Federal agencies in 2010 began delivering on key elements of the Obama administration's IT strategy, including open government, cloud computing, data center consolidation, a renewed thrust on cybersecurity, and improved IT project management.
The upcoming year will bring continued work in each of those areas, plus some new challenges. Action items will have to go through a newly divided Congress and survive tight budgets in many agencies. Debates over cybersecurity legislation are sure to continue in the year ahead, while open government could meet some pushback due to confidentiality concerns in the wake of WikiLeaks. At the same time, 2011 will be a year of execution on long-term projects like cloud computing and data center consolidation.
What follows are 10 things to watch out for next year in government tech.
1. Federal IT Spending Stays Flat
While the Obama administration continues to push an aggressive IT reform and modernization agenda, there might not be enough congressional political will to fund it. The president's fiscal 2012 budget will come out in late January or early February, around the time of the State of the Union address, and just as a new, less friendly Congress comes into office.
Obama suggested a three-year non-security discretionary spending freeze in his 2010 State of the Union address, but concerns over inflated spending have grown this year, and remain high. With that in mind, look for federal IT budgets to remain relatively flat next fiscal year.
How that will impact major IT priorities is less clear. The Office of Management and Budget (OMB) will likely ask for its own funds for efforts to catalyze cloud computing and open government. There will be a sure need for new funding for data center consolidation initiatives, and that funding will make it into the president's budget, but its passage by Congress later in 2011 isn't 100% certain.
Some agencies will also have hard cases to make on high-profile or struggling projects, such as Homeland Security's Secure Border Initiative and the Federal Bureau of Investigation's Sentinel case management system. Financial systems modernization and other high-risk IT projects undergoing detailed reviews by OMB may not fare much better, and some could have their funding slashed.
2. Open Government Meets Resistance
Observers are already beginning to say that the administration's open government efforts are defined as much by their gaps as their successes. In the coming year, while there will be bright spots, open government will continue to struggle amid concerns about confidentiality and privacy.
While all agencies today meet the baseline requirements of open government, pressure to increase privacy and confidentiality in the wake of WikiLeaks' release of diplomatic correspondence will provide countervailing forces. Information sharing could see the greatest chill. Secretary of Defense Robert Gates said in late November that the information sharing "aperture" was open "too wide." Already, the White House has ordered agencies to review their information security efforts, and the State Department has taken its cables off its networks.
That's not to say there won't be progress in certain areas. The White House and some agencies will focus not just on releasing more data sets, but on marketing that data and facilitating community engagement around it. OMB recently named an evangelist for Data.gov to build the site's new community section and to increase outreach to academia and other organizations. Expect to see an increasing internationalization of open government as well, along the lines of an open government partnership with India that was announced in November.
3. Data Centers Begin Closing
If 2010 was planning time for the government-wide Federal Data Center Consolidation Initiative (DCCI), 2011 will be when agencies begin to act on those plans. The White House has set a goal of decreasing the number of federal data centers by 40% within five years. Individual agencies' action plans are being reviewed by OMB, which will release those plans early in 2011 and integrate them into fiscal 2012.
Even though designated funding won't become available until September 2011, when fiscal 2012 begins, agencies will have time to get started on "quick wins" before then by using existing infrastructure funding, evaluating cloud computing options, and beginning virtualization and application consolidation efforts.
4. Agencies Embrace Cloud Computing
Cloud computing has been one of federal CIO Vivek Kundra's pet projects since he took the job, and that push will continue in 2011. Chief performance officer Jeff Zients has announced that the administration will promote a "cloud-first" policy for fiscal 2012, which will require agencies to adopt cloud services where possible. So expect to see many agencies taking their first steps into the cloud in 2011.
Cloud service providers will jockey to get in on the action, with Google and Microsoft already engaged in an escalating competition for agency contracts. The General Services Administration (GSA) announced a cloud services deal with Google in early December, while the Department of Interior and the U.S. Department of Agriculture both picked Microsoft.
Other agencies, including the Army, Homeland Security, and NASA, will build private cloud environments, typically as part of their data center consolidation strategies.
