At DHS: same challenges, but more pressure to succeed

As the Homeland Security Department prepares to enter its second year, its chief IT challenges remain little changed from when DHS opened its doors this past March: consolidate the IT staffs and systems of 22 agencies and launch new systems to fight terrorism.Even now, the main 'challenge is not going to be technology,' said Randy Hite, director of IT architecture and systems for the General Accounting Office. 'It is going to be the cultural issues. Each of the 22 organizations has its culture. Combining those cultures is going to be an issue.'The seeming slowness of the organizational change is a frustration for Homeland Security's overseers on Capitol Hill.'I think for the next year, one of the most important things the department can do and that Congress can help it with is to integrate those agencies,' said Rep. William 'Mac' Thornberry (R-Texas), chairman of the Homeland Security Select Subcommittee on Cybersecurity, Science, and Research and Development. 'I am disappointed that it has taken as long as it has.'Rep. Zoe Lofgren (D-Calif.), the subcommittee's ranking minority member, agreed. 'They have spent most of their time just trying to staff up,' she said. 'I don't think even yet it is a stable agency.'Lofgren said she had voted against creating the department because 'I thought we would spend the next few years plugging in phones and finding office space. The time spent building the department is not time spent fighting terror.'Despite the organizational hurdles, the government must not discount the technology challenges DHS faces either, Hite said. DHS has considerable obstacles on the system front, especially bringing new systems to bear to counter terrorism, he said. He pointed to the launch of a border entry-exit system, the U.S. Visitor and Immigrant Status Indicator Technology project, as a prime example.'We are on record with U.S. Visit officials saying it is a risky endeavor,' Hite said. 'There are a whole lot of issues to deal with.'DHS also has a lot of work ahead integrating its back-end systems, Hite said. 'For any organization to consolidate the back office, they are going to have to understand the full inventory of systems and have a defined blueprint. That is one of the things the enterprise architecture is intended to do. CIO Steve Cooper says the architecture is a starting point.'The department's IT chief is pinning a lot of what takes place in the coming year on that new enterprise architecture. The road map, whose first iteration came out in early fall, mandates an ambitious schedule for launching new systems and consolidating existing ones.Cooper acknowledged recently that the enterprise architecture is 'a mile wide and an inch deep.' Over the next year, DHS officials plan to add detail to it and issue new versions in June and September.The enterprise architecture describes a transition strategy that will involve shuttering many systems across the department.[IMGCAP(2)]DHS officials have not made public a complete list of the systems the department will eliminate. But priority areas for consolidation are the many alert and warning systems and the numerous financial systems run within DHS.The accuracy and usefulness of the enterprise architecture will be critical to the success of the department's efforts, Lofgren and Thornberry said.Over the next year, 'Job No. 1 will be to get staffed up and organized. The enterprise architecture is at least something,' she said.Thornberry added the department faces significant risks as it works to weave together an integrated network by the end of next year and a complete IT infrastructure by the end of 2005.He cautioned that 'you're also going to have bureaucratic tussles over turf' as DHS builds a mature IT structure.The revamping of the government's cybersecurity apparatus will be a further test for DHS, Thornberry predicted. He noted that before DHS existed, several agencies had responsibility for protecting the country from cyberattacks.The administration has reorganized that structure and placed those security responsibilities in DHS' Information Assurance and Infrastructure Protection Directorate. As a result, some of the relationships among cybersecurity officials must be rebuilt, Thornberry said.'I believe more is actually required,' he said of IT security efforts. 'I do not believe that Congress or the government in general has done enough.'Meanwhile, DHS' component agencies have their own plans for consolidating systems.The Transportation Security Administration, for instance, intends to halt dozens of applications over the coming year. TSA built some of its systems quickly in the early months of the agency's existence and inherited others from the Federal Aviation Administration, said Chris Allen, TSA's chief IT officer.After the terrorist attacks of Sept. 11, 2001, individual airports' security officials needed IT tools to better do their jobs, resulting in dozens of often standalone applications and programs, Allen said at a recent enterprise architecture conference in Washington.'There must have been 100 airports out there that had built little Microsoft Access databases to track their employees' uniforms' and other data, he said.The trick now is to figure out which of these programs contain information that needs to be shared with other airports and with other levels of government, Allen said.TSA has about 362 applications and plans to do away with between 80 and 100 by next fall, Allen said. 'They range from inspectors' checklists to some small financial systems,' he said.TSA is one of the Homeland Security agencies that did not exist before the terror attacks in 2001. As a result, it has had the opportunity to build an IT structure mostly from scratch. But TSA is heeding guidance from the DHS enterprise architecture team.'We work very closely with Amy Wheelock,' director for enterprise architecture in DHS' CIO office, Allen said. 'We are not so far down the road that there is a tremendous disconnect between DHS and TSA.'As the department seeks to consolidate systems across its agencies, the priority objective is do no harm, both Cooper and Wheelock said. DHS officials want to maintain and improve the level of IT services as they consolidate systems.'Consolidation for its own sake is not what we are after,' said Nathaniel Heiner, the Coast Guard's chief knowledge officer. 'We won't run them together to save money. The primary driver is to make sure that we are sharing information more effectively than in the past, so we can get this bloody mission done better.'