Lawmakers Discuss IT Project Management, Budget and Cybersecurity

On Tuesday the Florida House of Representatives IT Budget and Policy Subcommittee met to discuss IT issues related to managing IT projects, budget oversight and cybersecurity.

The hearing, featuring State Data Center Executive Director Tim Brown and Department of Management Services (DMS) Secretary Pedro Allende, provided insights into the state’s efforts to improve efficiency and reduce risks in its IT operations.

One of the major topics was the State Data Center’s chargeback system, which determines how agencies are billed for using the center’s services.

“We work with the agencies during the budget development process to understand their usage and needs,“ Brown said. “Based on that, we develop a rate structure which is entirely cost recovery-based.”

These rates are then reflected in agency legislative budget requests.

“All of our rate structures are available as public records, so anyone who wants to see the breakdown of costs can easily access it,” Brown said.

He acknowledged concerns with the process, but reassured members that his team works closely with agencies to ensure accurate cost assessments and transparency in budgeting.

“We help them plan accurately by looking at future needs and making sure their requests reflect their actual usage,” Brown explained.

Another point of discussion was the Department of State’s request for funds to modernize Florida’s legislative system. Lawmakers questioned why it was the right time for such an investment.

While Brown confirmed that the State Data Center provides infrastructure and physical space for these systems, he clarified that the Department of State designs and manages them.

He suggested that further discussion on this topic should occur with relevant agency heads in future hearings.

Rep. Vern Buchanan raised concerns about Florida’s track record with IT project delays and cost overruns, asking what steps DMS has taken to keep projects on budget and on time.

Allende responded that project management is handled at the agency level, with oversight from DMS.

“Our goal is not to criticize past mistakes, but to work proactively with agencies early on to ensure smooth project execution,” he said. “We’re in year three of managing IT project oversight, and we’re seeing positive changes.”

DMS Chief Technology Officer Leo Schoonover said that the agency has moved away from rigid project management requirements.

“Now we’re more flexible, allowing agencies to choose between agile, waterfall or hybrid models depending on their needs,” he explained.

Schoonover also emphasized the importance of early planning and modular work.

“Instead of tackling an entire system overhaul at once, we’re breaking down projects into smaller, manageable phases,” he said.

The hearing also covered cybersecurity issues, particularly Florida’s efforts to combat ransomware.

State Chief Information Security Officer Jeremy Rodgers updated lawmakers on the Cybersecurity Security Operations Center (CSOC). The CSOC provides 24/7 monitoring for state agencies.

“We work with commercial partners to provide round-the-clock coverage. Agencies can opt in for additional cybersecurity services,” Rodgers said.

While the CSOC can offer help, it can only do so when invited by the affected agency, he said.

“Our job is to offer assistance and ensure the fastest possible recovery for affected entities,” Rodgers said.