News & Updates

2024 Federal Tech Trends: Zero Trust, Customer Experience Top the List

The 2024 federal technology trends are heavily influenced by executive orders focusing on zero-trust security and enhancing citizens' digital experience with government services. Agencies are gearing up to meet the zero-trust deadlines and are looking forward to measuring their progress towards the customer experience goals set by the 21st Century Integrated Digital Experience Act (21st Century IDEA). The move towards zero-trust security is a top priority, with a significant percentage of agencies confident in meeting the requirements. However, challenges remain, and there's a call for improved engagement between the federal government and private industry to navigate these complex initiatives. Additionally, the federal government is making strides in customer experience projects, taking a human-centered approach to service delivery. Other key concerns for 2024 include data management, cybersecurity, and workforce issues, with a focus on system interoperability, common data standards, and the need for a more robust understanding of data and analytics.

* **Zero-Trust Security:** Agencies are working towards meeting zero-trust deadlines, with many confident in their ability to comply. However, challenges persist, and collaboration with private industry is deemed crucial for success. * **Customer Experience Enhancement:** Significant progress has been made in improving the digital experience of citizens interacting with government services, with agencies focusing on human-centered service delivery. * **Data Management:** There's a need for more attention towards system interoperability, common data standards, and data accessibility to support agency modernization efforts. * **Cybersecurity Concerns:** As agencies continue to migrate services to the cloud, they face cybersecurity and procurement challenges that need to be addressed to fully benefit from digital transformation.

4 ways generative AI will improve the federal government

Generative AI will significantly improve the federal government by enhancing citizen interactions, accelerating data processing, and rewriting governmental language for clarity. These advancements will allow for more intuitive public digital services and internal efficiencies, such as smart automation and improved customer service. This tech shift includes integrating AI in cloud-based productivity tools and leveraging AI to improve data interoperability and content creation, despite current limitations and aspirational guidelines.

* Generative AI will facilitate better citizen-government interactions through improved digital services. * Will enhance data processing capabilities, solving issues like data interoperability. * AI can assist in making governmental language clearer and more accessible. * There are plans to integrate AI functionalities into existing government productivity tools and services.

5 steps for building an adaptable, dynamic zero trust architecture within federal agencies

Zero-trust architecture’s (ZTA) principle of "trust no one" revolutionizes traditional security models by treating all users and systems as potential threats and mandating verification for every access attempt. This approach, likened to airport security checks but enhanced by AI, is crucial in a world where even established systems can become vulnerabilities. Despite its benefits, ZTA adoption varies across agencies due to unique missions, cybersecurity challenges, and existing infrastructures. Success stories highlight five best practices for agencies: holistic integration, embracing cutting-edge tools, innovative risk management, ongoing learning, and sustained commitment. These practices, along with adaptability, strategic partnerships, layered defenses, an evaluative approach, and future-proofing, are crucial for a dynamic and adaptable ZTA. Looking ahead, the integration of digital twin technology and AI could enhance ZTA's efficiency and dynamism. Standardization and open-source contributions are seen as key to simplifying ZTA implementations and reducing costs, promoting a collaborative environment for setting universal benchmarks and ensuring interoperability across diverse ZTA solutions.

* ZTA transforms cybersecurity by invalidating inherent trust within network perimeters, demanding continuous verification of all users and systems. * Federal agencies' varied missions and infrastructures influence their ZTA adoption, with cutting-edge technologies like SASE, SD-WAN, and digital twin technology aiding implementation. * Success in ZTA requires holistic integration, advanced tools, risk management, continuous learning, and sustained commitment, combined with strategic partnerships and layered defenses. * The future of ZTA involves embracing AI and digital twin technology for efficiency and adopting standardization and open-source practices for cost-effective and interoperable solutions.

A university creates an artificial intelligence institute, partly to help government

The University of Maryland has established a new Artificial Intelligence Institute to advance AI research and support government initiatives. The institute aims to develop cutting-edge AI technologies and address national challenges. By collaborating with federal agencies, the institute will contribute to enhancing government capabilities in areas such as cybersecurity, healthcare, and infrastructure. This initiative aligns with broader efforts to integrate AI into public sector operations, promoting innovation and efficiency.

* University of Maryland launches AI Institute. * Focus on advancing AI research and supporting government initiatives. * Collaboration with federal agencies. * Enhances government capabilities in cybersecurity, healthcare, and infrastructure. * Promotes innovation and efficiency in the public sector.

Agencies are on track with AI executive order deadlines, White House says

The White House has successfully met all 90-day benchmarks set in President Joe Biden's Executive Order on artificial intelligence, focusing on managing AI-related security risks and fostering innovation. Key actions include obliging AI software developers to report crucial system information, such as safety test results, to the Department of Commerce. Additionally, a new rule proposal requires U.S. cloud companies to disclose foreign clients using cloud software for training powerful AI models. Nine agencies have submitted AI system risk assessments to the Department of Homeland Security, laying the groundwork for ongoing federal action. The National Science Foundation launched the National Artificial Intelligence Research Resource pilot, democratizing access to AI tools. Moreover, increased hiring for AI-focused positions in the federal government is underway, with some agencies delivering on their mandated actions ahead of schedule.

* The White House has met all 90-day AI Executive Order benchmarks, focusing on AI security and innovation. * AI software developers are now required to report vital system information, including safety test results. * A proposed rule mandates U.S. cloud companies to report foreign AI training activities.\ Nine agencies have submitted AI system risk assessments to the Department of Homeland Security. * The National Science Foundation launched a pilot program to democratize AI tool access and education.

Agencies eye synthetic data to help train and test AI

The Department of Homeland Security’s Science and Technology Directorate has issued a solicitation for synthetic data solutions that can replicate real data's shape and patterns while ensuring privacy. This approach is seen as a potential game-changer, especially for the Cybersecurity and Infrastructure Security Agency, to develop realistic training scenarios and model environments in real-time. The National Strategy on Privacy-Preserving Data Sharing and Analytics highlights synthetic data as a key technology for unlocking data analysis benefits while protecting privacy. However, the adoption of synthetic data faces challenges such as limited awareness, lack of standards, and varying maturity levels. Verification and validation techniques are needed to address accuracy and data quality issues. The Chief Data Officers Council is also seeking input on synthetic data to establish best practices, including a more formalized definition, applications, challenges, limitations, and considerations for ethics and equity.

* **Synthetic Data for AI Training and Testing:** Agencies are exploring synthetic data to build or test AI applications and machine learning models. * **DHS Solicitation for Synthetic Data Solutions:** DHS is seeking solutions to generate synthetic data that mirrors real data while protecting privacy, crucial for training machine learning models where real-world data is unavailable or poses risks. * **Potential of Synthetic Data:** Recognized for its ability to facilitate realistic training scenarios and model environments, synthetic data is seen as a significant asset for agencies like CISA. * **Challenges in Adoption:** The adoption of synthetic data is slow due to limited awareness, lack of standards, and varying maturity levels. There's a need for research on verification and validation techniques to ensure data accuracy and quality. * **Chief Data Officers Council's Involvement:** The council is seeking input to establish best practices for synthetic data generation, including its definition, applications, challenges, limitations, and ethical considerations.

Agencies set records for small business contracting in 2023

In 2023, U.S. federal agencies achieved significant milestones in small business contracting, surpassing their set goals and marking a notable year for government engagement with small enterprises. This achievement underscores the government's commitment to enhancing small business participation in federal procurement, supported by specific measures to reduce barriers and ensure fair competition. Agencies received high grades on the government-wide scorecard, reflecting their effective strategies to integrate small businesses into the federal marketplace​.

* The federal government not only met but exceeded goals in small business subcontracting, directing a substantial 30.9% of subcontracts to these enterprises​. * Women-Owned Small Businesses received significant attention, with over $26 billion awarded for the fourth consecutive year, indicating ongoing efforts to meet the 5% contracting goal for this group​. * The overall success is part of broader efforts under the Biden-Harris administration to foster economic growth and equitable participation in federal contracting opportunities​.

