Peter: The NIST cloud computing definition is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

The definition goes through the cloud framework for private  (SaaS), community (PaaS), public (IaaS) and hybrid clouds.

The biggest problem turned out to be security compliance.

There is currently a federal risk and authorization management program pilot. We’re focusing on using the NIST framework for security, and also looking at the implications of continuous monitoring.

The problem: How do we best perform security authorization and continuous monitoring for large outsourced and multi-agency systems?

Government is increasing its  use of large shared and outsourced systems. Technical drivers are the move to cloud computing, virtualization and web 2.0. We also have data center consolidation as an initiative.

The reality today is a lot of duplicative effort, management efforts and incompatible agency policies. FISMA is not one set of rules, it’s a process.

We have only recently started to have government wide security efforts.

The solution and proposal is FedRAMP (Federal  Risk and Authorization Management Program).

The proposal is to create a unified government-wide program to provide joint authorizations and continuous security monitoring services.  However, authorizations are intended to be leveraged throughout government.  This is to be an optional service provided to agencies that does not supplant existing agency authority. This does not take away agencies’ authority to make their own risk management decisions.

But what about government systems? In the current model, an agency develops a system they like with security requirements they want, assess, authorize and perform the continuous monitoring. Then they want to sell it to other agencies, however there is little oversight or control for the agency consumers.

FedRAMP Goals

• create a unified risk management process,
• create interagency agreed upon security requirements,
• ensure compatible security requirements on shared systems,
• eliminate duplication of effort and associated cost savings,
• enable rapid acquisition by leveraging pre-authorized solutions,
• encourage better system integration with government-wide information security efforts,
• and increased security through focused assessments.

If this model of relationships works, it will change the way security management works in the federal government. FedRAMP currently works with a joint authorization board and security requirement authorities, then feeding approved measures to private sector providers and government information system owners.

Earl: I chair a cloud security working group – the Information Security committee under the  Federal CIO. Last year we studied social media guidelines so agencies could use and adopt social media policies and tools. This year our focus is on cloud computing.

Cloud computing doesn’t mean only public cloud. It is a dynamic allocation of various resources. A tricky part is you begin to lose some visibility and control.

One of the issues is that public clouds are built around an assumed set of basic requirements.

Government is often targeted, and we need to combat those issues.  This makes any IT use, especially cloud computing, a bit different and unique. So, one size really doesn’t fit all. There are different sets of requirements among different agencies.

We’re developing a set of guidelines for policies and procedures to make sure agencies are protected as they embrace cloud computing.

Cloud computing is more than application sharing. It’s actually multiple layers.

It’s hard to tweak public cloud environments to meet all the mission-specific requirements of an agency. Because of that, private cloud is not going away anytime soon.

Community cloud could also be externally hosted with a dedicated system. It might not be a government data center, but it’s also not a public cloud.

Sidenote: Check out the Cloud Security Alliance for some really in-depth information.

What are some issues unique for government, specifically in a cloud environment?

• Architecture framework for government cloud computing – a set of requirements for how government cloud should operate. It will have to stay on U.S. soil.
• Encryption key management needs protection.

There is a fallacy that cloud provides good uptime.  It doesn’t really. Look at Microsoft For anyone that had a t-mobile sidekick, they lost all their information when their data (that had been in the cloud) got moved to Microsoft. Thinking that having everything in the cloud gives you strong continuity of operations, think again.

Security and the government cloud go hand in hand. It’s great to see that there are so many initiatives to make sure that government agencies are able to effectively use the cloud with clear guidelines and policies that work for them.

My only question is, how will FISMA change with the cloud?

Mike: Apps.gov has procurement and information for the general public to see what’s available. It also has a way for agencies to look up and get information on all kinds of cloud computing sources. Basically software platform and infrastrucure. In the future, Apps.gov will continue on without the procurement section however, but hope to launch cloud computing services under apps.gov.

It was obvious that the maturity of the cloud computing development was still being developed. However we felt we could still go out there and solicit partners and went out with a RFQ. The decision was a correct one. The knowledge of what cloud computing is has matured, so more and more companies should take a look our way and hopefully partner with GSA on this.

Last night we posted a notice on FedBizOpps to help companies in  advance when it comes to modifying schedules when it comes to pricing. This special notice was for its IaaS acquisition under Supply Schedule 70.

