The Technology Modernization Fund Board has received upward of $2 billion in funding requests from agencies in 2021, more than double the amount appropriated by the American Rescue Plan Act.
As a result only a small subset of those proposals will receive Technology Modernization Fund (TMF) investments, when the board announces another round of funding likely next year, said Executive Director Raylene Yung.
The TMF Board has already looked at dozens of proposals and awarded money to seven, distributed incrementally as they complete project milestones, in September.
“You can see that the scale and pace and size, the number of proposals has increased significantly in the last six months — compared to the previous three years,” Yung said, during an AFFIRM event Wednesday. “That’s something that’s really been a big focus is: How do we evolve, scale up the TMF as an operation, as a team and engage with the board to meet this new demand?”
The board has prioritized investments in shared services and areas it hopes to advance governmentwide like zero-trust security architectures, she added.
Three agencies received TMF funds for their zero-trust projects last round, and there are probably similar proposals remaining that can’t all be funded, said Sanjay Gupta, chief technology officer at the Small Business Administration and alternate board member.
“Maybe we fund one or two of those initiatives, which will then hopefully help create some playbooks and/or lead to the creation of some best practices on the zero-trust architecture,” Gupta said.
The zero-trust model has been around awhile, and many agencies already have initiatives underway — although the Cybersecurity Executive Order issued in May may have refocused them.
Customs and Border Protection received funding in the first-ever TMF round back in 2018 to retire the mainframe functionality of its Automated Commercial Environment (ACE), used to ensure the legitimacy of imports and exports from agencies and other countries.
ACE processed $2.7 trillion in goods in fiscal 2021, but its interface still needs modernizing for compatibility with the CBP Cloud — moving the system toward a zero-trust paradigm, said Autumn Maxey, lead IT specialist in the Office of Information and Technology.
Until projects like the ACE modernization are finished, sharing of resulting playbooks and best practices has been limited, Gupta said.
The TMF Program Management Office did connect CBP with another agency that was ahead of the curve retiring its mainframe, and similar cooperation has been seen on the new zero-trust projects.
“The three agencies that we announced in this last round are actually actively collaborating already on seeing how they can learn from each other on their zero-trust work,” Yung said. “And how they can collectively produce some resources that would benefit all other agencies.”