recommended reading

Why ICE Scrapped a Homemade Software Upgrade for Its Terrorist Watchlist

Immigration and Customs Enforcement

An impossible requirement to update a clearinghouse of terrorist-tracking data with custom software factored into a decision to halt development last June, a top official at Immigration and Customs Enforcement said on Thursday.

The Treasury Enforcement Communications System is the main Homeland Security Department database that Customs and Border Protection personnel use to screen foreigners against blacklists, and it manages case files for ICE. ICE assignments include money-laundering probes and online pornography investigations, among other things. Offices within CBP and ICE are simultaneously revamping their respective portions of TECS.

Within ICE’s project budget, previously pegged at $818 million, "about $20 million was for code development," ICE Chief Information Officer Thomas Michelli told lawmakers on Thursday during a House subcommittee hearing probing waste on the database modernization.

"We made the decision, after receiving at least one [program], that it was not a sustainable solution and we had to look at other alternatives,” he said. “What we did learn from that is, when we went out to do the market research, that the market has changed and that there are [commercial-off-the-shelf] programs that we could now use.”

Michelli added, "By moving from the custom code development to a commercial-off-the-shelf solution, early estimates in the market research is we could save money over the lifecycle cost estimate of the system." 

Last month, ICE told auditors that it has overhauled system requirements and expects to have a revised cost and schedule appraisal this spring.

Homeland Security estimates that TECS’s licensing and maintenance costs will be $40 million to $60 million in 2015, a Government Accountability Office official testified on Thursday. The project deadline had originally been set for 2015. 

The overload of requirements for the reconstruction reminded lawmakers of another border security effort that squandered $1 billion over more than half a decade before it was abandoned in 2011.  Creating a Secure Border Initiative network, or SBINet, to detect 70 percent of incursions within a given field of coverage and comply with other prerequisites busted budgets and schedules, when real-life technologies couldn’t meet expectations.

"Given the requirements process has been a problem in past DHS failures, and I point specifically to SBINet,  explain to me why CBP and ICE weren't able to get this right this time," asked Rep. Jeff Duncan, R-S.C.,  chairman of the House Homeland Security Subcommittee on Oversight and Management Efficiency.

In response, David Powner, GAO director for information technology management Issues, said that, to its credit, ICE has reached a "75 percent reeducation in requirements. That’s a big change and I’m glad that we’re getting it together now. But a lot of this is coming too late."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.