Security, electronic government spur push for federal CIO
Prepare the way for the information technology czar. There is growing support
in Congress for one, a presidential advisory committee recommends one, and
presidential candidate George W. Bush wants one. Every time a security breach
occurs, many politicians and government IT experts line up to call for one.
The Clinton administration doesn't like the idea, but that opposition
is widely viewed as a temporary impediment. And considering that the federal
government spends upwards of $40 billion or so each year on information
technology, a lot of people in senior IT positions in government say it
is time to put someone clearly in charge.
Compare the relative electronic anarchy that reigns in the federal government
today with the efficient electronic government that is technically feasible,
and the situation cries out for a czar. "Twenty-five percent of what we
spend [on information technology] is wasted," estimates Roger Baker, chief
information officer at the Commerce Department and one of the first top-level
federal IT managers to publicly call for a federal CIO.
Today, every major federal agency has its CIO, its IT budget and its
vision of the future, however vague. "There's no common strategy, there's
no common approach, we're all re-inventing the wheel, and once in a while
we compare notes on whether it should be round or square," he said. "We
have a zillion data centers and a zillion help desks."
With such rampant duplication and disjointed IT endeavors, the result
often is an online service of limited utility. Under a strong, central IT
administrator, "it wouldn't have developed that way," Baker said.
But don't say the government needs a "czar." That word evokes the wrong
image, Baker said. "This is a management issue." It calls for a "federal
CIO," he said. Even so, what Baker and others describe is an information
officer of imperial proportion.
A federal CIO should be knowledgeable enough to tackle technical issues
such as security and privacy, skilled at handling management problems such
as personnel shortages, wise in solving social quandaries such as the digital
divide and politically astute enough to satisfy Congress and the president.
He or she must also find a diplomatic way to impel agency chiefs into the
Information Age.
And the job needs clout, said George Molaski, CIO for the Transportation
Department. The federal CIO should be a cabinet-level position so the CIO
has direct access to the president. "He should be a special assistant to
the president," he said. "We don't need a new department."
"Obviously, a CIO needs a good deal of familiarity with information
technology," said Herbert Schorr of the President's Information Technology
Advisory Committee, which is preparing a report for President Clinton that
will call for appointing a federal CIO. "It would be delightful to get a
good person out of one of the agencies. That way he would already know his
way around government. Otherwise, you would have someone with a year or
two learning curve."
Into the Breach
The idea for a governmentwide CIO got its start in calls for a federal
cybersecurity chief. The increasing number and severity of hacker attacks
on federal and private Web sites and federal information systems — last
year's "Melissa" virus, an e-mail attachment that lowered security settings;
denial-of-service attacks this year against Yahoo, eBay and other e-commerce
sites; and last month's "love bug," which attacked e-mail systems and stole
passwords — have convinced many federal IT officials that a federal cybersecurity
officer is needed.
"Our cross-government efforts in computer security are not adequate
today," said John Gilligan, chief information officer at the Energy Department
and co-chairman of the CIO Council's Security, Privacy and Critical Infrastructure
Committee. "There needs to be some consistent and influential authority."
The General Accounting Office has recommended that a federal CIO be
appointed, but such a person would lead the management of all government
IT, which leaves very little time to deal with the complicated issue of
security. "Computer security, I think, is one of the top issues that needs
to be addressed," said Jack Brock, director of governmentwide and defense
information systems at GAO. "And computer security right now is just too
big a problem for a national CIO."
Brock believes many security issues are best dealt with at the agency
level, by the manager of a particular system. "First and foremost, [security]
is the responsibility of the people who own the systems; that is the first
line of responsibility and it should be the last line," Brock said.
The Government Information Security Act of 1999, which awaits a Senate
vote, proposes that the deputy director for management at the Office of
Management and Budget take on a more fully defined role as coordinator of
agency security practices.
During the last four years, the Clinton administration has created groups
such as the Critical Infrastructure Assurance Office to deal with governmentwide
security issues, but by law OMB has responsibility for security, and many
feel that is the way it should stay.
"You are better off giving extra responsibility to the people who are
already responsible...and in that case, the right place is OMB for security
management because OMB has responsibility for all IT management," said Bruce
McConnell, former head of the Information Policy and Technology Branch at
OMB's Office of Information and Regulatory Affairs and now president of
the Washington, D.C.-based consulting firm McConnell International LLC.
The Electronic Government Factor
Following the same line of logic, the Clinton administration has been
opposed to appointing a federal CIO. Rather than a czar, the Clinton administration
prefers enhancing individual agency CIOs' authority, said Sally Katzen,
counselor to the director of OMB. "They know best what the needs are," she
said.
As proof, she points to government Web sites that offer the ability
to file tax returns electronically, reserve campsites at national parks
and apply for federal student loans. FedStats.gov provides a single address
for finding a wide array of federal statistics, and another site, launched
in April by the Federal Aviation Administration, offers up-to-the-minute
weather- related flight information at 40 major U.S. airports.
