Capitol Fax.com - Your Illinois News Radar » Cyber war heats up between Rauner and Mendoza
SUBSCRIBE to Capitol Fax      Advertise Here      About     Exclusive Subscriber Content     Updated Posts    Contact Rich Miller
CapitolFax.com
To subscribe to Capitol Fax, click here.
Cyber war heats up between Rauner and Mendoza

Wednesday, Mar 22, 2017 - Posted by Rich Miller

* NBC 5

Illinois Gov. Bruce Rauner has unveiled a broad-based cybersecurity plan. The Republican announced the framework Tuesday. He says cybersecurity is one of the most pressing issues facing the nation and Illinois.

The plan outlines goals to protect state information systems. But it covers only executive branch agencies directly. It wouldn’t have prevented incidents like the cyberattack on Illinois voter data last fall.

Administration officials say they don’t know the final cost of the plan, but that it will come from existing Department of Innovation and Technology resources. The administration has proposed $900 million for all information technology services in the state’s next budget.

But officials say an additional $250 million was needed to connect agency systems, much of which has already been appropriated. Rauner says a cost-cutting pension overhaul could be one source of funding.

The full press release is here.

An earlier news report tagged the total new money at over a billion dollars and I used that number in this morning’s fax. Sorry about that.

* From the comptroller’s office…

Illinois Governor Bruce Rauner has proven he is willing to close Illinois’ social service agencies and put pinstripe patronage, consultants and computer contracts ahead of the poor, sick and people with disabilities:

    · The Governor has budgeted $1.3 billion in appropriations and capital funds for his Department of Innovation and Technology (DOIT), more than is budgeted for the Department of Public Health, the Department of Veterans Affairs and the Department of Agriculture combined. With 1,482 employees, DOIT has a bigger staff than Eastern Illinois University.

    · The Governor took $112 million from the Health Care Provider Relief Fund, which uses federal Medicaid reimbursements for – as its name suggests – Illinois’ beleaguered health care providers. At his direction, that money went to consultants and contracts for computer software, instead of doctors and hospitals, who are waiting six months to a year to get paid.

    · To fund his struggling $250 million Enterprise Resource Planning (ERP) initiative, his handpicked Comptroller transferred $71 million from the state’s General Revenue Fund in the final days in office to funds used in part to pay for ERP.

    · Citing a lack of accountability and transparency, the Comptroller has frozen $27 million in funding for the ERP pending a program review. His administration refuses to answer questions about the ERP, release program timelines or provide an accounting of work performed by the consultants for the millions of dollars they have received. The administration has not provided answers to basic program questions sent by the Office of the Comptroller in a March 10 letter.

The Comptroller’s Office supports modernizing the state’s technology and keeping Illinois’ computers secure, but not at the expense of oversight. Especially at this time of financial crisis, when social services are being decimated, the Governor does not get a blank check to spend whatever he wants on pinstripe patronage without accountability. Accountability is crucial given the glitches and cost overruns reported with ERP programs around the country (see below.)

The $27 million in ERP program funding that was placed on cash management represents just two percent of DOIT’s FY2018 proposed budget – it should not inhibit DOIT’s ability to purse its core mission.

The biggest threat to Illinois is the lack of a balanced budget – not cybersecurity and not the system of checks and balances that require accountability among the branches of government – and The Governor is the only one who can solve that problem. If The Governor believes these ERP expenditures are so critical, he can immediately submit and pass a budget that fully funds them.

* But not all Democrats are upset

This strategy received bipartisan support from members of the General Assembly. “This is not someone’s pet project. This is critical to the infrastructure of Illinois, to the safety of our citizens and residents. As we have seen other state few people have taken over the grid system, shut down the grid system. That could effect our hospitals, our emergency centers.” said Rep. Jaime Andrade, (D)-Chicago.

* Mark Maxwell at WCIA TV has filed another good story, which has some responses to Comptroller Mendoza’s claims

(E)ach year that passes without the completion of the governor’s Enterprise Resource Program, [Gov. Rauner] claims Illinois is losing out on roughly one billion dollars.

