Sign up for our newsletter - Navigating the horizon of business technology​
Technology / Cybersecurity

Security, legacy and skills should top Biden IT agenda, says former US federal CIO

Improving cyber resilience and transforming legacy technology estates are urgent priorities, says Obama-era IT leader Tony Scott.

Cybersecurity, legacy transformation and boosting technology skills in government should be the priorities for the Biden administration’s technology leadership, former US federal CIO Tony Scott has told Tech Monitor.

Earlier this month, Joe Biden appointed David Recordon as White House director of technology. Recordon was previously director of engineering at Facebook and director of White House IT under President Obama. Austin Lin was named deputy director of technology. Both Recordon and Lin worked for the Chan-Zuckerberg Initiative, the Facebook founder’s philanthropic foundation, before joining the Biden transition team late last year.

When accepting the role, Recordon pledged to “rebuild past and create new relationships with the incredible teams of career civil servants, active duty military members, and intelligence professionals who make technology work day in and day out for such an important set of missions”.

Scott, a former chief technology officer at General Motors who was CIO at Walt Disney, Microsoft and VMware before he was appointed US federal CIO in 2015, worked with Recordon under Obama. He is, Scott says, “the best man for the job”.

White papers from our partners

biden cio
One challenge for the Biden administration’s technology leadership team will be to scale digital innovation across government. (Photo by Mark Makela/Getty Images)

White House technology investment

Speaking to Tech Monitor, Scott said Covid-19 has accelerated digitisation in business, government, healthcare and education at an unprecedented rate, while “the cyber threats our nation faces are at an all-time high”.

A critical goal for the Biden administration’s technology leadership is therefore to “dramatically enlarge the incentives for business and government to completely replace legacy federal government information systems”, Scott said, as opposed to “applying another layer of paint to already decaying, expensive and insecure systems”.

This may already be underway. A week before his inauguration, President-elect Biden announced a sweeping Covid-19 relief plan dubbed the “American rescue package” which included $9bn for IT and cybersecurity modernisation.

While not yet approved by Congress, Biden described the technology modernisation proposals as “an urgent national security issue that cannot wait” and the “most ambitious effort ever to modernise and secure federal IT and networks”. He called for the rapid hiring of cyber experts to support the federal CISO and the US Digital Service.

Full implementation of zero-trust principles should be one of the highest priorities.
Tony Scott, former US federal CIO

The new administration must mature the overall effectiveness of the set of cybersecurity programmes and responsibilities, Scott believes. These are currently split among different departments and agencies including the Department of Homeland Security, the Department of Defense, and the FBI. This has become especially pressing in the wake of the SolarWinds hack at the end of 2020, a supply chain attack which breached multiple US government agencies.

“While improvements have been made in the last four years, further policy work, R&D, and re-organisation will help immensely,” Scott says. “Poor cyber hygiene among federal agencies needs to be addressed with the same vigour and effort as other high-priority items, instead of it being a simple checklist exercise. And full implementation of zero-trust principles should be one of the highest priorities.”

While a Federal CISO has not yet been announced, Anne Neuberger, the National Security Agency’s director of cybersecurity, has been made part of Biden’s senior staff as a member of the National Security Council in the new role of deputy national security adviser for cyber and emerging technology.

Scaling digital innovation

Ann Dunkin, who was CIO of the US Environmental Protection Agency during the Obama presidency and is CTO for state and local government at Dell, agrees that modernisation should be a priority for the Biden administration.

In 2021, policy and technology are inseparable.
Ann Dunkin, CTO for local and state government, Dell

“There is no doubt that for every government agency, successful implementation of a policy agenda requires organisations to deliver high-quality user-centred technology solutions quickly,” Dunkin told Tech Monitor. “In 2021, policy and technology are inseparable.

“In addition, the Covid-19 pandemic has accelerated the shift to digital government. The public expect and deserve easy online access to government information and services,” she adds.

Dunkin says that there are pockets of digital excellence dotted around the US government, but the challenge for the Biden administration will be to scale their working practices across the public sector.”

“Over the past seven years, many federal agencies have made tremendous progress creating islands of modern software development practices across the government,” she explains. “Both the challenge and opportunity for federal IT leadership today is to scale those pockets of modern development practices across their organisations.

“The Air Force, which has implemented a software factory model, is one of the few examples of successfully scaling innovation across a large organisation,” Dunkin explains.

Scott agrees that boosting the government’s technology skills base should be an urgent priority for Recordon, the Biden administration, and other federal CIOs in the US. “An estimated 20% of the federal IT workforce will retire in the next three years, and current recruiting and talent management programmes are under-resourced to meet the challenge,” he says.

Engaging the tech ecosystem

Beyond the use of tech by the US government itself, Scott believes the new administration needs to consider “at least some rational proposals” for regulating ‘Big Tech’. He believes a national policy directive, similar to the GDPR and perhaps modelled on the California Consumer Privacy Act, could be a catalyst to the post-pandemic recovery. “The current mishmash of regulations is an inhibitor to economic recovery and international trade,” Scott says.

“Congress should also address the current controversies over the role and responsibilities that large social media companies have in terms of regulating ‘speech’ and content on their platforms, ” he adds. “I think there is already good law on the books as it pertains to traditional media, and this needs to be updated to specifically address some of the unique characteristics of social media.”

Edward Qualtrough

Special projects editor

Edward Qualtrough is special projects editor for Tech Monitor.