Information Technology Priorities

Similar documents
McAfee Security Architectures for the Public Sector

Introduction to Cyber Security / Information Security

The ROI of Automated Agentless Endpoint Management

Bellevue University Cybersecurity Programs & Courses

Getting Started Guide

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

SECURITY CONSIDERATIONS FOR LAW FIRMS

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services

Cyber security tackling the risks with new solutions and co-operation Miikka Pönniö

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

2012 Endpoint Security Best Practices Survey

Critical Security Controls

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

State of the States: IT Trends, Priorities and Issues

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering!

Devising a Server Protection Strategy with Trend Micro

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Devising a Server Protection Strategy with Trend Micro

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

A PROVEN THREAT A TRUSTED SOLUTION MCCANN CYBER SECURITY SOLUTIONS

Kaspersky Security for Mobile

Accenture Cloud Platform Unlocks Agility and Control

How To Cloud Compute At The Cloud At The Cyclone Center For Cnc

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

Dupaco Cafe Secure your business Your time is valuable how F-Secure can help you make the most out of it

Symantec Endpoint Protection

Protecting Content and Securing the Organization Through Smarter Endpoint Choices

Thomas J. Schlagel Chief Information Officer, BNL

SECURE SHARING AND COMMUNICATION. Protection for servers, and collaboration

Network Security Solution. Arktos Lam

CLOUD BASED SCADA. Removing Implementation and Deployment Barriers. Liam Kearns Open Systems International, Inc.

Securing the Service Desk in the Cloud

BMC s Security Strategy for ITSM in the SaaS Environment

Netzwerkvirtualisierung? Aber mit Sicherheit!

Symantec Endpoint Security Management Solutions Presentation and Demo for:

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community

Analysis of the Mobile Endpoint Security Products Market Tackling the Shift to Mobility with a Strong Endpoint Security Solution.

Who moved my cloud? Part I: Introduction to Private, Public and Hybrid clouds and smooth migration

Guide to AWS. Brought to you by

Intelligent Protection for Applications in the Cloud Industrial Case Studies Rob Rowlingson

Introduction to Virtualization. Paul A. Strassmann George Mason University October 29, 2008, 7:20 to 10:00 PM

Policy-Based Security, Compliance, and Risk Management

White Paper The Dynamic Nature of Virtualization Security

Endpoint Protection Small Business Edition 2013?

Securing Industrial Control Systems Secure. Vigilant. Resilient. May 2015

VMware Virtualization and Cloud Management Solutions. A Modern Approach to IT Management

Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper

CLOUD IN HEALTHCARE EXECUTIVE SUMMARY 1/21/15

External Supplier Control Requirements

Is the PCI Data Security Standard Enough?

Defending against modern cyber threats

INFORMATION TECHNOLOGY

Endpoint protection for physical and virtual desktops

CloudCheck Compliance Certification Program

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

KPiSync. By Larry McGhaw, Chief Technology Officer

Cyber Self Assessment

Code of Practice for Cyber Security in the Built Environment

Cyber Essentials KAMI VANIEA 2

A VIEW THROUGH THE FOG, A CLOUD SERVICE PROVIDER S TALE MARTIN BRADBURN, CEO

HEALTH CARE AND CYBER SECURITY:

Economic Benefits of Cisco CloudVerse

Ensuring security the last barrier to Cloud adoption

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service

State of Security Survey GLOBAL FINDINGS

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

Economic Benefits of Cisco CloudVerse

overview Enterprise Security Solutions

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

Emerging Trends in the Network Security Market in India, CY 2013

Software Defined Hybrid IT. Execute your 2020 plan

Transcription:

FISCAL YEAR 2016 Federal Government Information Technology Priorities by Michael Biddick CEO Fusion PPT

