Five IT Issues in Need of Government Attention

To complement CIO’s coverage of this year’s presidential election (beginning on Page 53), we asked members of the CIO Best Practice Exchange to take a survey on federal IT policy. Ninety-four members?who are all senior-level IT executives of midsize to large organizations?responded during a two-week period in November. Here is what they had to say about technology policy.

1.Cybersecurity: Get busy! More than half (54 percent) of the survey respondents are in favor of the government developing standards for corporate cybersecurity. One IT executive noted that such efforts should “belong to the Department of Homeland Security, since terrorists?not hackers?will want to bring the American economy to its knees using technology-based attacks.” Another suggested establishing a function similar to the Centers for Disease Control and Prevention to evaluate cyberthreats. This would include a “clearinghouse for risk mitigation strategies, and a central emergency management center for incident response.”

Not everyone was so gung ho, however. As the split vote indicates, CIOs agree that we need to tighten cybersecurity, but they are divided on their faith in the government to deliver. As one member says, “It would be wrong to assume that the government is any better or worse at cybersecurity than any commercial firm.”

2. Offshore outsourcing: Stop the job drain. The majority (70 percent) of our survey respondents are concerned that too many highly skilled high-tech jobs are being sent offshore and that the United States will wind up losing them forever. More than

60 percent of respondents said the government should step in to preserve IT jobs in the United States and limit special visas for overseas high-tech workers. Low-cost labor may be great for the bottom line, but these IT executives strongly believe we need to mitigate the impact on the American worker.

3. Privacy: Protect our data. Personal privacy is an endangered species, and one way or another, CIOs say, the government has to protect it. When we asked CIOs to name the biggest threat to personal information, nearly half pointed to the business world: Twenty-eight percent listed corporate error and use of personal information as the top threats, and

17 percent cited the very act of data collection itself as a privacy problem. Just over one-third of respondents cited hackers as the greatest privacy threat. The majority (83 percent) said they look to the government to address the privacy problem, either by enforcing existing rules or by passing new legislation that increases personal privacy protections. Government regulations?and the bureaucratic nightmare that tends to accompany them?are clearly a lesser evil than the unchecked collection of personal data.

4. Sarbanes-Oxley: Clean up this mess. Sixty-two percent of survey respondents want the federal government to clear up the quagmire that is Sarbanes-Oxley and give companies more detailed guidance about what controls they need in their financial information systems. One Exchange member puts it bluntly: “Fix Sarbanes-Oxley. It’s one of the most bureaucratic, paperwork-intensive legislative acts stemming from Congress since the Johnson administration.” These CIOs would rather look to the government for implementation guidelines than rely on the advice of a new raft of consultants all too eager to fill in the knowledge gap.

5. Software quality: Let the free market reign. Software may be broken, but CIOs don’t want the government to fix it. Seventy-eight percent of survey respondents said the government should play no regulatory role in improving software quality. “Let the free market solve this,” writes one CIO. “If software standards were up to the government to regulate, Congress would still be arguing over the proper standards for 8-inch floppy disks, and they’d cost $1,000 apiece.”