Emerging Technology, Government Business
Article | October 7, 2022
“Belonging to the essential nature of a thing; originating and included wholly within an organ or part.” That is the definition of “Intrinsic.” When we were developing the “IT Manhattan Project” framework, we were doing so in direct response to some of the most significant hacks in U.S. Federal history, which piled on to the already unprecedented push to expedite the modernizing of federal IT because of the COVID-19 response. The COVID-19 response shifted the way that the U.S. federal government operated, where our workforce worked from, the immediate need for mobile ‘available from anywhere’ workloads, and how to both secure and support that new way of doing federal business. A new, vigorous push towards rapidly modernizing federal IT environments was underway. Ultimately, it laid the groundwork for producing transformational federal memos and oversight by way of some of the following:
Executive Order 14028: “Improving The Nation’s Cybersecurity”
M-22-09: OMB’s Zero Trust Strategy M-22-09
NIST 800-53rev5: Fulfilling an expedited realization of the overall intent of NIST 800-53r5 through the emphasis on things like conditional access, TIC 3.0 frameworks, Secure Orchestration/Automation/Remediation, and modernized, agile approaches to secure micro-segmentation from Hybrid Environments up to Federal Cloud instances
Overall mandates like these carry with them a consistent anthem driving at rapid IT modernization with rigorous proof of performance schedules attached. Piling on top of those Herculean efforts, the urgency was drastically increased by several of the highest profile cyber compromises in U.S. federal history. Rapid modernization had to happen right away. The time for IT transformation was here, backed by promises of significant funding and a high level of political visibility.
The Shift to Zero Trust
At their core intent, Zero Trust architectures are expected to provide a centralized policy structure that dictates how every individual flow in our IT environments are permitted to talk. No user, host, or flow is permitted without being subjected to rigorous authentication and authorization policy. This shifts our previous understanding of North-South, East-West traffic and how we police it. The foundational intent of Zero Trust architectures centers around applying unified policy to every transaction that occurs between enterprise resources, and doing so in ways that are agnostic to the IT Silo that they reside in.
Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location.”
NIST 800-207 aptly
They go on to explain that the scope of this posture includes all assets, workflows, network accounts, and the like. In summary, police everything, abstract production traffic intent from the underlying infrastructure that supports it, and institute a unified security posture to execute the policing at every network entry point. Regardless of the domain. We all know that this is a tectonic but much-needed shift in our industry. I’d go so far as to say that the successful instantiation of this approach across Federal IT environments is critical to our national security going forward.
Management Complexities
Enterprise IT domains contain varied mixtures of OEM solutions, home-grown tools, and utilize a wide variety of protocols to intercommunicate that aren’t necessarily standardize. Each of these domains is normally managed by separate IT teams who specialize in maintaining those environments. In the federal landscape, each of these domains aren’t just managed by separate enterprise IT teams, but are commonly managed by different contractors. Therefore, IT security organizations have a difficult time achieving and maintaining the necessary operational awareness required to enforce centralized policy. These cultural complexities exacerbated by budgeting concerns have created a fatalistic mentality when it comes to far-reaching mandates. This is where the tectonic shift in architectural and administrative approach is so necessary. This is where multidomain architectures shine.
Let’s define a common baseline of enterprise domains seen across traditional IT environments:
Cloud
Data Center
Enterprise Networking
Extended Enterprise (IoT, OT/ICS)
Remote Access
But to deliver a successful Zero Trust across the enterprise, it is first necessary to understand some foundational building blocks on which to construct our architectural approach:
We can’t have MULTIDOMAIN POLICY without first achieving fuller
We can’t deliver macro and micro-segmentation without first having robust MULTIDOMAIN
We can’t have multi-vendor MULTIDOMAIN Zero Trust POLICY without sensical INTEGRATIONS to stitch each enterprise domain together.
Let’s face it, enterprise IT environments don’t simply include infrastructure from a single manufacturer, or even a few key manufacturers. Rather, our Enterprise IT environments are represented by a plethora of IT manufacturers specializing in different niches of IT and the domains they are commonly found in. These environments are managed by different Federal IT organizations, different contractors who support these Federal IT organizations, and many different teams that support each common IT silo. Different teams that support oft-compartmentalized areas like Network Security Operations, Network Operations, Data Center Operations, Institutional Services, Wide Area Networking contracts, Operational Technologies, and dotted lines to different leadership oversight like CIO Programs, CTO Architecture, the Cyber Security Office, and the audit oversight bodies that they are subjected to. Each of these make up a complex support structure that isn’t necessarily streamlined for efficiency.
Summary and Overarching Goals
In articles to follow, you’ll see us referencing the IT Manhattan Project framework several times. Though many details of the framework can’t be discussed due to their sensitivity, the foundational principles are relevant across the board when pursuing intrinsic multidomain Zero Trust.
