P resident Barack Obama came into the office using social media, carrying a Blackberry and talking about cybersecurity almost from day one of his administration.
The President named a “Federal Chief Information Officer” where other administrations refrained. The White House promoted the use of data and openness, and pushed agencies to name chief technology officers to promote innovation to improve citizen services.
Nearly every initiative depended on technology, and the Office of Management and Budget didn’t mince words about what it saw as the poor state of federal IT.
President Obama made cybersecurity a national priority with a 60-day policy review and a White House speech in May 2009. He called the cyber threat “one of the most serious economic and national security challenges we face as a nation.” The President said the government and country were not as prepared as they needed to be and committed to treating networks and computers “as a strategic national asset. Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy and resilient. We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage.”
The President named Howard Schmidt to be the first cyber coordinator and a senior adviser. Schmidt also served on the National Economic Council.
But the administration’s lofty talk and goals failed to materialize.
The White House and Senate failed to pass comprehensive cyber legislation, and the Obama administration is considering issuing a less potent executive order to try to improve the security of the critical infrastructure networks.
But it’s more than just the failure to get a bill passed that led us to deem cybersecurity as ineffective.
Many of the administration’s efforts to better secure federal networks or improve information sharing with the private sector fell short of expectations and actual results.
The White House and the Homeland Security Department took two years to require continuous monitoring. The Federal Information Security Management Act (FISMA) has yet to be updated in law, and only parts of which are changed in regulation.
David Smith, the director of the cyber center for the Potomac Institute, said the administration issued a lot of 12-point plans and strategies, but there’s still not a lot of action. He said agencies still are fighting among themselves and the White House cyber coordinator needs real clout.
The departments of Defense and Veterans Affairs have achieved a number of accomplishments since the secretaries of both departments officially agreed on the goal of creating a common electronic health record (EHR) system.
Federal News Radio’s Ruben Gomez’s update on the integration of DoD and VA electronic health records
In 2011, for example, VA announced plans to make its electronic record health open source for others to share and develop. And both departments are in a middle of a pilot testing the interoperable record at the VA medical center in Chicago.
Additionally, DoD and VA created and named two leads of the Interagency Program Office. In late August, the IPO announced VA and DoD were ready to expand 16 pilot programs and offer patients’ health information exchanges nationwide.
In May, the two agencies agreed on a common architecture, which ensures they develop systems that are interoperable.
The IPO said VA and DoD still must develop business processes, a common infrastructure and a supporting system of tools and workflows to develop electronic systems that share data. In 2013, work will shift toward developing single sign-on and context management capabilities. Additional roll-outs will take place at 16 yet to be determined VA and DOD facilities, setting the stage for additional contracts and deployments.”
These steps may seem minimal, it took the White House and like-minded secretaries to finally get a common EHR system on track after years of fits and starts.
The Obama administration learned a hard lesson when WikiLeaks posted video and documents that were not intended to be made public in July 2010.
Kshemendra Paul, program manager for the Information Sharing Environment, on progress in improving information sharing (Interview)
But instead of crawling into a hole, the President signed an executive order to promote secure information sharing in October 2011.
The administration also continued to heavily promote and expand the use of information sharing standards, such as the National Information Exchange Model (NIEM) and the one for Nationwide Suspicious Activity Reporting (SAR).
Kshemendra Paul, the program manager for the Information Sharing Environment, detailed in the ISE’s annual report to Congress the changes over the last year, including more agencies and law enforcement organizations using NIEM and SAR, as well as more coordination and collaboration among federal, state, local and international partners.
The President also issued an executive order to help standardize and reduce the number of classifications used by agencies. The November 2010 order tried to make sharing of information easier.
The National Records and Archives Administration reported last November that among its accomplishments was it approved initial controlled, unclassified information categories and published them publicly.
Karen Evans, former administrator of the Office of E-Gov and IT, and Dan Chenok, director of the IBM Center for the Business of Government discuss IT reform (panel discussion)
Former federal CIO Vivek Kundra said the 25-point plan to reform federal IT came from the CIO community. It tried to address pent up frustrations and areas where CIOs have been asking for change for years.
The plan also brought together the administration’s initiatives to implement cloud computing and fix project and program management.
Altogether, the OMB-led change has reduced the number of data centers, made the implementation of cloud computing more than just talk and has had more than adequate success in getting agencies to solve long-standing project and program management challenges.
Through the use of TechStat sessions, agencies are applying more complete oversight and implementing an agile development approach to improve projects incrementally. Most notably, this has worked well for the FBI’s Sentinel case management system as well as the Patent and Trademark Office’s end-to-end patent modernization program.
OMB also stated 78 systems have migrated to the cloud as of June.
OMB reported in June that agencies planned on closing 680 by the end of 2013, and have already shut down 267 as of March with a plan to close a total of 429 by the end of October.
The President’s focus on IT is more than just the IT reform plan. OMB, through the CIO Council, issued a new strategy around shared services and moving federal services to mobile devices.
Darrell West, senior research fellow at George Mason University’s Mercatus Center, discusses streamlining regulations. (Interview)
The White House started its openness and transparency initiative with a bang. The President issued a memo to agencies on the first day of his administration calling for an Open Government Directive and for agencies to use innovative tools, methods and systems to make government more collaborative and citizen friendly.
Four months later, OMB launched Data.gov with the goal of making agency information more accessible and available for innovative ideas or uses.
From there, OMB unveiled the IT spending dashboard, PaymentAccuracy.gov to measure how agencies are doing in reducing improper payments, Performance.gov, measuring how agencies are meeting govermentwide and agencywide high-priority goals, and several other dashboards.