Small agencies must make do with far less than their larger counterparts when it comes to IT funding, especially in the critical area of cybersecurity, said Kirit Amin, CIO of the International Trade Commission.
Speaking during a presentation at the 2016 ACT-IAC Executive Leadership Conference in Williamsburg, Va., Amin characterized the 24 agencies that fall under the Chief Financial Officers Act of 1990 as tier one, large organizations that receive far more funding and other resources. By contrast, the 96 smaller agencies that are not covered by the CFO Act often fly under the radar and deal with shortfalls.
They also receive less consideration from major federal IT security programs such as the Federal Risk and Authorization Management Program (FedRAMP) and the Department of Homeland Security’s Continuous Diagnostics and Mitigation program, even though in many cases they need the most help.
“There is no way that each of these agencies has the resources or funding to do this on their own,” Amin said.
Personnel Issues Affect IT, Training
Small agencies also lack the expertise that larger agencies have on staff, Amin added, such as procurement professionals who can help them optimize their acquisition efforts for IT solutions and services. They need experienced professionals not only to carry out essential operations, but also to train younger IT professionals.
“Small agencies need a few experienced Yodas to help them get to where they need to be,” he said, expressing his hope that tutelage under long-tenured colleagues would turn inexperienced IT pros into young “Jedis” for agency security efforts.
To address these challenges, Amin suggested that large agencies share some resources and advantages. For example, he recommended that the CIO Council, which includes members from each of the 24 CFO Act agencies, add a 25th seat to include a member who represents the interests of smaller agencies.
He also suggested that small agencies be given opportunities to share space in data centers run by larger agencies.
Steve Orrin, chief technologist for Intel Federal, expressed support for Amin’s recommendations during the presentation. One challenge that small agencies face, he said, is that they are often overlooked by large IT vendors.
Orrin suggested that major IT vendors could partner with small agencies to bring significant benefits to both. By working with small agencies on innovative projects that involve approaches such as software-defined networking or machine learning to deal with cyberthreats, large IT companies could help these agencies make use of cutting-edge technologies. The companies could achieve their objectives more quickly at small agencies and then scale that success to larger organizations.
To learn more about security issues that affect your agency, visit fedtechmag.com/security.