TableofCONTENTS AuthorʼsBio.......................................................................................... 2 AboutFusionPPT.................................................................................... 3 TheITJuggernaut.................................................................................... 4 CybersecurityGetsReal.............................................................................. 5 TheAgileITEnvironment............................................................................ 9 BigDataGettingBigger............................................................................. 10 CloudComputing.................................................................................. 11 TheFutureofFederalIT............................................................................. 12 1

MichaelBiddick CEOFusionPPT UnderMichaelʼsleadershipasCEO,FusionPPThasachievedtriple-digitgrowthbecomingthepremierevendorindependentsystemsintegrationandconsultingpartnerwiththeirclients.Michaelisresponsibleforthe strategicvision,marketstrategy,projectqualityandisresponsibleforthecompanyʼsoverallperformance.for nearly20years,michaelhasworkedwithhundredsofgovernmentandinternationalcommercialorganizations providingexpertiseinoursolutions.michaelhasauniqueblendofdeeptechnologyexperiencecoupledwith businessandinformationmanagementacumenthatprovideabalancedapproachtoourbusiness.priorto joiningfusionppt,michaelspent10yearswithaboutiqueconsultingfirmandboozallenhamilton,developing enterprisemanagementsolutionsforawidevarietyofbothgovernmentandcommercialclients.hepreviously servedontheacademicstaffoftheuniversityofwisconsinlawschoolasthedirectorofinformation Technology. MichaelearnedaMasterʼsofScienceinInformationSystemsfromJohnsHopkinsUniversityanddualBachelorʼs degreesinpoliticalscienceandafro-americanhistoryfromtheuniversityofwisconsin-madison. MichaelisacontributingeditoratInformationWeekandNetworkComputingMagazinesandhaspublishedover 50articlesonCloudComputing,BigDataandApplicationPerformanceManagement.Michaelisalsotheauthor ofthebook FederalCloudComputing. Michaelholdsmultiplevendortechnicalcertifications,isacertifiedITIL v3expertandacertifiedbarista. 2

AboutFusionPPT ABOUTFusionPPT WeSimplifyEnterpriseIT. FusionPPTisanestablishedleaderinprovidingITconsultingandsystemintegrationservicestoorganizationswith challengingtechnologyinitiatives.sinceourinceptionin2009,wehavecontributedtothesuccessofhundredsofprojects, andmosthavespannedtheglobeintheirreachandimpact.ourabilitytoperformandaddvalueincomplex,diverse,and distributedenvironmentshasearnedusasolidgrowthrateandareputationasatrusted,capable,andresults-oriented serviceprovider. DeepTechnicalKnowledge,DiverseProjectExperience. LedbyveteranITprofessionalsandthoughtleadersintheindustry,ourteamhasamassedadepthandbreadthoftechnical knowledgeandexperiencethatwearepassionateaboutsharingwithourclients.weattractandhireonlysubjectmatter expertsandprovenperformers,andourculturefosterscollaboration,innovation,andanimble,team-basedapproachtohelp ourclientsachievetheirobjectives. BigFirmExpertise,SmallerFirmService&Agility. Asaprivatelyheldsmallbusiness,FusionPPTcombinesthebestpracticesandexpertisefoundatlargeconsultingfirmswitha nimble,entrepreneurial,andclient-focusedserviceteam.werewardandencouragefreshperspectives,creativity,and intellectualrisk-taking,andthisconsistentlyproducesmoreefficientandmorecost-effectiveitsolutionsforourcustomers. MissionFocused. AtFusionPPT,wetakeapartnershipapproachinallofourengagements,andourteamfunctionsasanintegralpartofthe clientsʼorganizations.weunderstandcomplexenterprisesandtheimportanceofnetworks,applications,andsystemsin deliveringreliablemission-basedservicestostakeholders.ourstaffisfocusedatalltimesonourclientsʼmissionsand ensuringthattheservicesweprovideandtechnologysolutionswerecommendareincompletealignment. ValueBeyondIT. The PPT inourcompanynamestandsfor People,Process,andTechnology, anditrepresentsacoreaddedvaluethatour teamoffers whichisadeepunderstandingofwhatittakestomaketechnologyinvestmentspayoff.ourexpertiseextends beyondphysicalandvirtualsystems.weaddressthecriticalsuccessfactorsofpeopleandprocess,definingsuccessatthe leveloforganizationalimpactandtheincorporationofnewsystemsintodailyworkflowsandjobfunctions.thefusing togetherofpeople,process,andtechnologyiscoretoour methodologyanditiscoretotechnologyprojectsbeing abletoattaintheirfinancialandoperationalobjectives. FusionPPTCompanyandTeamhighlightsinclude: Ÿ ISO9001:2008CertifiedOrganization Ÿ PrivatelyHeldFirm Ÿ LedbyITIndustryExpertsandThoughtLeaders Ÿ CollaborativeSubjectMatterExpert(SME)Team Approach Ÿ Agile,EntrepreneurialStaff Ÿ Diverse,ComplexProjectExperience Ÿ ProvenTrackRecordofSuccessfulDeployments Ÿ Global,Enterprise-Oriented Ÿ MultipleContractVehicles Ÿ Depth&BreadthofTechnologyExpertise Ÿ CommitmenttoExcellence Ÿ QualityFocused Ÿ FusionPPTInnovationLab CorporateInformation. DUNS:8307-42-792 CAGECode:5H6B4 PrimaryNAICS:541611,541512,518210 Ownership:Private,100%U.S SizeStandard:SmallBusiness,under$14M Certifications:ISO9001:2008,ITILv3,PMP D&BOpenRatings:95%CustomerSatisfactionRating 3