Agencies start to focus on zero trust outcomes, instead of checklists

Federal agencies aim to adopt zero trust cybersecurity architectures by September 30, 2024, following the White House's 2022 strategy. Progress is seen in modernizing zero trust concepts, focusing on outcomes, and particularly on identity security. However, challenges remain due to the federated nature of agencies. AI and automation are viewed as essential tools for enhancing cybersecurity, though they also present risks. Agencies must balance leveraging AI while ensuring data security.

* Zero Trust Adoption Deadline: Federal agencies are required to implement zero trust architectures by September 30, 2024. * Progress and Challenges: Agencies show progress, especially in identity security, but face difficulties due to siloed deployments. * Outcome Focus: There's a shift towards understanding and achieving desired outcomes from zero trust implementations. * AI and Automation: These technologies help in focusing on critical cybersecurity issues but pose risks if not managed securely. * Federal Strategies: Both the Office of Management and Budget and the Defense Department have specific zero trust strategies and deadlines for agencies to follow.

AI can shore up federal cybersecurity overwhelmed by data, GDIT says

General Dynamics Information Technology (GDIT) conducted a study on defensive cyber operations, revealing the potential of AI in bolstering federal cybersecurity. The study, based on a survey of 200 government leaders in national security, found that 41% are overwhelmed by data. AI is seen as valuable for real-time threat detection and automated countermeasures, addressing the significant issue of human error in cybersecurity. As hacking threats evolve, AI, automation, and pattern-recognizing tools are increasingly utilized for digital defense, particularly by the Department of Defense and other federal agencies.

* 41% of government leaders surveyed are overwhelmed by data in cybersecurity. * AI is valued for real-time threat detection and automated countermeasures. * Human error is a significant cybersecurity challenge.\ AI and automation are increasingly important for digital defense against evolving hacking threats. * The Department of Defense and other federal agencies are focusing on AI for cybersecurity.

AI-enabled digital twins are transforming government critical infrastructure

Digital twins are increasingly utilized in public and private sectors for creating virtual models of physical objects or spaces, enhancing decision-making, reducing costs, and increasing safety and efficiency. These models, especially when AI-enabled, address key challenges in government critical infrastructure by providing dynamic, real-time data inputs to monitor and optimize processes, ensuring high reliability and minimum downtime. Digital twins are essential for operations in sectors like defense, energy, and public health, allowing for continuous improvement and proactive maintenance.

* Dynamic Modeling: Digital twins allow real-time monitoring and optimization of processes, making them crucial for critical infrastructure. * AI-Enabled Benefits: AI enhances digital twins by enabling predictive capabilities, autonomous actions, and more efficient operations. * Types of Digital Twins: There are descriptive, informative, and predictive/autonomous twins, each serving different operational needs. * Implementation Priorities: Key priorities include data accuracy, security, robust authentication protocols, and integration with existing systems to ensure smooth and secure deployment.

AI Experts Recommend Structured Data, Strong Leadership for Fed AI Efforts

At a GovLoop-organized AI event, experts recommended that federal leaders prioritize good data structure and governance as they implement AI technologies. Effective data organization and governance are essential for successful AI integration in government. Key recommendations include managing data outside administrative files, ensuring strong leadership, and leveraging AI for various administrative and departmental tasks. Challenges such as storing massive data sets generated by AI and choosing appropriate data management strategies were highlighted. Integration approaches and patient, collaborative development of domain-specific AI tools were also discussed.

* Prioritize comprehensive data governance and organization. * Manage data outside of administrative files like PDFs. * Ensure strong leadership and expertise sharing within AI and government communities. * Address challenges in storing large data sets generated by AI. * Utilize both top-down and bottom-up approaches for AI integration.

AI is a rising priority for federal chief data officers

Artificial intelligence is emerging as a top priority for federal chief data officers in 2023. A recent survey of federal CDOs found that AI has rapidly become one of their most important focus areas, second only to data quality management. Driving AI adoption is the vast potential of machine learning to glean insights from complex government datasets. However, federal AI development also faces barriers like skills gaps and biased algorithms. As stewards of data, CDOs are critical players in enabling ethical, responsible AI across agencies. Key recommendations for CDOs include auditing datasets for accuracy, considering algorithmic fairness, establishing AI review boards, and embracing transparency in capabilities. With more investment pouring into federal AI, CDO oversight must similarly intensify to instill public trust. Guiding sound data governance and AI best practices will allow agencies to tap the technology’s benefits while managing risks.

* AI adoption is rising focus area for federal chief data officers. * CDO oversight key for managing complex policy issues like algorithm bias. * Teams should audit datasets, consider fairness implications, and embrace transparency. * AI review boards can help agencies apply best practices. * With AI funding growing, governance is crucial to ensure public trust.

AI provides a net advantage to federal cyber defenders — if they can use it

Artificial intelligence has the potential to be a powerful tool for federal cyber defenders given its ability to analyze vast amounts of data and detect malicious activity. However, many agencies lack the expertise to effectively implement and utilize AI. These AI tools have shown promising results in real-world applications, including detecting phishing emails with more subtle attack methods. Agencies must work to train existing employees on AI as well as recruit personnel with relevant skillsets. Adapting security frameworks and implementing machine learning best practices can also help validate and improve the effectiveness of AI cyber tools. Though barriers exist, collaboration across the government technology sector is critical to develop and deploy AI that enhances cyber defenders' abilities.

* AI has proven capable of identifying sophisticated phishing attempts missed by legacy filters. * Adapting existing security frameworks can help validate and optimize AI-powered cyber tools. * Cross-agency collaboration is important for building AI models attuned to emerging threats. * Training programs and strategic hiring initiatives must target gaps in AI expertise.

AI talent wanted: The federal government is searching far and wide to fill new cutting-edge positions

There is growing demand for AI talent in the federal government and the challenges agencies face in recruiting and retaining skilled AI professionals. Nearly every federal agency has major AI initiatives underway, from using AI to process benefit applications to leveraging AI for national security purposes. However, the private sector often offers higher salaries and the misperception exists of federal government work being less innovative. The Biden Administration has introduced several efforts to close the AI talent gap such as the creation of the AI COE program to share best practices in AI adoption. Advocates also point to the need to establish an AI-literate workforce through re-skilling programs as only a small number of specialized AI experts are needed to complement such a workforce.

* Nearly all federal agencies have major AI initiatives underway but struggle to recruit and retain skilled AI talent. * Private sector offers higher AI salaries while a misperception exists of less innovation in government work. * New AI COE program shares best practices in AI adoption among agencies. * Most federal staff will simply need to be AI-literate to complement a small number of AI experts. * Re-skilling programs needed to create an AI-literate federal workforce to close the talent gap.

Artificial Intelligence: Agencies Have Begun Implementation but Need to Complete Key Requirements

The GAO report reveals that while federal agencies have initiated AI implementation, they still need to fulfill key requirements. Agencies reported about 1,200 AI use cases, mostly in the planning phase. However, gaps in data completeness and accuracy were found in these inventories. The report also notes that certain agencies have not fully met AI implementation requirements set by executive orders and federal law. This incomplete compliance hinders effective management and oversight of AI use within these agencies.

* Federal agencies reported around 1,200 AI use cases, largely in planning stages. * Data gaps and inaccuracies exist in AI use case inventories. * Some agencies have not fully complied with AI implementation requirements. * Incomplete compliance affects the management and oversight of AI. * Addressing these issues is crucial for effective AI implementation in government.

Carnahan explains GSA's path to AI adoption

GSA Administrator Robin Carnahan discussed the General Services Administration's (GSA) approach to AI adoption, emphasizing the deployment of around 150 AI pilot projects to streamline government operations. These pilots aim to leverage AI to improve efficiency and effectiveness across federal agencies, with a strong focus on ethical AI use and robust governance frameworks. The GSA also released a comprehensive resource guide to assist federal buyers in acquiring AI technologies, ensuring informed and strategic AI implementation.

