The best (and worst) influences on 30 years of government IT
Connecting state and local government leaders
From the IBM PC to apps on demand, and cyber threats to FISMA, our experts weigh in on the biggest influences — good and bad — of the past three decades.
Thirty years ago, the world’s fastest supercomputer was the brand-new Cray X-MP, which had a whopping 16M of memory. The Internet was a research network called the Arpanet, and most people had never even heard that. “Desktop” meant the top of a desk, and “laptop” wasn’t in the dictionary. (Also, a “dictionary” was a large, bound book of paper sheets containing the definitions of words.)
Expert roundtable
Robert Carey
Principal deputy CIO, Defense Department
Travis Howerton
CTO, National Nuclear Security Administration
Anil Karmel
Deputy CTO, National Nuclear Security Administration
Lt. Gen. (Ret.) William T. Lord
Former Air Force CIO and provisional commander of the USAF Cyber Command
Joseph Mahaffee
Executive vice president and CISO, Booz Allen Hamilton
Brand Niemann
Former Environmental Protection Agency senior enterprise architect and data scientist.
Sasi Pillay
CTO, NASA
Tom Suber
President of Mobilegov, industry co-chair of the Advanced Mobility Working Group.
A lot has changed, obviously, in the world of IT since then, and the changes in the public sector have been as dramatic as anywhere. As part of marking 30 years of GCN, we asked seven IT leaders with extensive experience about the biggest impacts — good and bad — on government IT over the past three decades.
Q: What technology has had the greatest impact on the operation of government in the last 30 years?
Carey: The explosion of smart mobile devices. As a general matter, smart devices have been a breakthrough in personal computing, whereby any user can engage the Internet from virtually any location and communicate, conduct transactions or render decisions informed by information retrieved from the Internet. They are a catalyst to vast increases in personal productivity and, as such, DOD is working to leverage all that these devices have to offer. From the DOD perspective, this type of mobile technology is a critical tool for both garrison and joint force combat operations.
Howerton: The fundamental shift is the rise of the Internet in the early ’90s and the commercialization of it by Microsoft in the mid-90s. The Internet has been the underlying foundation for all technologies that have come since: mobility, social networking and big data analytics. All of those require an Internet backbone.
Karmel: When you think about the way we communicate and collaborate, the Internet was absolutely a foundational game changer. The piece I would add to that equation would be the cell phone. It changed the paradigm from a desk-based environment to [the ability] to communicate and collaborate from virtually anywhere.
Lord: In the 1980s it was the desktop computing and expansion of the Internet … that brought efficiencies with computer power and information to fingertips of individual users. In the 1990s it was mobile computing and modern cellular telephony … that allowed computer power to be brought anywhere. In the 2000s it was the ability of individuals to “reach into the power” of the Internet with the development of software which didn’t have to be produced by experts … now many contribute knowledge to all.
Mahaffee: Over the past 30 years, there have been three significant waves of technology change that have dramatically affected government operations. You can put all three into the “faster, smaller and more powerful” category and they have touched every corner of the federal government, transforming how it does business.
In the 1980s, the Internet and the availability of affordable personal computers allowed government agencies, the military and those who support those institutions get connected, more easily share information and create more efficient operations. In the 1990s, the continued miniaturization of microprocessors and memory technologies, coupled with better battery technologies, sped up the broad proliferation of wireless technologies, particularly smart phones that make e-mail accessible. These technologies cut the physical tethers to the Internet, created a more mobile workforce and society and shortened the business cycle. In the 2000s, we saw the emergence of cloud technologies, which is unleashing the power of data. With exceptionally cheap computer processing and data storage, the cloud offers the possibility of centralizing large volumes of data and mining actionable information to more effectively and efficiently manage government resources and execute their respective missions
Niemann: In the 1980s, the technology with the greatest impact on government were the new PCs with Lotus 1-2-3 and WordPerfect. In the 1990’s, Web 1.0 and writable CD-ROMs and DVDs. 2000s: Web 2.0 and 3.0 (Wikis and semantic technology). Other key technologies were: Business intelligence and analytics (SAS), Advanced visualizations and statistics (Spotfire), Cell-level database security (Accumulo), Entity extraction and natural language processing (Semantic Medline), Graph computing (Cray XMP), Event processing and visualization (Recorded Future) Dynamic case management (Be Informed).