Hardik Bhatt, Secretary of the Department of Information Technology (DoIT), gave a more conservative estimate, figuring the technology upgrade would save the state between $130 million and $300 million annually. He says those are hard numbers based on actual savings, not potential losses suffered in hypothetical cyber attacks, although those additional losses could also be incurred. […]

Staffers at Illinois’ Department of Information Technology tell WCIA the state and its residents remain at risk with each day that passes without a more secure system in place. Sources close to the ERP developments would not describe specific threats, claiming the public acknowledgement could potentially alert hackers to their internal progress, but did insist critical government infrastructure remains at serious risk in its current state. […]

Mendoza claims she “hasn’t heard back” from Governor Rauner’s office in response to a letter she sent demanding details about the progress, cost, and date of completion of the ERP. But Bhatt flat out denies that accusation, saying he “reached out a few times,” and once even talked at length with Mendoza’s senior strategist and former campaign manager Lauren Peters about the specific upgrades addressed in the ERP. Bhatt describes their conversation as “engaged” and “thorough.”

The other tiff revolves around whether or not Mendoza has legal authority to halt payments to the ERP. Earlier this month, a Circuit Court judge ruled the Office of the Comptroller does have autonomy and discretion to determine which account can be used to issue payments to state vendors, including third party consulting tech firms. Governor Rauner’s office has filed an appeal to that ruling, arguing these funds were already appropriated in the General Assembly which grant the DoIT legal grounds to spend state funds. The department claims those vouchers have already been issued, and because they’re backed by a specific appropriation, the comptroller has an obligation to pay them.

* Maxwell also pointed to a couple of the stories included in Mendoza’s press release about the IT contractors…

* $46m jobless benefits system has over 100 defects

* Deloitte again in cross fire, this time in R.I.

* California sues SAP over failed payroll software project - The project dates back to 2005 and has cost taxpayers more than $250 million so far

* California settles lawsuit over failed state payroll system

* Marin County and Deloitte settle ERP lawsuit under gag order

       

35 Comments
  1. - Oswego Willy - Wednesday, Mar 22, 17 @ 11:12 am:

    For me?

    Any Administration that trots out agency heads and they’d own budget director and as a whole can’t cite any cuts necessary within a budget framework… how can I look at this Administration’s price tag and commitment in this realm and see the budgetary thoughtfulness necessary to make the state agencies safe?

    A head scratcher to the monetary and budgetary honesty, even outside the commitment and placing budgetary value to that commitment.

    Just a head scratcher.


  2. - DuPage - Wednesday, Mar 22, 17 @ 11:18 am:

    Rauner wants to cut pensions and use the money to fund his computer upgrade consultants. No, that is not a good idea. Governor, put it in a budget with additional revenue to cover higher education, backlogged state bills, and other critical items first. Then see about handing out sweetheart no-bid contracts to your buddies.


  3. - Ghost - Wednesday, Mar 22, 17 @ 11:22 am:

    the ERP system is a new accounting and human resources and timekeeping system.

    It does not actually provide any security; just updating old software. the old system is based on old mainframe systems. these are clunky by incredibly secure. the sevurity holes come from windows based environments. the ERP is replaceing mainframe based programs with windows based databases. technologically speaking it creates more security vulnerabilities. mainframes are way more secure. It does dump out oded databases and interfacez; but those interfaces can be redone in house. hire 50 programmers at 100k salary and benefits and you still save millions


  4. - Nick Name - Wednesday, Mar 22, 17 @ 11:23 am:

    “Rauner says a cost-cutting pension overhaul could be one source of funding.”

    What color is the sky in Gov. Rauner’s world? Asking for a friend.


  5. - DuPage Bard - Wednesday, Mar 22, 17 @ 11:25 am:

    Munger transferring $71 mill out of GRF right before she left office? Rewarded with a $135k Deputy Gov job and all her employees get jobs as well. “Just send the money over you’ll be taken care of after this is all done…………see I told you it would be ok” BR
    Corruption, fraud, waste and abuse
    Madigan!!


  6. - Mr. K. - Wednesday, Mar 22, 17 @ 11:26 am:

    I knew DoIT would be in the crosshairs sooner or later. It’s the only agency I’ve worked with that has, apparently, no budget issues. Staffing issues, yes — but budgetary issues? We’ve been wondering where all this money is coming from. Now, finally, some light.

    Think NRI was a mess? I’d like someone to suss out the inner workings — and the byzantine and expensive management org chart — for DoIT.

    DoIT is NRI times 100.


  7. - wordslinger - Wednesday, Mar 22, 17 @ 11:26 am:

    Cybersecurity for executive branch departments is one of the most pressing issues facing Illinois right now?

    Who knew? Please explain, governor.

    Are the Russkies attempting to interfere with Rauner’s policy of not paying the billions owed state contractors? Is Assange sabotaging the process of busting out public universities and community colleges?

