Gary Washington is trying to do something at least four other Agriculture Department chief information officers have promised to do, but came up well short.
The difference this time as USDA tries, once again, to consolidate 17 disparate networks into one is Washington has real funding.
USDA will receive $64 million from the Technology Modernization Fund Board for this project. This was USDA’s fifth award under TMF.
The TMF Board made two other awards on June 21 as well, giving the Homeland Security Department $26.9 million to modernize its Homeland Security Information Network (HSIN) and $3.9 million to the Federal Trade Commission to procure a security operations center-as-a-service (SOCaaS) in order to implement a zero trust architecture.
The board has made 14 awards since receiving $1 billion from the American Rescue Plan Act in 2021. It still has more than $650 million left in the account. The Office of Management and Budget and the General Services Administration on June 16 committed to spending $100 million on customer experience projects that cut wait times for public-facing federal services, as well as excessive paperwork and other barriers.
While DHS signaled its desire to update HSIN in an April request for information and the FTC’s move to zero trust is part of the Biden administration’s overall push to improve cybersecurity, the USDA award is what Congress created the TMF for in the first place — to give agencies a boost to get over the modernization hump.
“This investment will be used for the USDANet startup costs that reduces the number of USDA-owned and operated networks from 17 to 1 and will result in $734 million in estimated costs savings/avoidance,” the TMF website states. “The lowered total cost of ownership by the USDA means Mission Areas can allocate greater portions of their IT spending from basic infrastructure to public-facing applications that promote conservation, goodwill, and optimization of resources.”
Washington said at a recent event sponsored by ACT-IAC on June 14 said this effort will be done through the Enterprise Infrastructure Solutions (EIS) vehicle run by GSA.
“We have submitted our project plan. We’ve been working with our contractor, and we’re aggressively working toward meeting the milestones that we have to set,” Washington said during the panel discussion on EIS. “We had approximately 54% disconnect rate, currently, so we’re going try to aggressively get that up. But the primary thing is we’re going to transition to a managed service model, where we can, like modernize the network periodically like we’re supposed to. It provide better service because we’re all over the country, and we have a national presence as well.”
USDA awarded Lumen a task order under EIS in January that could be for as much as 11 years and could be worth $1.2 billion.
One of the key factors for the TMF Board to make an award is whether the agency has an existing project and contract in place.
Long-running challenge at USDA
Previous attempts to consolidate and modernize USDA’s networks have struggled but not for lack of trying or will. For example in 2011, then Secretary Tom Vilsack — who is back as secretary today — approved a report detailing 379 recommendations for improving agency operations and saving administrative money to reinvest into citizen services.
Washington even called in the IT Centers of Excellence in 2018 to help wrangle these networks and move applications to the cloud. While the IT CoEs helped the agency move more applications and systems to the cloud, Washington said EIS gives them an opportunity to rethink how their supporting infrastructure supports their cloud environment and cloud strategy.
“It’s going to really happen, and I’m going make sure I will be here to make sure it does happen,” Washington said about the network consolidation. “We were very excited about that. Our leadership is excited about it. Actually, I briefed the secretary on this last week. So it’s just really a matter of getting our equipment and making sure that we would pick up the pace in terms of actually implementing this solution. We’ve got a lot riding on this.”
As for the investments at DHS and FTC, the board continues to signal its desire to choose projects that could have broad impacts on users or on demonstrating how something could work.
DHS released an RFI to modernize HSIN in April, seeking industry feedback on how to take the current platform from complex, costly and not optimized for cloud-based and mobile features to one that better supports end-users and rapidly addresses threats to homeland security.
“DHS looks to redefine information accessibility and build a modern, comprehensive information sharing platform using cloud-based technologies to increase speed, mobility, and access to unclassified information,” the RFI stated.
Cloud native, modern tools
With the TMF money, DHS says it will “rebuild its information sharing system as a cloud native platform with modern tools and technologies. The new platform will be capable of scaling up to meet peaks in demand during times of emergency while also offering significant new features including improved access and security; better content sharing and discoverability; and greater emphasis on connecting HSIN’s partners to each other for closer collaboration. DHS will also use the TMF investment to build a platform that is more responsive to a post pandemic work environment for users with easy and secure access on mobile platforms and other devices.”
DHS expects the extra money to accelerate its modernization effort to create a system that is more flexible, offers a better user experience and costs less.
The board’s award to the FTC — its fourth specifically around zero trust — is almost a proof-of-concept that other small agencies could take advantage of.
The FTC will use the extra funding to replace its existing security operations center that is built for government-operated data centers and has trouble scaling to address growing cyber threats.
“[T]he FTC will expedite its SOCaaS implementation using security services and trusted cloud service providers to host sensitive FTC data. This comprehensive approach will greatly reduce the risk of bad actors executing a ransomware or other cyber attack,” the TMF website stated. “It will also reduce the number of man hours currently expended to respond to indicators of cyber incidents. These hours could then be repurposed to continue improvements to the agency’s many operational systems for merger filing review and reporting of fraud. The agency is collaborating on this effort with other federal cyber security leaders, including the Department of Homeland Security, to share best practices.”
Raghav Vajjhala, the FTC CIO, said in July 2021 that half of all of its systems and applications are in the cloud and is upgrading its network to be software-defined. These modernization efforts need a modern security architecture, he said.