State IT agency asks for $7.2 million to operationalize cloud and cybersecurity work
Get AI-powered insights, summaries, and transcripts
Subscribe
Summary
Acting DTI CIO Jordan Schulteis told the Joint Finance Committee the Department of Technology and Information’s FY27 request centers on moving ARPA-funded projects into steady state: cloud infrastructure, zero‑trust network access, SIEM capacity, privileged access management and mainframe-as-a-service. DTI warned some services could be disrupted without the funding.
Acting CIO Jordan Schulteis told the Joint Finance Committee that the Department of Technology and Information’s FY27 ask is largely about converting one‑time investments into ongoing operations. "An investment in the core technology delivered by DTI is an investment in every agency's mission and in every constituent's experience," Schulteis said during the orientation.
Schulteis said DTI used ARPA grants to accelerate modernization and now seeks approximately $7.2 million to keep projects running. Major items include roughly $1.2 million for state cloud infrastructure to support workloads migrated to Microsoft cloud, $1.56 million to replace the state’s aging VPN with a zero‑trust network access solution, and ongoing licensing and monitoring for security tooling including privileged access management (about $453,000) and a Security Information and Event Management platform (SIEM) ($400,000 ASF and $78,100 GF). He also described continuing costs for the mainframe migration and email‑security licensing.
"We used ARPA as a force multiplier," Schulteis said, explaining that federal one‑time funds covered initial project work but that operating expenses now fall to the state. He warned that without the cloud infrastructure funding some production services could be at risk because "77% of our servers now live in that environment."
Chief Security Officer Ashish Patel clarified the scale of logs and alerts feeding the SIEM: the agency is ingesting billions of security events annually and uses a mix of automated tooling, an internal security‑operations center and a managed service provider to triage and respond. "These cyber events are not just attacks. They are also attacks but not successful," Patel said, adding the SIEM and automated tools reduce time to identify and remediate incidents.
Committee members asked for follow‑up details on the composition and size of state data centers, the energy footprint for in‑state facilities, and alternatives if some subscription requests (for example, a MuleSoft integration platform renewal) are not funded. DTI committed to provide supplemental reporting to OMB and the committee on vendor contract terms, data‑center locations, and more granular cost breakdowns.
Schulteis also described the GoDE portal and identity management needs — including $1 million requested to continue development — and a $575,000 digital accessibility request to align Delaware websites with DOJ guidance. He said some items show up as not recommended in the OMB review because of timing or prioritization differences but that the $575,000 figure is intended to address the program holistically.
The committee pressed DTI about hiring and retention: Schulteis said DTI typically has 30–40 vacancies at a time and competes with the private sector for technology talent, so the agency relies on nonmonetary benefits, remote work and targeted recruitment to close gaps. DTI said certain roles will continue to be supplemented with contractors while the state scales internal capacity.
The committee did not take any formal votes during the orientation; DTI will supply additional contract and energy‑use information for committee review before markup.