to adapt with changing technology or changing demands. When you lock in to specific deliverables or years, and then your budget window is small because you have years when you get the budget passed and then when you actually get it appropriated, it doesn't leave you a lot of room to really make smart decisions, to make long-run decisions. It creates a dynamic that breeds inconsistency. We have to encourage [Congress] to think about how they work through that. One of the key elements of the 25-Point Federal IT Reform Plan was budget flexibility. Where it gets hard is that a lot of sub-agencies in government have relationship with their appropriations committees. You have flows of money that come in a way that don't allow that department to look left or right to say, 'Where can we go with this stuff?' I don't think we have an entitlement problem: I think we have a governance problem. That's why PortfolioStat has the deputy secretary of the department, sub-agency CIOs, the head CIO, the CFO, the human capital officer, all the C-levels sitting around a table. We found $2.5 billion in the first wave of PortfolioStat, and we think there's more out there. InformationWeek Government: What's the biggest challenge for federal IT as the Obama administration goes into its second term? VanRoekel: It's continuing on the road of cultural change. As I came into government when I was managing the Federal Communications Commission, I did an all hands [meeting] and I said I want them to wake up every day with the spirit of continuous improvement, never use 'That's the way we've always done it' as an excuse for forward progress. InformationWeek Government: When you talk about cultural change, you're talking about moving from a culture of "that's the way we've always done it," of just keeping the lights on, to a culture of innovation? VanRoekel: If I was here in government eight years ago and we needed a website, someone would say, well that costs $10 million, so we need to go find a vendor and spend $10 million -- that's what websites cost in government. Coming from high tech, I sit down and ask, 'Why? Why does it cost that much?' You can do things like create our <a href="http://www.informationweek.com/government/leadership/white-house-seeks-tech-innovation-fellow/240147892">Presidential Innovation Fellows</a> program, have the RFP-EZ team come in and create this cool interface to engage small, agile vendors to rethink the way we do those kind of things. Now we say websites cost less than $150,000 and you get incredible output. You can change that dynamic, that culture, you just have to work your way through creating tools and resources and awareness. InformationWeek Government: Are there any forthcoming policy changes or [Office of Management and Budget]-led IT initiatives that we should be aware of? VanRoekel: We'll be doing lots of new things over the course of the second term, but all in all they'll follow the themes that we've followed before: How we think about innovation and the innovation agenda, how we think about ROI and moving up that stack and, on cybersecurity, we're going to keep moving down that road. Those are wide lanes in which to drive. When I incubate a product or think about a new job, I tend to write the press release for the product for the last day I'm in that job. I've already written that press release. I've got it locked in a fireproof safe in my house on paper and I've deleted the electronic file. I want to always think about those outcomes -- what I want to say that I did, then work my way backward from that. At the end of the day, I want a government that can build modular, agile solutions completely differently than we do today that can be shared across agencies and that are superefficient. I want to create an opportunity for people who work in technology who are newly out of school or newly inspired to come find the federal government a great place to work and spread their wings and to give them permission to innovate within government and think differently, and I want to do it all in the context of a low-cost environment.2013-02-25T15:10:00ZHow Sequestration Could Hit NASA ProjectsAcross-the-board budget cuts due to hit March 1, if Congress doesn't make a budget deal, could quickly impact NASA's technology work.http://www.informationweek.com/government/policy/how-sequestration-could-hit-nasa-project/240149376?