5. Cybersecurity Becomes Law
While the highly charged partisan atmosphere in Washington, D.C. has brought many legislative initiatives to a halt, there's broad agreement that cybersecurity can't wait. Dozens of cybersecurity bills have been introduced during the most recent session of Congress, including some described as comprehensive. While Congressional leaders had hoped to get a bill signed in 2010, there is work underway to merge several key bills, and there's little indication that cybersecurity will be any less of a priority under split Congressional leadership than it was under a Democrat-run Congress.
The final shape of a bill is another matter. The most likely would entail revising the Federal Information Security Management Act (FISMA) to focus more on risk management and continuous monitoring, making the federal cybersecurity coordinator a permanent and Senate-confirmed position, setting guidelines for critical infrastructure protection, and doling out new cyber-responsibilities to Homeland Security and the Department of Defense. Sticking points include government involvement in securing private sector networks.
6. Privacy, Spectrum Get Renewed Attention
Cybersecurity isn't the only IT action item on the legislative agenda. The White House has a number of things it would like to get accomplished in the New Year, as does Congress. Their to-do lists are likely to include privacy laws and spectrum reform. Citizens and government are expressing increasing concern about intrusions into their private information on the Web and beyond, while an ever-increasing demand for wireless bandwidth has led to public safety spectrum legislation and calls to open more spectrum for public use.
Also potentially on the table is patent reform, though previous efforts have stalled. The White House, meanwhile, plans to push for legislation giving federal agency CIOs more authority, and to work with Congress on ways to reform the budget process to fit an era where technology cycles continue to shrink.
7. Lightweight Tech Gains Popularity
In the recently introduced 25-point action plan for IT reform in government, federal CIO Kundra touts the use of "light technologies" as a way of optimizing IT spending and bringing greater speed and efficiency to IT operations. Examples include cloud computing and other kinds of shared services in which agencies tap into pooled IT resources.
There's also buzz around agile development, where programming teams develop capabilities in increments as a way of staying closely aligned with business requirements. In 2010, the FBI adopted agile development as a way of getting its delayed Sentinel case-management system across the finish line. Look for IT pros across government to adopt technologies and processes that let them show results faster.
8. More Workers Stay Home
In December, President Obama signed the Telework Enhancement Act of 2010, which requires agencies to establish telework policies within six months and to decide which employees are eligible. The bill requires agencies to set up training programs for employees and managers, and to factor telework into their business continuity strategies.
As more agencies establish frameworks for remote workers, it should not only give government employees increased flexibility, but also result in less disruption to government services during blizzards and other disruptions. Tech teams will be enlisted to provide secure remote networking and other forms of support.
Slideshow: Who's Who In U.S. Intelligence
|(click for larger image and for full slideshow)|
9. Agency CIOs Come Under Pressure
For the first two years of the Obama administration, OMB used the carrot more than the stick to get agency CIOs in line with its IT policy objectives. Going forward, however, OMB is raising expectations that senior IT leaders in government get on board with its top priorities. Look no further than OMB's 25-Point Implementation Plan To Reform Federal IT Management for evidence that agency CIOs will be on the hot seat. In addition to the new "cloud first" strategy and initial data center closings, the reform plan calls for renewed investment review boards and broader rollout of OMB's TechStat project-review sessions.
As another part of the plan, OMB is redefining the role of agency CIOs, requiring that they spend more of their time and attention on portfolio management. With those redefined responsibilities, a lengthy list of IT reforms, and so much attention being paid to IT project performance, the job of the agency CIO has gotten tougher and any shortcomings, more visible.
10. Cloud Security Program Sputters
The Federal Risk Authorization Management Program, or FedRAMP, aims to accelerate cloud adoption in government by streamlining the plodding, ad hoc process through which cloud services otherwise satisfy federal cybersecurity guidelines. It's an effort that's been welcomed by the tech industry and government IT pros alike, but early reviews of the draft process leave something to be desired, and the government will need to work through these issues in the first few months of 2011 before FedRAMP can get up and running.
Among the criticisms levied against FedRAMP are that it's not a mandated program, its processes might make it hard for startups to enter the government market, there's insufficient attention to application security, and that FedRAMP is overly rooted in traditional (non-cloud) cybersecurity. What's more, it could still be months before the first FedRAMP certifications pass muster.