an member station
The federal government, filled with creaky computer systems that are a poor match for the cybersecurity threats that agencies face from an array of hackers, criminals and foreign governments, is hoping for a multibillion-dollar capital infusion to modernize its IT infrastructure.
U.S. Chief Information Officer Tony Scott says trying to protect current federal IT infrastructure, some of which is decades old, is like "trying to put air bags into an old car." It can be done, he says, but it's not going to work as effectively as a new car that had air bags as part of the design.
The hack of the Office of Personnel Management computers — which exposed records including Social Security numbers and fingerprints of more than 20 million government workers, contractors and family members — was a dramatic and frightening example of the problem facing government IT managers.
While the Obama administration has budgeted some $82 billion in IT spending for 2017, most of that is to maintain legacy systems. Scott says as a society, we've not invested enough in the tools and technology to defend against what he says are "disorganized hackers, or other governments or criminals, so it's an unequal sort of strategy."
The proposed $3.1 billion IT Modernization Fund would allow agencies to apply to make capital improvements with the money to be paid back from savings through more efficient systems.
With the proposal still working its way through Congress, and with time running out on the Obama administration, it will likely be up to the next administration to implement the program. Scott says "in the best of all cases" it will be an ongoing process, likening it to a house that needs continual attention, including putting on a new roof from time to time.
Surprisingly, given the stakes, what the next president should be doing relative to cybersecurity has gotten little attention on the campaign trail, as we've previously reported.
Scott's office on Thursday released guidance for federal agencies that want to identify and prioritize the IT systems in need of up upgrades.