    Because those initiatives seem to be going smooth like stuff through a goose right now.


  8. - Michelle Flaherty - Wednesday, Mar 22, 17 @ 11:28 am:

    Cyber security is so important that it is the top priority of the second half of his four year term.


  9. - erp user - Wednesday, Mar 22, 17 @ 11:31 am:

    It does not work,period. The consultants do pretty charts, base accomplished goal on ones they selected. What is the point of a system without reports. Whoever heard of 3 general ledgers? Alot of money with no return doing a crisis. The question should why now?


  10. - Handle Bar Mustache - Wednesday, Mar 22, 17 @ 11:36 am:

    Rauner claims he cut the CMS budget. He dishonestly takes credit for “shrinking” government.

    In fact, he moved IT staff from CMS into his new “Dept of IT” agency - and added people to it!

    He campaigned on cutting the bureaucracy - here’s one whopper of a case where he’s growing it bigly.


  11. - (un)Happy - Wednesday, Mar 22, 17 @ 11:50 am:

    Training to be an ERP user. This software is designed for business not Government. The required approvals alone will set us back YEARS. For example: in order to issue a box of pencils from an agency’s office supply inventory to a unit within the same agency, ERP requires approval of the Supervisor of the requesting unit, approval from the budget office, Procurement approval, and approval from the inventory supervisor.

    It’s a seriously convoluted system that doesn’t relate to the functions of government or statutory requirements.


  12. - Deft Wing - Wednesday, Mar 22, 17 @ 11:54 am:

    I get that having a compliant Comptroller is better for the Gov., especially so in the absence of a budget. But that shipped has sailed (appointing a person who lost a local State Rep. race should have been the first clue).

    But this constant public bickering with Mendoza is not only time wasting, it is ecidedly un-gubernatorial.

    Maybe it’s finally time to lead, Gov.?


  13. - Deft Wing - Wednesday, Mar 22, 17 @ 11:56 am:

    … decidedly un-gubernatorial.”


  14. - NIU Grad - Wednesday, Mar 22, 17 @ 11:58 am:

    “With 1,482 employees, DOIT has a bigger staff than Eastern Illinois University.”

    I imagine most of these are existing, union IT employees who were merged into the agency. So is she pushing layoffs or….?


  15. - Inspector Gadget - Wednesday, Mar 22, 17 @ 12:09 pm:

    -Deft Wing- I’m a little confused.If its decidedly un-gubernatorial then it must also be un-comptrolorish. It seems to me that Mendoza has been campaigning for higher office from her first day as Comptroller. Mendoza is just as wrong in this war of words….


  16. - Anonymous - Wednesday, Mar 22, 17 @ 12:14 pm:

    When is Rauner going to acknowledge that additional revenue isn’t a want but a need? When the state falls $12 Billion behind on bills, saying one bill should be paid quickly means necessarily that other vendors should wait even longer.


  17. - Oswego Willy - Wednesday, Mar 22, 17 @ 12:15 pm:

    ===It seems to me that Mendoza has been campaigning for higher office from her first day as Comptroller.===

    Really? How so?

    Please cite specific examples unrelated to Mendoza doing the Comptroller.

    Thanks.


  18. - P. - Wednesday, Mar 22, 17 @ 12:36 pm:

    In the FY2018 state budget doc DOIT requests $7 MILLION for “statewide cyber resiliency and disaster recovery planning, assessement AND a Security Operations Center” and $8.5 million for replacement hardware to support security and disaster recovery. Now they need $1 BILLION?! Really?


  19. - Eman - Wednesday, Mar 22, 17 @ 12:37 pm:

    Don’t know if it’s intentional or not, but feeding new reporters agency staffers as sources is a pretty good move by Rauner’s press shop.

    “New to town? I’ve got just the people you need to talk to. They work for an agency, not the governor. Completely unbiased. Trust me.”

    I mean, did Mark Maxwell reach out to Mendoza’s office for comment on any of this, or just watch her speech and call it good? Either way, seems like someone in Rauner’s office sure has won over Maxwell. From his op-ed, I mean story:

    Mendoza’s “decision to freeze $27 million and effectively disrupt the construction of high-powered transparency machine may also speak to her priorities, or perhaps those of her political allies.”

    That’s pretty cringe-worthy in terms of straight news.


  20. - Kevin Highland - Wednesday, Mar 22, 17 @ 12:52 pm:

    “With 1,482 employees, DOIT has a bigger staff than Eastern Illinois University.”