Pillay: I believe mobile computing through the use of smart phones has revolutionized government. With this technology, we can now rollout applications in a secure manner that implements risk-based security. This also enables the workforce to operate from anywhere, anytime, securely, which definitely improves employee productivity.
There are over a billion smart phones in use around the world and this has allowed citizens around the world to more actively participate in citizen science, interact with their government for services, and report on their concerns. Every smart phone user can record real-time events and be a freelance reporter. They also can download applications of their choice and customize their computing environment. In the end, employees and citizens have a common platform to interact with their government.
Suder: In the 1980s, the personal computer, by increasing what an individual could do by automating and simplifying routine tasks. In the 1990’s, the network increased what an office/organization could do through communication/collaboration. And in the 2000s, the growth of the Internet increased what the entire world could do though communication/collaboration.
Q. What non-tech event has had the greatest positive influence on the course of government IT in the last 30 years?
Carey: While the use of information technology has continued to accelerate, there are many non-tech events that have had profound effects on government IT. Two come to mind. The first, the disability rights movement, has likely had the greatest influence on government IT in the last 30 years. It describes the cultural paradigm shift in how people with disabilities are regarded and treated in society. At the height of the movement, President Bill Clinton signed into law the Rehabilitation Act Amendments of 1998, strengthening Section 508 of the act by requiring that people with disabilities have access to electronic and information technology provided by the federal government.
The second is the Wikileaks case. Due to the pervasive nature of the use of IT to conduct business, the lack of proper implementation of security policy and controls has driven the entire federal government on a difference course regarding cybersecurity and the need to ensure adequate controls are in place to ensure mission success.
Howerton: The move away from big projects with waterfall techniques that take five years to complete has been a huge win for the government. The ability to move to agile environments, where prototypes can be built, you can get feedback from the customer and then deliver products to them, has taken a lot of risk and cost out of projects.
Karmel: As IT has become consumerized and delivered into the hands of constituents, we as IT practitioners are forced to think differently, moving from the role of sole IT provider for an organization to more of an IT broker and trusted adviser.
Lord: I believe it has been the education and subsequent influence of younger people to want a government that is more tech savvy. They come to government jobs and want the same high-tech capabilities they have at home and often times they don’t get it in government. They have been a forcing function for the government to modernize. And failing to do so may cause that generation to not wish be part of organizations they feel are technologically out of touch. The establishment of the chief information officer position within each government department has also helped to focus positively in the IT arena.
Mahaffee: There are two major non-technical events that had a major positive influence on government IT. First, the 9/11 tragedy highlighted within the government and the world an appreciation for connecting and sharing vast amounts of data that exist in discrete repositories (e.g., databases, computers). This event made the United States and its allies more determined to break down barriers by accelerating the development of new technologies, processes, policies and creating a workforce focused on data mining and cloud technologies. Although this was critical to combat the war on terror, the resulting technologies have contributed to many other breakthroughs in areas such as medicine, safety, retail, etc.
The second major non-technical event was how the Clinger-Cohen Act completely changed the way we think about the CIO and IT programs. Even with its flaws, it was game-changing in the 1990s and positioned a lot of what we take for granted in IT today. Related to the CCA is the continued emphasis and proliferation of open standards, which has enabled more companies to effectively compete in the open market.
Niemann: Collaboration among communities of practice.
Suder: The Hatch Act (prohibiting civil servants from partisan politicking) which is before my time!