* GSA is deploying approximately 150 AI pilot projects to enhance government operations. * Emphasis on ethical AI use and strong governance frameworks. * The AI pilots focus on improving efficiency and effectiveness in federal agencies. * A new resource guide has been released to assist federal buyers in acquiring AI technologies. * The guide aims to ensure informed and strategic AI implementation across the government.

CISA establishing new office focused on zero trust

The Cybersecurity and Infrastructure Security Agency (CISA) is establishing a new office dedicated to advancing zero trust security principles across federal agencies, aligning with the Biden administration's broader cybersecurity strategy. Announced by Sean Connelly, CISA’s senior cybersecurity architect, at the Zero Trust Summit, the Zero Trust Initiative Office aims to provide federal agencies with comprehensive training, resources, and guidance on implementing zero trust architectures. This initiative is part of a concerted effort to enhance cybersecurity defenses by adopting a zero trust framework, which assumes no entity inside or outside the network is trusted by default.

* The Zero Trust Initiative Office will focus on education, training, and resource provision to federal agencies. * It will build upon existing CISA guidance, including the Zero Trust Maturity Model and Trusted Internet Connections 3.0. * The office plans to foster community building and collaboration through interagency working groups focused on zero trust implementation and network modernization. * Part of its mandate includes assessing agencies' zero trust maturity and developing metrics and benchmarks to track progress towards implementing the zero trust model effectively.

CISA Official Details New Fed Operational Cyber Alignment Plan

The Cybersecurity and Infrastructure Security Agency (CISA) has introduced the Federal Operational Cyber Alignment Plan (FOCAL) to enhance cybersecurity coordination across the Federal government. This initiative, as explained by CISA Associate Director Michael Duffy, aims to unify the cybersecurity efforts of Federal agencies by setting clear, achievable targets. The plan was developed in response to the evolving threat environment and the growing list of cybersecurity tasks agencies face. FOCAL is designed to not only streamline efforts but also to leverage existing programs like the Continuous Diagnostics and Mitigation (CDM) program for better defense and communication among agencies. This shift represents a significant change in CISA's approach, moving from merely providing information and guidance to offering capabilities that alleviate the cybersecurity burden on agencies, thereby improving operational visibility and threat information sharing.

* FOCAL aims to unify Federal agencies' cybersecurity efforts and set clear, achievable targets. * The plan leverages existing programs like CDM to enhance cyber defense and inter-agency communication. * CISA's approach has shifted towards providing capabilities to reduce the cybersecurity burden on agencies. * The initiative is a response to the evolving threat environment and the increasing cybersecurity tasks for agencies. * FOCAL is part of a broader effort to improve operational visibility and threat information sharing across the Federal government.

CISA Releases 2023 Year in Review Showcasing Efforts to Protect Critical Infrastructure

In 2023, the Cybersecurity and Infrastructure Security Agency (CISA) made significant strides in enhancing the security and resilience of critical infrastructure in the United States. The agency's efforts were multifaceted, focusing on promoting secure software development through the Secure by Design campaign, leading initiatives in Artificial Intelligence (AI) security, reducing ransomware risks, and emphasizing cyber hygiene. CISA also prioritized supporting critical infrastructure sectors, enhancing emergency communications, and providing resources to state and local governments. Notably, the agency launched the State and Local Cybersecurity Grant Program and established dedicated election security advisors. Additionally, CISA celebrated the second anniversary of its ChemLock program, aimed at improving security for chemical facilities. The 2023 Year in Review showcases these accomplishments, reflecting CISA's commitment to protecting the nation's critical infrastructure against evolving threats.

* Secure by Design Campaign: Launched to promote secure software development and published a white paper on secure software principles. * AI Security Roadmap: Published the first Roadmap for AI, outlining plans to assess AI-related cyber risks and guide critical infrastructure sectors. * Ransomware Risk Reduction: Initiated the Pre-Ransomware Notification Initiative, significantly reducing ransomware risks through early-stage warnings. * Cyber Hygiene Emphasis: Launched the Secure Our World program, focusing on fundamental cyber hygiene practices and public awareness. * Support for Critical Infrastructure: Enhanced engagement with key sectors, improved emergency communications, and implemented cybersecurity grant programs for state, local, and territorial governments.

CISA to issue list of software products critical to agency security by end of September

The Cybersecurity and Infrastructure Security Agency (CISA) is planning to provide a list of software products deemed critical for federal government security by the end of September 2024. This initiative aims to address vulnerabilities in essential software used across various federal agencies and critical infrastructure, enhancing overall cybersecurity resilience. The focus is particularly on open source software (OSS), which is widely used within government systems and is integral to their operations. CISA's efforts involve engaging with the OSS community to understand and mitigate risks associated with its use, thereby securing a more resilient cyberspace ecosystem.

* Identification of Critical Software: CISA will compile a list of software products that are vital for the security of federal agencies and critical infrastructure, focusing on open source software (OSS). * Engagement with OSS Community: The agency plans to work closely with the OSS community to better understand and secure the ecosystem, addressing risks associated with OSS usage in government operations. * Vulnerability and Risk Mitigation: CISA aims to reduce the risks to federal agencies by identifying vulnerabilities in widely used software and deploying measures to mitigate these risks. * Enhancing Cybersecurity Resilience: By securing critical software components, CISA intends to enhance the overall cybersecurity resilience of federal infrastructure. * Support for Secure Technology Practices: The initiative will also include developing best practices for OSS usage and coordination of vulnerability disclosure and response efforts.

CISA’s chief data officer: Bias in AI models won’t be the same for every agency

Preston Werntz, as the Chief Data Officer for the Cybersecurity and Infrastructure Security Agency (CISA), focuses on addressing bias in the datasets used for artificial intelligence within the agency. Werntz highlights the importance of understanding and managing this bias, especially given CISA's extensive use of AI across a variety of applications. His role involves overseeing data governance and ensuring that data management practices are consistent across different divisions within CISA. This is crucial as inconsistent data management can skew AI model outputs, thereby affecting their effectiveness and fairness​.

* Focus on Data Bias Management: Werntz emphasizes the importance of managing biases in datasets used for AI to ensure fairness and accuracy in AI outcomes. * Consistent Data Governance: He is dedicated to implementing consistent data governance across CISA to prevent skewed AI analyses due to inconsistent data practices. * Engagement Across Divisions: Werntz actively engages with different divisions within CISA to harmonize data management and governance efforts. * Education and Training: Part of his strategy includes educating CISA staff about their roles in data stewardship and the impact of data management on AI applications.

CYBERCOM embraces the non-traditional as acquisition program grows

U.S. Cyber Command (CYBERCOM) is expanding its acquisition team and adopting flexible buying strategies to become the Defense Department's hub for cyber procurement. Initially granted limited acquisition authority in 2016, CYBERCOM has seen these limits lifted by Congress, allowing for increased spending and staffing. The command now enjoys the status of a federal laboratory, enhancing its collaboration with industry and academia, and providing greater control over budgetary decisions for cyber programs. CYBERCOM aims to streamline cyber acquisitions, moving away from traditional DoD processes to accommodate the rapid pace of cybersecurity needs.

* Expanded Authority and Team: Initially granted limited acquisition authority in 2016, CYBERCOM now has expanded spending limits. * Federal Laboratory Status: The designation enhances CYBERCOM's collaboration with industry and academia and gives it more budgetary control. * Joint Cyber Warfighting Architecture: CYBERCOM is building a program office to oversee cyber products and services integration across the military. * Flexible Acquisition Strategies: Moving away from traditional DoD acquisition methods, CYBERCOM is adopting faster, more adaptable processes like DIU’s prototyping process and the Adaptive Acquisition Framework.

CYBERCOM seeks to get more acquisition authority

U.S. Cyber Command (CYBERCOM) is seeking expanded acquisition authority to streamline the procurement of cyber-specific tools and technologies. This effort is part of a broader strategy to enhance its capabilities and agility in addressing rapidly evolving cyber threats. The new authority would allow CYBERCOM to manage and execute contracts more efficiently, reduce redundancies, and better integrate various service components.

