Latest TMF awards underscore cybersecurity
Connecting state and local government leaders
Of the seven new Technology Modernization Fund awards announced Sept 29, four are dedicated to improving cybersecurity, primarily through the transition to zero-trust solutions.
Of the seven new Technology Modernization Fund awards announced Sept 29, four are dedicated to improving cybersecurity, primarily through the transition to zero-trust solutions.
The Office of Personnel Management, the Department of Education and the General Services Administration all received awards to accelerate their transition to zero trust.
OPM was awarded $9.9 million to transition to zero-trust networking. According to the TMF website, OPM will establish zero-trust solutions in identity, devices, network, application workload and data. In the 2015 hack of personnel systems managed by OPM, which led to the loss of more than 20 million personnel records, one major issue was that the agency's data was not encrypted at rest on its own systems.
The zero-trust implementation is expected to save money, reduce the number of security tools required to monitor and maintain an effective cybersecurity program and improve interagency communications and collaboration efforts, TMF said. It will also enable OPM to fully comply with Biden administration’s cybersecurity executive order and give it additional identity management options for collaborating with agency partners.
The Department of Education is getting $20 million for a two-year zero-trust program to implement a zero-trust architecture to secure the citizen data it houses. zero trust program will includes strategy, architecture, design and an implementation roadmap. It will also establish a catalog of services with secure access service edge (SASE) and security orchestration, automation and response technologies. The agency is creating a program management office focused on zero-trust activities.
GSA's $29.8 million award will support the modernization of legacy systems and the transition to an advanced zero-trust architecture. It plans to replace directory designs to better accommodate the demands of telework and a secure, multi-domain, hybrid cloud architecture. It will also develop an enterprise single-sign-on with new multifactor authentication options. To shore up its networks GSA will leverage a SASE solution for microsegmentation and will upgrade its public buildings’ security networks. Increasing the use of machine learning and artificial intelligence will help GSA provide security oversight for cyber supply chain risk management and enhance core security operations centers and governmentwide public-facing digital services.
Separately, GSA will get $187 million – by far the single largest TMF award in the history of the program – to secure and scale up Login.gov. GSA's identity management solution is used by 27 agencies across more than 200 government services, but it still doesn't reach some of the biggest public-facing federal programs. The TMF funding is designed to improve cybersecurity of the service and establish an in-person identify verification option for users who don't have digital credentials to create a Login.gov account. The funding will also be used to make it easier for agencies to adopt Login.gov.
GSA also received funding to transition MAX.gov to a secure cloud-based solution for cross-agency collaboration, authentication and other shared services capabilities.
For the other two new TMF awards, the Department of Homeland Security was awarded $50 million to support border technology integration – bringing together multiple independent data systems and paper-based systems to "more efficiently, effectively, and humanely process noncitizens encountered at our Southwest Border," according to the TMF website.
No details were available on the classified project with regard to the agency receiving the funds or what they will be used for. The TMF funding for the classified project award appears to be about $14.3 million.
TMF was established in 2017 under the Modernizing Government Technology Act and serves as a revolving fund for IT projects that significantly improve cybersecurity and advance citizen services. In addition to the $1 billion infusion under the American Rescue Plan Act earlier this year, the TMF board also eased some of the fund's payback requirements to incentivize more agencies to apply.
A version of this article was first posted to FCW.