TheITJuggernaut WiththeFederalGovernmentITbudgetcontinuingto hoverbelow$80billion,thisfebruary,thepresident requesteda1.8percentincreaseoverthe$78.3billion agenciesestimatethey'llspendthisfiscalyear approximatelya10%percentincreaseoverfiscal2014 spending.atthesametimethepresidentreleasedhis budgetrequest,partisangroups,legislatorsand governmentwatchdogscriticizedtheoverallspending onitandvalueobtainedfromthisspending comparedtoprivateindustries. leaderswithinthegovernmentandcontractingcommunities?criticismaroundspendingandefficiencyalso runsparalleltohigh-profilesecuritybreachesofsomeofthemostsensitivegovernmentdatareportedoverthe pastyear.ifthissecurityissueisnotaddressed,breacheswillcontinuetooccurandincreaseinfrequency. InthisannualFederalGovernmentITPrioritiesreport,we'llexaminewherefederalITleadersshouldbefocusing theirtime,thekeychallengestheymustaddressinordertomeetanincreasinglycomplexitenvironment,and howtheycandriveinnovationacrossprograms. Whilelegislationandopinionsoriginatingfromthe Value Efficiency WhiteHousehavealwaysfocusedonmoreefficient, effectiveandsecuregovernmentitspending,the thirdappointedfederalcio,tonyscott,continuedto trumpetboldvisionsandfederalittransformation. ScottwasappointedbyPresidentObamainMarchof 2015andexplainedhow drivingvalueisalsoabout drivingefficiency inhisfirstspeech.someofhis proposedideasincluded adoptionofagile technologies and creatingtherightkindsof dashboardsthatwillhelpusunderstandwhether we'remakingprogressornot. Efficiency Adoptionof agile technology Dashboards GovernmentAgencies ITLeaders Communities Security Afundamentalquestiontoansweris:Arethesebold visionstricklingdowntoagenciesandrank-and-fileit 4

