recommended reading

Feds don't see the government backing down on IT reform after Kundra

The pressure on agencies to transition more of their technology infrastructure to nimble cloud computing won't let up when the nation's first federal chief information officer, Vivek Kundra, leaves government this summer, General Services Administration official Dave McClure predicted Wednesday.

Nor is it likely that other major initiatives Kundra laid out in his 25-point plan to reform federal information technology will be substantially revised under his successor's watch, according to McClure and other speakers at a panel discussion during the FOSE Conference and Expo on technology in government in Washington.

"It's the administration that has laid this out, not just Vivek," McClure said. "It would be difficult to imagine that the IT reform agenda is going to be forgotten once Vivek leaves. The administration has really tied itself to achieving this."

Kundra, who will take a fellowship at Harvard University in August, has laid out a plan for the government to transfer about one-fourth of its $80 billion annual IT budget to public, private or hybrid cloud storage during the next several years, a move he said will save the government about $5 billion annually.

There's been some speculation that the pressure for the cloud transition may wane after Kundra's departure, but no thought that it will disappear entirely. Information technology officials at the agency level generally have been more hesitant about moving to the cloud because of increased security concerns and more limited control over their own data.

Computer clouds are essentially large banks of servers that pack data more efficiently than traditional data centers and can shift data around to accommodate surges in use by one customer and dips by another. Customers in private and public computer clouds typically buy storage as they would a utility service, paying only for the space they use.

The CIO's successor will necessarily be more focused on executing Kundra's programs than on launching initiatives of his or her own, McClure and other panelists agreed.

"It's very difficult to lay out a whole new initiative in the government," said Anne Reed, chief executive at ASI Government, a federal vendor, and former CIO at the Agriculture Department. "Now the challenge is to get it done and the next person will have to get it done in a very challenging environment."

Implementing existing initiatives will continue to involve a great deal of difficult decision-making, McClure cautioned.

"The execution of this agenda is still going to come to moments of trade-off in terms of what's the priority and how will things be executed, and that's something the next person who comes in is going to have to grapple with," he said.

It's unlikely Kundra's successor will back off from the Obama administration's FedRAMP, a plan to create standard governmentwide requirements for cloud-based services so vendors have to be certified only once, said Ron Ross with the National Institute of Standards and Technology.

A draft version of FedRAMP ran into criticism from vendors who complained it didn't pay enough heed to the diversity in security and computing requirements across federal agencies.

GSA and the Office of Management and Budget are "working overtime" on FedRAMP, Ross said, and a final document should come out sometime in the fall.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.