Last month the White House released a report on the need to modernize the government’s information technology, and urged the agencies to move to cloud storage. In addition, the report outlined steps the government should undertake to bolster its security for high risk and valuable technology, consolidate networks to reduce costs and adopt broad technology tools that aren’t agency-specific.
This report follows the administration’s creation of the American Technology Council, which will research how efforts can be made to update the government’s lagging technology, and came as President Donald Trump signed the Modernizing Government Technology Act into law.
The legislation, which was passed as an amendment to the 2018 National Defense Authorization Act, could spur efforts to shutter legacy systems and in the process create new opportunities for employees with IT and cybersecurity skills.
These opportunities could be within government agencies that might not immediately come to mind, such as the United States Postal Service (USPS), U.S. Department of Housing and Urban Development (HUD) and the Internal Revenue Service (IRS) among others.
“All agencies have a cybersecurity need; it is difficult to imagine any which don’t,” said Jim Purtilo, associate professor in the computer science department at the University of Maryland.
“That’s the challenge with security,” Purtilo told ClearanceJobs.com. “Raw data seems pretty innocuous until a clever person figures out how to combine it with other data in a way that ‘weaponizes’ the resulting information. For example most people would think there is nothing more boring than boilerplate language in reams of the plans that are required by hosts of agencies. Regulatory applications are all just part of the churn of big government, right?”
It is within that seemingly boring data that someone can mine the forms, join them with other data and potentially do everything from reconstruct companies’ intellectual property to geolocate the country’s critical infrastructure, warned Purtilo.
“It is important to understand that all agencies within the government have a cyber mission,” said John Edgar, senior vice president at Salient CRGT.
“All have data that is core to fulfilling their mission,” Edgar told ClearanceJobs. “There is data that needs protecting, and some of it includes financial. In the case of postal, it is also important that it is compliant with the industry’s best practices, as credit cards are used for payment transactions.”
protecting Technology Infrastructure
Various agencies will likely have to assess how to best utilize working capital funds the legislation authorizes to reprogram IT budgets, but also to fund modernization projects. How each agency handles this is yet to be seen, as each has its own technology priorities. Efforts may take time to actually bear fruit, as well.
“Some of the systems are very old,” warned Edgar. “The White House report showed that the IRS system is 50 years old, while those at HUD are 30 years old. This presents challenges in modernization of the missions that these agencies need to support.”
One of the reasons this has become an issue is that budgets have largely remained flat, and in some cases have even been declining.
“This has been the usual expectation: do less with more,” Edgar told ClearanceJobs. “It is something all agencies have had to deal with.”
And the government has a need beyond computer science generalists. There is a real opportunity for individuals with specialized skills. Those looking to get a leg up on the competition may need to be versed in more than just the latest security techniques.
“The opportunity for young people thinking about these careers is to know ‘computer science plus X’ where X is your application area of passion,” explained Purtilo. “Cyber by itself is certainly valuable, the X can be valuable, but knowing about both makes you the hot commodity who is able to anticipate needs and lead the technology upgrades to meet mission needs tomorrow.”
One other consideration is that technology and cybersecurity initiatives are sometimes viewed as “cost saving” initiatives. And with new legislation increasing the budgets behind these initiatives, there are new opportunities for new talent.
“Cybersecurity involves people, policy, and technology. Cybersecurity also requires the implementation of a perpetual innovation culture,” said Mansur Hasib, program chair, cybersecurity technology program at the University of Maryland University College.
“Most organizations still need to make the investments in hiring and empowering the right people to develop appropriate cybersecurity strategies,” Hasib told ClearanceJobs.com. “The shortage of cybersecurity executives is acute. Our graduate programs are designed to create these extremely critical organizational leaders. Hence, many of our students are being hired before graduation.”
Government Cloud Job opportunities
One big takeaway from last month’s White House report was the call to move to cloud storage, which could reduce costs and centralize the government data – but such a move is not without potential risks.
“The cloud is simply another platform,” said Hasib. “Not only are there new security concerns, cloud adoption requires cybersecurity leaders to rethink risk management. They need to understand the role of contracts in risk management. They also need to ensure appropriate incident response and disaster recovery, which includes ensuring they are not locked into a particular vendor or have a way to handle a situation where their cloud provider goes out of business or becomes prohibitively expensive.”
Cloud is one area where government can learn from the progress already made in the private sector.
“The number one question I get from managers is how to ‘cloud-ify’ their operations,” added Purtilo. “They see the strong market trend toward moving agency operations to cloud services, then simply turning off legacy systems in place. This has a lot of appeal, but there are good reasons for caution too. The gap to be filled is in preparing leaders to make informed decision about which path is best, and to help them recognize that new technology will bring vastly new cybersecurity practices.”
Opportunities here could be that “X” that Purtilo highlighted as cyber skills plus something else. In this case, it’s knowledge and understanding of the cloud and its accompanying infrastructure.
“Having people within your contractor base or agency who understand all parts of cyber is what we need right now,” said Salient CRGT’s Edgar.