Establish Visibility (Administration, Telemetry, Assurance)
Define Straightforward Policy Structure and Hierarchy (Auth Chains)
Perform Multidomain Integrations (API Integrations)
Deploy Software-Defined Framework (Day-0, Programmable Fabrics, Multi-OEM Fabric Integrations)
Establish Sensical Automation Runbooks (Day-2 Operations)
We will also explore some areas that deliver unexpected value to the agency business in immediate ways. All of this will help create a cohesive story that helps CIOs, CISOs, and enterprise architects alike communicate the criticality of this multidomain Zero Trust approach to agency leaders across the federal spectrum.
Read More
Article | May 26, 2021
Federal agencies design a wide range of tools, equipment, vehicles and even rockets. Computer-aided design (CAD) technology allows agencies and users to create digital designs more efficiently. CAD is used for a lot more than designing buildings, but is a basic building block of a more advanced tool known as Building Information Modeling, or BIM. CAD can be used to render 2D digital models of products, equipment and buildings. BIM takes those efforts to the next level and serves as a 3D design tool to “create and simulate how a building would operate,” says Andrew Friendly, associate vice president of government affairs at Autodesk, a leading CAD and BIM firm.
Read More
Government Business
Article | March 11, 2022
Cities, counties, and states are being forced to upgrade or purchase new technology. The old legacy systems are now inadequate, inefficient, and somewhat dangerous because of their vulnerability to hacking. Many of the old systems are almost completely obsolete. They are unable to accommodate new applications.
In today’s data driven world, technology modernization leads to less cost, increases in efficiency, fewer requirements for human resources, and huge increases in convenience for citizens. Research on numerous capital improvement plans for cities, counties, and states reveals that funding is being allocated for major technology purchases and upgrades throughout the country.
Massachusetts
In a bill just signed by the governor, the Act Financing the General Governmental Infrastructure of the Commonwealth, $660 million has been allocated for information technology (IT) needs. Community colleges are scheduled to receive $140 million for cybersecurity, software, hardware, and infrastructure upgrades. Public schools will be eligible for competitive matching grants from a program that received $50 million. Much of the education funding will be used for access to broadband and other digital learning curricula. The IT funding includes $10 million for a statewide data sharing system for all criminal justice agencies and $10 million for the state’s Department of Health.
Cities and counties in Massachusetts also will receive funding. Sommerville’s need to acquire modern backup IT appliances and disaster and cybersecurity projects will get funding. The county of Berkshire is granted funding for a study to determine the cost of constructing a municipal broadband network. Avon will receive funding to move the township’s financial software to the cloud for increased security, and Easton will get funding for an e-permitting geographic information system and some technology-based service delivery software.
Texas
City leaders in Houston plan to spend millions to upgrade some outdated technology. The current computer-aided dispatch (CAD) system is more than 13 years old and has limited functionalities. The city's public safety department is in need of a new system to efficiently respond to police, fire, and medical calls for services. Funding allocations are outlined in the city’s 2021-2025 Capital Improvement Plan. The public safety CAD replacement is scheduled to receive $1 million, and the city has allocated $2.2 million for new budgeting software.
Nevada
The Las Vegas Public Works Department plans to procure a software solution for the city’s capital improvement project program management system (CPMS). The department is challenged with aging IT infrastructure, reduced resources, and currently, each phase of the CPMS uses separate software applications. This is labor intensive and ineffective. The plan is to have one software solution that tracks and manages all phases of the CPMS, including concept, planning, design, permitting, construction, and closeout. The city has budgeted $350,000 each year from 2021-2025 to complete this project.
Virginia
The city of Norfolk plans to upgrade its Department of Utilities’ billing system at a cost of $2 million. Over two years, city leaders plan to spend $4 million per year to purchase IT infrastructure. Purchases will include public safety radios, courthouse equipment, an electronic health record system, security appliances, a cybersecurity assessment, and upgrades to e-services platform.
The city of Portsmouth will upgrade its financial software beginning in 2021 with full implementation by 2024. The project will include software and hardware upgrades and the streamlining of third-party software. Beginning in 2022, the city will purchase record retention software to house permanent, and eventually all, citywide digital records. Plans also call for updating the city’s public safety records management/computer aided dispatch system at a cost of $900,000. New software will improve mobile computing and analysis tools, management dashboards, and multijurisdictional expandable capabilities for future potential collaborations with surrounding communities.
Pennsylvania
The city of Philadelphia’s Office of Innovation and Technology has a total of $153.6 million in city tax-supported funding programmed over its six-year FY21-FY26 capital program. Of the $22.5 million recommended, $8.67 million is for major upgrades for network infrastructure stabilization and enhancement. Another $13.83 million will support citywide departmental applications. This funding will be used for replacement of an old tax legacy system, a new personnel accountability system for the fire department, an integrated jail management system, and an enterprise resource platform modernization effort for procurement, accounting, and logistics. In 2021, the city also will design and implement a new fare collection system at a cost of $1.54 million to replace or enhance the current revenue collection equipment.
North Carolina
The Forsyth County Board of County Commissioners has approved a 2020-2021 annual budget which includes a $6.2 million enterprise resource planning system. The county’s budget, finance, and human resources software programs are in critical need of replacement. In Chatham County, there are plans to replace the current tax office software at a cost of $1 million, and the current software is being evaluated for new purchases.
