Homeland Security 2012: Mobility With Security Is a Must
Chief information officers from throughout the U.S. Department of Homeland Security (DHS) had words of advice for companies that want to do business with them at the DHS 2012 Information Technology Industry Day. Among the top topics were the need for agile acquisition and acquisition of agile products, the call for information about the return on investment on the products companies offer, and changes in procurement strategies that could have a huge effect on how the government and commercial sectors interact.
The industry day was sponsored by the U.S. Department of Homeland Security, which was a prelude to AFCEA International’s Homeland Security Conference. In part because of budget constraints, the days of duplicate systems and efforts are nearing an end. Members of DHS agencies constantly are communicating with each other, and companies must keep this in mind as they proffer their solutions to individual DHS organizations, the day’s speakers and panelists agreed.
A number of the experts offering their insights shared common ideas and concerns. To secure the homeland, personnel in the field need the ability to access data at their fingertips. In addition, they need to be able to share the information they are gathering about a situation. Both of these requirements must feature security, and the ability to gather so much data necessitates solutions for storing and sifting through terabytes of data and identifying specific threats, shortcomings or duplicative efforts efficiently and effectively.
One approach that is helping DHS achieve these goals is an enterprisewide backbone. This year, the department has moved to “solutions as a service” for a number of its IT activities, including email and collaborative tools. This allows changes to be made on a departmentwide basis. However, Richard Spires, DHS’ chief information officer (CIO), recognizes that a balance must be achieved between those solutions that are common to all DHS agencies and those that are unique to specific organizations within the department. It is a delicate balance, he admitted.
Richard Spires, chief information officer, U.S. Department of Homeland Security
As in the U.S. Defense Department, agility—in purchasing new products, in upgrading products and in meeting new requirements as they arise—has become key, the experts agreed. Charlie Armstrong, CIO, U.S. Customs and Border Protection, pointed out that large IT contracts were entered into in the past for a huge chunk of functionality and five years later agencies are wondering why they don’t have it.
“Well, we all know that life changes very quickly and the quicker you can get this stuff to market—at least some small chunk—we can determine if we need the requirement, do we need to change the requirement or can we build on the requirement. This agile capability is really going to be our future in some of these large—and small—programs to help our program managers be more successful,” Armstrong said. Although this approach may lead to 80 percent or 90 percent solutions, it also will lead to savings in both time and money that can be applied to other areas, he adds.
Panelists discussing how to prevent terrorism and enhance security also spoke about the need for agility in developing products and a push to put a policy wrapper around information sharing through strong identification management and understanding how data is collected and shared. Policies need to be put into place so that front-line security officers—such as those in the Transportation Security Administration—can be provided with the same mobile capabilities on the job that they have at home, Dr. Emma Garrison-Alexander, CIO, TSA, explained. The information security piece these technologies require is what stands in the way of quickly putting tablets and smartphones in the hands of TSA officers, but because the TSA work force always is on the move, it is important to overcome this time-consuming hurdle, she added.
CIOs in charge of securing U.S. borders and enforcing immigration laws also discussed the need for mobility in information sharing, but added that budget constraints likely will preclude the introduction of any “big bang” development starts in the coming years. For example, resources for interagency information-sharing solutions began to dry up before some of the programs could be completed, so interoperability between government organizations—including the military—is now more critical than ever, CIO Rear Adm. Robert Day, USCG, said. He added that he “can’t beat the table enough about the need for mobility solutions” and the requirement to communicate “at the speed of industry, but with security in place.”
DHS CIOs from a number of agencies had some common pieces of advice for industry attendees. First, companies must be prepared to demonstrate that a large financial resource commitment in a technical solution today will yield return on investment in the years to come—either in dollars or personnel hours. This information must be specific rather than generalities about potential savings, they agreed.
Members of the DHS CIO Council discuss their requirements and expectations from industry during the DHS 2012 Information Technology Industry Day.
Second, companies that respond to requests for proposals must be upfront about the total cost of a solution. In some cases, corporations have low-balled bids to obtain a contract. Today, DHS CIOs and program managers are scrutinizing the specifics of those bids lest they agree to purchase products and services that in the long run are more than likely to go over budget.
Third, many DHS CIOs will be revisiting established contract vehicles to determine the value of the products offered there and in some cases will decide which contract vehicles are no longer of use to them. Finding “prime-the-pump” money to begin large new products will be difficult, so they must be sure that once they have made a commitment, the industry partner can—and will—deliver as promised, they said.
In addition to mobile capabilities that can reach back to the DHS backbone, the CIOs see a need not only for data management but also knowledge management tools; capabilities that enable them to analyze cyberthreats to the point of predicting them with a reason amount of certainty; the means to share information in a secure manner in both the classified and unclassified environments; and solutions that can be developed as quickly as apps. For its part, the DHS knows it must address testing, certification and accreditation delays, be open to solutions offered by nontraditional organizations such as individuals, and begin looking to the possibilities of future capabilities sooner so they can incorporate them into the department quickly.