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/government/mobile/nasa-mars-mission-no-little-green-men-/240142965"><img src="http://twimgs.com/informationweek/galleries/automated/917/roverv2_tn.jpg" alt="NASA Mars Mission: No Little Green Men -- Yet" title="NASA Mars Mission: No Little Green Men -- Yet" class="img175" /></a> <div class="storyImageTitle">NASA Mars Mission: No Little Green Men -- Yet</div> (click image for larger view and for slideshow)</div> At NASA, tech projects will be among those hit by the across-the-board budget cuts scheduled to hit federal agencies if Congress does not move to stop sequestration by the March 1 deadline. According to a letter sent to the Senate Committee on Appropriations earlier this month, sequestration will cause the cancellation or de-scoping of a number of tech projects, including the possible cancellation of a deep space optical networking program. Sequestration could also cancel the Deep Space Atomic Clock, NASA's Innovative Advanced Concepts Program, and some work on autonomous systems, and would include $51.1 million in cuts to NASA's science budget. [ A brief communications glitch occurred between NASA and the ISS following a routine software upgrade. Read more at <a href="http://www.informationweek.com/government/mobile/nasa-reports-space-station-communication/240148835?itc=edit_in_body_cross">NASA Reports Space Station Communications Outage Fixed</a>. ] These cuts are only the beginning. The sequestration effects sent to the Senate include only those projects that could see cuts in fiscal 2013, but sequestration will phase in over several years. In fiscal 2013 alone, the sequester would reduce NASA's funding level by $894 million from levels authorized by the continuing appropriations resolution. "Anybody who thinks this is no big deal -- it's a big deal," NASA administrator Charles Bolden <a href="http://blog.al.com/breaking/2013/02/nasa_boss_wonders_how_marshall.html">reportedly</a> said last Friday. "We're going to suffer." In terms of deep space optical networking, NASA was scheduled this year to test optical communications with lunar and satellite missions. The Innovative Advanced Concepts Program, meanwhile, is looking for "revolutionary concepts with the potential to transform future aerospace missions." Among projects that are part of the program or have been proposed are sensing and imaging technologies, technologies for autonomous space exploration and proposals to use three-dimensional printers to print spacecraft on paper. Unlike the Department of Defense, which has said that it will furlough federal contractors in a move that could hit many IT workers, NASA deputy administrator Lori Garver has said that NASA does not currently have plans to furlough civilians in the event of sequestration. As sequestration has neared over the past several months, NASA and others have sounded the alarm about the possible negative effects of sequestration's across-the-board cuts on NASA's budgets. A November report by NASA's Inspector General, for example, said that sequestration contributed to NASA's "bleak budgetary backdrop." In December, the Aerospace Industries Association released a report calling sequestration "a devastating threat to our space leadership." The report found that sequestration could result in 20,500 job cuts this year alone, including many cuts in high-tech work. Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple Deployment at the NEW Mac & iOS IT Conference. Use Priority Code DIPR02 by March 2 to save up to $500 off the price of Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies, and the latest technology. Register for <a href="http://www.interop.com/lasvegas/?CID=MP_ILV_IWK_Article_TL&_mc=DIPR02">Interop</a> today!2013-02-22T12:29:00ZSEC Makes Big Data Push To Analyze MarketsSecurities and Exchange Commission's new Midas system collects information on all trades in an effort to better understand how the markets work.http://www.informationweek.com/government/information-management/sec-makes-big-data-push-to-analyze-marke/240149214?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"> <a href="http://www.informationweek.com/news/galleries/software/bi/232700311"><img src="http://twimgs.com/informationweek/galleries/automated/769/01_BI-and-IM-Salaries_tn.jpg" alt="Big Data Talent War: 10 Analytics Job Trends" title="Big Data Talent War: 10 Analytics Job Trends" class="img175" /></a> <div class="storyImageTitle">Big Data Talent War: 10 Analytics Job Trends</div> (click image for larger view and for slideshow)</div> The Securities and Exchange Commission is now collecting 400 gigabytes of market data daily, including information on every trade across numerous exchanges, as part of what SEC chairman Elisse Walter on Tuesday called an "unprecedented" push to use data to better understand how the market works. The big data effort, which centers around a system known as the Market Information Data Analytics System (Midas), is being used not only to understand market trends and rapidly emerging modes of trading such as high-frequency trading, but also, according to the SEC, to inform future policy making. Midas, which is costing the SEC $2.5 million a year, captures data such as time, price, trade type and order number on every order posted on national stock exchanges, every cancellation and modification, and every trade execution, including some off-exchange trades. Combined it adds up to billions of daily records. [ Why are good big data tools so hard to find? Read <a href="http://www.informationweek.com/big-data/news/software-platforms/big-data-dev-tools-too-slow-startup-say/240148797?itc=edit_in_body_cross">Big Data Dev Tools Too Slow, Startup Says</a>. ] Although the