Oregon
The city of Salem’s Information Technology Department has announced plans to update its financial system at a cost of $650,000. This upgrade is needed to maintain support of the application and increase functionality. The city also plans to update its enterprise storage array at a cost of $250,000. This equipment is primarily used for enterprise applications including financial services, cash handling, parking, utility billing, police records, and other city records flagged for retention purchases.
There is absolutely no doubt – 2021 will be a good year for companies that have new technology to sell to public officials.
Mary Scott Nabers is president and CEO of Strategic Partnerships Inc., a business development company specializing in government contracting and procurement consulting throughout the U.S. Her recently released book, Inside the Infrastructure Revolution: A Roadmap for Building America, is a handbook for contractors, investors and the public at large seeking to explore how public-private partnerships or joint ventures can help finance their infrastructure projects.
Read More
Article | September 18, 2020
Taxpayers, citizens, and industry leaders may not be totally familiar with Public Facility Corporations (PFCs), but that should change, especially now since public funding for critical projects is at an all-time low. PFCs are becoming somewhat common in many regions of the country.
If the legal entity (PFC) is not familiar, here’s a bit of background. A PFC is a nonprofit corporation created by a sponsoring governmental entity — a city, county, school district, housing authority, or special district. PFCs have broad powers over public facilities, including financing, acquisition, construction, rehabilitation, renovation and repair. A PFC, once created, has the authority to issue bonds on behalf of its sponsoring public entity and once the bonds are funded, the money can be used in numerous ways. This type of legal entity has gained attention because public officials with critical projects are being forced to seek alternative funding sources.
In Texas, public facility corporations are allowed the broadest possible powers to finance or provide for the acquisition, construction and rehabilitation of public facilities at the lowest possible borrowing cost. A sponsor — such as a municipality, county, school district or housing authority — may create one or more of nonprofit public facility corporations. Then, the PFC can issue bonds for the construction of public facilities or finance public facilities or even loan the proceeds of the revenue to other entities for specific purposes.
A report that was released by The University of Texas School of Law found that a house bill approved during the 2015 legislative session “expands the authority of public facility corporations and allows the corporation to exercise any power that a nonprofit corporation might exercise and/or grant a leasehold or other possessory interest in a public facility owned by the PFC.” Here’s a bit more background of what is happening in Texas and there are numerous similar examples throughout the country.
The El Paso Independent School District (EPISD) several years ago created the EPISD Public Facility Corporation to fund construction of central offices through non-voter approved bonds. The corporation issued more than $29 million in bonds. The plan called for the EPISD to repay the bonds with general fund dollars from the district's general fund.
The 2019 Texas Legislative Session ended with a $4 million rider added to the state appropriations budget. The money was provided to the city of Port Aransas to build a $36 million apartment complex for affordable housing. Plans call for the 200-unit complex to be operated by the Port Aransas Public Facility Corporation. The corporation will work in partnership with a private company to develop and manage the property. An investment of approximately $14 million came from the private sector partner, and the Texas Department of Housing and Community Affairs provided an additional $18 million in funding. Site work on the project began in July 2020.
Many school districts have created public facility corporations for construction projects for schools, and many municipalities have also used PFCs. The revenue from these types of bonds is sometimes called lease-revenue bonds. They do not require voter approval. Public facility corporations do not have the authority to raise tax rates, but it is possible for a school board to approve a property tax increase to make payments on the bonds sold by a PFC.
The city of Tioga, located in the Sherman/Dennison region of Texas, constructed a new high school with funding from a public facility corporation. A collaborative initiative was launched with a lease-purchase agreement which allowed the PFC to hold title to the land and facility until the investment was repaid. At that time, the agreement calls for everything to transfer back to the district. Because the current campus was reaching its maximum capacity, a new high school campus had been a priority for the district and this was the funding mechanism selected.
The city of Fate in Rockwell County recently embarked on a public-private partnership to develop an affordable seniors housing community. The projected cost is approximately $30 million. To fund the project, the city created a PFC. Plans are for the city to handle the design, construction, and management of the project in collaboration with the PFC. City leaders will appoint board members to the funding corporation which will then operate the development as a nonprofit. The project is anticipated for completion in January 2022.
There are similar types of alternative types of funding options in other parts of the U.S. In Utah, for instance, the Park City Board of Education approved a PFC which will allow the district to secure revenue for a number of master plan projects. The projects have a combined projected cost of $122 million. The school district had considered the funding option of general obligation bonds, which would require voter approval, but elected to create a Local Building Authority (LBA). This funding option will allow them to fund an expansion of a high school facility to accommodate ninth-graders and expand another campus to allow for eighth-grade students.
Public officials, legislators, government contractors, and taxpayers all should have an interest in watching PFCs as well as other alternative funding sources. Until traditional public funding becomes more available for critical public projects, there will be a need for various types of funding solutions.
Mary Scott Nabers is president and CEO of Strategic Partnerships Inc., a business development company specializing in government contracting and procurement consulting throughout the U.S. Her recently released book, Inside the Infrastructure Revolution: A Roadmap for Building America, is a handbook for contractors, investors and the public at large seeking to explore how public-private partnerships or joint ventures can help finance their infrastructure projects.
Read More