Homeland security budget boost not yet a reality

A year ago, as the federal government mounted a massive homeland security effort at the same time the commercial technology market was collapsing, Uncle Sam became the most attractive information technology customer in America. In February, President Bush requested $52 billion in new IT spending for fiscal 2003. Hungry would-be federal contractors, hoping that a hefty chunk of the money would go to purchasing leading-edge commercial products for homeland security, set up shop inside the Beltway.

But aside from an initial jolt of emergency funding after the Sept. 11 attacks-about $1 billion of which was spent on IT-technology spending in 2002 didn't seem to have much to do with homeland security. By and large, agencies are only beginning to understand what they want to buy, and are focusing on basic technologies, not the new wave of products many companies had assumed they would purchase. Why?

For most of 2002, agencies were preoccupied adjusting to their post-Sept. 11 missions; some were preparing for a massive reorganization under the proposed Homeland Security Department. Because they're struggling just to figure out what homeland security is, they've had less time to shop for new technologies to help them ensure it, says George Molaski, former chief information officer of the Transportation Department and now a consultant.

Complicating matters further, CIOs have been overwhelmed by pitches from thousands of companies touting their products' homeland security features. Most CIOs don't have the time, resources or, in some cases, the expertise to evaluate manufacturers' claims, says Scott Hastings, deputy CIO of the Immigration and Naturalization Service. As a result, only a few contracts have been awarded. The interagency Technical Support Working Group alone received more than 12,000 technology proposals after the Sept. 11 attacks, but it granted only 10 contracts worth $9.2 million for research and development.

The budget chaos on Capitol Hill hasn't helped. As of mid-November, Congress still hadn't passed fiscal 2003 appropriations bills for most agencies. Agencies couldn't begin new homeland security projects because they didn't have the money to pay for them. Continuing resolutions kept the government running through the beginning of fiscal 2003, but limited spending to 2002 levels.

To make matters tougher, the Office of Management and Budget blocked spending on IT infrastructure-such as networks-and some administrative systems at agencies slated to move into the Homeland Security Department. A board of CIOs will review such projects. CIOs support that review, though they say they'd be further along in their work without it.

In view of the obstacles, many agencies are in a wait-and-see mode when it comes to buying new technologies. But they are making some near-term plans. CIOs are focusing on large-scale projects that were under way before Sept. 11. These projects have absorbed the attention of agencies for the past year and will continue to do so as CIOs look for ways to adapt systems for use in the homeland security effort.

Most of these projects don't call for large amounts of sophisticated technology. They require data networks, communications devices and the other products used to build technology infrastructures. As Transportation Security Administration CIO Pat Schambach told a gathering of technology executives in August, agencies aren't looking for "Star Wars" technology. Nuts-and-bolts items are what CIOs need, particularly with the administration's demand that agencies share information and link their systems.

The Wish Lists

The agencies with the biggest technology assets-and the most money to spend-provide the clearest picture of how this philosophy will translate into homeland security IT spending. Budget figures may be hard to pin down, and CIOs are the first to admit their plans could change, but the priorities of seven leading agencies give an indication of where IT spending in the homeland security arena is headed next year. Here's a look at their fiscal 2003 wish lists.

Customs Service

Customs has devoted most of its attention to the Automated Commercial Environment (ACE), a new system to track imports and exports that will connect Customs stations at U.S. points of entry. Customs CIO S.W. "Woody" Hall wants ACE to be a pillar of the Homeland Security Department's IT infrastructure. It would be used to track inbound cargo and help Customs agents better target shipping containers for inspection. Officials fear terrorists could use those containers to smuggle weapons of mass destruction into the United States.

That tracking portion of ACE won't be operational this year, Hall says. He anticipates it will be activated in 2004 or 2005. Functions to let companies set up accounts and receive electronic cargo data will come online in 2003, Hall says. Customs now uses a targeting system that isn't connected to ACE to single out suspicious containers.

