recommended reading

What One Tech-Focused Lawmaker Says Stands in the Way of Modernization

Rep. Gerry Connolly, D-Va.

Rep. Gerry Connolly, D-Va. // Colin Kelly

An architect of a major piece of technology modernization says he has yet to hear from the White House since President Donald Trump took office, and is waiting for the appointment of a chief technology officer and chief information officer to push his upgrade efforts forward.

Rep. Gerry Connolly, D-Va., said at a GovernmentCIO Magazine event Thursday that he has “not had a single communication, phone, email, drop-by, anything, about anything, from this White House.”

That’s in contrast to the White House assistance another tech-focused lawmaker, Rep. Will Hurd, R-Texas, previously discussed. Hurd said the Office of American Innovation, headed by Trump’s son-in-law Jared Kushner, advised him on the most recent iteration legislation to fund IT upgrades called the Modernizing Government Technology Act.

Connolly has long-focused on federal IT woes. He was an original cosponsor on the MGT Act and worked with Rep. Darrell Issa, R-Calif., also crafted the Federal Information Technology Acquisition Reform Act, which gives agencies’ chief information officers more budget authority and oversight over technology spending.

Though Trump’s Office of American Innovation has pledged its commitment to upgrading federal systems, but the administration has yet to fill out senior technology leadership positions including the chief information security officer.

“We’re going to try to work with this White House, when we get around to appointing somebody we can talk to about these kinds of issues,” Connolly said.

Asked where legislation falls short, Connolly mentioned FedRAMP, a governmentwide security standard for cloud products and services. Those pieces of legislation were designed to “encourage the government to move toward the cloud,” but “FedRAMP hasn’t turned out the way we wanted it to.”

Instead of being a six-month process that might cost companies a quarter of a million dollars to undergo, some companies reported over a year to obtain authorizations, with costs ballooning to millions of dollars, he said. That’s “exactly the opposite” of the lawmakers’ intent, Connolly added. FedRAMP, however, responded to criticism by automating and streamlining processes, decreasing certification times to as little as three months, while adding new baselines to further simply authorizations for less critical workloads.

In any case, Connolly said more legislation probably isn’t the answer.

“Generally a legislative fix…[is] very prescriptive and Congress doesn’t do nuance and subtlety very well,” he said. “We can do that, but it will become a very rigid framework.”

He added that he plans to revise the FITARA scorecard, the system by which agencies are assessed on their ability to comply with that legislation.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov