What keeps the government’s top IT leaders up at night? According to a new survey, budget, human capital and cybersecurity remain top-of-mind concerns among agency CIOs. The good news? Rather than using tough times as an excuse for status quo, CIOs are leveraging innovative approaches to tackle these challenges, according to the report.
The CIO Insights report, released May 2, is the 23rd of its kind and examines key issues and trends faced by federal CIOs, the government IT community, the administration and Congress. The survey methodology relies on gathering the responses from 41 senior-level IT professionals from mostly in-person interviews conducted over five months. In total, 27 agencies were represented in the survey.
Amid the fiscal austerity, CIOs are broaching cost-cutting in multiple ways. In announcing the survey findings, George DelPrete, principal at Grant Thornton who produced the report with TechAmerica, said savings often come in the form of shared services and shuttering underperforming projects. CIOs are also likely to view IT contracts and infrastructure from an enterprise perspective. Cloud migration and virtualization frequently save agencies money – as does mobility.
Action on Capitol Hill also has helped control IT spending. CIOs agree bills such as the Federal Information Technology Acquisition Reform Act are a nudge in the right direction, DelPrete said. However, some CIOs worry a sweeping policy for CIO budget control would not the best option for all agencies and warned against an “one-size-fits-all” approach.
“Most CIOs don’t believe they should be responsible for how agencies invest IT funds if they don’t control the IT budget,” DelPrete said.
In addition, many CIOs also lack knowledge of how IT dollars are spent in their organization, with 60 percent saying they did not feel confident in their ability to estimate and track IT expenditures.
“That was a bigger issue with departmental CIOs that control 1-5 percent of the IT budget,” DelPrete said. “It was a topic we were surprised by, and we felt that there is a need for improvement for transparency in IT spending.”
While IT budgets have remained relatively stagnant for the past few years, cybersecurity has seen a recent influx of cash. In all, 63 percent of CIOs said their agency has invested up to 10 percent more toward cybersecurity. Thirteen percent said they had seen a 50-100 percent increase in cybersecurity spending. Not one CIO reported seeing a decrease in cybersecurity investment – good news, considering the survey indicated cyber attacks have exploded in volume, with more than a third of the CIOs saying threats grew between 10 and 25 percent in the last year.
Most frequently used attack methods? Spear-phishing, said one CIO, while others cited anonymous hacking and internal weaknesses. While half of the CIOs were neutral about the effectiveness of education and training and communication, the other half of the respondents rated those approaches as effective or very effective
But for cybersecurity to be truly effective, CIOs want legislation that authorizes the appropriation of related funds. “If Congress wants cybersecurity to be a priority, it should set the right messages from the perspective of appropriating funds, because I don’t control all the funding and I cannot direct it to this area,” one CIO said.
When asked if Congress should amend policies to bolster CIOs’ cybersecurity posture, the respondents said it would make sense to overhaul the Federal Information Security Management Act so it aligns with new legislation. Other CIOs recommend getting rid of FISMA entirely or updating it to focus on risk versus compliance of standards and guidelines or updating it to zero in on risk versus compliance of standards and guidelines.
In a panel discussion following the unveiling of the report, Dave McClure, associate administrator at the Office of Citizen Services and Innovative Technologies within the General Services Administration, said the survey “has no surprise findings and in many ways, the song remains the same.”
“The same issues regurgitate themselves each year CIO surveys are done,” he said. “It’s not necessarily a bad thing; it’s not a criticism. But it illustrates the issues that are confronting us in federal IT. They are significant, challenging and require fresh ideas and fresh looks into how you can address some of these issues.”
Tighter budgets have allowed McClure’s office to step back and look at what is working – and what is not, he said. “When budgets are tight, you have to get really serious on what you’re spending money on,” McClure said. “Do I keep doing this? Do I stop doing that? Do I start doing something different?”
Budget pressures have also changed the game around how the government can leverage the power of many. For example, McClure’s office has “tremendously” adopted detailees, crowdsourcing and micro-tasking.
But innovation for the sake of innovation, he said, is not a recipe for success.
“For innovation to be successful, it has to focus on solving problems,” McClure said. “You can’t just be innovative to be cool. You’ve got to be innovative and focus on ROI and solving something that is broken.”