ACE in its current form isn't affected by OMB's technology-spending freeze because the contract was awarded to IBM Global Services in fiscal 2001. But Hall has said that he will submit further enhancements for review.

Customs already was replacing its data networks to support ACE before Sept. 11, and now is expanding the network to foreign ports so Customs inspectors stationed abroad can use it. That means more business for telecom companies and foreign technology businesses, Hall says.

The agency also is expediting research and development of new technologies to detect nuclear material and chemical and biological weapons, Hall says. More than 2,000 Customs inspectors already wear radiation detectors on their belts when inspecting shipping containers. The agency is relying on Energy Department and Defense research labs to come up with better detection systems.

While he doesn't envision ACE becoming the single data network for the Homeland Security Department, Hall would like to see Customs' approach considered as a model for how to build new networks that can be used by multiple agencies.

Immigration and Naturalization Service

The most visible INS project is the Entry-Exit system, which would create a physical record, such as a fingerprint or eye scan, of all foreigners coming into and leaving the country. A request for proposals was expected in June, but it hasn't been released because of lingering doubts that the system can be set up at every point of entry without causing massive backups of people and vehicles.

"It's a hugely complicated, mammoth undertaking," says INS Deputy CIO Hastings, on par with creating an air traffic control system from scratch. President Bush requested $362 million to support the project in fiscal 2003. Hastings is unsure when work might begin.

The INS also has other projects on its plate. The agency wants to upgrade its dilapidated technology infrastructure, which consists largely of obsolete computers and unconnected data networks. The $158 million upgrade program, called ATLAS, covers hardware necessities such as cables, networks and security enhancements. No request for proposals has been issued, and in the fall, Hastings was hesitant to predict when it might come, given budget uncertainties and ongoing reviews of homeland security projects.

The INS is making progress in linking its electronic fingerprint database, called IDENT, with a similar FBI database. The agency plans to unveil a prototype of an interconnected system in early January, Hastings says. Northrop Grumman is in charge of the $14.5 million integration contract.

Coast Guard

Coast Guard personnel have spent more than a year preparing for their new homeland security role, under which they will become a de facto police force for U.S. ports. At the same time, the agency still has to fulfill its traditional search and rescue and law enforcement efforts farther out at sea.

In June, the Coast Guard launched an enormous fleet modernization program called Deepwater, a $17 billion, 30-year effort to replace aging ships and aircraft and to outfit them with better navigation and communications equipment. President Bush's fiscal 2003 budget called for $500 million for Deepwater, up from $320 million the previous year.

Though it is designed to upgrade equipment used 50 miles or more out to sea, the Deepwater acquisition will help the agency meet its beefed-up port security role, too, says Gregory Giddens, the deputy program executive officer. This year, the Coast Guard wants to use the contract to purchase better radar systems on its vessels for tracking ships, and also state-of-the art navigation equipment that relates Coast Guard ships' positions to other vessels near them. Giddens calls this "total maritime awareness."

Coast Guard personnel in the field say they need better wireless communications devices so they can talk to local law enforcement officers. And some regional officials are eager to get hand-held radiation detectors like the ones Customs inspectors use. In the port of Los Angeles-Long Beach, Coast Guard commanders have been so strapped for cash they have borrowed detectors from Customs inspectors while searching ships.

In September, the Coast Guard awarded a $611 million contract for the National Distress and Response System Modernization Project, an emergency communications system for boaters. Transportation Secretary Norman Mineta called it "the maritime equivalent of a 911 system."

Coast Guard officials spent weeks convincing OMB to exempt the project from the homeland security technology spending freeze.

Transportation Security Administration

TSA has been a leader in technology acquisitions this year. In June, the agency awarded a $1.4 billion contract to Boeing to install explosive-detection machines at every U.S. airport. And in August, it tapped Unisys Corp. to build a $1 billion technology and telecommunications infrastructure to connect security operations at airports across the country. The agency has aggressively used acquisition reforms to speed new purchases, partly because last year Congress told the agency to install explosive detectors and hire a federal force of baggage screeners by the end of 2002. "There's nothing like a mandate to make you get something done," CIO Schambach said in September.

