Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.



411 University St, Seattle, USA


+1 -800-456-478-23

Case-studies Data Reports Our Blogs

IT And Cybersecurity Report Card: Assessing The Biden Administration’s First Year

The Biden Administration’s Build Back Better effort outlines what the administration plans to do to enable the U.S. recovery from the pandemic while addressing the challenges of climate change and inequity. However, behind this marquee strategy is the President’s Management Agenda, which outlines how the administration seeks to drive these changes. Technology is the essential framework for the execution of the agenda. In the document, the administration calls out the need to improve government digital services, upskill the federal workforce, and reform fundamental processes such as acquisition, financial and personnel management to advance its Build Back Better objectives. These reforms require specific technology-focused actions, including but not limited to enhancing federal IT, strengthening federal cybersecurity, building data management and data science capabilities, and increasing public-private cooperation. One year in, here is an assessment of the administration’s progress:

Enhancing Federal IT: Although the administration proposed an $11 billion investment in the Technology Modernization Fund (TMF) through the American Rescue Plan – which Congress ultimately scaled back to $1 billion – and there is a clear need for such investments, it has not developed a clear IT strategy and priorities across government. The administration has strategically important individual programs and agency-specific strategies that are or have the potential to be highly effective, but they are not a coherent whole. There is a clear and proper preference for cyber investments, yet research shows that investments in IT modernization, which are necessary for achieving the president’s other objectives, also improve cybersecurity performance. In addition, other key elements of an effective IT strategy, such as people, process improvements, partnerships, and performance measurement are outdated, missing, or given lip service. Grade: C.

Strengthening Federal Cybersecurity: In contrast to its missing overall IT strategy, the administration has delivered an outcome-focused cybersecurity strategy at a macro level and begun executing many critical components. The Cybersecurity Executive Order set this process in motion and has driven organizational change across the government. Notably, the just-released zero trust strategy provides a strategic vision for a more secure federal government founded on five pillars – Identity, Devices, Networks, Applications and Workloads, and Data – with specific actionable requirements for agencies within each of the pillars. Unfortunately, the prescribed actions do not have dedicated funding, leaving effective implementation at the hands of individual agency prioritization decisions for the next two years. Grade: B.

Building Data Management and Data Science Capabilities: The good news is that a comprehensive Federal Data Strategy and accompanying action plan was released in 2020. The bad news is that the strategy targets true outcomes across the federal government over a 10-year period, meaning it is subject to changes in executive branch leadership. Even worse, many government agencies are already behind in delivering on the foundational activities of the first few years of the data strategy. The Biden Administration’s 2021 Federal Data Strategy’s action plan confesses many agencies will not complete activities and is too heavily focused on foundational elements such as building data governance structures and championing the importance of data use. Further, workforce development is equally critical to building these capabilities but not meaningfully included in the latest action plan. While the Department of Homeland Security (DHS) has launched a new Cyber Talent Management System (CTMS), it is still in a pilot phase and only narrowly available within key offices. Thus, it is fair to say that the government is a long way from tangible outcomes that match the Presidential Management Agenda’s data goals. Grade: C+.

Increasing Public-Private Cooperation: Missing as a key element of the administration’s activities is increased cooperation, both with government partners at the state and local level and with the private sector. There are repeated assurances that “Cybersecurity is a team sport,” and programs in multiple agencies to reach out to the industry. Yet, while efforts such as the Joint Cyber Defense Collaborative are promising, they are disparate and have left many on the outside wondering how their voices will be heard. Similarly, although the Bipartisan Infrastructure Law requires states to have cyber security coordinators who can work with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) they have not provided clear guidance on those roles and responsibilities nor how to take advantage of the cyber grant money within the bill. As a result, many local jurisdictions are left wondering whether it makes sense to apply for grants. These scattered efforts highlight the lack of a comprehensive engagement strategy and undefined objectives. Grade: C+.

Overall Assessment: Success of the strategic priorities of the Presidential Management Agenda depends on progress in these action areas. Much work lies ahead, and it is important that the administration perseveres with the work it has undertaken, with the needed resources and leadership commitment. As vital to future success is the presence of competing priorities that threaten to turn the entirety of the President’s Management Agenda into a bureaucratic morass. In particular, the administration is already finding that its goals for re-shoring and re-building American industrial capacity, driving sustainability, and making rapid infrastructure investments may be mutually exclusive. They certainly can’t be accomplished without active participation and cooperation across government and the private sector. Also, we are yet to see the impact that the first National Cyber Director will have on many of these issues. Final Grade: Incomplete.

This report was originally posted here

Leave a comment

Your email address will not be published. Required fields are marked *