Tech leads broad industry coalition urging inclusion of IT upgrade funds in COVID relief package

February 16, 2021

Major trade groups representing the technology and other sectors are urging lawmakers to preserve $9 billion in proposed funding for IT modernization in the COVID-19 package now beginning to work its way through Congress.

“We write in support of President Biden’s call for robust funding to modernize and secure federal information technology (IT) and networks in the proposed ‘American Rescue Plan,’” the groups said in a Wednesday letter to the bipartisan leadership of the House and Senate.

“The COVID-19 pandemic has greatly accelerated the need for the Federal Government to modernize its aging IT infrastructure. We urge Congress to provide the $9 billion for the Technology Modernization Fund (TMF) that the President has called for in any emergency supplemental legislation. We further recommend that a substantial portion of the total amount provided be exempt from the TMF’s usual reimbursement requirements to accelerate urgent IT upgrades,” the groups said.

The letter was signed by the Alliance for Digital Innovation, BSA | The Software Alliance, Center for Procurement Advocacy, U.S. Chamber of Commerce, Computing Technology Industry Association, Information Technology Industry Council, Intelligence & National Security Alliance, Internet Association, National Defense Industrial Association, Professional Services Council, Security Industry Association, and Software & Information Industry Association.

President Biden and congressional Democrats want to move a $1.9 trillion COVID-19 relief measure through a budget procedure that wouldn’t require Republican votes in the Senate. That package contains about $9 billion for technology modernization and cybersecurity and an additional $690 million for the Cybersecurity and Infrastructure Security Agency’s efforts to secure federal networks.

The industry groups said in their letter:

The new normal, where remote work, social distancing, and virtual interaction are necessary for agencies to safely meet their missions and serve the American public, has exponentially increased the public cost of disruptions. Without the ability to provide in-person services, a cyber attack now could prevent an agency from providing services altogether. Moreover, aging IT applications and infrastructure increase the likelihood of such a disruption. Legacy IT can be difficult to maintain, supported by only a few remaining vendors at great expense, more exposed to cybersecurity risks and single points of failure, less resilient to critical events, and far less effective than modern commercial capabilities. Additionally, the cumbersome nature of those systems limits oversight and transparency into the aid being provided. …

The recent SolarWinds compromise further highlights the importance of federal investments to counter persistent and growing cyber threats to federal IT in an atmosphere of increased vulnerability. Federal technology lags well behind commercial state-of-the-art technologies embraced throughout the private sector, remains vulnerable, and continues to present significant risk to future breaches. Providing substantial non-reimbursable TMF support is necessary to enabling agencies to transform the way they use technology, more securely meet their missions, and deliver enhanced digital services to the American public.

The cyber remediation activities that will be necessary following recent compromises also create unavoidable and considerable unanticipated costs. ‘No-year’ TMF dollars can provide the flexibility and resources needed to quickly address exigent issues as they are identified over the coming weeks and months. TMF dollars can be used to meet mission critical needs that have arisen during the pandemic and remain flexible enough to address the backlog of previously-identified critical IT projects to enhance security and service delivery while saving taxpayer dollars. Excusing repayment requirements can also help with federal recovery and ensure that security and resiliency against future critical events of all sorts are incorporated up-front in the technology transformation that will be enabled by these funds.

The TMF was established by Congress in 2017 as part of the Modernizing Government Technology Act. In its first year, Congress appropriated $100 million to start the program and added $25 million in each of the last two budget cycles.

“Funding and some tweaking on how the program works will make it more effective,” BSA’s Craig Albright told Inside Cybersecurity. “It is not surprising that it takes a couple of years or longer to get a program fine tuned that has the kind of impact that this fund can have.”

Albright said there is bipartisan support to modernize IT systems in the next stage of COVID relief legislation, referencing a $2 billion proposal for updating unemployment insurance systems that states use to administer benefits in a GOP plan put out by a group of senators on Sunday.

“Modernizing IT is already showing up in multiple proposals for the next COVID response legislation so there is a lot of interest among industry in trying to get support for modernizing IT in this next bill,” Albright said.

Internet Security Alliance president Larry Clinton also weighed in with a blog post saying tech and network security funding in the package are critical to the COVID-19 response. Economic recovery from the pandemic is impossible “unless the core systems of the economy – which in the 21st century are cyber – also recover,” Clinton wrote in a Tuesday post. 

| Inside Cybersecurity February 4, 2021