Technology Modernization Funding: Which Legacy IT Programs Will Agencies Modernize?

Key Takeaways

• The Technology Modernization Fund Board will prioritize legacy IT projects that cut across agencies, address immediate security gaps, and improve the public’s ability to access government services.
• Identity, Credential, and Access Management capabilities at the heart of Zero Trust architecture are likely to be procured.
• Ten systems identified by the Government Accountability Office in June 2019 will probably be the focus of requests for modernization funding.

Back when the American Rescue Plan (ARP) appeared, the news broke that the Technology Modernization Fund (TMF) would receive $1B in funding available until expended or September 30, 2025. Questions quickly began circulating about where the increased funding was likely to go. FMA didn’t have any information about specific projects at the time, but several weeks later, the picture is becoming a little clearer thanks to additional information that has appeared.

The administration released updated guidance in May 2021 concerning how it will prioritize the funding of new projects using the TMF account. It produced the guidance to ensure that agency needs are balanced with Congress’ intent for providing the additional funding in the ARP. The TMF Board will therefore prioritize legacy IT projects that cut across agencies, address immediate security gaps, and improve the public’s ability to access government services. Projects requesting TMF funding are likely to fall into the following buckets:

• Cybersecurity. Civilian agencies need to address gaps uncovered in the recent SolarWinds incident. Doing this will, in all likelihood, involve acquiring the Identity, Credential, and Access Management capabilities that are at the heart of Zero Trust architecture. The recent “Executive Order on Improving the Nation’s Cybersecurity” calls specifically for agencies to develop Zero Trust architectures and ensure that cloud services adopted are compatible with Zero Trust architecture, reinforcing the guidance relevant to TMF.
• Public-Facing Digital Services. Agencies may propose modernizing/replacing systems that increase access to government services, reduce fraud, and improve service delivery.
• Cross-Government Collaboration and Scalable Services. Public- or agency-facing shared services, including technical infrastructure that can offer a scalable, secure foundation for the rapid creation and modernization of digital services.
• High Priority Systems. This is the heart of the modernization issue. Agencies will target priority assets and services, particularly systems designated as High Value Assets (HVAs) that have significant importance or long-standing security issues. In an interview he did with Tom Temin for Federal News Network’s Federal Drive program, Kevin Walsh, Director of the IT and Cybersecurity Team at the Government Accountability Office, stated his belief that 10 systems identified by the GAO in June 2019 would probably be the focus of TMF requests submitted by agencies for modernization funding. Walsh would not name the projects to keep them from becoming the target of cyberattacks, but on p. 15 of report number GAO-19-471 and p. 9 of report number GAO-21-524T we can see the systems he referred to.

Industry partners working at these departments and organizations may know the names of these projects, so companies may want to network with these partners to be ready if solicitations appear that are related to the TMF. Lastly, industry might also want to note that Mr. Walsh said the June 2019 GAO report (GAO-19-471) mentioned 55 other HVA legacy IT systems for which agencies may seek TMF modernization funding. Keep an eye on those, too.