* Expanded Authority: CYBERCOM seeks to extend its acquisition authority to streamline procurement processes for cyber-specific tools and technologies. * Interoperability Focus: Aiming to enhance interoperability and reduce redundancies across service components, ensuring a unified technology stack. * Service-like Model: Following a model similar to U.S. Special Operations Command to leverage trained forces from various services while maintaining its own acquisition capabilities. * Industry Collaboration: Plans to expand partnerships with industry and academia to improve acquisition strategies and integrate cutting-edge technologies.

Cybersecurity: Launching and Implementing the National Cybersecurity Strategy

In April 2023, GAO reported that the goals and strategic objectives in the document provide a solid foundation for a comprehensive strategy. The strategy fully addressed three out of six desirable characteristics of a national strategy, but only partially addressed the other three. These include goals, resources, and organizational roles. ONCD plans to work with federal agencies to develop an implementation plan that includes milestones, performance measures, and budget priorities.

* It is crucial for these details to be issued promptly so agencies can start planning and allocating resources properly. * Without a clear roadmap for overcoming cyber challenges, the nation will lack guidance. GAO has designated ensuring cybersecurity as a high-risk issue because federal agencies and critical infrastructure rely on information systems. * The urgency to address these challenges led to the establishment of the Office of the National Cyber Director, responsible for developing and implementing a comprehensive national strategy.

Cybersecurity starts in the Security Operations Center

The Security Operations Center (SoC) at a federal agency plays a crucial role in cybersecurity, consisting of experts who monitor systems to prevent or respond to security threats. Recent years have seen an increase in procedures to protect SoCs, guided by federal directives and a cybersecurity executive order enhancing cloud and network security. Management complexities arise regarding leadership and incident response, with a mix of federal employees and contractors involved. Jennifer Franks from the Government Accountability Office highlights the importance of a diverse skill set, information sharing, and the challenges of managing sensitive data across different agencies. Protecting critical services requires continuous effort, risk management, and readiness to respond to incidents.

* SoCs are essential for monitoring and responding to cybersecurity threats in federal agencies. * Federal guidance and a cybersecurity executive order have strengthened SoC protections. * Management involves a mix of federal employees and contractors, with complexities in leadership and incident response. * Information sharing between agencies is crucial but challenged by varying sensitivities of data. * Continuous protection, risk management, and incident response planning are fundamental to SoC operations.

Department of Commerce announces US, UK AI safety partnership

The U.S. and U.K. have formalized a partnership to enhance AI safety through collaborative research, evaluations, and guidance. This agreement, signed by Commerce Secretary Gina Raimondo and U.K. Technology Secretary Michelle Donelan, aims to align scientific approaches and develop robust evaluations for AI models, systems, and agents. The partnership, effective immediately, is part of the Biden administration's broader strategy to work with international partners on AI regulation. It includes plans for joint testing exercises, personnel exchanges between AI safety institutes, and the development of common AI safety testing approaches. This collaboration is housed within the Department of Commerce’s National Institute of Standards and Technology in the U.S. and seeks to extend similar partnerships globally to promote AI safety.

* The U.S. and U.K. have signed a memorandum of understanding for AI safety collaboration. * This partnership aims to align scientific approaches and develop robust evaluations for AI technologies. * Plans include joint testing exercises and personnel exchanges between AI safety institutes. * The collaboration is part of a broader effort to establish international frameworks for AI regulation.

Developing AI Literacy in the Workforce is Central to U.S. Leadership in AI

The Subcommittee on Cybersecurity, Information Technology, and Government Innovation held a hearing titled: Toward an AI-Ready Workforce, focusing on developing AI literacy in the workforce as a central component of U.S. leadership in AI. The hearing emphasized the importance of training and up-skilling workers for AI and AI-adjacent roles to maintain America's global leadership in AI, considering the transformative impacts of AI on defense, security, economic growth, and service delivery. The hearing underscores the critical need for AI literacy and skill development in the workforce to ensure the U.S. maintains its leadership in AI technology and innovation.

* AI's Role in National Security and Economy: AI adoption is crucial for maintaining national security and economic prosperity. The U.S. needs to ensure its workforce is AI-ready to maintain its competitive edge globally. * Private Sector Initiatives: IBM's commitment to AI literacy was highlighted, with initiatives like IBM SkillsBuild offering free AI-related coursework and aiming to skill 30 million people by 2030, including training two million in AI in the next three years. * Federal Workforce Challenges: Discussions addressed the challenges the federal government faces in adopting AI, including bureaucratic hurdles and the need for cross-agency and industry collaboration. The issue of federal contracts often requiring four-year degrees, potentially hindering the inclusion of qualified individuals without such degrees, was also discussed. * Workforce Training and Up-skilling: The importance of professional development, receptive learning environments, and leadership in fostering an AI-ready workforce was emphasized. IBM's approach to retraining and up-skilling existing employees as a model for the federal government was also discussed.

DHS AI roadmap stakes claim to lead government in responsible AI use

The Department of Homeland Security (DHS) has released an AI roadmap outlining its strategy for integrating artificial intelligence into its operations in 2024. This initiative includes launching multiple AI pilot projects and establishing an "AI sandbox" for testing large language models (LLMs). Homeland Security Secretary Alejandro Mayorkas emphasized that these efforts aim to enhance national security, improve departmental operations, and deliver more efficient services to the public, all while safeguarding civil rights, liberties, and privacy. The roadmap highlights the use of generative AI and LLMs in training U.S. Citizenship and Immigration Services officers, assisting law enforcement investigations, and supporting disaster mitigation planning.

* Multiple AI Pilot Projects: DHS plans to implement AI in training, law enforcement investigations, and disaster mitigation planning. * AI Sandbox: An initiative to test LLMs within DHS, aiming to responsibly integrate AI into various operations. * Cybersecurity and AI: CISA to assess AI-enabled capabilities for detecting and remedying cybersecurity vulnerabilities. * Commitment to Privacy and Security: The roadmap emphasizes protecting civil rights and privacy while using AI to enhance national security and efficiency. * Leadership in Responsible AI Use: DHS seeks to set a federal example for ethical AI deployment, including establishing an AI Safety and Security Board and a new AI policy.

DoD CIO Unveils Zero Trust Overlays Guide

The Department of Defense (DoD) has released the Zero Trust Overlays guide, a comprehensive 400-page document designed to help defense agencies implement zero trust principles. This guide aims to provide clear guidance on controls that facilitate zero trust activities and outcomes, aligning with the goals set forth in a 2021 executive order. The overlays are intended to support risk management practitioners in preventing lateral movement by adversaries within networks and ensuring robust data security.

* Zero Trust Framework: Assumes no inherent trust within the network, requiring continuous authentication and authorization for access to data, assets, and applications. * Comprehensive Guide: A nearly 400-page document providing detailed guidance on implementing zero trust principles within the DoD. * Security Enhancement: Focuses on preventing adversaries from moving laterally within networks, thereby enhancing overall security. * Standardization: Introduces standardized procedures for implementing zero trust across the defense enterprise.

DoD stands up ‘SWAT team’ to help speed software acquisition

The Department of Defense (DoD) has established a specialized team to expedite software acquisition processes. This SWAT team aims to streamline procurement, ensuring faster delivery and integration of critical software systems. The initiative addresses existing delays and inefficiencies, aiming to enhance the DoD's technological capabilities and responsiveness. By leveraging expertise and optimizing workflows, the team seeks to meet the evolving demands of defense operations more effectively.

* DoD forms a SWAT team to speed up software acquisition. * Focus on streamlining procurement processes. * Aims to enhance technological capabilities and responsiveness. * Addresses existing delays and inefficiencies. * Optimizes workflows to meet defense operation demands.

Easterly Pitches Procurement Power to Enforce Cybersecurity

Jen Easterly, the Director of the Cybersecurity and Infrastructure Security Agency (CISA), emphasized the significant leverage the Federal government has in enforcing security standards through procurement processes at the GovernmentDX event in D.C. She highlighted the government's ability to mandate security standards for software vendors as a critical tool for enhancing cybersecurity. This approach supports the implementation of President Biden’s cybersecurity executive order aimed at securing the software supply chain. Additionally, the introduction of a secure software development attestation form and compliance with the National Institute of Standards and Technology guidelines are central to these efforts, ensuring that all third-party software meets baseline cybersecurity standards before being utilized by Federal agencies.