Apps.gov not only has procurement information, but social media.

Gwynne: A year and a half ago we saw a lot of federal agencies get involved in social networking channels like YouTube, Facebook and Twitter. What happened was that government communicators and service providers found was that people were spending a lot of time on these sites, so we began to think about how to reach people where they already were.  This was a bit of uncharted territory. Agencies tried putting information out. And then we realized we were doing it wrong. There was no recognition that the government was participating in third party sites.

A big challenge for agencies was the legal aspect. But, when government agencies agree to use standard agreements on sites like Twitter and Facebook, a closer look at the TOS needed to happen.

GSA decided to create more friendly TOS with these third party vendors. The first one to sign on was YouTube.

There are currently 33 applications available for people to use on apps.gov, from analytics to bookmarking and sharing, Document sharing, RSS feeds, wikis and more are available on apps.gov.

One of the critical things about having these available was breaking down the logjam for availability of these tools. We were also able to coordinate between different agencies with various needs. For example, the State  Department has an agreement with Facebook to have a page for each of their embassies.

Katie: We talked about social media and the establishment of procurement schedules on apps.gov. If you already use these tools, it’s no different except that there is a site where you can access these apps in the cloud. You can get descriptions and quotes for SaaS options.

We have one group running out of NIST that is working on standards. The two issues that are the most important are interoperability and security. We also have an information security group working across agencies, working on a standardization process for agencies across the board for the CNA process.  We have also developed about 20 use cases.

Agencies have been encouraged to consider cloud computing in their projects. In 2019, they will have to justify why they DON’T have any cloud computing solutions. Clouds.gov is not only a source for procurement, but also for data.

This IaaS procurement that GSA offers has two advantages. One is that each of the awardees, GSA will conduct a CNA. If the new security process is in place, the signed ATO will transfer across agencies. Secondly, it will be one source to get a virtual machine, storage, vendors, etc.

State governments are also collaborating with abstract.gov. We also talk to individual states about cloud computing. Virginia has been interested in IaaS.

It’s important to note that $850 million is being saved through cloud computing from GSA. This is a combination of cost savings and cost avoidance. Previously, we outsourced hosting of usa.gov and maintained it in-house. It was really expensive. Once we moved to the cloud, redesigned our site and outsourced our maintenance, the cost went down.

There is a need for cloud computing to be available for GSA customers. They don’t have time to pick out the correct configurations and research. But with apps.gov, they can go directly there and hopefully satisfy their issues with a solution that works for them.

The federal government is serious about using the cloud in the future. Agencies are going to be required to use cloud computing.

In case you missed it, FCW also has a nice write up of the panel.

Some people think that openness and transparency is a new thing due to the Obama administration. Not so, the  DoD has been open and transparent for years.  In fact in for the past 10-15 years, it has been an initiative.

Who are the titans? Traditional media, the public, and others finding new and better ways to communicate.

The strategic communication roadmap offered this: a need to communicate in a 24/7 new media environment. What does that mean? Communicating the Commander’s intent, from the  “pointy end-of-the-spear” to the  “comfy end-of-the couch”.

Lessons we’re learning. “How does a man in a cave out communicate the world’s leading communication society?” – Ambassador Richard Holbrooke, Washington Post op-ed from Oct. 28, 2001. How is this happening? What are the things that are failing?

Hard questions came up. How do you get published when you story doesn’t rise to the level of “news”? What was often “not news” was the 90% of other things happening in Iraq – such as roads, schools and hospitals being built.

Another question: To whom are you talking and who needs to hear you? The DoD had traditionally been using the media to communicate with the public. But there were things happening in media that didn’t make sense. In 2006 we hired a new media director.

In 2007 we had a story on troop surges in Iraq that showed up in a news rotation, which showed up as important. But then what happened? The death of Anna Nicole Smith. And, our news was gone.

So then we had to ask, who’s telling the story? And why?

The Project for Excellence in Journalism in 2008 “state of the American News  Media” report showed that the amount of public interest vs. media coverage.

Events in Iraq shows a lot of public interest, but not a lot of media coverage. More news from the Iraq homefront also showed high public interest, but even less media coverage. In 2009, the study showed that audiences were increasingly turning to cable and the web.

What’s the difference? Immediate access and choice.

Is there a difference between “how do you get your news” and “how do you inform yourself”? Maybe.The difference is, your choice. You choose what you Google, and you get what media tells you is news. Not only is it your choice what you go and find, but when.

