Appropriators to mull IT wish list

Congress returns to work this week with an audience of vendors, federal agencies and special interest groups eagerly hoping for a blank check for information security projects and anticipating a stronger mandate for technology policies.

They may well get their wish. Predictions are that lawmakers will be generous with the buck and quick to enact tough laws in the wake of the Sept. 11 terrorist attacks.

"The stronger the tie to Sept. 11, the better," said Larry Allen, executive director of the Coalition for Government Procurement, a Washington, D.C., industry group. "There is a pendulum, and it's probably swinging close to blank-check time."

Congress already has earmarked at least $60 billion in new funds to combat terrorism. But experts now predict Congress will open its purse even wider to boost information technology spending at least 10 percent for fiscal 2003, up from the current $45 billion. Along with that, a hefty hike — assumed to be around $30 billion a year — is expected in the so-called black budget for classified IT projects.

When President Bush sends his $2 trillion budget for fiscal 2003 to Congress next month, it is expected to include money for governmentwide anti- terrorism efforts — such as protecting nuclear power plants and stockpiling smallpox vaccines — more funding for critical infrastructure and new ideas for using IT to tighten security.

That doesn't mean the purse strings will be loosened entirely. "We have no higher obligation than to defend this country," Senate Budget Committee chairman Kent Conrad (D-N.D.) said recently. "But that doesn't mean we give blank checks to everybody."

Even so, it will take a lot of money to close the technology gaps that were clearly evident last September. Rescue workers were hampered in finding people trapped in the World Trade Center rubble and at the Pentagon because their communications systems couldn't talk to one another. Law enforcement agencies were hard-pressed to track down co-conspirators because they could not share data. The radio system known as the Emergency Alert System, which is supposed to alert citizens in the event of a catastrophe, was not even activated.

Bush's budget is expected to include $15 billion for domestic security programs because "the president has made this a priority," according to a White House spokeswoman.

The budget is likely to provide money for a host of proposals already introduced and moving through Congress. Among them: tougher airport security, better port security, forgery-proof visas and interoperability across government. Lawmakers also are considering major policy initiatives tied to security.

"There is going to have to be a lot of investment," said French Caldwell, vice president of knowledge management for Gartner Inc. "The challenge here is not IT, but overcoming the managerial political stovepipes among agencies."

Changing the government culture is one problem that cannot be legislated. Timing is another problem. Members of Congress will be repositioning themselves for the midterm elections in November and dropping the spirit of bipartisanship that emerged after Sept. 11, according to Olga Grkavac, executive vice president of the Enterprise Solutions Division of the Information Technology Association of America.

"At this point, it's really not clear what Congress is going to accomplish," Grkavac said. "It's an election year, and they are positioning themselves for the first election after redistricting. For the first time in years, both the House and Senate are in play."

The new Office of Homeland Security, led by former Pennsylvania Gov. Tom Ridge, will be seeking supplemental funding for its mission. Ridge is likely to spend time developing the culture of cooperation, not competition, and coordinating security efforts across the board.

"We have the tools that allow disparate databases to exchange information," Allen said. "From an IT standpoint, the technology allows us [to share information], but what is the FBI going to allow the Immigration and Naturalization Service to see? That becomes the bigger issue."

Dave Marin, spokesman for Rep. Tom Davis (R-Va.), chairman of the House Government Reform Committee's Technology and Procurement Policy Subcommittee, said money for IT would be a big-ticket item in the upcoming budget. There will be some winners and losers in the process, however.

"It's safe to say that IT spending will increase for fiscal '03, especially on the homeland security and information sharing fronts. Funding for [e-government] projects will remain at least at the same levels, and projects identified under this fund will continue to emphasize cross-agency projects and coordinated spending," Marin said.

Without major new funding for e-government, it will be difficult to create a government.wide security blanket even in the face of continuing terrorist threats, some experts say. Congress earmarked only $5 million for fiscal 2002 to get e-government projects off the ground, even though the initial request was $100 million across three years. Sen. Joe Lieberman (D-Conn.) is pushing for a $200 million yearly fund to help interagency efforts grow.

Meanwhile, Congress is likely to focus on information assurance, disaster recovery and knowledge management initiatives. This could make it possible to use the databases at INS, the Customs Service and the State Department to track noncitizens entering the United States — all in a matter of seconds instead of days, according to Roger Baker, former chief information officer at the Commerce Department and now an executive vice president at CACI International Inc.

"It becomes a priority discussion, what's going to be important from a congressional standpoint," Baker said. "Congress can only really focus on a few things. If they are focusing on information security and disaster recovery, will that impact things like e-gov?" Other industry executives say there will likely be more government funding for research and development, especially in the security arena. The Cyber Security Research and Development Act, sponsored by Rep. Sherwood Boehlert (R-N.Y.), would allocate more than $560 million to the National Science Foundation for basic research on computer security techniques such as authentication, encryption and intrusion detection.

"You are going to see greater resources for physical security and cybersecurity," said Robert Hoffman, director of congressional and legislative affairs for Oracle Corp., which builds security features into its database products.

"Before Sept. 11, more data sharing meant less security. We're trying to change that paradigm," Hoffman said.

Congress also intends to look closely at procurement reform initiatives, including reauthorizing the Government Information Security Reform Act, which requires federal agencies to report on their security measures. Davis wants to toughen the law to make security standards compulsory and binding.

With a recession hovering and unemployment rising, Congress also must find a careful balance between the White House's wish list, which includes an economic stimulus package, and the must-do projects to protect America, experts say.

"I think information technology companies are going to do better because spending is going to be higher," said budget expert Stanley Collender, senior vice president of Fleishman-Hillard and managing director of its federal budget consulting group.

"But this is not a blank check. They will have a one-year window before people worry about the deficit," he said.