5 In2013,agenciesreceivednewguidancefromthe executivebranchintheformofexecutiveorder 13636:ImprovingCriticalInfrastructureCybersecurity. ThisExecutiveOrderwarnedthat thecyberthreatto criticalinfrastructurecontinuestogrowand representsoneofthemostseriousnationalsecurity challengeswemustconfront. Despitethemandates, someofthemostsignificantcybersecurityattacks againstgovernmentdatainourtimehaveoccurred overthepastyear. InJuneof2015,theOfficeofPersonnelManagement announcedthepersonneldataofmorethantwentyonemillionamericans.theopmreportedthattensof thousandsofstandardform86s(sf-86) whichare requiredforallservicemembersandciviliansseekinga securityclearance werestolen.thesf-86,a127- pagedocument,requiresinformationaboutfamily members,friendsandpastemployment,aswellas detailsondrugandalcoholuse,mentalillness,credit ratings,bankruptcies,arrestrecordsandcourtactions. TheOPMindicatedthateverypersonwhounderwent agovernmentbackgroundcheckduringthelast15 yearswasmostlikelyaffected. OPMstatedthathackersstole sensitiveinformation thatincludedaddresses,personalhealthandfinancial recordsandotherprivatedetailsof19.7millionpeoplewhohadbeensubjectedtoagovernmentbackground check,aswellas1.8millionothers,includingthevictims'spousesandfriends.thistheftwasseparatefrom,but relatedto,abreachrevealedlastmonththatcompromisedthepersonneldataof4.2millionfederalemployees, OPMreported. Otherhigh-profileattacksreportedoverthepastyearincludetheWhiteHousenetwork,StateDepartment network,unitedstatespostalservice,gaoandthehealthcare.govwebsite.thoseareonlytheentitiesthat havebeendetectedandreported.accordingtoareportissuedbymerritalk,thenumberofcyberincidents reportedbyfederalagenciestotheu.s.computeremergencyreadinessteamrosefrom48,562infiscalyear 2012to67,168infiscalyear2014,analarming38%increaseovertwoyears. CybersecurityGetsReal Limits Technology Inadequate Intelligence Insecure Architecture Emerging CyberThreat IT Investment Increase Security WorldClass TechServices FiscalYear2016:FederalGovernmentInformationTechnologyPriorities

6 InareportreleasedinMarch,TheDefenseScience Board,aciviliancommitteethatprovidesscientificand technicaladvicetothepentagon,statedthatthedod isnotpreparedtodefendagainstsophisticated, internationalcyberattacks.thereportpointedto "inherentlyinsecurearchitectures,"inadequate intelligence,andthesheerlimitsoftechnologyin defendingagainstemergingcyberthreats.it encouragesthedod'sciotoworkwithbranchesof themilitarytocreateanenterprisesecurity architecturethatincludesminimumstandardsfor ensuringa"reasonable"levelofdefensibilityand increasingtheprobabilitythatattacksaredetected. Overthelastthreeyears,cybersecurityhasrocketed tothetopofallprioritiesforfederalgovernmentit leaders.nootheritaspectismoreimportantto controlthanthesecurityoffederaldataand preventingaccesstocriticalcommandandcontrol systemsofcriticalinfrastructure. Toaddressthesesignificantcybersecurityconcerns, thefy2016ombbudget,releasedbythewhitehouse infebruary,focusedonbolsteringexisting cybersecurityprogramsandincreasinginfrastructure agility,whiledecreasingwaste.thebudgetrequest included$14billiontosupportcybersecurity programs,including ContinuousDiagnosticsand MonitoringofFederalsystems,theEINSTEINintrusion detectionandpreventionsystem,andgovernment-widetestingandincidentresponsetrainingtomitigatethe impactofevolvingcyberthreats. Whileanongoingthemeinthebudgetrecommendationswasinnovating withless, someagencies,suchas theveteran'sadministration,departmentofeducationandthedepartmentofhomelandsecurity,submitted requestsforsignificantbudgetincreases.evidence-basedpolicy,promotingexperimentationandevaluation wasalsonew,butmeasuredintermsofproposedinvestments.thethreemajorfocusesofthebudgetconsisted ofincreasingvalueinitinvestments,increasingsecuritytoprotectfederalinformationandresources,and conveyingworld-classtechservices. LastDecember,Congressedpassedfournewcybersecuritybillsthatthepresidentsignedintolaw.TheNational CybersecurityProtectionActof2014,S.2519,codifiestheDepartmentofHomelandSecurity'sexistingNational CybersecurityandCommunicationsIntegrationCenter(NCCIC),whichisafocalpointforinformationsharing. TheFederalInformationSecurityModernizationActof2014,S.2521,amendsthe2002FederalInformation SecurityManagementActtocentralizeFederalGovernmentcybersecuritymanagementwithintheDepartment ofhomelandsecurity,andalsodelegatesimplementationauthorityfordefense-relatedandintelligence-related informationsecuritytothesecretaryofdefenseanddirectorofnationalintelligence.thethirdbillfocuseson strengtheningthefederalgovernment'scybersecurityworkforceandimprovinghiringproceduresand compensationrangesforcybersecuritypositionsatthedepartmentofhomelandsecurity,whilethelastbill mandatesanassessmentofitscybersecurityworkforceeverythreeyears,inadditiontodevelopingastrategy forenhancingtherecruitmentandtrainingofcybersecurityemployees. FirstintroducedinApril,theCybersecurityInformationSharingActof2015iscurrentlystuckinCongressand facesoppositionfrommanyprivacygroups.withintheprovisions,it Permitsprivateentitiestomonitorand operatedefensivemeasurestopreventormitigatecybersecuritythreatsorsecurityvulnerabilitiesontheirown informationsystemsand,withauthorizationandwrittenconsent,theinformationsystemsofotherprivateor governmententities.authorizessuchentitiestomonitorinformationthatisstoredon,processedby,or transitingsuchmonitoredsystems. Whilelegislatorsandprivacygroupstrytostrikeabalancebetweencivil libertiesandcybersecurityprotection,hackerscontinuetosucceedinpenetratinginformationsystemsand CybersecurityGetsReal FiscalYear2016:FederalGovernmentInformationTechnologyPriorities