Media is dying because they haven’t made the change. They don’t understand the business model.  Partly it is because things are changing too fast. People are experiencing a behavioral change in how they inform themselves.

Does this mean there should be less news? No. There should be more news, to help cut through the clutter.

Other lessons we’re learning:

Online dynamics has the…

• Impact of television
• Immediacy of radio
• Depth of print
• Endurance of books

Makes sense, right?

Our first information technology policy was, keep it closed, keep it tight and keep it secure. Which makes it useless if you can’t communicate the information that is inside.

How do we define our audience? What is an audience? A group of listeners or spectators? A reading, viewing or listening public? What about an opportunity to be heard? Is an audience a spectator or a participant? It’s BOTH.

What about a target audience? In this kind of interactive and dynamic environment, how do we target audience? We want to bring people to US.

A Pew Research report shows how news happens.  Interestingly, when you break down who  reports new information – print is still king. And, 62% of those news stories were broken by the government, vs. citizens.

DoD launched a Bloggers Roundtable. We connected folks who were SME and were doing things on the ground. We took people who were carrying conversations, and posted them on our own website. We had video, audio, transcripts and more. Within six months, we had over half a million people tracking this page per month, with similar downloads of video and audio files.

Then we started seeing some of that information showing back up in traditional news media. This was very important for us to build context and understanding for what we were doing and what was actually happening on the ground in Afghanistan and Iraq.

We then moved the roundtable discussions onto a blog, giving people a chance to interact and link back to us. Letting the information circulate and allowing people to pass it on was a key success.

We also give the Chairman of the Joint Chiefs of staff a blog. He also is on Facebook and Twitter. This gives him a voice to connect directly with the public. Our Social Media Hub gives us a chance to talk to people through a narrower audience. It gives insight as to how we are and should be moving ahead.

One challenge – our IT policy vs. our communication policy.This boiled down to how we saw the Internet. A field to maneuver or a fortress to be defended? We had to protect our information, and also our troops. Security remains. But the challenge is different.

What’s changed?

• We now have a policy statement – now we can budget for expansion and additional bandwidth.
• We can train our troops – if operations security is a problem, it’s not the Internet’s fault…it’s ours.
• We can teach our troops to train their families.

Question: Does DoD have a comment policy? As long as it’s not advertising, and family appropriate, we allow it. Opinions are important, negative or positive.

Overall, different CIOs are responsible for enforcing social media and web 2.0 policies. PAOs also have to buy in. It works both ways, and everyone needs to work together to find a solution that works for their agency. We have reached a churning point, it may take awhile, but it will happen.

 A recent survey of CIOs shows that 43% feel their IT departments are understaffed in relation to their workload. A separate Gartner survey of senior business executives finds that 62% recognize that “IT-enabled changes will be a key element in their post-recession strategy”. While these two findings conflict, Gartner’s survey also shows that CIO priorities have shifted from 2009′s cost cutting to 2010′s focus on revenue growth. The shift to growing revenue could be an opportunity for IT leaders to position themselves and their staffs as key comp0nents to the rebuilding plan that could also signal the need for new hires.

With all of the daily cloud news over the past year, it’s no surprise that a number of IDC’s top 10 tech predictions are cloud-related. Number one is maturing of the cloud with improved SLAs and business continuity/disaster recovery that are expected to be the “killer apps” for the cloud in 2010.

As cloud computing continues to mature, 10 big cloud trends have been identified that will help drive enterprise adoption:

1. Price drops as aggressive commodity pricing continues
2. Simpler cloud pricing models including all-you-can-eat
3. Enterprise application vendors embrace metering for easier tracing of usage
4. Enterprise-grade SLAs of 99.9% or better
5. New cloud technologies that improve use and performance, including tools to help reduce the cost of “on-boarding,” or moving applications into the cloud.
6. Security concerns (the #1 inhibitor to cloud adoption) addressed
7. Ubiquitous performance monitoring
8. Open standards for cloud computing advance. “For cloud computing to really take off, it has to be open. Cloud providers will have to allow movement between clouds and interoperability, as well as enabling disaster recovery between clouds,” said Emil Sayegh, general manager of cloud for Rackspace US Inc.
9. Politics will drive decisions. Cloud decisions will increasingly be made with an eye on politics and not by IT managers. The Los Angeles City Council’s approval of a $7.25 million, five-year deal with Google Apps engaged the mayor and city council in a very public debate about cloud services.
10. Decentralized IT decision making; for example, the federal app store allows U.S. government employees to order services and tools without necessarily having to go through an IT approval process for each and every action.