Furthermore, the administration is developing a single Internet portal
for procurement and a portal where exporters can apply for the permits they
need to ship goods overseas.
But public demand for electronic services will only increase and could
overwhelm agencies — in much the same way that e-commerce has created a
crisis mentality in the private sector, according to Stephen Rohleder, a
managing partner and government IT specialist for Andersen Consulting.
The fastest-growing cohort of Internet users are 55-year-olds to 65-year-olds,
Rohleder said. People in this age group are also the largest users of government
services and among the most steadfast voters. They are rapidly becoming
accustomed to an expanding array of commercial services online, and their
expectations are growing, Rohleder said.
"They are able to buy groceries, clothing, even cars online," he said.
"Soon they will begin asking, "Why can't I get my government services that
way?' And in two to four years, they will be voting that way," he forecasts.
Creating a federal CIO position "is absolutely critical," he said. "There
is a real unique opportunity for the next administration to redefine" how
government services are delivered to the public.
Chris Caine, vice president for governmental programs at IBM Corp.,
also believes government has yet to match the level of services and e-commerce
offered in the private sector. He said a federal CIO "may be helpful, but
it is not sufficient."
Rather, government should focus on re-engineering so that agencies can
make better use of technology to conduct more Web-based transactions with
the public and businesses, Caine said. "The objective is to transform an
Industrial Age government into an Information Age government, and that involves
re-engineering. It's hard, real hard." IBM struggled through the process
several years ago, "under the considerably more threatening conditions of
the marketplace," he said.
The Name Doesn't Matter
Re-engineering requires leadership from the top, of course, but perhaps
more important is an understanding at all levels of the benefits that technology
and the Internet offer for making government work better.
"To really make e-government work, we need to find ways to do government-wide
and intergovernmental IT projects," said James Flyzik, CIO of the Treasury
Department and vice chairman of the CIO Council.
The council recognized that electronic government needed a government-wide
push and so created an e-government committee, Flyzik said. "But the fact
of the matter is the CIO Council does not control resources," he said. "Money
is appropriated to the agencies," and it is "extremely difficult" to convince
them to spend their money on IT proj-ects they do not solely control, Flyzik
said.
He added that a higher authority, above the level of an agency CIO,
is needed, "but I stop short of saying whether that should be an individual,
the CIO Council or the deputy director of the Office of Management and Budget."
Whoever ends up overseeing the development of federal IT, "they must
have a voice at the table in budget decisions," Flyzik insists. With a measure
of influence over government IT spending, a federal CIO should be able to
approach e-government problems from a functional perspective, rather than
from the agency or departmental perspective that prevails today, DOT's Molaski
said.
That would be an essential change, most e-government visionaries agree.
To understand why, consider a typical citizen seeking information and services
online from the federal government. Should he or she have to struggle to
locate the right agency or the right department within an agency? Or should
electronic links tie related information and services together across agency
boundaries, providing individuals with relatively effortless access?
For now, to the extent that government services are online, they are
not linked. That has already begun to create a problem, said Kathleen deLaski,
group director for editorial products, government and politics at America
Online.
AOL's online government guide, which it created earlier this year, received
about 13 million page views in April, and hits are increasing 100 percent
a month, deLaski told a congressional committee in May. "We're starting
to drive traffic to government information and applications," she said.
"But because agencies are not coordinated in their efforts to present
more online offerings, it is difficult for AOL to approach government in
a holistic fashion," deLaski said. "We need to work with government agencies,
but that is difficult when each one is doing its own thing." Agencies are
reluctant to invest the resources or exercise the political will necessary
"to revolutionize their customer relationship," she said.
With or without an IT czar, federal agencies "must recognize that a
new system needs to be created to address the challenge" of e-government,
she said. "We've tried for a couple of years to make things work within
the existing system. If this revolution that has been mandated [by federal
law] is going to work," the federal government will have to do better.
Waiting in the Wings
That may be more authority than would be granted to a federal CIO under
the legislation pending in Congress. Rep. James Turner (D-Texas) introduced
a bill June 15 to create the post of chief information officer of the United
States.
Turner's CIO would be a cabinet-level adviser to the president, chairman
of the federal CIO Council and keeper of a $4.7 billion nest egg for funding
IT projects that cross agency boundaries. The CIO's job would be to "ensure
that the federal government is not left behind in the technology revolution,"
Turner said. "In order to build a working e-government, we need to focus
the government's attention on its use of information technology."
Republican presidential candidate George W. Bush has promised to appoint
a "chief information officer for the federal government" if he is elected
president.
Bush's CIO would oversee IT projects involving multiple federal agencies
and between federal and state agencies. To do so, he would control a $100
million fund for financing IT proj-ects. Bush said he would issue an executive
order making the deputy director for management at OMB the federal CIO.
Bush's CIO would be responsible for leading and coordinating the transition
to "truly digital, citizen-centric government." Vice President Al Gore
has not weighed in on the issue.
NEXT STORY: Company builds e-gov portal for Denver