TSA likely will have one of the newest data networks in the Homeland Security Department, but Schambach has said there's no need to build new systems for administrative operations, such as financial management, if it can use those of other agencies.

Schambach and his team could have a big influence on the ways technology is bought and used at the proposed department. Chip Mather, a co-founder of Acquisition Solutions, a Chantilly, Va., consulting firm, has worked closely with TSA on its IT acquisitions and says the agency is using some of the most innovative procurement approaches in government. For example, the agency's $1 billion infrastructure contract is performance-based, meaning the vendor is rewarded or penalized for how well it meets benchmarks and deadlines.

Federal Emergency Management Agency

FEMA's future is likely to be distinguished less by what the agency buys than how it allocates billions of dollars in grants to state and local governments. Those governments will use the money to buy radio and communications systems for first responders-the fire, police and emergency agencies that would arrive first on the scene of a terrorist attack. The president requested $3.5 billion in the fiscal 2003 budget for new equipment and training for such personnel.

A top priority for first responders is to get their people on the same frequency. New York officials cited the inability of police and fire agencies to communicate on a common radio channel on Sept. 11 as a major hindrance to the rescue effort. FEMA Director Joe Allbaugh says creation of a first responder wireless network is a top priority, and former CIO Ron Miller has called it the "single most critical information technology need" for homeland security.

In June, FEMA took control of Project SafeCom, one of OMB's 24 electronic government initiatives. Under SafeCom, FEMA oversees the purchase of wireless communications systems by federal agencies involved in public safety. The goal is to compel agencies to buy interoperable systems and prevent them from duplicating each other's efforts.

FEMA also will provide grants for state and local agencies to build geographic information systems, including interactive maps showing public escape routes and locations of response teams. New York has developed one of the most advanced systems. Residents can access the program on the Web and use it to get current information about natural disasters, such as hurricanes, and to find the location of city-operated cooling stations during heat waves. City officials have said the system could be used during terrorist attacks to direct people to evacuation routes and to provide officials with the locations of first responders.

FEMA is setting up a similar Web site, Disasterhelp.gov, to serve as the central repository of disaster relief information for both the public and agencies at all levels of government. FEMA will need a secure network to use the site to share information, as well as an automated system to process grants transactions, agency officials have said. As of November, FEMA was still testing a prototype of the site.

Justice Department

Along with TSA, Justice, in a joint contract with the Treasury Department, has made the most progress in releasing large amounts of IT funds. In September, the department awarded a $3 billion contract for wireless communications devices, before authority for the project was transferred to FEMA under Project SafeCom.

The FBI is focused on completing its Trilogy project to put new desktop computers in field offices and build data networks and servers. Technology heavyweights DynCorp and SAIC are working on aspects of the project under separate contracts. FBI Director Robert Mueller told a joint congressional committee looking into Sept. 11 intelligence lapses that Trilogy will be complete by March. The FBI also is planning to implement a system to analyze and share top-secret information, first at FBI headquarters and then expanding it to other intelligence agencies.

The bureau also is creating a connection between one of its law enforcement information networks, called Law Enforcement Online (LEO), and a separate network called the Regional Information Sharing System Network (RISSNET). More than 5,000 law enforcement officers in all 50 states use that network, and many are authorized to access LEO as well.

Centers for Disease Control and Prevention

CDC leads a nationwide effort involving state and local public health agencies to monitor signs of disease outbreaks that might signal a bioterrorist attack. The president has asked for nearly $1 billion in grants to state governments to shore up the effort.

In September, CDC awarded a $511 million contract to TRW to build a health information network that public health agencies could use to share health alerts, including those related to homeland security. CDC plans to invest most heavily in programs to improve existing public health programs already used to monitor outbreaks of disease.