Q. Greatest negative influence on government technology?
Carey: The greatest negative influence on (any) government IT is also twofold: the presence of advanced persistent cybersecurity threats and the ease with which any malicious actor can access and employ tools that can destroy information. Cybersecurity threats pose serious challenges to national security, public safety and the economy. While the most commonly known threats are in the form of exploitation (such as stealing commercial and military secrets), there are also tools that exist that can destroy physical property, networks, data, and, possibly, human lives. These tools are readily available on the Internet and can be used with little formal education or training. Given the grave consequences of cyber-attacks, government and industry IT programs must be painstakingly vigilant in the assessment, adoption and implementation of various forms of IT to ward off and thwart catastrophic events.
Howerton: The biggest threat has been around the move to FISMA control-based security, creating an illusion that if you implement all these controls you are safe. This created a false sense of reality that has driven lot of compliance exercises that have not positioned us well to adapt to the adversary and threat. FISMA is too focused on controls. The current move toward continuous monitoring and risk managed is healthy for the future. But FISMA is the most damaging thing that has happened.
Lord: The inability to acquire new technology quickly and scale it to large enterprise use. Budgetary influences have caused some of this; some is a result of prioritization within each governmental department.
Mahaffee: The greatest negative influence has been cultural resistance to changing technologies. One can’t afford to simply automate or modernize an existing operation. You have to think about redesigning the function, capturing desired information flows, understanding how business and people want or need to operate, and ensure the correct technology is selected and appropriately configured to the mission. Without this, your workforce will not evolve and be able to keep pace with new technologies. The impacts of this resistance and short-sightedness can be far-reaching. For example, we see it affecting the failure of large system solution efforts (e.g., ERP) due to poor request-for-proposal processes, overreliance on firm fixed price contract mechanisms and a failure to build a competent government workforce with the technical project management expertise needed to work in partnership with the vendor community.
Niemann: Churn from frequent changes in federal IT leaders, who do not have the resources and authority to deliver what they have championed.
Suder: GAO's task order-protest ruling of 2009. This has allowed task-orders of over $10 million to be protestable and ground procurement to a halt by creating an over-the-top, risk-averse acquisition community.
Q. What tech problem or hurdle has been the biggest obstacle to IT progress in government in the last 30 years?
Lord: The lack of successful modernization of outdated legacy software. Much of the systems software used today is the same as originally developed over 30 years ago. Estimates are that between 250 billion and 1 trillion lines of legacy code are in use today worldwide; the same problem exists in government.
NASCIO surveyed state CIOs concerning their legacy system modernization status, modernization strategies and initiatives. The trends exposed in responses from 29 states revealed that states classify approximately half of their IT systems as “legacy systems” and also classify approximately half of those systems as being in critical lines-of business. Enormous inefficiencies, reduced legacy costs, and even cyber vulnerabilities could be mitigated by modernization (documentation, updated business rules, removal of dead code, fixing known vulnerabilities, etc.) efforts. There have been some large-scale ERP attempts. Those have proved to be expensive and difficult, and several have failed. Smaller approaches to “eating this elephant” would be much simpler, cheaper, and effective more quickly.
Mahaffee: I see two major hurdles that have been obstacles to IT progress in government. First, the very technologies that have enabled government are the same that have also empowered adversaries. Unfortunately, it is often difficult to establish technology controls that allow well-intentioned people and organizations to perform their functions while simultaneously restricting or preventing adversaries from successfully executing their objectives. Second, laws, regulations and policies have struggled to keep pace with evolving technologies. Even though advanced technologies may enable more capabilities, they can also raise significant legal or ethical dilemmas (e.g., privacy). Until these issues are resolved, organizations may continue to be slow to adopt those technologies.
Niemann: Lack of an actionable federal enterprise architecture and the authority of federal CIOs and staff to do it.
Suder: Lack of leadership and courage in most quarters. The World War II generation built the Pentagon in 18 months. The atomic bomb, from concept to implementation, took less than three years. Now it can take 12-18 months to put a memo out. I do think things are changing over the last few years. Budget pressure certainly has a positive effect in that area. The culture is gradually changing to reward-measured risk.