* The Federal government uses its procurement power to enforce security standards among software vendors. * The release of a secure software development attestation form is part of efforts to comply with President Biden's 2021 cybersecurity executive order. * This form aligns with an OMB directive from September 2022, requiring adherence to NIST guidance on software security. * CISA promotes a "secure-by-design" approach, emphasizing that building resilience into software from the design phase is essential for operational effectiveness and security.

Ensuring identity-proofing works for all populations

The increasing need for delivering public services quickly, accurately, and securely has led federal, state, and local government agencies to turn to modern and scalable platforms for identity verification. Dan Lopez, GSA’s director for Login.gov, emphasized that the platform, serving over 80 million user accounts across more than 40 agencies, must ensure accessibility and security for all, including those with disabilities or digital challenges. The goal is to serve all members of the public while respecting privacy, mitigating fraud, and preserving the integrity of government systems, despite the challenges of reaching the full American public due to disparities in access to facilities, technologies, and support. Success stories include Login.gov's facilitation of secure access to unemployment insurance benefits during the Maui wildfires.

* **Modern Platforms for Identity Verification:** Agencies are adopting modern platforms to manage identity verification efficiently and securely. * **Accessibility and Security for All:** Ensuring that identity-proofing efforts work for all populations, including those with disabilities or digital challenges, is a priority. * **Adaptable Solutions:** The need for solutions that cater to the most underserved demographics and avoid a one-size-fits-all approach. * **Harnessing Technology:** Emphasis on using the latest technology, such as AI and machine learning, to address and solve systemic gaps in identity verification.

Executive Order on Further Advancing Racial Equity and Support for Underserved Communities Through The Federal Government

On February 16, 2023, President Joe Biden signed Executive Order 14091. This executive order aims to further advance racial equity and support underserved communities through the federal government. It shows the administration's commitment to addressing systemic barriers that hinder prosperity, dignity, and equality for many underserved communities.

* This is a continuation of the administration's efforts, starting with Executive Order 13985 signed two years ago. * The new executive order integrates equity-focused policies and processes within government operations across the executive branch and federal agencies. * To achieve equitable outcomes, the administration must implement additional policies and processes that remove systemic barriers and promote equal opportunity for all.

FACT SHEET: Biden-⁠Harris Administration Announces New Better Contracting Initiative to Save Billions Annually

The Biden-Harris Administration recently announced the Better Contracting Initiative, which aims to save billions of dollars annually by modernizing how the federal government purchases goods and services. The initiative will focus on improving management of service contracts, reducing unnecessary contract duplication, increasing small business participation, and leveraging the government's buying power. Key components include new training for acquisition personnel, enhanced data analysis to identify savings opportunities, strengthened contractor oversight, and pilot programs to test new procurement approaches. Overall, the initiative seeks to deliver better value for taxpayers by making federal contracting more efficient, transparent, and cost-effective.

* Modernizes federal procurement to save billions annually. * Improves management of service contracts, reduces duplication. * Increases small business participation, leverages buying power. * Provides new training for acquisition personnel. * Strengthens contractor oversight, pilots new approaches.

FACT SHEET: OMB Releases FedRAMP Guidance to Accelerate the Secure Adoption of Cloud Services

The White House released new FedRAMP guidance to improve federal cloud service adoption, focusing on security, automation, and efficiency. Agencies have 180 days to update policies in line with this guidance. The initiative aims to streamline security assessments, enhance governance, and encourage secure cloud adoption to better serve the public and protect data.

* Security Emphasis: Strengthening security standards for cloud services. * Automation: Implementing automated processes for quicker security assessments. * Policy Updates: Agencies must align policies with the new guidance within 180 days. * Enhanced Governance: Strengthening oversight through the FedRAMP Board and Technical Advisory Group.

FACT SHEET: President Biden Issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence

On October 30, 2023, President Biden issued an executive order aimed at fostering responsible development and use of Artificial Intelligence (AI) in the United States. The order establishes a framework of principles that federal agencies must follow when adopting AI systems. It directs agencies to assess AI risks, minimize harmful bias, ensure high standards of data quality, and regularly test systems for safety and security vulnerabilities. The order also creates an AI Bill of Rights that protects citizens' civil liberties and sets limits on how their data can be used by AI systems. To oversee implementation, the order establishes a National AI Advisory Committee comprising government, private sector, academic and civil society experts.

* Establishes principles for responsible AI use in federal agencies. * Creates AI Bill of Rights to protect civil liberties and data privacy. * Directs testing of AI systems for biases, safety issues and security flaws. * Sets up National AI Advisory Committee to guide implementation. * Aims to strengthen public trust and prevent harmful impacts from AI.

Fed CIOs: AI Surge Offers Chance to Reform Hiring

Federal Chief Information Officers (CIOs) see the rapid increase in artificial intelligence (AI) usage as an opportunity to reform federal hiring practices. By incorporating AI tools, agencies can streamline the recruitment process, enhance the identification of qualified candidates, and improve diversity in hiring. The surge in AI adoption also offers a chance to address skill gaps and build a more agile and technologically adept workforce within federal agencies.

* Federal CIOs leverage AI to reform hiring practices. * AI tools streamline recruitment and improve candidate identification. * Efforts aim to enhance diversity in hiring. * Addresses skill gaps in the federal workforce. * Promotes a technologically adept and agile federal workforce.

Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements

The U.S. Government Accountability Office (GAO) report highlights that federal agencies have made progress in cybersecurity, particularly in incident response, but still need to fully implement specific requirements. Despite advancements in handling cyber incidents, gaps remain in event logging, a key aspect for managing cybersecurity incidents effectively. The GAO stresses the importance of complete adherence to these requirements to enhance the detection, investigation, and remediation of cyber threats.

* Federal agencies have improved in cybersecurity incident response. * Complete implementation of incident response requirements is still lacking. * Event logging, crucial for incident management, is inadequately addressed. * The GAO underscores the need for strict adherence to federal cybersecurity standards. * Effective detection and handling of cyber incidents hinge on fulfilling these requirements.

Federal government begins advertising new cyber rotation program

The federal government is launching a new cyber rotation program to develop its cybersecurity workforce. Managed by OPM and the Office of the Chief Information Officer, the program will assign information technology specialists across multiple federal agencies over two years. Modeled after the military's National Guard, the rotations aim to increase collaboration and knowledge sharing in cybersecurity. Participants will tackle real-world challenges, gaining experience protecting critical systems and data. Though still in the early planning stages, the program hopes to instill a "unity of effort" in combating cyber threats across government bodies like the Cybersecurity and Infrastructure Security Agency. With cyberattacks a mounting concern, deepening the bench of cyber talent and fostering cooperation is crucial.

* New federal cyber rotation program to assign IT specialists across agencies. * Modeled after military's National Guard to increase cyber workforce skills. * Participants will collaborate on solving real-world security challenges. * Aims to instill "unity of effort" in government cyber protections.

FedRAMP board launched to support safe, secure use of cloud services in government

The U.S. General Services Administration (GSA) has launched a new governing board for the Federal Risk and Authorization Management Program (FedRAMP). This board will replace the Joint Authorization Board and support the safe and secure use of cloud services in the federal government. The board consists of federal agency executives with expertise in technology, cybersecurity, and engineering. It aims to streamline the FedRAMP process, enhance cybersecurity, and foster collaboration across agencies.

* GSA launches a new FedRAMP governing board. * The board replaces the Joint Authorization Board. * Comprised of federal executives with tech and cybersecurity expertise. * Aims to streamline processes and enhance federal cybersecurity. * Supports secure cloud service adoption across federal agencies.

