Tech groups want to make sure Congress prioritizes money for government-related cybersecurity in any future COVID-19 aid package.
That came in a letter to congressional leadership from the Information Technology Industry Council (ITI), Alliance for Digital Innovation (ADI), BSA | The Software Alliance, the Computing Technology Industry Association (CompTIA), the Center for Procurement Advocacy, Internet Association (IA), and the Cybersecurity Coalition.
They said CTO have been doing "admirably" with what they have, but also say more cybersecurity money is needed at all levels of government.
They argue that "the prevalence of outdated legacy IT continues to hamper the effectiveness of [pandemic] recovery efforts. Citizens are being denied positive digital government experiences as they seek access to much needed programs, such as securing business loan programs, receiving economic security payments, or applying for unemployment benefits.”
Back in April, the groups said that to combat the COVID-19 pandemic the government needs to invest in IT upgrades across the board and at a level commensurate with the challenge of socially distanced living.
This week's letter outlines some cybersecurity upgrade main points:
1. "Support the Technology Modernization Fund at a level that would allow for meaningful investment in cross-agency IT modernization initiatives. To expedite the resourcefulness of such funds, existing requirements directing agencies to payback TMF funds should be relaxed when such funds are tied to pandemic or disaster recovery efforts;"
2. "Provide direct funding to federal agencies to modernize and secure IT systems beneficial to COVID-19 and future emergency responses. Such funding should be made available for expenditure over multiple years, but does not necessarily need to flow through agency working capital funds;
3. "Establish and fund a mechanism that provides federal financial support to state and local government agencies in need of IT modernization and upgrades to foster better recovery efforts. Such investments should focus on interoperability between programs that rely on federal, state, and local IT systems, where applicable. Language providing additional resources to the Coronavirus Relief Fund for IT improvements is an avenue Congress should explore;
4. "Provide necessary legislative authority for agencies to establish IT working capital funds with strong governance and reporting requirements to enable both Congress and the Executive Branch to more effectively budget for and finance significant IT modernization initiatives;
5. "Provide increased funding to the CDM program so that DHS can promptly and completely fulfill all requests for service and ensure robust threat detection and mitigation against increased adversarial attacks at all Federal agencies;
6. "Support funding to improve the Federal Risk Authorization and Management Program (FedRAMP) cloud technology security program by automating the security authorization process to increase government access to secure commercial cloud service and technology providers; and
7. "Establish a dedicated cybersecurity grant program for SLTT governments to enable greater resiliency and enhanced security of critical technology systems and networks; and
8. "Ensure that IT modernization efforts include focused attention and investment in commercial technologies that strengthen cybersecurity, empower effective workforce training, and ensure robust digital transformation."