First four years of the Obama Administration were marked by the beginnings of significant changes in federal IT. Execution will be the name of the game during the next four.
IW500: 15 Top Government Tech Innovators
(click image for larger view and for slideshow)
President Barack Obama's first term was marked by ambitious IT reform initiatives in cybersecurity, cloud computing, mobility, project management and more. With his reelection, Obama's focus must now shift to finishing what he started.
On his first day in office in 2009, Obama signaled that IT would be high on his agenda when he issued a memo calling on federal agencies to "harness new technologies" to promote open government. It remains to be seen if he will launch a tech policy of similar scope on day one of his second term, but there's already enough to keep the federal CIO and federal CTO -- positions created in Obama's first term -- busy pushing those existing programs forward.
We now know that federal CIO Steven VanRoekel plans to stick around to oversee that. VanRoekel shared the news on Twitter. "For those who asked if I am staying with the Administration – four words – '2 Legit 2 Quit,' " he tweeted on Nov. 9.
Cybersecurity has been a major point of focus for Obama, with the creation of U.S. Cyber Command, the appointment of a national cybersecurity coordinator, changes to federal IT security authorizations and monitoring, and attempts to enact new cybersecurity laws.
New policy initiatives are expected within the next month or so. The administration is readying an executive order that will require increased public-private sharing of information on cyber threats. And, although Congress failed to pass comprehensive cybersecurity legislation this term, it will likely be taken up again by the next Congress. Items still up for debate include the scope of revisions to the Federal Information Security Management Act and what requirements will be placed on private sector companies that operate "critical infrastructure."
From an operational standpoint, Cyber Command, the military's new hacker corps, is maturing. The Department of Defense plans to unveil cyber rules of engagement at some point in the near future, and DoD secretary Leon Panetta recently called for an expanded offensive role for the military in the cyber realm.
Outside of the military, federal CIO Steven VanRoekel wants federal agencies to adopt a federated, inter-agency identity management model, so look for progress there over the next year or two. A cross-agency effort to protect federal networks will also push ahead with the introduction of the Einstein 3 intrusion prevention system.
The White House's Office of Management and Budget is aggressively pushing agencies to consolidate data centers and, in lieu of dedicated IT resources, make increased use of cloud computing and shared services. There's much more to be done in all of those areas.
One major new development is the recent launch of FedRAMP, a program to expedite security authorizations of cloud services. That should hasten cloud adoption by agencies. On the shared services front, there are deadlines to meet. Agencies must complete two shared services initiatives by the end of 2012. A shared services implementation guide is due any day.
The government is ahead of its schedule to close 1,200 data centers by 2015, and IT budget requests related to that effort are on the rise, even as federal IT spending remains flat. The government soon will launch a federal "data center marketplace" for excess data center capacity. The marketplace is being pilot tested.
The federal IT budget will be flat in fiscal 2013, the fourth consecutive year of no growth, and that probably won't change over the next few years. With flat spending, the administration will continue to look for ways to cut costs and make federal IT more efficient. VanRoekel refers to it as "cut and invest." Given the budget pressure, federal IT must become agile and leaner. One way federal CIO VanRoekel will seek to do that is through an emphasis on metrics-based project management with efforts such as TechStat and PortfolioStat to spot and fix inefficiencies in federal IT across the board. OMB director Jeff Zients last month attributed $2.5 billion in savings over the next three years to PorfolioStat alone.
Changes in IT procurement are another way federal officials will look to save. Just last week, the General Services Administration issued a request for information in advance of drafting new purchase agreements for enterprise software. OMB's Shared Services Strategy emphasizes smarter buying of "commodity IT." Other changes to federal IT purchasing could come in the form of legislation.
Many federal agencies developed and released their first mobile applications over the past year and began to experiment with new mobile devices, setting the stage for enterprise-wide initiatives in the months ahead. OMB's "digital government strategy," introduced by VanRoekel in May, seeks to "unlock the power of government data," in large part by making it available through Web APIs and by targeting mobile devices. Most of that work lies ahead.
VanRoekel has called for government-wide contracts for mobile app development, mobile devices, wireless service, and mobile device management. What the feds don't buy, they might bring to work. Agency CIOs have been mulling bring-your-own-device (BYOD) policies for months now. We can expect more agencies to take a firm stand on BYOD in the near term.
On the open government front, VanRoekel aspires to make Data.gov the nation's central repository for government data and a platform for creating new applications and data mash-ups. That vision has been slow to spread, but it deserves, and will likely get, continued attention from the federal CIO.
More than half of federal agencies are saving money with cloud computing, but security, compatibility, and skills present huge problems, according to our survey. Also in the Cloud Business Case issue of InformationWeek Government: President Obama's record on IT strategy is long on vision but short on results. (Free registration required.)
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.