Advertisers
Click here to advertise your jobs
to thousands of job seekers
monthly.
|
|
|
Analysis Careers Ebusiness Education Government ICT Management Legal Issues Security Society Technology Trends Search for Jobs Build a Resume Media Releases Contact Us Privacy Policy Email the Editor IDG registered user login Subscribe to IDG Publications    |
Monumental mission14/10/2002 17:13:48
Monumental mission In the year since September 11, the US Government has launched the mother of all IT projects: re-architecting hundreds of standalone systems with the goal of a unified architecture for domestic and defence agencies. At the same time, federal government CTOs across defence and intelligence have devoted a whirlwind year to shoring up critical infrastructure security and girding against cyberterrorism -- while mulling the possibility of launching a pre-emptive cyberattack against powerful network or computer-susceptible threats. These CTOs are marching into uncharted territory as they try to both break down historical barriers to interagency information-sharing and establish a more secure and streamlined IT infrastructure. "I can tell you we're having dialogues now that we never would have had if not for Sept. 11," says Dawn Meyerriecks, CTO of the Defence Information Systems Agency (DISA), a combat-support agency for defence and military departments. "Homeland Security is one of those things; we're walking on the bridge as we build it." It's a work in progress, comment many observers who say they can't overstate the challenges inherent in reinventing the system to address poor communication and disconnected data environments. According to a July report released by the US General Accounting Office, US cybersecurity policy efforts and the protection of critical infrastructure have been stalled due to ill-defined communication channels and relationships among a wide range of federal organisations. As are many of her IT colleagues, Meyerriecks is now reaching across departments. She is actively engaging with Federal Emergency Management Agency (FEMA) and US Department of Housing and Urban Development (HUD) to grasp the steps all agencies must undertake, such as bringing in state and local representatives if possible, to establish mutually beneficial new security policies and mechanisms. "Things are changing in a favourable direction right now," says Cyrus Staniec, a retired US Army officer and current director for sector technology resources at Northrup Grumman. "But the harder things to answer are going to be at the detail level." Tying it together Norman Lorentz is swimming in details. As CTO of the Office of Management and Budget (OMB) since January, Lorentz is charged with the monumental task of unifying federal IT systems into a single enterprise architecture. This FEA (Federal Enterprise Architecture) is expected to speed government response to emergencies and possible terrorist threats, facilitate real-time data sharing and boost overall efficiency, he says. "The role for the CTO in this is extraordinary since we are basically the strategic technology leaders reporting in to the CEO, which in my case is the White House," says Lorentz. "It's really about strategic technology application to solve real business problems." His initiative centres around designing and implementing five private sector-based IT reference models across federal agencies' lines of business and eventually bridging critical infrastructures of defence and state and local law enforcement under Homeland Security. In July, Lorentz's team of 24 solutions architects wrapped up phase one of FEA, creating Business Reference Model 1.0, an exhaustive exercise in business process re-engineering of everything from payroll processing across 18 systems to how social services delivers funding to state agencies. The solutions architects act as OMB's deputies and help agencies with technical redesigns and the promotion of component-based architecture and reuse, Lorentz says. Next on Lorentz's agenda is applying standard performance metrics to those business processes, and then designing a data reference model to standardise data definitions across agencies, something he describes as particularly "difficult and challenging". Then, during the next year to 18 months comes an application reference model that takes a component-level view of the major reusable applications needed to support the lines of business. Finally, the technical reference model will tackle implementation by identifying what types of infrastructure will be needed to support the data, application and process models. "We are establishing a common definition for lines of business, then mapping the major IT investments in those areas," Lorentz says. Ultimately, the CTO is interested in creating a services-oriented architecture of reusable application components. Using J2EE and .Net platforms, XML, directories and eventually Web services, the solutions architects will select components to work consistently across agencies, Lorentz says. One goal is a universal e-authentication that assigns different levels of access control to individual users. Breaking barriers The "how to get there", as dictated by OMB, isn't necessarily embraced. One reported sore point stems from OMB's putting the brakes on existing IT project spending across 22 different agencies, while FEA is being mapped out. "It's good business management, but for those strong and aggressive agency CIOs trying to put their projects into place, the cease and desist order is quite a stumbling block," says Raymond Bjorklund, vice president of consulting services at Federal Sources, a firm that advises IT clients how to land government contracts. Charles Bravo, CTO of the US Postal Service, called the FEA plan a "good concept" but conceded a long road is ahead. "We need to connect better, but it's going to have to be worked with different government agencies. That's going to be the challenge," says Bravo, whose post-9/11 deployment of 300 RIM BlackBerry wireless devices to key managerial staff went forward uninterrupted. Domestic defence One of the stickier challenges facing federal CTOs is how best to marry domestic IT with that of the military, intelligence, and defence departments -- and where Homeland Defence fits into this. Developing rules on these fronts invariably leads to questions, according to DISA's Meyerriecks. For instance, the CTO says, "all sorts of groups" are examining the impending relationship between US Northern Command -- a new combatant assigned to defend the United States and support military assistance to civil authorities -- and the Homeland Security Department Office and the Department of Defence (DOD). Northern Command will stand up on October 1. "There are a lot of fundamental questions and secrets. Anything that looks even close to a Homeland Security, and vice versa Homeland Defence, has to be dissected at high levels before it gets on the plate," Meyerriecks says. The CTO says opening up DISA's networks to a new cadre of end users would incite the agency to rely less on network security and more on application security -- a posture it has rarely practised and not invested toward in the past, she admits. Northrup Grumman's Staniec says CTOs must figure out how to provide "on-the-fly, need-to-know" access to data in the event of a potential security threat, while not also giving away the whole database to civil workers without clearance. Data mining, business intelligence and algorithm-based intelligent agent technologies must be used here, he says. Convinced that some form of cyberterrorism will invariably take flight against US computer systems, Meyerriecks says the Government is not only prepared to defend itself but also launch a cyberattack of its own if warranted. "Part of the strategy is you don't sit passively by and watch your network be taken out from under you," says the CTO, adding that such an attack would require presidential approval, much like any other weapons systems. President Bush's "National Strategy to Secure CyberSpace" unveiled recently comprised proposals and discussions to define Americans' responsibility of controlling computer security, defining the private sector's involvement. "We in the Federal Government lead, but we look to the private sector to create the operations and management of IT to support the Government," Lorentz says. "And the net-net is that we all need to continue to maintain a sense of urgency at all times." Re-architecting the Capital Using private sector business re-engineering processes, Norman Lorentz, CTO of the OMB, is leading the Federal Enterprise Architecture program, a five-step plan to implement a single-point architecture across the Federal Government. Step 1: BRM (Business Reference Model) BRM defines common lines of "business" by citizen functions across agencies, with a goal of saving agencies time and money, data, and IT components. Step 2: PRM (Performance Reference Model)PRM implements government-wide and line-of-business-specific performance measures and outcomes across agencies. Step 3: DRM (Data Reference Model) DRM defines business-focused data standardisation and standardises cross-agency information exchanges. Step 4: ARM (Application-capability Reference Model)ARM defines applications such as knowledge management, CRM and collaborative technologies. Step 5: TRM (Technical Reference Model) TRM supports single-point architecture through cross-agency interoperability schemas, J2EE, and .Net platforms and various directories.
[ Printer Friendly Version ] [ Other stories about TRM, Office of Management and Budget, Norman, Federal Emergency Management Agency, BlackBerry, FEMA, DISA, US Army, Department of Defence ] |