Feds Beware: NSA Details how China-Based Attacks Unfold

The National Security Agency (NSA), in collaboration with the Australian Signals Directorate (ASD) and other agencies, has released a cybersecurity advisory detailing the tactics of a Chinese state-sponsored cyber group, APT40. Known for targeting organizations in the U.S. and Australia since 2017, APT40 exploits vulnerabilities in widely used software and uses compromised devices, including home office devices, for its operations. The advisory outlines how APT40 quickly exploits new public vulnerabilities, such as those in Log4J and Microsoft Exchange, and provides mitigation strategies for network defenders.

* APT40 Overview: The group, linked to the PRC Ministry of State Security, targets government networks using advanced cyber espionage techniques. * Exploitation Tactics: APT40 focuses on exploiting public-facing infrastructure vulnerabilities rather than user-initiated actions like phishing. * Compromised Devices: The group uses end-of-life or unpatched small-office/home-office (SOHO) devices for attacks, blending in with normal network traffic. * Mitigation Strategies: The advisory recommends comprehensive logging, prompt patching, network segmentation, close monitoring of services, and disabling unused network services.

Feds, military personnel compete in President's Cyber Cup Challenge

The 2024 President’s Cyber Cup Challenge, aimed at identifying top cybersecurity talent within the federal government, concluded in mid-April. The team "Artificially Intelligent," composed of four Army members and one Air Force member, clinched the victory. Organized by CISA, the competition offered a platform for participants to showcase and enhance their cybersecurity skills through a series of practical and playful tasks. These in-person events, resumed after COVID, have fostered valuable networking and friendly competition among government cybersecurity professionals.

* Team Composition: The winning team, "Artificially Intelligent," consisted of four Army members and one from the Air Force. * Event Organization: The challenge is run by the Cybersecurity and Infrastructure Security Agency (CISA) and includes multiple rounds of cybersecurity-related tasks. * Task Design: Competitions feature practical cybersecurity simulations and more creative challenges like spaceship-themed games. * Networking and Growth: The in-person format post-COVID enhances networking among participants and fosters a competitive yet collegial atmosphere. * Talent Showcase: The event aims to highlight and develop the cybersecurity capabilities already present within the federal workforce.

GAO Agile Assessment Guide: Best Practices for Adoption and Implementation

The GAO Agile Assessment Guide presents best practices for adopting and implementing Agile software development methodologies in federal agencies. This guide addresses the need for improved management of IT acquisitions and operations, an area highlighted on the GAO High Risk List. The federal government's annual IT expenditure exceeds $100 billion, with a history of challenges in IT investment development, implementation, and maintenance. The guide serves as a resource for federal auditors, organizations, and programs either adopting or evaluating their Agile practices. It aims to enhance the transition and management of Agile programs in government settings.

* Focus on Agile Methodologies: The guide emphasizes the adoption and execution of Agile software development in federal IT projects. * Federal IT Spending: Addresses the management of the substantial IT budget within federal agencies. * Resource for Multiple Audiences: Designed for federal auditors, established Agile programs, and those in transition to Agile practices. * Improving IT Project Outcomes: Aims to reduce IT project failures, cost overruns, and schedule delays. * Legislative Background: References the Federal Information Technology Acquisition Reform Act (FITARA) for context and compliance.

GSA announces AI-themed hackathon

The General Services Administration (GSA) is organizing an AI-themed hackathon on July 31, 2024, across Atlanta, New York, and Washington, D.C. The event aims to enhance federal websites for AI usability while maintaining human user experience. Participants will compete for a $10,000 prize, utilizing AI and cloud tools from co-sponsors like OpenAI, Microsoft, and Slack. The goal is to reimagine government websites to ensure reliable AI-generated information and improved user interactions.

* Event Date and Locations: July 31, 2024, in Atlanta, New York, and Washington, D.C. * Prize: $10,000 cash prize. * Objective: Optimize federal websites for AI and human usability. * Sponsors: OpenAI, Microsoft, and Slack. * Tools: Access to advanced AI and cloud technologies provided by sponsors.

GSA begins FedRAMP pilot to change request process

The General Services Administration (GSA) has announced a new FedRAMP pilot program utilizing a non-blocking process to review significant changes to the governmentwide compliance program for cloud services. The Agile Delivery pilot aims to replace the current significant change request process with a more streamlined approach, removing the need for advanced approval for each change. Cloud service providers are invited to apply, with the GSA emphasizing the importance of continuous assessment rather than point-in-time evaluations to enhance security and efficiency.

* Non-Blocking Process: The pilot will remove the requirement for advanced approval for each change, allowing cloud service providers to move through the process more smoothly. * Focus on New Features: The pilot will concentrate on adding new features to existing cloud service offerings, addressing a significant pain point in the current FedRAMP process. * Application and Timeline: Applications are open until July 26, with selections expected by August 16. Providers planning to release new features by the end of the year are encouraged to apply. * Continuous Assessment: The long-term goal is to shift towards a continuous assessment model, ensuring ongoing confidence in security without the delays associated with the current process. * Stakeholder Impact: The pilot may initially result in delays for agencies, and cloud providers might create government-specific offerings that lag behind commercial ones to avoid development delays.

GSA calls for nominations to emerging tech-focused acquisition advisory committee

The General Services Administration (GSA) is seeking nominations for its emerging tech-focused Acquisition Policy Federal Advisory Committee (GAP FAC). This committee advises the GSA Administrator on key acquisition challenges and opportunities, emphasizing emerging technologies and sustainability. The focus is on integrating climate and sustainability considerations into federal acquisition processes to support the agency's role as America's primary buyer of goods and services. The GAP FAC aims to drive regulatory, policy, and process changes to enhance federal acquisition strategies.

* Advisory Role: The GAP FAC provides guidance on acquisition challenges, focusing on emerging tech and sustainability. * Climate and Sustainability: The committee aims to embed climate and sustainability considerations in acquisition processes. * Diverse Expertise: The committee includes experts and leaders from various fields to shape acquisition policies and practices. * Regulatory and Policy Changes: Recommendations focus on driving necessary changes to streamline acquisitions and support sustainable practices.

GSA hosts roundtable with business leaders on advancing equity in federal contracting

The General Services Administration (GSA) hosted a roundtable with leaders from small and mid-sized businesses, including those from underserved communities, at its headquarters. The meeting, led by Deputy Administrator Katy Kale, aimed to gather input and feedback on the challenges and strategies for success as federal contractors. Senior leaders from GSA, Small Business Administration (SBA), Office of Federal Procurement Policy (OFPP), and the Minority Business Development Agency (MBDA) were also present. The roundtable was part of GSA's Equity Action Plan and focused on advancing equity in federal procurement. This aligns with the Biden-Harris Administration's efforts to increase participation rates and federal contracting dollars awarded to small businesses, especially those from underserved communities. The discussion covered federal tools, best practices for company success, and how the government can contribute to this success

* Equity in Federal Contracting: The GSA's roundtable, part of its Equity Action Plan, aimed to advance equity in federal procurement, focusing on increasing participation and contracting dollars for small businesses, particularly those from underserved communities. * Leadership Engagement: The event was led by GSA Deputy Administrator Katy Kale and attended by senior leaders from GSA, SBA, OFPP, and MBDA, emphasizing the importance of top-level commitment to fostering diversity and inclusion in federal contracting. * Discussion of Challenges and Strategies: Participants discussed challenges faced by small and mid-sized businesses in federal contracting, best practices for success, and how the government can support these businesses, with a special focus on expanding opportunities for underserved communities. * Diverse Representation: The roundtable included leaders from a variety of businesses and organizations, ensuring a broad representation of perspectives and experiences in the conversation about advancing equity in federal procurement.

GSA Multiple Award Schedule update reduces barriers and costs for buyers and sellers of software licenses

The U.S. General Services Administration (GSA) updated the Multiple Award Schedule (MAS) to allow upfront payments for Software as a Service (SaaS) licenses, reducing costs and administrative burdens for agencies and vendors. This change supports small businesses and aligns government practices with commercial norms. The update stems from GSA's research and feedback from stakeholders, aiming to facilitate easier, more cost-effective cloud solutions procurement.

* Upfront payments for SaaS licenses now allowed. * Reduced administrative burdens for agencies and vendors. * Supports small business participation. * Aligns with commercial payment practices. * Aims to make cloud solutions procurement easier and less costly.

