How did the government’s technology get so bad? (And how does it get better?) / The Hill, December 13, 2016

The Social Security Administration was one of the first groups in government to adopt a big-data approach to operations.

Once an international leader in cutting-edge technology, the administration was “pushing the edge,” said the agency’s chief information officer, Robert Klopp. “IBM was scrambling to make systems big enough to solve the complex problems we’d pose.”

Forty years later, times have changed, and much of the core software running the Social Security Administration is pushing a different kind of edge.
Despite decades of improvements to commercial technology that have made it more secure, efficient and cost-effective, the administration uses a core system that is more than 30 years old.

It contains 60 million lines of code written in COBOL, a programming language invented during the Eisenhower administration that is not even taught in modern computer science programs.

It also contains more than 10 million lines of code written in assembly — one step above programming in binary.

The systems are so obsolete, the agency might be running out of time to upgrade them.

“In five years, over 30 percent of the people who understand the system will be eligible to retire. If we want to upgrade, this is the last chance to do it while people who know the legacy system will be around to help,” he said.

All of this highlights the deep need for modernizing government’s technology, he added.

The problem goes far beyond the Social Security Administration.

Across the government, agencies struggle with obsolete technologies that are less secure but more expensive to keep up.

Around 80 percent of the $80 billion spent on information technology by the federal government is spent maintaining legacy technology. Whether five years out of date or 50, the Treasury, Defense and Veterans Affairs departments each have systems that were around when the Beatles played the “Ed Sullivan Show.”

And agencies could spend less to do more.

How did it get this bad?

Governmental procurement problems are caused by a central paradox: Cost-cutting in IT makes everything more expensive.

In the short term, it is always cheaper to pay to maintain out-of-date technology than to purchase something new that would create long-term savings. Agencies do not have the budget to afford technology that would ultimately save them money.

The amount of money spent per year on new technology across the government has declined by $7.5 billion since 2010.

There have been efforts to encourage chief information officers across the government to be more efficient in other ways.

The Federal Information Technology Acquisition Reform Act, portions of which passed as part of the Defense authorization bill in 2015, increased the autonomy of the information officers while initiating a grading system that assesses major cost-cutting measures.

But the act did not provide the funding necessary to fully modernize government IT.

Klopp said his administration needs $300 million over the next five years in critical modernization efforts before his most experienced workers retire, just to get systems to the point where modernization can continue.

Attempts to fund modernization

In February, the Obama administration floated a $3.1 billion modernization fund, later transformed into legislation by House Minority Whip Steny Hoyer (D-Md.).

White House CIO Tony Scott has spent the rest of the year stumping for the legislation, which would create a largely self-perpetuating fund, with agencies repaying loans through the savings from modern equipment.

Rep. Will Hurd (R-Texas) combined Hoyer’s bill with ideas from a competing bill he introduced that would lead to a comprehensive modernization plan for government technology.

The resulting bill combines the modernization fund with an incentive program to reward agencies for finding ways to self-fund upgrades — essentially allowing agencies to keep money they saved by updating systems.

“The reality is that, with a finite pie, everyone is going to have to be more creative about how they are going to do a little more with what they already have,” said Hurd.

“But everyone can finish the line: ‘If you don’t use it, you lose it.’ If we don’t have an incentive to find ways to modernize on your own, we take that second part away.”

Hurd’s combined bill passed the House but stalled in the Senate.

The cost of buying new tech is a problem, even if the purchases produce long-term savings.

The Congressional Budget Office price-tagged the legislation at $12 billion over the course of the next four years, which appeared to be too big a burden to pass during a lame-duck session.

Still, $12 billion is less than 4 percent of the money that will be spent on IT over the next four years across the government as a whole. The CBO does not offer projections as to how much money would be saved by enacting Hurd’s legislation.

What $12B would mean

The 30-year-old system at the Social Security Administration predates modern security software. Klopp insists this is not an immediate threat to user security, but it is emblematic of the greater problem.

“You’d be hard pressed to find perimeter protections and continuous vulnerability scanning that run in 60 million lines of COBOL,” he said.

Estimates for funds saved by moving the entire government into cloud storage total billions of dollars.

Newer equipment is easier to maintain, often uses less electricity and relies on parts that are available in reputable stores. The Department of Labor has, in the past, had to purchase replacement parts on eBay.

But there is more to modern technology than cheaper operating costs. Newer systems offer better workplace efficiency and, importantly, far better security.

In a Dec. 2 report, the President’s Commission on Enhancing National Cybersecurity concluded that the federal government was not considering the real costs to the country of its outdated technologies.

“The true cost of operating IT is not being considered by the federal government. Funding requests should fully account for operating costs rather than just initial procurement costs,” the report said. “The next President should formally announce his intention to increase investment in modernizing federal IT.”

A problem for later

During the congressional break for election season, Hurd held out hope that the Senate would allow his bill to reach the president’s desk.

By the second week of December, he had given up.

During hearings to discuss a new federal information technology report card, Hurd sympathized with the CIOs who called to testify and said one lawmaker’s suggestion — cash rewards for reporting waste — would be unnecessary.

Most federal employees, they reasoned, would report waste just to clear up funds to better perform the agency’s mission.

“Gentlemen, we hear you loud and clear, and we’re trying to give you an additional tool to be able to use savings you realize. But, unfortunately, it’s likely to have to wait until 2017 to pull that trigger,” said Hurd.