7 stealinggovernmentdata.theplethoraof Congressionalbills,ExecutiveOrdersand managementprioritiesmakescybersecuritynotjust anobjective,butalsoanationalpriority.still,thisbigpicturepriorityexistsinconjunctionwithcurrent cybersecuritythreatsthatagencyciosfaceonadayto-daybasis.adisconnectremainsbetweenlofty leadershipcybersecurityobjectivesandcompliance withcurrentcertificationandaccreditationpolicies andprocedures,stillmiredinbureaucraticprocesses.it cantakeuptoayeartoreceiveauthorizationto operate(ato)fromanewsysteminthefederal network.inmostcases,theseauthorizationsarestill paper-based,withcontinuousmonitoringlayeredon top. Toeffectivelyaddressthesecybersecuritythreats, governmentitleadersneedtotakeseveralconcrete stepstopreventadditionalsecuritybreaches.first, governmentleadersmustrationalizetheirapplication anddata,andeliminateredundantapplications.thisis oftenexercisedasacomponentofanapplication inventoryprocess.withtherighttools,application discoveryanddependencymappingcanbe accomplishedinashortamountoftime.second, EnterpriseArchitectureisneededtoalignsecurityand applicationinnovation,inordertoensurethe appropriatesecuritycontrolsareinplaceatthe CybersecurityGetsReal enterpriselevel.third,investmentsareneededforcontinuousmonitoringandsecuritytoolsthattestthe infrastructure. Oneofthemostvexingareasformanyorganizationstotackleischoosingthemixandcorrectlyimplementing securitytools.wethinkaboutthreelayersoftheitenvironmentthatarecriticaltoprotect:thenetwork perimeter,enterpriseapplicationsandend-userdevices.wealsoworktoembedautomationtopreventissues, incontrasttosimplyreportingonissues. NetworkParameter Enterprise Applications EndUser Devices NetworkParameter IntrusionDetection System(IDS) FireWall NetworkAccess Control(NAC) SecuritySoftwares Anti-Malware Anti-Virus Anti-Spyware DigitalCertificate PKI Enterprise Applications Civil Liberties Cyber Security Hacker Attack FiscalYear2016:FederalGovernmentInformationTechnologyPriorities