GSA releases generative AI resource guide for federal purchasers

The General Services Administration (GSA) recently unveiled a comprehensive resource guide aimed at federal purchasers interested in acquiring generative artificial intelligence (AI) solutions and related computing infrastructure. This initiative fulfills a mandate from the White House's October AI executive order. The guide provides practical advice on navigating the procurement process for generative AI, offering key questions and considerations for contracting officers to deliberate. Laura Stanton, the assistant commissioner in the GSA’s Office of Information Technology Category, emphasized the dynamic nature of generative AI technology and the ongoing evolution of the guide to match technological advancements. She highlighted the crucial role of contracting officers in collaborating with program and IT staff to ensure that the acquired AI solutions meet agency needs securely and effectively.

* Procurement Strategies: It outlines strategic approaches for contracting officers to handle gen AI procurement, ensuring they make informed decisions. * Usage and Testing: The guide suggests using sandboxes or testbeds for agencies to experiment with generative AI before making significant investments. * Problem Definition: It assists agencies in clearly defining the problems they aim to solve with AI technology. * Ongoing Updates: The GSA plans to regularly update the guide as AI technology progresses, ensuring it remains relevant.

GSA’s new approach to small business matchmaking

The General Services Administration (GSA) is refining its approach to small business matchmaking by implementing new strategies to attract small enterprises, particularly those with innovative technology capabilities. This initiative is part of the solicitation for the Alliant 3 IT services contract, which is in its final stages of preparation. The focus is on creating more opportunities for small businesses in the federal marketplace, encouraging their participation in larger contracts and promoting technological innovation within government projects.

* Enhanced Opportunities for Small Businesses: The initiative aims to attract more small businesses, especially those with innovative technological solutions, to engage in federal contracting. * Focus on Technology and Innovation: The approach emphasizes technological innovation, encouraging small businesses with such capabilities to participate. * Integration in Alliant 3 IT Services Contract: This strategy is a part of the solicitation for the Alliant 3 IT services contract, indicating a significant opportunity for small businesses. * Promotion of Larger Contract Participation: The effort is designed to facilitate the entry of small enterprises into larger contracts, thereby expanding their potential market within the federal sector. * Support for Business Growth: The GSA is providing platforms and resources to support the growth and development of small businesses in the federal marketplace.

HHS Creates new Office to Oversee Cyber, AI; Seeks to Fill key Tech Roles

The Department of Health and Human Services (HHS) announced a reorganization to streamline and enhance its technology, cybersecurity, data, and AI strategy and policy functions. This includes establishing a new office, renaming ONC to the Assistant Secretary for Technology Policy and ONC (ASTP/ONC), and consolidating oversight of technology-related roles. The reorganization aims to bolster HHS’s capabilities in addressing pressing issues in healthcare technology.

* HHS has created a new office, ASTP/ONC, to consolidate technology, data, and AI strategy and policy. * The search for permanent positions of CTO, CDO, and CAIO has begun. * Oversight of technology, data, and AI policy will move from ASA to ASTP/ONC. * National Coordinator Micky Tripathi will serve as the assistant secretary for technology policy and acting CAIO. * The public-private cybersecurity efforts will transfer from ASA to ASPR to enhance healthcare cybersecurity.

House committee introduces 5 guardrails for internal AI use

The Committee on House Administration has introduced five AI guardrails to guide responsible AI use within the U.S. House of Representatives. These guardrails emphasize human oversight, clear policies, thorough testing, transparency, and workforce education. Developed through discussions with various officials, these guidelines aim to balance operational efficiency with careful control over AI deployment. Key activities include upskilling staff, conducting hearings, and planning future AI uses with other government entities. The committee focuses on integrating AI safely with existing IT policies and exploring its impact through the federal acquisitions process.

* Five AI Guardrails Established: Human oversight, clear policies, robust testing, transparency, and workforce education. * Development through Discussion: Collaborative efforts with key legislative and technology officials during a private roundtable. * Upcoming Focus Areas: Upskilling staff, harmonizing AI use cases, and planning future AI implementations. * Integration with IT Policies: Prioritizing the integration of AI systems with broader cybersecurity and IT protocols. * Future Acquisitions: Examining the federal acquisitions process to ensure safe AI use and learning from state and local governments.

How Agencies are Driving CX Across Government

Federal agencies are actively pursuing improvements in customer experience (CX) through digital transformation initiatives, notably in website modernization. A prime example is the Centers for Medicare & Medicaid Services (CMS), which achieved a significant increase in customer satisfaction with its Medicare.gov website, jumping from 56% to 72% in a year. This success is part of CMS's broader effort to enhance the Medicare enrollment process by exploring automatic enrollment options, thereby eliminating the need for manual form submissions. CMS aims to further its CX efforts by recruiting digitally savvy Gen Z employees, emphasizing the importance of fresh talent in driving innovation.

* Federal agencies are prioritizing customer experience improvements through digital transformation, including website modernization. * CMS's update to Medicare.gov resulted in a significant increase in customer satisfaction, with plans to further streamline the Medicare enrollment process. * OPM's website modernization through the Digital Services BPA is a flagship CX effort, aligning with strategic goals to enhance service delivery to the Federal workforce. * CMS is targeting the recruitment of Gen Z employees to infuse new talent and perspectives into its CX efforts.

How the Biden administration is tackling diversity in federal AI hiring

The Biden administration is focusing on increasing diversity in federal artificial intelligence (AI) hiring. This initiative aims to create a more inclusive workforce by addressing disparities and fostering an environment that encourages varied perspectives in AI development and implementation. Efforts include targeted recruitment strategies, partnerships with diverse institutions, and the establishment of inclusive policies and training programs to support equitable hiring practices within federal agencies.

* Focus on increasing diversity in federal AI hiring. * Targeted recruitment strategies and partnerships with diverse institutions. * Establishment of inclusive policies and training programs. * Aims to create an inclusive and equitable federal workforce. * Encourages varied perspectives in AI development and implementation.

How the State Department is leaning into AI, modernization efforts to support federal workers

As technology evolves, the federal workforce must adopt innovative technologies to enhance productivity and efficiency. Don Bauer, CTO for global talent management at the Department of State, emphasizes the importance of integrating technology to support a global workforce. Challenges include data integration and maintaining control over corporate IP. Modernization efforts, including implementing trustworthy AI like state chat, are crucial. AI can help streamline recruitment and onboarding processes, while reducing overhead and vulnerabilities. Bauer highlights the importance of connectivity and integration for a modern user experience.

* Technology Integration: Essential for supporting a global workforce. * Data Control: Importance of keeping corporate IP within the department. * Modernization Challenges: Balancing ongoing operations with modernization. * Connectivity: Reducing overhead and vulnerabilities through integration.

How TMF is helping agencies harness artificial intelligence

The Technology Modernization Fund (TMF), in partnership with the Office of Management and Budget (OMB), is playing a crucial role in helping government agencies harness the power of artificial intelligence (AI). This effort is aligned with the President's Executive Order on the Safe, Secure, and Trustworthy Development and Use of AI, which emphasizes responsible AI use to enhance service delivery, drive innovation, and improve decision-making across federal agencies.

* Funding Innovation: TMF provides financial support for AI projects to overcome budget constraints and drive IT modernization across federal agencies. * Modernizing Legacy Systems: TMF funds help update outdated IT infrastructure, making it compatible with advanced AI technologies. * Building Technical Capacity: TMF offers technical assistance to ensure federal agencies can effectively implement and benefit from AI initiatives. * Ensuring Ethical AI Use: TMF invests in frameworks for data governance, privacy protection, and algorithmic transparency to mitigate risks associated with AI deployment.

