Wanted: Federal cash and direction

States are moving forward on information technology programs essential to homeland security, but officials say future efforts that would include interoperable communications among all levels of government depend on the development of a national plan and, critically, on the availability of federal funds.

While the federal Office of Homeland Security finishes drafting its national strategy, expected to be released this summer, state IT managers are expressing satisfaction with the federal government's openness to their ideas. But they are also cautious.

The aftermath of the Sept. 11 terrorist attacks has "opened up more of a dialogue between state and federal governments [on IT issues] than we've ever had previously," said Gregory Jackson, chief information officer for Ohio.

"But we also expect that will be

dependent on how long the federal government keeps up its commitment" to homeland security, he added. "There's a concern that, if there's not another incident, [the federal government] might start to lose some of its focus on this."

States are making a concerted effort to take part in the national debate on homeland security. In May, for the second time in six months, the National Association of State CIOs (NASCIO) sent a delegation to Washington, D.C., on an "educational outreach" effort to discuss a range of

IT issues with federal government representatives.

The association has a number of goals for federal and state actions, including:

* Expanding or redirecting current IT architecture initiatives to better address security.

* Developing an interstate information sharing capability.

* Fostering greater state-level involvement in developing IT security tools.

* Clarifying what federal government officials want in the way of state

participation.

Regardless of Washington's involvement, states will proceed with their plans for homeland security. Still, with the federal strategy expected to have a big impact on those initiatives, state officials find the lack of a clear IT-related strategy from the federal government unnerving.

"We are sorely in need of direction on what those plans are and on funding so we can better understand what's needed from us," said Bob Feingold, Colorado's CIO.

Budget Battles

Funding, in particular, is shaping up as a contentious issue. For one thing, state budgets are tight and will only get tighter.

According to "The Fiscal Survey of States," a biannual report from the National Governors Association (NGA) and the National Association of State Budget Officers, the economic recession, fallout from the Sept. 11 attacks and an explosion in Medicaid spending combined to produce fiscal 2002 budget shortfalls of as much as $50 billion in more than 40 states. As a result, most states have had to reduce budgets and tap other funds to plug gaps.

Even if the national economy turns around quickly, it probably won't help states much in the short term, said NGA Executive Director Raymond Scheppach, because their revenue growth lags behind that kind of recovery by 12 months to 18 months. Continued growth in Medicaid spending and structural problems in some of the states' tax bases will continue to hamper fiscal health.

"The budget issues are very challenging," said Brian Wolf, CIO for Montana. "The [homeland security] issues were assumed by staff as part of their current responsibilities, with hopes of backfilling [full-time equivalents] as funding became available. With the current state budget challenges, it will be difficult to earmark dollars for some of the requirements we see."

Federal dollars will help, and some $30 billion or more is now under consideration in Congress for additional fiscal 2003 spending on homeland security, though what part of that will be dedicated to IT is not clear. And even when the funds are eventually released, there are potential conflicts over just where they will be allocated and how they will be spent.

"The states feel strongly that the funds should go through the states to local governments, to make sure

locals do not go and buy equipment that is incompatible with each others' systems and with those of the state," said Ohio's Jackson. Jackson, who was appointed NASCIO liaison to the federal CIO Council at the end of May, said he will press funding control as a major issue for the states.

"Locals say [the state governments] are trying to control the funds so we can get a bigger cut of the money, but that's not what we are

doing," he said. "It's simply a matter of compatibility."

More Sharing Needed

The need to share information among federal, state and local government agencies, as well as with the private sector, is seen as the key to a national homeland security strategy. So far, there has been little sharing of information on either IT or security.

NASCIO officials are developing a proposal for an interstate information sharing and analysis center for cybersecurity to address that issue (see box, at left). Officials hope to get some federal funding for the initial phase of the center's development — between $2.5 million and $5.5 million. Their proposal assumes the center would begin operations this year.

"The hope is that this would be an aggregating point for [homeland security] information coming up from the states and to provide a contact point with the states for the federal government and for any federal information that needs to flow back to the states," said Chris Dixon, NASCIO's digital government issues coordinator.

The Office of Homeland Security has also asked NASCIO to designate a small team of CIO representatives who can act as advisers to the government on IT-related matters.

The ultimate goal, of course, is to create a nationwide network through which homeland security information could flow seamlessly, in real time, all the way from local governments up through the states to the federal government and back down again.

Technical challenges seem to be the least of the problems in building this kind of a network. For example, many states are creating integrated criminal justice information systems and health networks, which one day could contribute to a national interoperable network.

States are also starting to develop enterprise architectures that will provide the physical and organizational infrastructures to link state, county and municipal governments. And, at the federal level, a public-key infrastructure is being built that will eventually enable state governments to securely link to federal agencies.

But there are some constraints. For starters, the data classification systems at the federal level are incompatible with the open records policies of most states, said Texas CIO Carolyn Purcell. And the definitions of roles and responsibilities that would allow governments to interact politically and operationally have barely been discussed.

With so many participants, the effort also runs the risk of fracturing and producing an end product that is unmanageable, NASCIO's Dixon said. "We do need to have a holistic approach to this."

So, all eyes will be on the first draft of the national strategy that will be issued by the Office of Homeland Security.

In a promising move, the office and other central authorities are asking state and local governments for their input on homeland security, Colorado's Feingold said, which indicates that this is one issue on which people are united and committed.

"And if the threat is there and it's perceived and people are serious about protecting against it, then the funds will flow," he said. "That's how we will be able to judge this."

Robinson is a freelance journalist based in Portland, Ore. He can be reached at hullite@mindspring.com.