More on last week’s appointment of Howard Schmidt as the White House cybersecurity coordinator…  Schmidt will report to John Brennan, assistant to the presidnet for homeland security and counterterrorism. One of Schmidt’s challenges will be to ensure that sensitive information is secure while at the same time stimulating innovation and coordinating the efforts of civilian and military agencies.

No one end of the decade list is definitive, but here are seven tech advances (compiled by GCN) that show just how far we’ve come in just 10 years. While everything on this list seems mundane or routine, remember: 10 years ago they were not. I’m excited to see what the next decade brings:

• GPS devices – in 2000, the DoD began allowing accurate positioning information leading to GPS on/as handheld devices and in cars, phones, PCs, etc.
• Smartphones – from Blackberry to Treo to iPhone to Droid and continuing…
• Open source – now the mainstream (Firefox, Google Chrome, Linux)
• Web 2.0 technologies
• Flash memory – may even replace hard drives in laptops and PCs
• WiFi – anytime, anywhere Internet!
• XML languages – if it involves storing, identifying, moving or sharing data, particularly via the Web, XML is in the mix

In related news, Dell says it expects to “promptly” close its acquisition of Perot Systems. For enterprises looking to implement virtualization and cloud computing, the merger brings together Dell’s hardware and software expertise for advanced data center implementations with Perot’s expertise around integration, deployment, and management. Merger plans were announced in September.

Technology industry trade association, TechAmerica, released its Vision report – a look at important trends and factors that influence the government market. As we found in our FOSE 2009 survey, the government is transitioning as long-established governing processes rapidly change. Some of their findings:

Inhibitors and Drivers to keep spending in check. Agencies will:

• Spend less to improve fiscal discipline, achieve economies in contracting and realize ROI
• Spend more to improve services to citizens, increase scope and scale, address pent-up demand, make upfront costs of investments and make investments critical to operation

Cloud Computing Implications:

• Threats: may lead to outsourcing government infrastructure, will lead to increasing erosion of margins, new competitors
• Opportunities: need for government clouds as commercial offerings don’t address all requirements

Web 2.0/3.0 Implications:

• Threats: breaks down heirarcy and government/industry relations; newer, faster ways to do business, and inadvertant release of competitive intelligence
• Opportunities: speeds communication and offers broader collaboration

TechAmerica also issued a letter to President Obama asking him to appoint a cybersecurity coordinator at the earliest possible opportunity. In our 09.19.00 Links List we noted that Frank Kramer was rumored to take the position “within two weeks” – looks like “two months” may have put us in the ballpark (if it indeed happens any time soon).

At the Cloud Computing Conference and Expo, Intel talked about the hurdles and potential gains of private cloud computing. Hurdle: there is no blueprint to building a private cloud, so enterprises will have to invest the time and resources to meet user expectations. However, the benefits of private cloud continue to be quantified:

• Cost efficiency – Amazon charges 8.5 cents per hour for a Linux server in EC2. Servers account for 50% of the expense of data center outlays; power and cooling for the servers adds another 23%
• Improving voltage regulators on servers, allowing a two-way server to scale back to 60 watts when idle, would save $6 million per year for a company running 50,000 servers
• Building private clouds with servers using flash drives instead of disk drives uses 90% less electrical for cooling

Despite today’s news that unemployment is the highest since 1983, the worst of the recession may be over for IT pros with certain high-tech skills. Pay for IT professionals increased slightly more than 1%, causing industry watchers to be cautiously optimistic. However, there is conflicting information, as some IT professionals are seeing their pay slashed during company-wide cuts. It may help to look for jobs in the top US hotspots for IT jobs.

Finally, for a harmless break, check out Numberology – a site that gives you a daily number with an explanation of what it represents. Today’s number is $200,000 – from Neiman Marcus’ annual holiday catalog – the cost of dinner with Malcolm Gladwell, Nora Ephron and John Lithgow. Proceeds are donated to a children’s reading charity.

“The value proposition around cloud computing does all that. That’s why the GSA wants to make industry solutions for cloud computing available to the government.”