Cities also are building their own networks, funded in part by CDC grants. To get funding, local health agencies must ensure their systems are built according to federal guidelines. These networks would be used to distribute information about disease symptoms and outbreak patterns in the event of a bioterrorist attack.

The Dotted Line

Once CIOs choose what to buy, they must decide how to buy it. Increasingly, they are relying on governmentwide acquisition contracts (GWACs), of which there are more than 60. Such contracts are negotiated by individual agencies, which then make them available for others to use. GWACs likely will be the contracts of choice for homeland security technology. Agency spending through such contracts has increased from $1.1 billion in fiscal 1997 to $2.4 billion in fiscal 2001, according to an October analysis by INPUT, an IT research firm in Chantilly, Va.

INPUT found that more than 64 percent of the orders placed on governmentwide contracts went to 10 companies, all of them large technology firms with years of experience working for the government. That may be unwelcome news for smaller technology firms that hoped government sales would be their salvation from the declining commercial market.

Since agencies already are drowning in technology proposals, they've turned to large companies to vet smaller firms' ideas. Big businesses might then farm out work to the smaller ones as subcontractors, or buy their technology outright. That puts small firms "at the beck and call" of the powerhouses, says Larry Reagan, director of federal operations for Information Builders, a New York-based data analysis software maker. The company is testing its technology at the FBI, but has had to work hard to form alliances with bigger firms.

Even firms that have cashed in on homeland security are still pitching to big companies. Michael Jalbert, chairman and chief executive officer of communications equipment manufacturer EF Johnson, a Lincoln, Neb.-based company that won a place on the Treasury and Justice Department's $3 billion wireless communications pact, says he routinely sends sample products to large companies so they can "kick the tires."

Finding the Future

Many agencies rely on familiar large corporations to identify and provide access to specialized technologies. But new research and development initiatives could hold the key to uncovering revolutionary ideas.

President Bush requested $1.89 billion in fiscal 2003 for the National Coordination Office for Information Technology R&D, which coordinates funding for more than a dozen agencies, including the National Science Foundation and the Defense Advanced Research Projects Agency (DARPA). The office's annual report this year stressed the importance of R&D funding in bringing new homeland security technologies to the government. The Senate version of homeland security legislation would set up a research and development organization within the Homeland Security Department.

DARPA has established an Information Awareness Office and launched a new program to "revolutionize the ability of the United States to detect, classify and identify foreign terrorists," agency officials say. DARPA is seeking vendors to build a prototype for an information analysis system to discern relationships among different sets of data, such as credit card purchases, telephone calls and airline passenger manifests. Called the Total Information Awareness System, it would track, for example, whether someone who bought explosives also made calls to a suspected terrorist. The system would "pick out the related information from the noise" of millions of transactions, says Robert Popp, the deputy program manager. If the system works, DARPA plans to share the design with interested homeland security agencies.

R&D initiatives hold promise for the future, but could be years away from producing usable technology. In the meantime, agencies are likely to grapple over IT funds. Homeland security has put IT budgets on a roller coaster, according to an October report by the Government Electronics and Information Technology Association, an Arlington, Va.-based trade organization. In the coming years, security agencies will see their budgets increased at the expense of other civilian agencies, the report said.

The possibility of war with Iraq also hangs over all budgets, IT or otherwise. With the potential cost of the war as high as $200 billion, according to administration estimates, IT budgets could face significant cuts. In terms of planning new projects, "all bets are off" if the United States goes to war, says George Molaski, the former Transportation CIO.

Security agencies know one thing for sure-they can't get too attached to their plans. Even the basic work begun so far could be derailed by a number of factors. And while CIOs are starting to get a sense of where to take their agencies in the coming years, pondering the future often leaves many of them stumped. As INS' Steve Hastings says, "To say it's not clear to me would be an understatement."