Federal CIO highlights budgetary restrictions, need for trust following FedRAMP memo
Coming off the release of long-awaited FedRAMP modernization guidance last month, the White House is now considering how to navigate its technology budgeting needs in a “rigorous and thoughtful way,” the federal government’s top IT official said Thursday.
Speaking during an Information Technology Industry Council event, Federal CIO Clare Martorana said the government’s task of building trust in different cloud packages is based on “the competency, the rigor and the discipline that an agency put into the work that they were doing.” But succeeding in that task requires congressional support.
“We can’t let a lack of funds dictate the lack of service delivery to the public,” Martorana said. “I just refuse to believe that that is a state that we all, as IT professionals, think should be the status quo.”
Federal agencies must move to implement “innovative” cloud technology to securely deliver services, Martorana emphasized, though she acknowledged that modernization can be synonymous with increased spending. In her conversations about modernizing with individuals, “people’s eyes start rolling back and they start ignoring me.”
“The challenge that we have right now in the government — we are not going to magically get the billions of dollars that are needed for us to wholesale modernize the infrastructure of any one agency or multiple agencies,” Martorana said. “It probably will start happening as we get into a post-quantum world, but that is a bit of the future that we’re just starting to socialize with our colleagues across government.”
Martorana said there are “other levers” available to those looking to work around a “constrained budget environment,” including the utilization of the Technology Modernization Fund, for which she has repeatedly advocated increased funding.
In addition to budget implications from the new FedRAMP memo, Martorana said the cloud compliance program is a “key part” of accelerating delivery and that it is particularly important for security.
“We certainly recognize and respect the compliance needs in government,” she said, “but the fact that we are focusing on security as a primary driver of this is a really important component piece that I think just has to be foot stomped and shouted loudly.”
Martorana said that she anticipates the need for the federal and cloud service provider communities to build trust internally.
“We have to build a level of trust, and I think the FedRAMP program has built that over many years],” she said. “This is us all leveling up and us all maturing at the same time, and that’s hard.”