    Most of those 1482 are being paid out of their /legacy/ agency’s budget. So I think most of that DOIT money is going to superstars & contractual services.


  21. - A Jack - Wednesday, Mar 22, 17 @ 12:52 pm:

    Shouldn’t the Auditor General appoint an independent audit firm to review the ERP system along with money spent and components delivered? That seems the most reasonable way to resolve this dispute between two Executive branches. We would also get some transparency on this very expensive project.


  22. - Oswego Willy - Wednesday, Mar 22, 17 @ 12:54 pm:

    - Eman -

    You must be new to the Rauner Vertical Integration of media in Illinois.

    Rauner only needs “one” columnist, “one” reporter, “one” Editorial Board… “one” outlet to engage the messaging tentacles elsewhere to quote, re-report, editorialize, even pile on to the beginning instance of Rauner messaging.

    Two years plus, almost 3 years, Rauner’s Crew has been wildly successful, almost unchallenged.

    This isn’t even remotely new.


  23. - Skeptic - Wednesday, Mar 22, 17 @ 2:04 pm:

    “quote, re-report, editorialize…” “misquote, regurgitate and evangelize…” There, fixed it.


  24. - The Dude Abides - Wednesday, Mar 22, 17 @ 2:09 pm:

    @erp user To answer your question, if the Governor wastes money on IT and cyber security then that’s less money available to spend on such things as social services, state universities, doctors, dentists and hospitals for medical care for state workers and many vendors with the state.
    This is systematic, he is purposefully doing this. He is still hopeful that if these folks suffer long enough the Democrats will cave and give him his precious turnaround agenda. He wants the crisis to continue but he wants enough money socked away to control the crisis. That’s why he is upset with the comptroller and why he petitioned the Supreme Court to quickly resolve his dispute with the Union. He needs that money to keep this self created crisis manageable.


  25. - Oswego Willy - Wednesday, Mar 22, 17 @ 2:12 pm:

    - Skeptic -

    Everyone needs an editor, lol

    You added some spices to my bland soup.


  26. - Daniel Plainview - Wednesday, Mar 22, 17 @ 2:49 pm:

    What’s the matter, Rich, we can’t refer to your best DoIT (CMS) source as a huckster these days?


  27. - Rich Miller - Wednesday, Mar 22, 17 @ 3:00 pm:

    ===your best DoIT (CMS) source===

    Don’t flatter yourself. You’re not that bright or insightful. Your post was deleted because it violated the rules.


  28. - Johnnie F. - Wednesday, Mar 22, 17 @ 3:06 pm:

    Just what exactly do the Rauners support about education? What good does it do to support early childhood education if you want to pull the rug from K-12 and higher ed? The Rauners only support public education if it is essentially made private but paid for with public money.


  29. - Judgment Day - Wednesday, Mar 22, 17 @ 4:12 pm:

    The DoIT folks are doomed. IMO, they actually do have very legitimate concerns to deal with, but they are trying to ‘customize’ off-the-shelf ERP System(s) to accomplish their goals.

    First off, here’s what ‘ERP’ is supposed to be:

    “Enterprise Resource Planning, or ERP, is a large-scale software program designed for modern businesses, both large and small. A simple definition is that ERP systems aid the flow of internal business processes and allow for communication between a business’s departments and its internal functions and data.”

    That’s a pretty fair definition. But with that in mind, compare to what the State of Illinois is currently using. Many State computer operations are using (IBM) AS400 technology ‘mainframes’ - basically obsolete mid 1990’s era technology. This equipment is only going to last so long, and most of the software (and people to run the technology) are either out, or are leaving the work force. They basically have run out of time.

    Honestly, the State is doing the only thing they can do. They are trading money for the one thing they can’t buy, which is time. That’s in an ideal world, but then they hit the issue of ’scalability’, and that’s where the ERP customization issues are popping up. And those issues are likely to continue. And that’s before you get to ‘inter operability’ issues.

    Plus there’s another problem, which may be the biggest problem of all. Multiple upgrade path(s), all happening at the same time.

    Think of managing a Project where you are having to do (at minimum) the following:

    1) Migrate all HARDWARE from ‘Mainframe’, bypass Windows era technology, and instead move to web enabled technology.
    2) By definition, the above means you are also going to migrate all OPERATING SYSTEM SOFTWARE from ‘Mainframe’, bypass Windows era technology, and instead move to web based technology.
    3) Which means you now have to have a plan in place for keeping all the existing legacy function (both hardware, software, and applications software) up and functional while building the new applications.
    4) Then (and btw, you are just at the kickoff point), you have to start to deal with getting the new APPLICATIONS SOFTWARE up and running. And then you get to find out what you get to customize, or worse, push changes in the way things are done on a usually resistant, entrenched bureaucracy. Which sounds like what they are currently into.