8 Atthenetworkperimeter,intrusiondetectionsystems (IDS)detectpotentialthreatstothenetworkandcan bedeployedasnetworkorhostapplications.the primaryresponsibilityisreportingpotentialincidents tothesecurityoperationsteam.networkaccess Control(NAC)productsenforcesecuritypoliciesand handleaccessauthenticationandauthorizationbased ontheirabilitytorecognizeusers,devicesortheir specificroles.ipblacklistingcanbeeffectiveifvery broad,whiledatalossprevention(dlp)toolscan monitorandtrackissuesfrompotentialinsiderthreats. Firewalls,oneofourprimarysecuritytools,also possessadvancedcapabilitiesthatincludeapplicationawarenessfeatures. Attheserverenterpriselevel,securitysoftwareis neededtoprotectagainstawiderangeofthreats. Anti-malwaretoolshelpsecurityadministrators identify,blockandremovemalware.bothanti-virus andanti-spywaresoftwarecanbedeployedtohelpit departmentsfocustheiranti-malwarepoliciesto identifyknownandunknownmalwaresources.newer identity-basedsecuritytechnologiesmanage authenticationandauthorizationthroughsuch methodsasdigitalcertificatesandpublickey infrastructure(pki)solutions. CybersecurityGetsReal Fromanend-userdevicestandpoint,mobiledevicemanagement(MDM)monitorsandcontrolssecurity configurations,policyenforcementandpatchpushestomobiledevices.theycanalsoremotelylocklost,stolen orcompromisedmobiledevicesandwipeallstoreddata,ifneeded.fordesktopsandlaptops,webbrowsing policiesandanti-virus/anti-malwaretoolsareessential. Monitor & Control Security Configuration Policies Enforcement Patch Pushes Web Browsing Policies Anti-Virus Anti-Malware Cell Phones and Tablets Laptops and Desktops MobilDevice Management(MDM) FiscalYear2016:FederalGovernmentInformationTechnologyPriorities

TheAgileITEnvironment Oneaspectthatmakesaddressingsecuritymore challengingforfederalagenciesisthecomplexityof manyapplicationenvironments.thedisastrousrollout ofthehealthcare.govsitewillliveonasalasting exampleoftheseshortcomingsandcomplexities.as oneresponsetotheshortcomingsofthe Healthcare.govproject,GSAcreatedanorganization called18f(locatedon18thandfstreetin Washington,D.C.).Thisgovernmentconsulting organizationfocuseson leanstartupmethods,open sourcecode,andcontemporaryprogramming languages. Oneoftheirkeyobjectiveshasbeento promotethetransitionfromwaterfallframeworksto agileones. Overall,Agilevaluesinteractionsoverprocesses, amongotherthings,andtimetodeliveryisquicker. Becausesmallcomponentsarecompletedsoonerand stakeholderfeedbackisreceivedfaster,changescan bemadeinashortertimeframe. otherstudiesshowthatwastecouldbeashighas$40billioncomparedtoprivatesectorspending.while agencyitleadersarefacedwithbalancingthisbroadrangeofpriorities,congressisstrugglingtoprovide effectiveitgovernanceacrossthemassivefederalbureaucracy. Earlierthisyear,FederalChiefTechnologyOfficerMeganSmithhighlightedtheimportanceofbuildinglarge andcomplexprojects,oneincrementalpieceatatime.speakingtotheact-iacignitinginnovationaudience, shenoted Let'snot'spec'thewholehugethingout.Let'sdotheminimumthingandthengetitoutthereand startiteratingwiththecommunity..thegeneralservicesadministrationreleasedanagile-onlycontracting vehicletoallowagenciestobuyservicesbasedonthefasterturnaroundspeed.incontrasttotraditional proposalefforts,contractorshavebeenaskedtosubmitexamplesofcodethatcouldbeevaluatedduringthe awardprocess. Asagenciesworktomovetowardsmoreagileprojects,thekeytotheapproachisusingvitalelementsofAgile; specificallyrequirements,designandtesting,andworkingcollaborativelyandsimultaneouslysothat deliverablesareproducedinashorterperiodoftime.developmentsprintsshouldconsistofone-ortwo-week incrementsandincludeauser-functionalitytestcasedocument.meetingsshouldbeheldonadailybasisonall testsites.themostsuccessfulagencieswillimplementagileasapilotacrossasingleapplicationorprojectand furtherrefineittofitthespecificneedsoftheorganization. AttheendofJuly,theHouseOversightand GovernmentReformCommitteeberatedthelackof progressagencieshavemadeinmakinggovernment ITmoreefficient.Federalagenciesarestillover budget,behindscheduleandmakingduplicated effortsthatwastebillionsofdollars.rep.darrellissa statedexpertsestimateasmuchas$20billionin FederalITfundingiswastedeveryyear.However, 9

