by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : June 2013
40 GCN JUNE 2013 • GCN.COM GREATEST THREAT TO GOVERNMENT INFORMATION TECH? CAREY: The greatest negative influence on (any) government IT is also twofold: the presence of advanced persistent cy- bersecurity threats and the ease with which any malicious actor can access and employ tools that can destroy in- formation. Cybersecurity threats pose serious challenges to national security, public safety and the economy. While the most commonly known threats are in the form of exploitation (such as stealing commercial and military secrets), there are also tools that exist that can destroy physical property, net- works, data, and, possibly, human lives. These tools are readily available on the Internet and can be used with little formal education or training. Given the grave consequences of cyber-attacks, government and industry IT programs must be painstakingly vigilant in the as- sessment, adoption and implementation of various forms of IT to ward off and thwart catastrophic events. HOWERTON: The biggest threat has been around the move to FISMA control- based security, creating an illusion that if you implement all these controls you are safe. This created a false sense of reality that has driven lot of compliance exer- cises that have not positioned us well to adapt to the adversary and threat. FIS- MA is too focused on controls. The cur- rent move toward continuous monitor- ing and risk managed is healthy for the future. But FISMA is the most damaging thing that has happened. LORD: The inability to acquire new tech- nology quickly and scale it to large en- terprise use. Budgetary influences have caused some of this; some is a result of prioritization within each governmental department. MAHAFFEE: The greatest negative in- fluence has been cultural resistance to changing technologies. One can't afford to simply automate or modernize an ex- isting operation. You have to think about redesigning the function, capturing de- sired information flows, understanding how business and people want or need to operate, and ensure the correct tech- nology is selected and appropriately configured to the mission. Without this, your workforce will not evolve and be able to keep pace with new technolo- gies. The impacts of this resistance and short-sightedness can be far-reaching. For example, we see it affecting the fail- ure of large system solution efforts (e.g., ERP) due to poor request-for-proposal processes, overreliance on firm fixed price contract mechanisms and a failure to build a competent government work- force with the technical project manage- ment expertise needed to work in part- nership with the vendor community. NIEMANN: Churn from frequent changes in federal IT leaders, who do not have the resources and authority to deliver what they have championed. SUDER: GAO's task order-protest ruling of 2009. This has allowed task-orders of over $10 million to be protestable and ground procurement to a halt by creat- ing an over-the-top, risk-averse acquisi- tion community. WHAT TECH PROBLEM OR HURDLE HAS BEEN THE BIGGEST OBSTACLE TO IT PROGRESS IN GOVERNMENT IN THE LAST 30 YEARS? LORD: The lack of successful moderniza- tion of outdated legacy software. Much of the systems software used today is the same as originally developed over 30 years ago. Estimates are that between 250 billion and 1 trillion lines of legacy code are in use today worldwide; the same problem exists in government. NASCIO surveyed state CIOs con- cerning their legacy system moderniza- tion status, modernization strategies and initiatives. The trends exposed in responses from 29 states revealed that states classify approximately half of their IT systems as "legacy systems" and also classify approximately half of those sys- tems as being in critical lines-of busi- ness. Enormous inefficiencies, reduced legacy costs, and even cyber vulnerabili- ties could be mitigated by modernization (documentation, updated business rules, removal of dead code, fixing known vul- nerabilities, etc.) efforts. There have been some large-scale ERP attempts. Those have proved to be expensive and difficult, and several have failed. Small- er approaches to "eating this elephant" would be much simpler, cheaper, and ef- fective more quickly. MAHAFFEE: I see two major hurdles that have been obstacles to IT progress in government. First, the very technologies that have enabled government are the same that have also empowered adver- saries. Unfortunately, it is often difficult to establish technology controls that al- low well-intentioned people and organi- zations to perform their functions while simultaneously restricting or preventing adversaries from successfully executing their objectives. Second, laws, regulations and policies have struggled to keep pace with evolv- ing technologies. Even though advanced technologies may enable more capabili- ties, they can also raise significant legal or ethical dilemmas (e.g., privacy). Until these issues are resolved, organizations may continue to be slow to adopt those technologies. NIEMANN: Lack of an actionable federal enterprise architecture and the author- ity of federal CIOs and staff to do it. SUDER: Lack of leadership and courage in most quarters. The World War II gen- eration built the Pentagon in 18 months. The atomic bomb, from concept to im- plementation, took less than three years. Now it can take 12-18 months to put a memo out. I do think things are changing over the last few years. Budget pressure certainly has a positive effect in that area. The culture is gradually changing to reward- measured risk. • [30 years of government IT]