    ….And hope the wheels don’t fall off.

    As an aside, if I were Mendoza, I wouldn’t throw too many bricks at the entire process. Some folks might just go back and look at some of the wondrous work that occurred within the City of Chicago with all of their ‘adventures’ in the wonderful, wacky world of Information Technology during all her years with the City of Chicago.

    Slightly off topic: A recently retired friend who ran ERP project implementations gave me this:

    The seven stages of all ERP Projects:
    Stage 1: Exhilaration. Let’s get this done!
    Stage 2: Disenchantment. There’s problems!
    Stage 3: Search for the guilty. Find the people screwing this up & fire them! (a/k/a/ “You’ll never work in this town again!”)
    Stage 4: Torture of the workers. No further explanation required.
    Stage 5: Conviction of the innocent. (a/k/a “Well, we got to blame somebody”)
    Stage 6: Glory for the executioners / Distinction for the Uninvolved.
    Stage 7: Wash, Rinse, Repeat…..

    Just sayin…..


  30. - Generic Drone - Wednesday, Mar 22, 17 @ 4:47 pm:

    Watched Rauner speaking about this last night. He cited the need of updated cybersecurity because the state is entrusted with private information of citizens and employees and we need to protect that information. Well with the exception of unvetted replacement strike breakers. Then it’s ok to hire anyone off the street. Right Gov?


  31. - scott aster - Wednesday, Mar 22, 17 @ 4:47 pm:

    Rich….so is this ERP system to replace the AMS software installed by the Comptroller in the Mid 90’s that replaced the old Burroughs system that Roland and Dawn wasted 40m trying to replace?? And that Danny Hynes cancelled the maintenace contract in 2001??? If the NEW ERP software is “SAP” then this is not a traditional “GOV” provider.


  32. - Smitty Irving - Wednesday, Mar 22, 17 @ 7:33 pm:

    scott aster - CUSAS II died under Burris long before Netsch.


  33. - DuPage Dave - Wednesday, Mar 22, 17 @ 7:54 pm:

    The numbers cited by Bhatt are clearly made of baloney. They are spending money hand over fist on ERP and Deloitte and trying to spin it as savings. These figures are suspiciously like the $100 million in deferred maintenance figure at JRTC quoted last year which has become $300 million this year. Just throw a big number out there and maybe people will believe it.


  34. - Arthur Andersen - Wednesday, Mar 22, 17 @ 9:24 pm:

    What Auditor General? Haven’t heard from that office in months.


  35. - Anonymous - Wednesday, Mar 22, 17 @ 10:22 pm:

    No worries, Bruce will appoint Jason Plummer to head Cyvber-security.


Sorry, comments for this post are now closed.


* Reader comments closed for the holidays
* And the winners are…
* SUBSCRIBERS ONLY - Update to previous editions
* Isabel’s afternoon roundup
* Report: Far-right Illinois billionaires may have skirted immigration rules
* Question of the day: Golden Horseshoe Awards (Updated)
* Energy Storage Brings Cheaper Electricity, Greater Reliability
* Open thread
* Isabel’s morning briefing
* SUBSCRIBERS ONLY - Today's edition of Capitol Fax (use all CAPS in password)
* Live coverage
* Selected press releases (Live updates)
* Yesterday's stories

Support CapitolFax.com
Visit our advertisers...

...............

...............

...............

...............

...............

...............

...............


Loading


Main Menu
Home
Illinois
YouTube
Pundit rankings
Obama
Subscriber Content
Durbin
Burris
Blagojevich Trial
Advertising
Updated Posts
Polls

Archives
December 2024
November 2024
October 2024
September 2024
August 2024
July 2024
June 2024
May 2024
April 2024
March 2024
February 2024
January 2024
December 2023
November 2023
October 2023
September 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
December 2022
November 2022
October 2022
September 2022
August 2022
July 2022
June 2022
May 2022
April 2022
March 2022
February 2022
January 2022
December 2021
November 2021
October 2021
September 2021
August 2021
July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
December 2020
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004

Blog*Spot Archives
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005

Syndication

RSS Feed 2.0
Comments RSS 2.0




Hosted by MCS SUBSCRIBE to Capitol Fax Advertise Here Mobile Version Contact Rich Miller