Federal CTO Aneesh Chopra, also speaking at Gov 2.0 said the OMB is just a few weeks away from issuing an Open Government Directive outlining steps agencies can take toward transparency, collaboration and participatory government of their organizations and processes. The directive includes a schedule for the public release of data in machine-readable formats (I think that means over the internet), as well as additional “government 2.0″ web sites like data.gov and the IT dashboard.

Could cloud computing, with its significant cost savings that bypass going through a vendor, signal the end of open source? Andrea DiMaio, a member of the Gartner Blog Network says that cloud computing is indeed pulling all the attention away from open source. She cites many of the shared benefits of open source and cloud computing such as:

• eliminating the need for costly and time-intensive hardware acquisitions
• drastically cutting the number of resources needed to maintain systems
• allowing faster provisioning that is easily expanded
• providing a fast way to get rid of licensing costs
• and cloud computing is more politically correct and viewed as innovative

It appears that President Obama is close to appointing Frank Kramer as the White House Cybersecurity Chief. Kramer, assistant defense secretary for Bill Clinton, is reported to be in line to take the position within the next two weeks. FBI official Chris Painter has filled in since last month’s resignation of Melissa Hathaway. The cyber-czar will be tasked with plugging holes to help prevent identity theft and to secure intellectual property and sensitive military information. A welcome appointment, although not in time to prevent Ben Bernake’s wife from becoming a victim of identity theft when her bank account information was stolen by the receptionist in her doctor’s office.

There’s continuing analysis of Gmail’s outage last week with added speculation on whether the cloud is reliable. Do the math – a 99.9% uptime guarantee allows for 9 hours per year of down-time. So how will cloud users be “compensated” for down-time?

There are two sides to every coin, even when it comes to your employment status. So for you glass half-full types, here are some suggestions on how to make yourself layoff-proof. If the glass is half-empty, we suggest how to get fired.

Finally, submit your nominations for the 2009 SysAdmin of the Year, now through Oct. 23. Winners will be announced Nov. 4 at the Large Installation System Administration (LISA) 2009 Conference in Baltimore. Prizes range from a laptop computer to Guitar Hero 5 games. The first 500 submissions will receive a SysAdmin of the Year Rock Star t-shirt.

Despite the loud protest out in front of the Moscone Center, Cisco Live officially kicked off with a keynote by CEO John Chambers. This is the 20th anniversary of Cisco Live, and I had been told many times that hearing Chambers speak was not to be missed. Me and several thousand other people apparently. The line to get into the the keynote hall stretched from one Moscone Center Hall to the other underneath Howard Street.

Entertained by scenes of Cisco Live’s past and quite loud 80′s music, we waited for the great man. To pass the time and make sure the OCD of us actually stayed put, there was some live texting going on. One of the questions: “What did you tell your boss to get to come to Cisco Live?” Some of the answers:

I would bring him back a hat.

I had to learn more about these router thingies.

KISS would not be playing this year.

I am the boss.

Free telepresence!

Our “Host” for Cisco Live this year is Carlos Dominguez, Senior VP, Office of the CEO. Carlos told the audience that the first Cisco Live was in Palo Alto with about 100 networkers. And this Cisco Live has over 10,000 attendees, plus over 3000 people joining virtually. What a difference 20 years makes!

Some Cisco internal tidbits:

• Even the Cisco SVP’s fly coach
• They eat in the cafeteria; there’s no private executive dining room.
• The SVP’s offices don’t even have windows. (OK, that was a joke)

Next up: John Morgridge, Chairman Emeritus, Cisco Systems

Cisco was conceived and incubated at Stanford University. The business was started on the campus – but then Stanford kicked them off when they found out. So the business moved to two of the founders’ home complete with a nice 3-car garage, which extra space came in handy for the big equipment they were using at the time.

Logo evolution:
Cisco as in Frisco as in San Francisco. The golden gate bridge is the inspiration for the image on the logo. There have been many logos over the years – one for each new VP of marketing…[I think the people around me were a bit taken aback at how hard I laughed at that one.]

Advice from John Morgridge: in addition to talented engineers, what do you need to create a successful startup?
t-shirts, pizza and beer

Next came CEO John Chambers

The protesters made it inside the keynote and broke John Chambers rhythm for a bit. (I can tell that they’re being taken outside – as the yelling fades)

The point of John’s talk was to share where Cisco is going. What’s on John’s mind?
The economy of course, but a company like Cisco needs to look at where is the marketplace 2, 3, 4, 5 years out and not just where it is today.