BigDataGettingBigger Oneofthereasonsapplicationsneedtobedelivered fasteristodealwithanincreasingamountofdatathat isproducedwithinthefederalgovernment.dealing withmassiveamountsofdataisnotnew.allfederal agenciesareresponsibleforcreatingandmaintaining documentationontheirorganizations'functions, policies,decisions,proceduresandessential transactions.however,alargeshiftoverthepastfew yearshasbeenthedesiretomakeaportionofthis datamoreavailabletothepublic,aswellasdata producedthroughsensors,camerasandremote monitorsthatdidnotexistadecadeago. TheOpenGovernmentInitiative(data.gov)offersup datasetstothepublicthataregeneratedandheldby thefederalgovernment.data.govprovides descriptionsofthefederaldatasets(metadata), informationabouthowtoaccessthedatasets,and toolsthatleveragegovernmentdatasets.thesedata catalogswillcontinuetogrowasdatasetsareadded. Currently,over140,000datasetsexistonline.The governmentalsopublishesusageinformation.for example,over165,000peoplevisiteddata.govinjune andthesiteaveraged60,000monthlydownloadsover thepastyear. TheVeteransAffairs(VA)ResearchandDevelopment programlaunchedthemillionveteranprogram(mvp) tounderstandhowgenesaffecthealthandultimately improvehealthcareforveterans.mvpwillestablish oneofthelargestdatabasesofgenetics,militaryexposure, lifestyleandhealthinformation. Asidefromprocessingcapability,securestorageandtoolstoanalyzethistype ofdataareneededtoensurethatthesetypesofaggressiveprojectsprovidevalue. Atthesametime,theVAstruggleswithbasicclaimservices.Forexample,attheVA'sLittleRockRegionalOffice, ithad over1,000filebanksfullandoverflowingwithfilesandover102,000paperfiles."directorlisabreun stated"atthepeak,itwastakingus overeightmonthstocompleteaveteran'sclaimandalotofthatwas becauseitwaspaper.we'vegonefromovereightmonthstofinishaclaimtolessthanfourmonths."that'sstill asignificantamountoftimethatcouldbebetterspentinmorecriticalareas. MillionVetProgram(MVP) Genetic Military Exposure LifeStyle Health Information Security Storage Tools ImproveHealthCareforVeterans 10

