For the third year in a row, Congress isn’t buying the White House’s request nor Democrat lawmakers’ pleas for more money to help agencies move away from legacy systems more quickly. The fiscal 2021 omnibus spending bill, which the House unveiled today, reduced two key funding mechanisms.
But at least Congress seemingly has come to an agreement on the details of a massive $1.4 trillion omnibus spending package and a $900 billion COVID-19 relief measure.
The House approved the rule for the $2.3 trillion spending and relief package Monday evening, sending it to the Senate for quick approval. The rule includes a seven-day continuing resolution, which will keep the government open in the event the Senate can’t send the full measure to the president’s desk before current funding levels expire at midnight.
The seven-day buffer also builds in time for Congress to have the full spending and COVID relief package printed and signed into law by the president. The bill itself is nearly 5,600 pages long.
For more on what’s included in the omnibus spending bill, including the federal pay raise and highlights among agencies ranging from the Departments of Health and Human Services and Veterans Affairs, and the Office of Personnel Management, check out our other coverage.
Here are the details of 2021 spending for IT modernization, cybersecurity and highlights from the Departments of Homeland Security, the General Services Administration, the National Archives and Records Administration and the Small Business Administration.
Despite repeated attempts by Democrat lawmakers, the Technology Modernization Fund remained at $25 million for fiscal 2021. House and Senate legislators wrote letters asking for $1 billion to address systemic technology challenges and even a change in funding approach to kick-start the effort. In the end, appropriators decided to give the TMF board the same amount as in the last two years. The Trump administration requested $125 million for the TMF in 2021.
Congress also cut the IT Oversight and Reform (ITOR) fund by more $2.5 million 2021. The Office of Management and Budget uses ITOR money for cybersecurity and other governmentwide technology efforts. Lawmakers appropriated $12.5 million this year, down from $15 million last year.
If you are looking for good news in the IT modernization sector, the Federal Citizen Services Fund at the General Services Administration is receiving $55 million, the same amount as last year. Congress also is giving GSA the ability to carry over funding from year-to-year of up to $100 million.
Congress gave the Cybersecurity and Infrastructure Security Agency (CISA) $93 million more than it requested for 2021 for cyber operations. CISA’s threat hunting capability received almost a $44 million increase to $160 million, while capacity building and operational planning and coordination also saw significant increases.
In all, lawmakers appropriated $2 billion for CISA, including $1.2 billion for cybersecurity and the protection of civilian federal networks. The bill also includes $716 million for the National Cybersecurity Protection System and an extra $40 million for the Continuous Diagnostics and Mitigation (CDM) program for a total of $214 million.
“CISA is directed to provide a briefing, not later than 60 days after the date of enactment of this Act, regarding the CDM and National Cybersecurity Protection System (NCPS) program lifecycles,” lawmakers wrote in the explanatory text accompanying the bill. “The briefing shall clearly describe the projected evolution of both programs by detailing the assumptions that have changed since the last approved program cost and schedule baseline, and by describing the plans to address such changes. In addition, the briefing shall include an analysis of alternatives for aligning vulnerability management, incident response, and NCPS capabilities. Finally, CISA is directed to provide a report not later than 120 days after the date of enactment of this Act with updated five-year program costs and schedules which is congruent with projected capability gaps across federal civilian systems and networks.”
Finally, Congress appropriated $11.3 million more than requested for the Vulnerability Management program, $2 million more for the Cybersecurity Quality Service Management Office (QSMO) and $9.4 million more to help CISA reduce the 12-month backlog in vulnerability assessments.
“The agreement also provides an increase of $8 million above the request to address the increasing number of identified and reported vulnerabilities in the software and hardware that operates critical infrastructure. This investment will improve capabilities to identify, analyze, and share information about known vulnerabilities and common attack patterns, including through the National Vulnerability Database, and to expand the coordinated responsible disclosure of vulnerabilities,” lawmakers wrote.
The Department of Homeland Security received $51.8 billion in total discretionary spending, which is $30 million more than requested. Congress reduced the agency’s funding for personnel by $1.9 million as “departmentwide attrition and hiring challenges in fiscal 2020 reduced staffing levels at the beginning of fiscal 2021, leading to reduced personnel funding requirements for the remaining months of the fiscal year.”
