CYBERSECURITY & MODERNIZATION
     SOME FEDERAL AGENCIES rely on IT systems that have 50-year-old components. Operating and maintaining those outdated systems have contributed to a $7.3 billion
decrease in spending on development and modernization from fiscal 2010 to 2017, according to the Government Accountability Office.
Market research firm IDC predicted that annual civilian agency spending on IT would reach $52 billion by the end of the government’s 2018 fiscal year, with 21.1 percent going to new systems and 78.9 percent devoted to operating and maintaining legacy ones.
Beyond the financial costs, legacy systems severely restrict the government’s ability to be innovative, provide efficient services and stay technologically up-to-date. They also constrain agencies’ capacity to respond to a cyberthreat landscape that is constantly evolving and becoming even more treacherous, which is why cybersecurity has become one of the biggest drivers of IT modernization.
Updating and securing government systems represent a complex and time-consuming undertaking, however. As IT managers are assessing, planning and upgrading systems, they must ensure that security is incorporated every step of the way — an approach that also applies to the adoption of emerging technologies such as artificial intelligence and the internet of things. At the same time, they must continue fortifying existing systems with the latest patches and antivirus updates.
A slip in cybersecurity can have a lasting impact. The 2015 breach of the Office of Personnel Management’s background investigations database, which exposed sensitive information on more than 20 million
people, is still fresh in the minds of many government leaders. In fact, former CIA Director Michael Hayden said at the time that fallout
from the incident could continue for decades, and former U.S. Chief Information Security Officer Greg Touhill said last year that the breach could ultimately cost the government more than $1 billion in identity management solutions over the next decade.
Updating policies to address the challenges
The importance of IT modernization and security is not lost on government leaders. After the OPM incident, agencies engaged in a cybersecurity sprint to administer software patches and institute multifactor authentication for privileged users.
And in a 2017 study, DHS officials spelled out the challenges
of securing mobile devices such as smartphones and IoT sensors, which “extend enterprise borders outside of the physical walls, fences, guards and firewalls that previously protected the enterprise against physical attacks. Additionally, they have a full range of sensors not seen in previous computing devices, which enable new types of attacks on the devices as well as the systems they touch.”
In response to such warnings, Congress has sought to pass legislation that would address the government’s challenge of protecting modern and existing IT infrastructure while looking ahead to emerging technologies.
The 21st Century Integrated Digital Experience Act, which was introduced earlier this year by Reps. John Ratcliffe (R-Texas) and Ro Khanna (D-Calif.), would digitize government processes and
The government’s race to modernize IT systems is converging with its race to secure them
  S-8 | SPONSORED CONTENT
 GCN Staff