Like all Federal agencies, the Office of Personnel Management (OPM) is working on complying with President Biden’s cyber executive order (EO). To help comply with the EO and aid OPM’s modernization mission, the agency has funding requests out to the Technology Modernization Fund (TMF) Board to help OPM with the move to zero trust and cloud modernization, OPM CIO Guy Cavallo said August 31.
In his first public speaking engagement since officially becoming OPM CIO, Cavallo revealed these two TMF requests and that OPM is looking to set up a working capital fund (WCF) to make multi-year investments in the agency’s IT modernization goals.
“We are working across the board,” Cavallo said at a Nextgov webinar. “[The EO] did point out that some of our on-premise tools weren’t up to date, totally on giving us some of the numbers which I think for every agency, it does give you that checkpoint.”
“The ones I’m focusing on are moving to the cloud and zero trust networking,” Cavallo added. “I have Technology Modernization Fund requests in for both of those. Because while I can do some things with my current budget, getting an injection of additional funding would be great.”
Cavallo said that to help aid the agency’s move to the cloud, OPM has established a cloud community of excellence, has completed a 90-day sprint, has initial architecture and high-speed connections in place, and is starting to turn on cloud security tools.
While Cavallo sees promise in the TMF requests, he recognizes that due to the one-off nature of the awards, establishing a WCF at OPM will also be helpful to aid in the agency’s modernization.
“We have leveraged that technology modernization fund, we have asked for that single shot of money again,” Cavallo. “I see people making mistakes and thinking that it’s an unlimited forever fund.”
“[The TMF] is used for initiating technology, so initiating cybersecurity in the cloud is a new adventure, so that’s something. You should look at moving to zero trust networking away from traditional VPN, get a new initiative,” Cavallo added. “You can’t pay for the ongoing licenses after the hack, but it’ll help you get through that transition,”
Cavallo said in his experience, modernizing tech typically comes at an equal or lower price than the systems they are replacing so that cost-saving is one way to fund IT modernization, but a WCF is more sustainable if an agency can get one appropriated by Congress.
Cavallo has successfully gotten one set up before, in his previous post as deputy CIO at the Small Business Administration. He is using that experience to try to replicate the process at OPM.
“It takes working closely with your political leadership – your congressional liaison or whatever your office is called – and then meeting with the Hill,” Cavallo explained. “We definitely pulled the language that we got approved in SBA, and we’ve repurposed it for OPM and said, ‘Hey you guys already approved this once. Let’s do this again.’”