Software // Information Management
News
9/30/2013
08:42 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Government Shutdown: What Are IT Systems Risks?

If the looming government shutdown comes to pass, Federal IT faces security, budget, and workflow risks.

Top 10 Government IT Innovators Of 2013
Top 10 Government IT Innovators Of 2013
(click image for larger view)
As federal agencies brace for a government shutdown, deciding which IT staffers will be needed to maintain essential operations and who will be furloughed has proven much harder to resolve than when the government last shut down, 17 years ago.

With the House unable to deliver a spending resolution on Sunday that would win acceptance by Senate Democrats and the president, it appeared likely that the majority of government agencies would shut down just after midnight on Oct. 1 and more than 800,000 federal workers would be furloughed, with more than a million people more facing the prospects of working without a paycheck.

But who exactly will keep the government's IT systems running, especially if the shutdown isn't resolved quickly, remains in question.

[ The government IT workforce is dealing with a variety of problems. Read Federal IT Staffing Mess: Budget Chaos + Aging Workforce.]

The shutdown would mean a wide range of government activities will be suspended, including access to national parks and museums and the processing of passport and FHA loan applications. But the Departments of Defense, Homeland Security, Justice, and Health and Human Services, the FAA, and other agencies which provide essential public services will remain open, albeit without full support.

Technology plays a larger role in the daily operations of government than it did a decade ago. IT systems, applications and databases are more intricately linked across the federal government. Agencies also depend on a more complex arrangement of internal, inter-agency and external players to manage everything from email and business support systems, to cybersecurity, to the vast customer databases maintained by the IRS and the Social Security Administration. Knowing who is responsible for which operating layers of an agency's IT systems isn't always clear.

"It used to be easier, in previous situations, to figure out who in IT -- employees and contractors -- gets to stay on the job, because everything was siloed," Mark Forman, former administrator for e-government and IT at the Office of Management and Budget, told InformationWeek.

"As agencies have leveraged virtualized networks, storage and production environments, the lines have blurred. Now a greater portion of the IT workforce will need to stay on the job," said Forman, now president of Government Transaction Services.

How much of that IT workforce is deemed to be essential, however, is a call that each agency must make on its own.

At the Federal Emergency Management Agency, for instance, all but about 150 out of roughly 2,000 IT operations employees and engineers were told not to come to work if Congress fails to pass a funding resolution and the government shuts down Tuesday, according to a source familiar with FEMA's operations. Whether that skeletal crew is able to maintain all of FEMA's systems should the shutdown last more than a few days, especially in the event of a cyber breach, is a real concern, the source said.

If the government cyber warriors aren't on duty, many systems will be protected, but a lot of the mundane things won't be, raising the risk of penetration, Tom Davis, former Virginia congressman and chairman of the House Government Reform committee, told InformationWeek. Davis, now a director at Deloitte, was author of the Federal Information Security Management Act (FISMA) and a member of Congress during the shutdowns of the 1990s.

On the other hand, if cyber security measures are in place and the personnel on duty are sharp, removing a lot of the activity from government IT systems will make it easier to spot menacing activities, said Karen Evans, who succeeded Forman at OMB and now serves as national director for the U.S. Cyber Challenge.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PatrickB222
50%
50%
PatrickB222,
User Rank: Apprentice
10/10/2013 | 5:10:00 PM
re: Government Shutdown: What Are IT Systems Risks?
I am a contractor for a Federal Agency employed as a cyber security incident responder. During this shutdown, I am going without pay, and unlike Civil Service employees, there has been no bill passed by the House to reimburse contractors for their lost wages. I cannot be at my post - even without pay - because federal law prohibits me from working.

This situation creates a very serious danger for our nation caused by a convergence of factors:

1)The information systems of the United States Government are under continual attack from sophisticated and well-funded foreign governments. At this moment, practically no one is working to repel those attacks. We are in fact engaged in a cyber war right now with several nations. And at this moment G«Ű no one is guarding the fort.

2)Under normal circumstances, the US Government has a serious shortage of trained personnel to maintain countermeasures to those cyber attacks. Most of the personnel that do exist are now furloughed contractors, who have no hope of reimbursement once they return to work.

3) Since the private sector has a similar shortage of trained cyber security personnel, it behooves those of us who are employed as Federal contractors to seek more reliable employment elsewhere. This will only increase the personnel shortage and exacerbate the risks to the information systems that are an essential part of Federal Government operations.

I have no doubt that several hostile foreign governments are currently celebrating their unfettered freedom to compromise the security and operational integrity of the Federal GovernmentG«÷s computers and networks. And I am challenged to express in words how demoralizing it is to be considered G«£non-essentialG«• and to be summarily tossed off our jobs and told to eek out an existence without pay.

Those of us who work as cyber security contractors for the Federal Government are generally paid less than our counterparts in the private sector. Patriotism and pride in our mission is a large part of our compensation. But pride and patriotism wonG«÷t pay our bills, feed our children, or compensate for the lost wages caused by unreliable employment.
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
10/1/2013 | 3:20:02 AM
re: Government Shutdown: What Are IT Systems Risks?
What's the worst case scenario if govt IT operations are shut down in a disorganized manner?
WKash
50%
50%
WKash,
User Rank: Author
9/30/2013 | 9:42:56 PM
re: Government Shutdown: What Are IT Systems Risks?
You're right. But in this situation, you have Congress acting like a warring board of directors with 535 members that, sadly, is holding the enterprise and its employees hostage.
Laurianne
50%
50%
Laurianne,
User Rank: Author
9/30/2013 | 4:47:11 PM
re: Government Shutdown: What Are IT Systems Risks?
"Davis said the government stands to lose a minimum of a billion dollars,
and it could be several billion, because of the costs associated with
shutting down and starting up operations along with associated delays."

An enterprise wouldn't put up with that kind of expense.
WKash
50%
50%
WKash,
User Rank: Author
9/30/2013 | 3:41:36 PM
re: Government Shutdown: What Are IT Systems Risks?
One of the challenges agencies face in deciding who stays on and who gets furloughed -- and why IT workers are often caught in limbo -- is that too often, agency CIOs don't have full visibility of IT workers across their agency. That's because agency programs managers still resort to using program vs IT funds, as a way to sidestep bureaucracy, and hire their own IT workers to support projects. On one hand, you have to applaud the ingenuity of leaders trying to move forward; on the other hand, it explains why reigning in duplicative IT spending in government is so hard. Either way, driving agencies to the brink of a shutdown is no way to manage an enterprise.
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
Protecting Critical Infrastructure: A New Approach NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.