The Alliance for Digital Innovation (ADI) is pressing congressional appropriators to provide more money in Fiscal Year 2023 budget legislation for primary sources of Federal agency IT modernization funding, including the Technology Modernization Fund (TMF), along with the General Services Administration’s (GSA) Federal Citizen Services Fund (FCSF).
ADI, one of the mainstay Washington-based tech-sector groups that regularly grapples with tech funding issues before Congress and the executive branch, made its pitch in a May 31 letter to the chairs and ranking members of the House and Senate Appropriations committees.
The group noted several of the major tech and cybersecurity-related initiatives put in place by the Biden administration since early 2021, along with sharp funding increases for the Cybersecurity and Infrastructure Security Agency (CISA) since then. “Congress has done its part to provide Federal agencies with both the authority and resources to plan for and adopt new and emerging technology for both mission and enterprise purposes,” the group said.
For the upcoming FY2023 budget cycle, ADI urged legislators to continue aggressive funding of several initiatives that it said are “critical to allowing our government to modernize their environments and deliver on the mission essential adoption of modern technology.”
On the TMF front, ADI urged appropriators to provide new money for TMF – at least the $300 million level already requested by the Biden administration – if not more. ADI said that robust Federal agency demand for funding “signals the high level of agency need for modernizing and securing networks outside of the annual appropriations process.”
“ADI believes that $300 million is the minimum amount needed to continue to meet the needs identified by agencies,” the group said. “We encourage Congress to work with agencies to fully understand the backlog of modernization proposals and either meet or exceed the president’s request for additional TMF Funds.”
“Specifically, we recommend that the committee consider targeted efforts to fund zero trust projects to enhance security and to fund modernization efforts at agencies that provide critical services in line with the identified High Impact Service Providers,” ADI added.
Elsewhere in its letter, ADI asked appropriators to support – or exceed – the $116 million that the Biden administration has requested for GSA’s FCSF, noting the fund’s role in allowing GSA to operate the Federal Risk and Management Program (FedRAMP), which certifies security for cloud services used by Federal agencies.
The trade group said it believes that the current FCSF budget for FedRAMP is not enough to meet demand for its services.
“Given the lengthy process to grant provisional authorizations to operate (ATOs) and to regularly monitor changes to cloud services, the FedRAMP program has turned into a bottleneck for companies to be able to achieve compliance,” ADI said. “This bottleneck also acts as a disincentive for new commercial solutions to sell to government customers.”
“By increasing the funding in the FCSF, GSA can significantly increase the throughput of companies seeking authorizations and approval at both the Joint Authorization Board (JAB) as well as at various agencies,” ADI said.
The group also urged support for the Biden administration’s FY2023 request for an 11 percent increase in Federal civilian agency cybersecurity spending to support the transformational work of agencies to migrate to zero trust security architectures, and said it expects the FY2023 request to mark the first in a multi-year request to support the effort.
ADI encouraged the appropriations committee to support the higher cybersecurity spending proposals, “while, at the same time, encouraging CISA to evolve its delivery of the Federal network defense mission.”
“Specifically, both the National Cybersecurity Protection System (NCPS) and the Continuous Diagnostics and Mitigation Program (CDM) were constructed to support older security architectures and legacy agency environments,” ADI said. “These protections should continue to support agencies as they transition away from hardened local networks to more internet and cloud-based zero trust environments that leverage operational technologies, creating expanded attack surfaces.”
ADI also said it recommends that appropriators support funding “to get ahead of cybersecurity challenges that will arise with greater use of the internet of things, industrial control systems, as well as the continued use of legacy systems that cannot be patched and maintained.”
Finally, the tech group urged appropriators to give Federal agencies flexibility in the timing of their IT modernization investments by allowing unused funds “to be placed in working capital funds authorized under the Modernizing Government Technology (MGT) Act and by providing agencies with ‘multi-year’ or ‘no-year’ funding as part of their technology budgets.”
ADI also asked appropriators to extend working capital fund authority to all small and independent Federal agencies, in addition to the 24 larger CFO Act agencies.