system has been live for only a few months, the data in some cases goes back as far as four or five years. The uncompressed archive of Midas data would amount to about 1 petabyte, although the archive has been compressed to just more than 100 terabytes. According to Walter and the top official overseeing Midas, Gregg Berman, who was recently named associate director of the Office of Analytics and Research in the SEC's Division of Trading and Markets, Midas has potentially wide application for the SEC. "The downpour of data generated by the markets every hour will lead to better regulation and better investor protection," Walter said in a speech Tuesday, adding that Midas will "dramatically improve our understanding of the way today's markets function." Much of the initial public information around Midas has centered around its ability to monitor and analyze high-frequency trading. "It will give us dramatically better insight into the function of a market that moves many millions of dollars in millionths of a second," Walter said in her speech. "It will be like the first time scientists used high-speed photography and strobe lighting to see how a hummingbird's wings actually move." In more tangible terms, such information will, for example, help the SEC to rapidly analyze the causes of so-called flash crashes, in which the market drops significantly in a brief time period, and will facilitate the study of the need for and possible impact of potential regulations like requiring high-frequency traders to hold quotes for minimum time periods. Much of the big data push stems from the May 6, 2010, "flash crash" in which the Dow Jones Industrial Average dropped about 600 points within five minutes before later recovering those losses. High-frequency trading would later shoulder much of the blame. The SEC investigation, led by Berman, took months and a lot of custom software development, but Midas could greatly accelerate such analysis. "We realized we needed this data all the time, and not just in an emergency, to understand detailed patterns, monitor the markets, and inform us on how orders flow, interactions with trades, rates of cancellation, volatility, and other things that are really central to understanding market structure," Berman, a former hedge fund manager and Princeton-trained nuclear physics PhD, said in a recent interview with InformationWeek.Despite the initial emphasis on high-frequency trading, however, Berman says that Midas has a "much wider" focus. Midas could prove invaluable in the SEC's efforts to ensure more data-informed policy-making across the board. "As you can imagine, we hear lots of diverse opinions," Berman said. "Sometimes you get a nice 20-page treatise on why X is the worst thing in the world, followed by a nice 20-page treatise on why X is the best thing in the world. Our own independent analysis can contribute to the debate directly," he said. Midas won't be able to fill in all of the current holes in SEC's vision. For example, the SEC won't be able to see the identities of entities involved in trades and Midas doesn't look at, for example, futures trades and trades executed outside the system in what are known as "dark pools." However, even without this data, Midas might serve as the necessary foundation for doing much wider analyses in the future. Midas is a hosted system, so the SEC can focus on data analysis, not on keeping the lights on. The system is hosted with SEC's vendor, Tradeworx, which is both a high-frequency trading technology vendor and a trading firm itself. Tradeworx uses the cloud -- Amazon Web Services -- to help power Midas. Services used include Amazon S3 storage, Amazon EC2 infrastructure-as-a-service, and Amazon Elastic Block Storage. "The larger your data sets become, the more difficult it becomes to analyze," said Tradeworx CEO Manoj Narang. "This is why Amazon makes an enormous amount of sense. You can fire up 100 servers arbitrarily to analyze data in parallel." Midas' underlying analytics platform was homegrown by Tradeworx and engineered for fast data transfer and rapid data analytics. "There are a lot of optimized calculations, a lot of work on parallelization of calculations," said Narang. To the data analyst, Midas isn't fronted by a fancy Web app. Rather, it's accessed through a Unix shell, and the interface requires knowledge of scripting. Berman rattles off the tools of the trade: C++, Perl, Python. Tradeworx has also thrown in its own API and a series of commands to help the SEC manipulate data. "It's sort of like Legos," Berman says. "If you know how to work with Legos, you can build amazing things." Although Midas isn't graphics heavy, there are rich visualizations to help analysts dig deeper into the data, and Narang said that future updates to the system will focus on rolling out more visual tools so that users don't have to understand Unix to use Midas. The capability in Midas isn't necessarily novel. Other companies such as Nanex have said that they can offer similar functionality. However, it's the first time that the SEC has had such power at its fingertips, which means that the agency needs to make sure it has the right people in place to make use of the data. Now that the system is live, Berman is on the lookout for that talent. "We brought a few people in, but we need C++ programmers, algorithmic high-frequency trading people, people who worked on trading desks working on models," he said. "We're looking for people with a level of technical and market expertise that's somewhat unprecedented." Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple Deployment at the NEW Mac & iOS IT Conference. Use Priority Code DIPR02 by March 2 to save up to $500 off the price of Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies, and the latest technology. Register for <a href="http://www.interop.com/lasvegas/?CID=MP_ILV_IWK_Article_TL&_mc=DIPR02">Interop</a> today!2013-02-21T14:11:00ZFederal CIO Outlines Next StepsWith Obama's first term in the rearview mirror, federal CIO Steven VanRoekel is looking for ways to continue to improve federal IT even in the face of looming budget cuts.http://www.informationweek.com/government/policy/federal-cio-outlines-next-steps/240149029?cid=SBX_iwk_related_slideshow_Privacy_security <div class="inlineStoryImage inlineStoryImageRight"><a href="http://www.informationweek.com/software/enterprise-applications/ibm-smarter-cities-challenge-10-towns-ra/240142572"><img src="http://twimgs.com/informationweek/galleries/automated/913/01_Smarter_Cities_tn.jpg" alt="IBM Smarter Cities Challenge: 10 Towns Raise Tech IQs" title="IBM Smarter Cities Challenge: 10 Towns Raise Tech IQs" class="img175" /></a> <div class="storyImageTitle">IBM Smarter Cities Challenge: 10 Towns Raise Tech IQs</div>(click image for larger view and for slideshow)</div> The Obama administration's second term has gotten off to a fast start for federal CIO Steven VanRoekel. In the past few weeks, he's been quizzed by lawmakers on the need for additional IT reform and the Department of Energy has been hit by a sophisticated cyber attack. Now the threat of budget cuts triggered by sequestration looms. In an interview with InformationWeek Government at his White House office, VanRoekel acknowledged that federal IT teams continue to face technical, operational and funding challenges. Yet he cited "incredible progress" on efforts to improve the performance and efficiency of federal IT, and he has a plan for next steps. VanRoekel was appointed federal CIO in August 2011, replacing Vivek Kundra, now a senior VP with Salesforce.com. Kundra launched several major government-wide IT initiatives, cloud computing and open government programs and data center consolidation among them. VanRoekel continues to push those projects forward while introducing new ones of his own, such as shared services, a "digital government" strategy and IT portfolio management. [ Will government lay down the law on medical error reporting? Read <a href="http://www.informationweek.com/healthcare/policy/obama-urged-to-mandate-medical-error-rep/240147774?itc=edit_in_body_cross">Obama Urged to Mandate Medical Error Reporting</a>. ] The progress the Obama administration has made on IT reform hasn't sold everyone. In a January hearing titled "Wasting IT Dollars" before the House Committee on Oversight and Government Reform, Rep. Darrell Issa, R-Cal., and others grilled VanRoekel over what they called "obsolete," "deficient," "bloated," and "inefficient" federal IT and questioned his plans for further reform. VanRoekel told lawmakers he was focusing on three priorities: innovating for the American people, improving the return on investment for federal IT, and enhancing cybersecurity, or as he put during our interview, "innovate, deliver and protect." He said he wants to see shared services and modular, agile, low-cost and efficient IT development become the norm in federal government. That will be a major undertaking. Federal IT continues to suffer from IT project failures, inefficiencies, cost overruns and management turnover. In recent weeks, Veterans Affairs CIO Roger Baker and CTO Peter Levin have both disclosed plans to leave their positions. On the other hand, the Obama administration has managed to hold the line on government-wide IT spending for the past four years, agency CIOs are being held more accountable for their IT projects and portfolios, and the feds are consolidating data centers, all while delivering more in the way of government data and digital services. The grand visions of former federal CIO Kundra are giving way to pragmatism under VanRoekel, whose mantra has been "doing more with less," and the realization of improved IT efficiencies and performance is arguably closer than it was at the beginning of Obama's White House tenure. However, VanRoekel might have to modify his mantra to "do more with even less." For budget planning purposes, the Office of Management and Budget instructed agencies to cut 10% from their IT budgets and reinvest 5%. Sequestration, triggered by the Budget Control Act of 2011, could cut IT spending even more, a