When MGT passes, will there be enough official CIOs to implement it?
The Modernizing Government Technology is no stranger to the goal line.
Having twice passed the House and recently passed the Senate as an amendment to the fiscal 2018 National Defense Authorization Act, the IT modernization bill is a proverbial whisker away from becoming a law.
But the question now becomes when it does pass, who will be there to implement it?
Nearly half of the cabinet-level agency CIOs are acting officials; the scene is similar among smaller agencies, with Federal Deposit Insurance Corporation CIO Lawrence Gross announcing his retirement this week.
With the MGT Act estimated to pass in December, there will be greater pressure on agencies to develop modernization plans as the fiscal year approaches.
Speaking at a Center for Strategic and International Studies event on federal cyber defenses, MGT Act author Rep. Will Hurd, R-Texas, said the Office of Management and Budget and the White House’s Office of American Innovation have been working on implementation policy, but agency CIOs will still have to deliver.
“Whether you have an acting or permanent CIO, to me, it ultimately doesn’t matter,” the House Oversight and Government Reform IT Subcommittee chairman said. “Because we are going to continue to shine a light on this issue. And yes, there’s probably some acting CIOs that want to say, ‘Oh, we’re not going to do anything because somebody new is going to come in and have a different perspective.’
“Well, after nine months, guess what? After nine months, we are going to still have them in front of the [House Oversight] committee and say, ‘Why are you not following up on the plans given to you from the previous folks.’”
The Trump administration and its Office of American Innovation have been supportive of the MGT Act and have backed IT modernization efforts through a series of executive orders related to the issue. But it’s also seen a growing number of CIOs and chief information security officers depart since the administration took office.
In August, Office of Personnel Management CIO Dave DeVries, Navy CIO Rob Foster, Agriculture Department CIO Jonathan Alboum, Department of Veterans Affairs cloud strategist Roopangi Kadakia and Environmental Protection Agency CISO Sean Kelley announced they were either leaving government or changing roles within their agencies.
Prior to that, Treasury CIO Sonny Bhagowalia was reassigned within in the department, and Department of Homeland Security CIO Richard Staropoli stepped down just months into his role. Likewise, no nominee has been named for either the federal CIO or CISO roles.
And while Hurd said MGT Act compliance will be tied to agencies’ Federal Information Technology Acquisition Reform Act, or FITARA scorecards, the lack of leadership in those roles is cause for concern.
“A lot of the work that has been done, we need to make sure we need to take advantage of,” he said. “Not having some of the permanent CIOs in positions across the agency has been difficult. It’s nine months [since the inauguration], but Congress should continue to fulfill our oversight role and bring many of those folks back to the Hill and make sure they are following up on many of the programs put in place under the last administration.”
Oversight aside, Christian Marrone, former chief of staff to the secretary of Homeland Security and current chief of staff for IT company CSRA, said that the leadership provided by C-suite executives will be integral to modernization and cybersecurity efforts.
“From my perspective, from being at [the Department of Defense] and then at DHS, the CIOs are just critical,” he said. “And every CIO is different, sits differently in their organizations and that all really needs to be reckoned with.”