TMF Board Still Accepting Governmentwide Cyber Proposals
Agencies have submitted more projects since a huge infusion of cash and a relaxing of the payback model.
Federal projects to improve cybersecurity at multiple agencies in a single go have a good chance at getting money from the Technology Modernization Fund with little to no payback requirement, program leaders said this week.
The TMF, established in 2017 as part of the Modernizing Government Technology Act, was initially established as a multimillion-dollar fund to support IT upgrades with short-term loans. However, the nature of the TMF changed significantly earlier this year after the American Rescue Plan stimulus package added $1 billion to the fund.
After the cash infusion, the TMF Board asked agencies to submit proposals by early June. They received 108 proposals from 43 agencies, Federal CIO Clare Martorana told Congress during a hearing this week. If all were approved, the TMF would need $2.1 billion to cover all of the asks, according to OMB.
Not all of those proposals will be approved, Deputy Federal CIO Roat said during a panel this week hosted by Palo Alto Networks. She encouraged agencies to continue submitting proposals.
“There’s four areas we’re really focused on for the TMF: modernizing high-priority systems, cybersecurity, public-facing digital services and cross-government collaboration and those scalable services,” Roat said, though, in the short-term, OMB’s focus is on cybersecurity and specifically those projects that can have a broader effect beyond a single agency.
The $1 billion addition also came with a loosening of the payback model, which previously required programs to fully reimburse the fund within three to five years. Due to the urgency of cybersecurity issues and the continued pandemic response, Congress and OMB opted to relax the payback model for critical needs.
“The proposals we’re seeing, as they’re coming in, are really taking on those cybersecurity priorities,” Roat said. “Agencies are looking for that influx of funding so that they can step out and address those cybersecurity [issues]: access management, identity credentialing, logging. This is really key to continuing delivering modern services and meeting their missions.”
And the $1 billion and relaxed payback requirements are encouraging those sorts of proposals, according to Beth Killoran, deputy CIO at the General Services Administration.
“That allows some flexibility based on the criticalities of the need and what the agencies are able to achieve,” Killoran said. “In some places—especially in the area of cybersecurity—the need is very large across the federal government.”
Unlike with past TMF awards, the new cyber-focused proposals in particular are rarely about cost savings, Killoran noted.
“This is new investment that needs to happen in order for us to meet the objectives [of the executive order on securing government systems] and protect the data and the systems that serve the American people,” she said. “By not having a full payback capability and allowing a minimal payback, that allows us to have projects that are aimed at tackling some of the more urgent IT needs where we know that there might not be as much of a payback.”
But the larger pot of money has also led to a larger and more diverse pool of applicants to the fund, including broader projects that could apply to multiple agencies and provide cost savings that merit a full payback agreement, Killoran said.
Roat cited an award to the Labor Department back in 2018. (Labor also received a second TMF loan one day after the stimulus package was signed into law.)
“While Department of Labor led that, that touched … other agencies,” she said, citing the Agriculture Department, U.S. Citizenship and Immigration Services and the State Department.
Roat said there are two cybersecurity programs underway in government that she is pushing to apply for TMF funding.
“Not a huge amount of dollars, minimal payback—minimal-to-zero—yet impact the entire federal government,” she said.
That broad applicability—a goal of TMF since its inception—will continue to be the intent for the future, as well, Roat said, especially if the TMF gets another significant influx of money.
“We really want to continue to drive toward those enterprise-scale programs and those that are really transformative for the federal enterprise,” she said. “We’re already seeing that enterprise mentality across the federal government. … Leveraging the TMF dollars and continuing to drive those enterprisewide programs” will be the goal going forward.