“There has never been more innovation opportunities than today.”
[Note: I will say that at times it felt like I was at a Cisco Employee Annual Kickoff - but perhaps that was the point.]
Cisco combines: Vision (5-10 years out) + Differentiated Strategy (2-4 year cycle) about how to get there + Execution Plans (12-18 months)

Where Cisco is Headed – The Big Points:
1) Despite or perhaps because of the down economy, Cisco is going to be more aggressive and certainly more ambitious than ever before in its history. Instead of heading into a couple of new market adjacencies (John’s word), they are attacking over 30. The only way to make something like this work? Well it doesn’t hurt to have $30 billion in the bank. But John talked about building technology architectures – with building block components that were shared across the market adjacencies they are planning to go into.
2) Focus on Video: The Flip video (and its mass acceptance) has made video simple and pervasive in everyday life. Video is the communication vehicle that changes how business is done. “Video is the killer app.”
3) Focus on Collaboration (Web 2.0): with all Webex and social media/networking, collaboration and Web 2.0 are becoming mainstream. It is these types of communication media that will fuel the next decade of productivity.

And the changes start internally for Cisco. All these plans necessitated a major org structure change. Not “command and control” but “collaboration and teamwork”. [Note: seems rather black and white. Cannot believe collaboration and teamwork didn't exist to a great extent at Cisco pre video and Webex.] John turned right and 60,000 people turned right with him.

“Majority of times I talk to the customers, it is now virtual. This is how every employee of every company will work, not just the CEO.”

Here’s an example of this new business model: traditional vs virtual events
Recently, Cisco held a Leadership Offsite meeting and cut costs per person from $2800 to $600.
Another example of how video/collaboration changes/enhances the customer experience:
New Cowboys stadium – 3000 HDTV cameras. Everything done with networking – video, digital media, wireless, etc. “Changing the fan experience” increased revenue per customer by 50%. Changes everything. And eventually, Cisco will be bringing this experience all the way to the home with consumer TelePresence.

List of 30+ market adjacencies Cisco will move into:
video, china 3.0, india 3.0, cloud computing, small business, consumer, green, cisco 3.0, collaboration us/webex/telepresence (at the top of the pyramid), virtualization/data center, managed services, RIS – routers in space, mobility, Smart Grid, Software/XaaS, Smart Connected Communities, Media Solutions, Emerging Countries 2.0, Virtual Healthcare, Safety/Security, solutions, consumer, commercial acceleration, mexico 3.0, advertising, sports/entertainment, quality, advertising, command/control moving to collaboration/teamwork

Nobody else in the industry thinks about this as more than 1 or 2 products. We think about it as an “architecture”.

Cisco’s (and John’s) mistakes (what might trip them up)
1) don’t move fast enough
2) try to move fast without a replicable process to make it happen again and again

This is our third year doing the survey of Government IT at the FOSE show, so we are able to show some trends. Over time, we’ve switched some topics in and out of the list, but we have always asked two main questions: Which technologies and projects are most important to Government IT and which ones have already been implemented or are agencies planning to implement soon.

Important Technologies:

1) Continuity of Operations – 92% (of respondents marked this as important or very important)

2) FISMA/Security Information Management – 88%

3) Virtualization Management – 76% (down from 86% last year)

Where Government IT is Spending Budget/Resources:

1) Continuity of Operations – 48% with tools in place, 13% planned this year

2) FISMA/Security Information Management – 43% with tools in place, 15% planned this year

3) Virtualization Management – 30% with tools in place, 14% planned this year

So actually, the top 3 match up in terms of stated importance and actually getting them done. We saw much more of a gap with Virtualization Management last year – with 86% marking it important but only 15% with tools in place; Government IT has spent the last year beginning to close that gap. No surprise in light of the economic climate and the emphasis everywhere to be more efficient and cut costs.

At the very bottom of the list: Cloud Computing with only 42% marking it as important or very important to their operations and only 11% already using it (and 8% planning projects for this year). I have to say that I was a bit surprised to see even ITIL/CMDB (at 50% important/very important) beat Cloud Computing out on this list but then I thought about it more and could think of a few factors why this would be so. (slight side note – loved the guys who came by the booth and started laughing about ITIL/CMDB. Turns out they took the certification class but flunked the test. At least they had a good sense of humor about it!)

