, calls for $10.2 billion in investments designed to “modernize federal information technology to protect against future cyber-attacks.” If approved by the U.S. Congress—and well-managed within the executive branch—this would be one of the largest single efforts the U.S. government has ever undertaken to fix long-running problems with legacy IT and cyber vulnerabilities, and a significant first step in realigning U.S.
But this significant investment will only be successful if some of the funding ensures that U.S. cybersecurity infrastructure is realigned to become risk-based and intelligence-driven, with coordinated and consistent policy and standards for how that information is used across government in all procurement and risk acceptance decisions.
To make that transition, this investment must not repeat the sins of the past. Officials should not waste any American Rescue Plan dollars on insecure legacy products and technologies, rebuilding one-to-one existing networks and systems possibly compromised by SolarWinds, shifting legacy workloads into new computing environments without integrating security and modernizing their design, or automating complex and customized processes when equivalent commercial applications are available.
Instead, government and industry should direct this investment to implement best-in-class government and commercial shared services that enable efficient sharing of information, while expanding actual monitoring and response capabilities.
guidance and standards can raise the barriers to intruders and better protect federal systems. Among those that deserve the attention of federal IT leaders are modern network and identity technologies, including zero trust, next generation identity management, and secure workstations for those users that have administrator level access.
The Biden 1.9 Trillion American Rescue Plan is needed to patch 10 holes to right our sinking ship. The Republican 600 billion counter-proposal would patch the equivalent of 3 holes. The 7 remaining holes would still sink the ship failing the Country. Go Big, Go Strong, Go Right!