Much of the federal government’s information technology (IT) infrastructure is woefully outdated. Federal entities spend nearly 80 percent of their total IT budgets on maintaining aging, insecure, and expensive legacy systems. Obsolete technology systems are inefficient and especially susceptible to cyberattacks, which, among other challenges, put citizens’ personal information at risk. Federal government technology officials need more flexible procurement programs to enable them to move beyond the IT status quo that agencies and departments are saddled with today.
· TechNet supports swift implementation of the Modernizing Government Technology Act, or the MGT Act, which would help the federal government creatively improve its information systems. The MGT Act authorizes two competitive IT modernization funding streams to accomplish the following: improve, retire, or replace current technology systems; promote transition to cloud computing when it is appropriate for not only the agency’s mission, but also the type of data being stored; and procure IT products and services to strengthen the federal government’s cybersecurity posture. The MGT Act also facilitates the sound adoption of state-of-the-art technologies, thus helping deliver new IT capabilities, operational efficiencies, and cost savings for the federal government and taxpayers.
· Congress should appropriate the full funding required for the Technology Modernization Fund, which will facilitate the development of inter-agency or federal government-wide strategies to better manage cybersecurity risk.
· Congress should conduct oversight to ensure that working capital funds authorized by the MGT Act are used to reduce cybersecurity risk.
· Congress should require agencies to inventory the technology they use and then prioritize use of the flexibility afforded by the MGT Act to eliminate legacy products and services that are beyond their supported lifecycle.
· Congress should codify the requirement in the May 2017 Executive Order requiring agencies to manage risk under the Federal Information Security Management Act using the National Institute of Standards and Technology Framework.
· Congress should equip federal agencies with the resources needed to implement the CloudSmart strategy.