So Cloud Computing: The US Government is the largest buyer of technology in the world. With a few exceptions (Department of Defense, for example), government agencies are not known for their rapid adoption of technology innovation. I’m not telling tales here – it’s what new Federal CIO Vivek Kundra stated out loud in his keynote and what he vows to change. (Once he’s taken off of adminstrative leave for his old DC CTO office being investigated by the FBI. Eek – apparently the FBI raid was going on AS HE WAS SPEAKING at FOSE.)

Cloud computing – public, private, hybrid – is constantly being defined and redefined. It literally means different things to different people, and the game keeps on changing on us all. Is it any wonder that government IT, with its often elevated requirements around security and accessibility and extended if not complicated procurement processes, has not yet universally adopted the notions of dynamic on-demand computing resources or not owning its computing resources (system integrator contracts aside)? Similar to IPv6 (but hopefully a lot more successfully), shifting plans in Government IT to use public and build private clouds is a huge undertaking and requires mandates, timelines, planning and coordination that the Obama administration’s OMB has not yet provided. Like many of the survey takers said, we’ll have to “wait and see” on this one.

The detailed survey results and more analysis

FOSE 2009 Survey – Part I (Change Comes to Government IT)

What an interesting contrast of speakers. Freeh – out of the federal government since 2001 (not counting his stint on the Fannie Mae board) and that’s pre-9/11 for those of you who are wondering. Kundra – just starting a new position (Federal CIO) as part of a new administration that continues to promise change, change, change. Old School vs New School.  And their speeches and the q&a reflected this contrast at the same time that they agreed on the fundamental idea that the old way of doing government has to change.

Freeh took us back to the founding of the country, bringing up the debate against a centralized government and even touching upon the attack on Pearl Harbor. Like 9/11, he said, the government was shocked but not surprised; they knew a pre-emptive attack by the Japanese was coming just as they knew bin Laden and Al-Qaeda had been ramping up anti-American terrorist attacks. But after 28 years in government service, Freeh pointed out the government tradition not to get up to speed on a problem until it becomes a crisis. This still holds true – whether it’s counter-terrorism or cybersecurity efforts. The infrastructure and budgets are simply not in place beforehand for the federal government to be effective.

If Freeh was a historian during his speech, can we say Kundra was a visionary? Certainly, he focused on future efforts, plans, core principles or “pillars” for how government operations must change and adapt to the speed of technology and the challenges facing the US today. They are:

1) Transparency and Open Government – President Obama has already signed a memo on the principles that government should be open, collaborative and participatory. An OMB directive should be coming out within the next few months (they need to appoint that CTO PDQ)

2) Engaging Citizens – beyond transparency and providing information that the private sector can use to innovate, the government should provide ways for citizens to actually be involved in daily government operations

3) Lowering the Cost of Government Operations – I got the distinct impression that this was a truly hands-on project for the CIO, as it should be. He seemed almost to take it personally that the federal government is paying too much and at the same time taking too long to provide necessary IT services. The short-list of alternatives – cloud computing and free technologies already available to consumers that will drastically cut costs, time to value/implementation and enable government IT to provide services as effectively and efficiently as possible. His mini-rant: If it takes 2-3 years for the procurement process alone, we’ve just bought obsolete technology. (should not be an aha moment)

4) Don’t Take the Same Path – Find the Innovative Path – You don’t throw good money after bad. Instead of fixing what’s broke, sometimes it takes an entirely new approach to get things done. He’s talking about innovation here – and not just in the technology itself but in how you address the problem. The example: explosion in web 2.0 technology which should be used in government but the issue is not so much re-engineering the technology itself, rather it’s the training and change of mindset for a whole group of people and teams in the federal government.

On a final note, I’ll say this. While Freeh seemed to focus on the past and Kundra on the future, I wish someone was focusing on the present. I think believing someone is focused on that would make a lot of us feel better.

Stay tuned for more info on Kundra: in his pledge to be open and accessible, he promised to hold Saturday or Sunday roundtable sessions where people could come and talk openly about their ideas for improving government operations.

Well, maybe.

