U.S. Rep. Will Hurd (R-TX) recently made the case for a Cyber National Guard to improve the dismal state of cybersecurity within federal agencies.
Hurd pointed to the Office of Personnel Management (OPM) data breach that resulted in the personnel records of 21.5 million Americans being stolen in making his case. He also noted an assessment that found that a lack of attention to fundamental cybersecurity practices had left the Social Security Administration (SSA) vulnerable to a mass data breach.
“The dismal state of cybersecurity at federal agencies isn’t the fault of this one official alone, of course,” Hurd wrote in an op-ed published in Motherboard. “The deck is stacked against both her and many of her colleagues in the federal government. The legal, regulatory and cultural barriers hindering the adoption of new technologies, the lack of investment to aid in digital defense, a dearth of qualified professionals willing to commit their cybersecurity skills to protect the federal government, and an immature information exchange environment have exacerbated an already insufficient information security culture in the federal government.”
The federal government spends $80 billion on IT procurement, with 80 percent of that amount spent on maintaining old and outdated systems, according to the General Accounting Office.
“The people who buy the IT goods and services are not the same people who use the IT goods and services,” Hurd wrote. “The chief information officer who is charged with overseeing good digital hygiene isn’t in control of the entire agency’s IT budget, and, because of the way the government is funded, agencies are unable to utilize savings they realize through the adoption of new technologies.”
That is beginning to change, Hurd wrote, because of the Federal Information Technology Acquisition Reform Act (FITARA) becoming law in 2015. The measure attempts to modernize IT infrastructures by empowering CIOs with responsibility over investments, project performance and results-based management.
“The passage of FITARA was huge, but we’re trying to do more,” Hurd wrote. “The recently introduced bipartisan, bicameral Move IT Act seeks to ensure that those CIOs are rewarded for their efforts to save our tax dollars and modernize their IT by allowing them to reinvest what they save.”
In addition to regulatory reform, Hurd added, the federal government must attract qualified professionals from the cybersecurity industry to secure its networks — and a Cyber National Guard would help.
“The federal government could forgive the student loan debt of STEM graduates who agreed to work for a specified number of years in the federal government in cybersecurity jobs at places like SSA or Department of Interior,” Hurd wrote. “Furthermore, when those individuals moved on to private sector jobs they would commit one weekend a month and two weeks a year to continued federal service. This would help ensure a cross-pollination of experience between the private and public sectors.”
Hurd concluded that “from investment in technology to investment in people,” the federal government must do more to ensure a safer and more secure digital age.