Lawmakers specifically want a briefing from the chief human capital officer, in coordination with the chief information officer (OCIO) and CISA “on the status of meeting the department’s cybersecurity hiring goals and plans for developing standardized metrics to ensure consistency in identifying personnel skills and talents across the Department. The briefing should also include recommendations on how the qualification standards for IT-focused jobs can be regularly updated to meet the department’s needs.”
Additionally, Congress is mandating a briefing on the agency’s financial systems modernization effort and its headquarters consolidation plan within 90 days.
The big win for the General Services Administration in the 2021 spending bill is Congress giving them an extra $209 million out of the $9 billion Federal Building Fund to spend on facility upgrades.
But the money does come with strings.
Congress wants GSA to develop a five-year capital plan by project as part of its 2022 budget justification. “As in such plans included in previous GSA budget justifications, the plan should include the fiscal year, project name, city, state, project type, project description, prior funding to date, additional funding required, and estimated project total.”
Additionally, lawmakers included requirements for GSA to submit a report to the House and Senate Committees on Appropriations, the House Committee on Transportation and Infrastructure and the Senate Committee on Environment and Public Works “a report on the construction of a new headquarters for the Federal Bureau of Investigation in the National Capital Region. The report transmitted shall…include a summary of the material provisions of the construction and full consolidation of the Federal Bureau of Investigation in a new headquarters facility, including all the costs associated with site acquisition, design, management, and inspection, and a description of all buildings and infrastructure needed to complete the project.”
Finally, Congress tells the Public Building Service to continue its development of new tools, reports and system enhancements to more effectively utilize office space.
“In particular, the use of commercially available technology that provides accurate, building occupancy data in real time analytics while not violating security and privacy could deliver insights into the agency’s work on footprint optimization and space utilization while identifying significant cost savings. GSA is encouraged to evaluate the deployment of this technology across the leased and owned Federal real estate portfolio,” the explanatory text states.
As for the Office of Governmentwide Policy, Congress appropriated $64 million.
Lawmakers want GSA to improve its management and the security of the .gov domain.
“The agreement supports GSA’s efforts to help ensure that citizens are interacting with official government websites. GSA is directed to report to the committees no later than 120 days after enactment of this act on additional steps that could be taken to increase adoption of “.gov” domains for state and local governments,” the report stated.
Lawmakers expressed “profound disappointment” in the National Archives and Records Administration (NARA) progress in digitizing and posting online territorial and federal records generated in Alaska.
“As a result, NARA’s failures have seriously jeopardized the agreement’s faith in other commitments that NARA has made,” the explanatory text stated. “NARA is directed to continue consulting with Alaska Native Tribes and Tribal organizations, Alaskan historical societies, the State of Alaska, university libraries and archives, and other stakeholders to update its understanding of which records have been identified as priorities for access and the most effective methods of maintaining meaningful access to those records. Further, NARA is directed to submit a report to the Committees, within 120 days of enactment of this Act, detailing its full and robust consultations and its plan to digitize, index, and post online the records identified as priorities by Alaskans. Further, NARA is directed to report to the Committees any challenges that inhibit NARA’s ability to digitize and post online those records that have been identified as priorities by Alaskan stakeholders that have personally identifiable information such as Social Security numbers and require redaction. Lastly, NARA is directed to promptly notify the Committees of unforeseen obstacles or resource constraints that adversely impacts this initiative.”
They still appropriated $377 million for the agency with $9.2 million for “improvements necessary to enhance the federal government’s ability to electronically preserve, manage and store government records.”
The Small Business Administration received $270 million in discretionary spending.
Among the provisions in the bill are one for SBA to move its disaster loan assistance portal to the cloud “to improve the user experience by making it more accessible and intuitive. In updating the portal, SBA should enhance its systems to accommodate larger megapixel documents. In addition, SBA is urged to develop a Disaster Loan Mobile Application, in consultation with appropriate individuals and entities from the public and private sectors.”
Additionally, Congress gives SBA’s IT working capital fund access to more money letting leadership transfer excess funding from the salaries and expenses account as well as the business loans program account.