Federal government cloud computing and cyber modernization efforts will require increased pressure in the effort to move towards data protection standardization across agencies, according to Reps. Will Hurd (R-Texas) and Gerry Connolly (D-Va.) speaking at MeriTalk’s Cloud Computing Brainstorm on Wednesday.
Hurd and Connolly discussed federal information technology (IT) initiatives, such as the $500 million Modernizing Government Technology (MGT) Act that recently passed the House, and received feedback on the Federal Risk and Authorization Management Program (FedRAMP), which is meant to set guidelines for the implementation of cloud services for federal agencies.
“The cloud is not new technology, and we act like it is,” Chairman of the House Subcommittee on Information Technology Hurd said, speaking to the apprehensive nature of some agencies to move to a new data hosting platform. “We have to make sure all Chief Information Officer’s (CIO) have the authority to modernize.”
Both Hurd and Connolly were co-sponsors for the House version of the MGT Act which calls for establishing a central fund for rapid IT modernization of the federal government, and is scheduled to be considered by the Senate in July.
Hurd discussed a possible hearing in the next few weeks to bring federal CIO’s, agency heads and deputy agency heads in front of the House Committee on Oversight and Government Reform to hear how they plan on implementing the new IT authority described in the MGT Act.
Much of the conversation involved receiving feedback on the process for standardizing cloud computing measures, which included a panel of IT professionals discussing their experience with FedRAMP.
Microsoft [MSFT] Federal Chief Technology Officer (CTO) Susie Adams called for an outcomes-based approach to FedRAMP meant to encourage cloud service providers to continue innovating while meeting the program’s guidelines and standards for federal agencies. The reciprocity of sharing individual data storage improvements and cloud innovations is a point of emphasis intended to increase the pace of switching to the cloud, according to Adams.
Criticisms of FedRAMP included the need for sharing public trust clearances which is seen as a limiting practice, according to Virtustream Senior Vice President Joe Moye. Deloitte’s Managing Director of Federal Technology Strategy & Architecture Doug Bourgeis added that increased automation and transparency is needed to speed up the program’s Authority to Operate (ATO) process.
In his address to the crowd, Connolly discussed some of the skepticism around FedRAMP citing the improvements to the cost and time frame of switching over agencies to the cloud.
Connolly did express concern over the Trump administration’s overall approach to accomplishing tangible IT modernization.
“There’s much that’s missing to follow through with even though most of the policy plans have good intentions,” Connolly said, referring to what he see as a lack of tangible ideas in the executive order on strengthening cyber security efforts signed on May 11.
The lack of established cyber departments in agencies and slow approach to this issue by the Trump administration in staffing cyber experts in the federal government is hurting modernization efforts, according to Connolly.
“Using legacy systems that are 40, 50 years old is not the way to do it. We are losing a lot of money by not being efficient,” Connolly said, point to civilian agencies such as the Internal Revenue Service and Housing and Urban Development as examples of those who should not be wary of transitioning to cloud computing.
In his remarks, Hurd also suggested trying to start the process of establishing a Cyber National Guard following the passing of the MGT Act. The cyber corp would involve awarding scholarships to students interested in studying cyber in college and then having them come back to work in IT departments of agencies such as the Department of Homeland Security before entering the private sector.
Connolly plans to work with Rep. Darrell Issa (R-Calif.) on an improvement bill for the Federal Information Technology Acquisition Reform Act to update the ways in which the federal government purchases and manages computer technology.