That was the topic of discussion today at a FOSE 2009 panel today, entitled Gov 2.0: Evolution or Revolution.   Moderated by Chris Dorobek, a radio host on Federal News Radio and a prolific blogger on DorobekInsider.com.   The title was actually picked by the readers of Dorobek’s blog…is there a more fitting way to showcase the interactivity of Web 2.0?

Chris says…

The concept of the government using Web 2.0 tools is hot, evidenced by the introduction of the Government 2.0 panel this year. The election of Barack Obama as President (and his well-known use of Web 2.0 on the campaign trail) and the user-friendly nature of the tools are two of the many contributing issues driving organizations to reconsider their stance (or non-stance) on Web 2.0.

Web 2.0 folks are pushing users, both public and private, to move quickly on collaboration tools and government agencies are to hot to jump on the bus…but are slowed down due to the need to meet security and archiving requirements. So how do we speed up the adoption process of Web 2.0 in government?

He then turned it over to the panelists…

Chris Rasmussen, US Intelligence Community, sees the big problem facing Web 2.0 tools in government as the encyclopedic view that organizations are having of the tools they currently use. Right now, wikis are the place to think out loud, and then the information is vertically vetted and turned into a report for presentation. He suggests that we cannot conceptualize the world in paper anymore. Instead, he’d like to see agencies move towards a school of thought where the review process takes place in the same place as the collaboration, changing what the report looks like.

Today, it seems as if the heart of an agency is the report – if collaboration tools don’t address the heart, then they will have tough time gaining adoption and organizational commitment or change. The other issue holding back full-on adoption is that agencies keep adding Web 2.0 tools but don’t take outdated tools away.  Speedy adoption requires that old tools must be phased out in a timely manner.

Mark Drapeau, National Defense University, recently wrote the article  “Government 2.0: the Midlife Crisis” stating that he thinks Gov 2.0 is at an inflection point. With the White House calling upon an agency review for processes relating to 2.0 technologies, some government leaders and ‘worker bees’ are already using it to do very interesting things, including forming intra-agency collaboration networks. The current White House and these early adopter agencies interact well with the Web 2.0 community but in between you hit the ‘Clay Layer’(a middle layer through which no life-giving water will pass). Top down and bottom up,buy-in exists but there is a line through which information isn’t passing.

The new uses of technology are getting citizens excited to interact with and participate in government more. Most citizens have a lot to contribute and new tools are making it easier for them to have a voice, like YouTube during the presidential election. Collaboration/Web 2.0 tools allow an ongoing conversation to occur and with government adoption it can also stop the disconnect between the agency and its groupies, detractors and followers.

Steve Ressler, founder of GovLoop.com, wanted to tap into the already existing collaboration problem when he formed GovLoop.com. He saw great conversations taking place within all of the government associations but also saw that there was an information gap, since these associations tend not to reach across agencies. This opportunity pushed Steve to create GovLoop.com to allow government employees to connect and converse across agencies and locations. Steve loves that government agencies are beginning to follow the trend and go to where their constituents are conversing and sharing, instead of making them come to the agency.

He sees this change as continued evolution:  In 1999 E-Gov was about putting services online, giving all companies and agencies websites; now we see a progression of how agencies are putting information online. They are realizing they can’t own conversation, no matter how much they may want to, and are beginning to join discussions already in progress.

Teresa Nasif, director of the Federal Citizen Information Center, says that Web 2.0 is on the brink of a revolution. The portfolio of tools is expanding and now agencies are finding new ways to talk with citizens. The FCIC sees itself in the forefront of this revolution and is taking leadership in creating standard agency wide agreements, allowing all federal workers to join networking sites and still adhere to strict security restrictions.  Before, security officers wanted no agency participation in social media due to the fact that most content can’t be controlled. These standardized terms of service will cut back on restrictions.

Teresa predicts that in the next few months there will be a “social media thaw” and we will begin to see momentum in government participation in social media, including a U.S. government channel on YouTube. According to Teresa, in order for the government to be successful in communicating with citizens, they must take a holistic approach to conversation. While social media is changing the way many Americans communicate, she finds that call centers and other more traditional methods of communication are still being used just as frequently by constituents and must be addressed as well.

Overall, it seemed that the biggest challenge agencies are facing is giving up control.  If they can get over that fact, and the White House seems to be pushing agencies in that direction, we could soon see a new approach to how the government communicates.  Does this mean that my Senator will send me Facebook messages now?