CloudComputing TheGovernment'scurrentITenvironmenthasbeen characterizedby lowassetutilization,afragmented demandforresources,duplicativesystems, environmentswhicharedifficulttomanage,andlong procurementleadtimes. Deliveredcorrectly, commodityitserviceshostedinacloudcomputing environmenthavethepotentialtoplayamajorrolein addressingtheseinefficienciesandimproving governmentitservicedelivery. Largeagencieshavemoreresources,butalsoamore complexanddiverseitenvironment.smalleragencies havesimpleritenvironments,butfarfewerresources. Thecloudcomputingmodelcansignificantlyhelp agenciesgrapplingwiththeneedtoprovidehighly reliable,innovativeservicesquicklyandefficiently, despiteresourceconstraintsandhighlycomplex environments. Nowoverfiveyearsold,TheFederalDatacenter ConsolidationInitiative's(FDCCI)goalisto reducethe costofdatacenterhardware,software,andoperation, increasetheoverallitsecuritypostureofthe government,andshiftitinvestmentstomoreefficient computingplatforms. Agenciesthatareparticipating inthefederaldatacenterconsolidationinitiative showanestimated3,800datacenterclosingsbytheendof2015.theseconsolidationswillfreeup1.7million squarefeetofland,aswellassave$3.3billion.manyagenciesarestillstrugglingtomigratelegacyapplications thatdonotsupportvirtualization,anddealingwithaskillgapintermsofoptimizingvirtualizedapplications. Thecost,complexityandpoliticalwranglingoverwhoactuallycontrolstheseapplicationshasmadetheroadto cloudcomputingabumpyone. Thethreekeybarriersthatpersistingreatercloudcomputingadoptioncontinuetobeadisconnected acquisitionmodelthatdoesn'tsupporton-demandservices,legacysecurityaccreditationandauthorization procedures,andculturalresistancetochange.thekeymechanismforaddressingthissecuritychallengehas beenthefederalriskandauthorizationmanagementprogram,orfedramp.thisprogramprovides a standardizedapproachtosecurityassessment,authorizationandcontinuousmonitoringforcloudproducts andservices. CurrentlyonlyapplicabletoFISMA-moderateworkloads,thisapproachusesa doonce,usemany times frameworkthatsavesanestimated30-40%ofgovernmentcosts,aswellastimeandstaffrequiredto conductredundantagencysecurityassessments.currently,thefedrampprogramisdraftingstandardsfor FISMA-Highworkloadstoenablemoresensitiveworkloadstoexistinpubliccloudenvironmentsin2016and beyond. Disconnected Acquisition Model NOT SUPPORT On-demand services Legacy security accreditation and authorization procedure Cultural resistance to change 1 Key Barriers FedRAMP (Federal Risk and Authorization Management) 2 Standardized approach to security assessment Authorization and continuous monitoring for cloud products and services Only applicable to FISMA-moderate workloads FISMA-moderate workload Do once, use many times 3 FISMA-High workload (2016 and beyond) 11

TheFutureofFederalIT Whileindividualprioritiescanbecharted,therealityis thatalloftheseinitiativesintersectintoaunifiedit strategy.fromtheuserperspective,havingaccessible data,secureapplicationsandarobustinfrastructureall arebasicfunctionsofgovernmentit.withlimited budgets,governmentitleadersneedtoinnovatejust tosurviveandhandletheincreasingrelianceonit. Becausegovernmentbusinesscan'tbeaccomplished withoutit,itisnolongeranicheforapplication developers. thecloudcanstrengthensecurity,astheresourcesarepooledwithinalargercommunityofusers.thesetypes ofinnovationarenotonlyabouttechnology,butcenteronthedeep-seatedculturalperspectivesofindividual agencies. Whilegovernmentleadersestablishpriorities,agency ITorganizationsarestillstrugglingtoprovidebasic accesstoapplications,supportforlaptopsand commodityitactivities.whilemanypocketsof innovationexistthroughoutthegovernment,theonesize-fits-allprioritylistisachallengefordiverse agenciesthathavedifferentmissions,budgetsand objectivestoservecitizensandtheirusers. Amuchmoreaggressivestanceisneededonsecurity, especiallyintheuseofheuristictools.asthe complexityofthesecuritytoolenvironmentincreases, CISSOsneedtoconsiderhowthecorrelationofthese dataelementscanbecombinedandautomatedto preventhacks.astrongersharedenvironmentsuchas 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information