threat that VanRoekel worries could stall important IT projects and pose cybersecurity risks. The federal IT budget stands at $79 billion for fiscal 2013. "If we just found savings and poured it back into the top of the existing machine and say, this is the way we build solutions in government and this is the way we've always built solutions in government, we would waste that money," VanRoekel said. "We have to change the way we build and deploy and use technology. We have to find a way to live within our means, to continue to innovate and do that in a cost neutral or cost negative way." As VanRoekel told Congress in January and repeated in his interview with InformationWeek Government, that vision doesn't require new laws aimed at improving the management of federal IT. "There is room within the existing law to do what we need to do, and I think we're making, compared to a few years ago, incredible progress," he told InformationWeek. "The fear I have is that legislation is a snap in time. Technology laws are touchy. You don't want to accidentally create a vendor preference or a technology preference that might be outdated in a year or two."Front and center among OMB's efforts is PortfolioStat, a series of face-to-face, data-based reviews of agency IT portfolios attended by an agency's IT leadership and other top managers. The first series of PortfolioStat reviews uncovered $2.5 billion in potential IT saving, according to OMB. "We don't have a [legal] entitlement problem," VanRoekel said. "I think we have a governance problem, and that's why PortfolioStat has the deputy secretary, sub-agency CIOs, the head CIO, the CFO, the Chief Human Capital Officer, all the C-levels sitting around a table saying you have to think about things different." OMB plans to expand PortfolioStat this year by "moving up the stack" from duplicative commodity systems -- its initial area of focus -- to other areas of IT. "The team is going out and thinking not only about how many email servers is this department running, how many this, how many that, but also how much should email cost, so that we can try to set baselines and figure out how to maximize savings and ROI," VanRoekel said. PortfolioStat has done more than uncover the most obvious cost savings, VanRoekel said. It's also helped OMB categorize agencies based on their level of IT maturity. The different types include "Wild West" agencies where every sub-agency does its own thing, agencies that are rationalizing commodity IT, agencies that are rationalizing mission IT, and those that are service oriented. Understanding the differences should help IT strategic planning, according to VanRoekel. The Digital Government Strategy, launched last May, is another area of focus for VanRoekel in Obama's second term. The strategy seeks to improve the delivery of government services by making more data available through Web APIs and to mobile devices. The strategy guides federal IT teams to use government-wide contract vehicles for mobile procurements, ensure digital services adhere to customer service improvement guidelines, and "optimize" citizen-facing services for mobile use. VanRoekel's other key concern is cybersecurity. Under a program called CyberStat, he plans to participate in meetings with agency officials that focus on objectives such as adoption of HSPD-12 cards, multi-factor authentication and continuous monitoring technologies. The Department of Homeland Security and the General Services Administration have issued a $6 billion procurement to provide continuous monitoring as a service to other agencies over five years. FedRAMP, a program to accelerate the adoption of cloud computing in federal government, will see "a pretty steady clip" of new vendors receiving authorization to provide those services, VanRoekel said. The program could be expanded to cover mobile devices and services next. Security checks of mobile devices and services "don't generally keep up with the pace of technology," VanRoekel said. The concept of a FedRAMP-style mobile program would be to manage security authorizations centrally for use across agencies. Devices and services that make it through the program would get a stamp of approval saying in effect, "this is trusted across the federal government," said VanRoekel. The Obama administration still has four years of hard work ahead, but VanRoekel is already thinking about the outcomes he would like to see in federal IT. They include "a government that can build modular, agile solutions that can be shared across agencies and is super-efficient, all in a low-cost environment." He also wants to federal government to be an appealing place to work for talented IT workers. Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple Deployment at the NEW Mac & iOS IT Conference. Use Priority Code DIPR02 by March 2 to save up to $500 off the price of Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies, and the latest technology. Register for <a href="http://www.interop.com/lasvegas/?CID=MP_ILV_IWK_Article_TL&_mc=DIPR02">Interop</a> today!