The General Services Administration has awarded millions of dollars in technology upgrade funding to the U.S. Selective Service System to help bolster the cybersecurity of its registration system project.
The nearly $6 million will go towards a number of IT operations improvements at the tiny agency, which has just 115 staff and an annual budget of less than $30 million. The upgrades include the modernization of its registration, compliance and verification software system, including migration to a cloud-based software and data architecture, enhanced protections around personally identifiable information and upgrades user experience for publicly accessible parts of the system.
Although no draft is currently present, registration remains in place as a means for the government to maintain a list of men’s names from which to draw in the event of a national emergency requiring a rapid expansion of our armed forces. The RCV system is an Intranet application used only by authorized SSS personnel. It provides a central repository for all data relating to active filers and potential offenders.
“The agency’s registry is essential in the event of a national emergency requiring mobilization for national defense. Each year, SSS’s 115-person team handles more than two million Selective Service registrations and approximately six million enrollment audits,” reads a rationale for the project listed on TMF.cio.gov. “This registration data also provides verification of student aid eligibility, more than four million federal and local civilian jobs, free job training, and a potential streamlined process for citizenship.”
According to a project description provided on the Technology Modernization Fund website, the improvements are expected to reduce maintenance costs, improve resiliency, provide more advanced data analysis capabilities, and create an architecture with redundant geographic locations. The RCV system is designated as a high-value asset – meaning it is considered one of the most important IT systems and, in accordance with a directive from the Cybersecurity and Infrastructure Security Agency, must be prioritized for resources and cybersecurity improvements.
Maturing cybersecurity operations has been a stated goal of the SSS for years. In its latest budget justification, the agency highlighted the need to modernize its Records, Compliance and Audit system and other software applications that provide continuous monitoring, enterprise risk management and better protection of personally identifiable information.
In a statement, Clare Martorana, Federal Chief Information Officer, said the investments “will enable SSS to rapidly scale technical operations to meet the country’s needs through a software and data architecture focused on the cloud that protects the data of millions of customers”.
The funding represents another example of the explicit use of the TMF to modernize the cybersecurity operations of critical systems in federal departments and agencies. Last year, the fund awarded more than $260 million in funding to five different agencies for Login.gov security enhancements, “zero trust” security upgrades for the GSA, the Department of Education and Office of Personnel Management, as well as secure cloud migration for Max.gov interagency collaboration tool.
Agencies are generally required to repay any funding they received under the program through cost savings and other sources of revenue, but the Biden administration decided to relax those requirements last year for agencies. cybersecurity-related projects, citing the need to respond to the SolarWinds hack. and other campaigns against US government systems.