Improving government capacity is key for AI deployment, experts tell Congress

The Senate Homeland Security and Governmental Affairs Committee, led by Sen. Gary Peters, D-Mich., is emphasizing the importance of enhancing government capacity for the effective deployment of Artificial Intelligence (AI). During a recent hearing, experts highlighted the potential of AI in transforming government services, such as offering translation services, creating chatbots, and aiding employees in their daily tasks. However, to fully harness AI's capabilities, significant investment in government capacity is necessary. Key issues discussed include the simplification of the federal procurement process, the need for streamlined policy frameworks, and the importance of sound data practices. Witnesses also stressed the importance of hiring AI experts and training current federal employees in AI, as well as the need for public sector innovation and experimentation with AI.

* **Federal Procurement and AI:** The committee is focusing on federal procurement and AI, recognizing its significant impact on AI regulation and deployment throughout the economy. * **Simplification and Streamlining:** Witnesses urged for a simplification of the Federal Acquisition Regulation and streamlining processes to facilitate smaller vendors' entry into the marketplace. * **Hiring and Training:** Emphasis on the need for government to reevaluate its hiring practices for AI experts and to provide AI training for current federal employees. * **Data Practices and Open Government Data:** The importance of establishing strong data practices and promoting open government data to avoid risks like disparate impacts and poorly informed decisions.

Informatica's Data in Action Summit: A Comprehensive Overview

On December 6th, 2023 the governmentwide ITVMO attended the Data in Action Summit by Informatica. As more government agencies evolve their citizen services into efficient platforms, leaders are increasingly relying on data as a key indicator of success and a means to drive change. Data, once a helpful resource, has now become crucial in the intricate modernization journey. IT officials find data and its analytical tools indispensable for building a government that is not only effective but also transparent, allowing them to witness their efforts in real time.

Many agencies fail to meet tech accessibility mandates, report finds

A new report from GSA sheds a new light on government tech accessibility, revealing that the government as a whole is failing to meet the minimum standard or legal obligation to provide equal access to all members of the public and federal employees with disabilities. The report focuses on federal compliance with Section 508 of the Rehabilitation Act, which mandates that government technology be accessible to people with disabilities. Despite this requirement, the report finds that less than 30% of the most viewed intranet and internet pages, electronic documents, and videos are fully in line with Section 508 standards. The report, mandated as an annual exercise under the 2023 appropriations law, used self-reported data from 249 respondents across the government. It found that agencies with more mature Section 508 programs and more staff had more accessible tech. However, 38 reporting components reported having no Section 508 staff at all. The report recommends that Congress focus oversight efforts on major tech vendors to improve the accessibility of widely used software products and encourages agencies to use acquisition tools to incorporate accessibility requirements into procurement and contracting documents. It also suggests increased accessibility testing, mandatory training for relevant employees, and more internal agency oversight and leadership accountability on accessibility.

* **Widespread Non-Compliance:** The government is not meeting its legal obligation to provide equal access to technology for people with disabilities. * **Low Conformance Rates:** Less than 30% of the most viewed pages and documents meet Section 508 standards, indicating ineffective accessibility policies and practices. * **Recommendations for Improvement:** The report suggests focusing on major tech vendors, incorporating accessibility requirements into procurement, increasing accessibility testing, and enhancing internal oversight and accountability. * **Data Quality Concerns:** Reporting officers expressed concerns about retribution for honest reporting and pressure to alter responses, leading to data quality issues.

New Biden Administration Actions Aim to Help Small Businesses Access Government Contracts

The Biden administration has introduced new measures to enhance the accessibility of major government contracts for small businesses. These initiatives involve guidance from the Office of Management and Budget (OMB) and efforts by the Small Business Administration (SBA) to improve the technical assistance program. The OMB's guidance encourages federal agencies to adopt strategies that enable small businesses to participate in multiple-award contracts, which represent nearly 20% or $160 billion of government contract funds. Furthermore, the SBA aims to diversify technical assistance opportunities through its Empower to Grow (E2G) program, targeting small disadvantaged businesses in low-income or high-unemployment areas. The program will offer customizable one-on-one training to guide small businesses through the contract bidding process and facilitate networking and matchmaking events with government organizations and prime contractors.

* Early Engagement and Planning: Agencies are encouraged to engage and plan for multiple-award contracts earlier in the process. * On-Ramps for New Companies: The guidance suggests expanding the consideration of on-ramps to allow new companies to enter during a contract's performance period. * Leveraging Small Business Set Aside Orders: Agencies are advised to make use of small business set-aside orders to open up opportunities.

New CISA Issuance to Help Federal Agencies Implement DNS Encryption

The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help federal civilian agencies implement Domain Name System (DNS) encryption. The "Encrypted Domain Name System Implementation Guidance" includes technical advice, references, and a checklist for necessary changes. This effort is part of a broader initiative mandated by the Office of Management and Budget (OMB) to enhance zero trust cybersecurity principles within government agencies. The guidance is also beneficial for non-governmental organizations aiming to improve their cybersecurity frameworks.

* CISA's new guidance aids federal agencies in implementing DNS encryption. * The guidance is part of OMB's zero trust cybersecurity initiative. * Resources include technical guidance, references, and a checklist. * Enhances overall cybersecurity posture of federal IT networks. * Useful for both governmental and non-governmental organizations.

New direct hire authority aims to assist agencies with AI talent surge

The federal government is granting new direct hiring authority to help agencies recruit talent in artificial intelligence as investments and applications accelerate. The Office of Personnel Management has approved direct hiring for over 50 AI-related positions including data scientists, developers, and engineers. This will allow agencies to expedite hiring, bypassing traditionally lengthy competitive hiring processes. As AI proliferates across national security, healthcare, transportation and more, demand for technical experts is surging. However, recruitment remains challenging with private sector competition. Direct hiring provides flexibility to attract qualified candidates to serve in government. This complements other federal efforts to upskill current staff and develop AI career paths. Though AI talent is scarce, empowering agencies to hire rapidly and competitively at scale will build critical personnel pipelines to support ethical and responsible adoption.

* New direct hiring authority fast-tracks recruitment of AI talent. * Addresses urgent need for technical experts as AI funding grows. * Government faces talent competition from private sector. * Allows flexible, competitive hiring to build critical AI personnel pipelines. * Complements efforts to train existing staff on AI skills.

New US cyber official wants ‘brutal honesty’ on industry collaboration efforts

The new U.S. Cybersecurity official is advocating for brutal honesty in collaboration efforts with the industry. This approach emphasizes transparent communication about vulnerabilities and challenges to improve the overall cybersecurity posture. The official aims to foster a cooperative environment where industry and government can work together to address pressing cyber threats, particularly those targeting critical infrastructure. This initiative is part of broader efforts to enhance resilience against cyber incidents and advance secure technology practices.

* Brutal Honesty: Advocating for transparent communication about vulnerabilities and challenges. * Industry Collaboration: Strengthening partnerships between government and private sector. * Critical Infrastructure: Focus on protecting key infrastructure from cyber threats. * Enhanced Cybersecurity: Improving overall cybersecurity posture through cooperation. * Resilience: Building a more resilient cybersecurity framework against potential incidents.

NIST adds 5 new members to its AI Safety Institute

The National Institute of Standards and Technology (NIST) has recently expanded its AI Safety Institute by adding five new members. These members come from a variety of backgrounds, enhancing the institute's expertise and ability to address AI safety in line with national security needs and standards development. This move aligns with the broader federal initiative to prioritize AI safety and effectiveness in government operations.

* Five new experts have joined the NIST AI Safety Institute. * The new members bring diverse skills to enhance AI safety and standards. * This initiative is part of a broader federal focus on AI technology. * The goal is to integrate AI safely into national security and governmental standards​.

NSF launches AI resource pilot to spur US innovation

The National Science Foundation (NSF) has initiated the National Artificial Intelligence Research Resource (NAIRR) pilot to democratize access to essential AI technologies and foster U.S. innovation in the field. The pilot aims to make federal resources like advanced computing, datasets, training models, and user support widely accessible, promoting the Biden administration's goal of establishing the U.S. as a leader in AI innovation. The NAIRR pilot focuses on four areas: NAIRR Open for general AI resource access, NAIRR Secure for privacy-preserving AI research, NAIRR Software for interoperable AI tool uses, and NAIRR Classroom for educational initiatives. Industry partners, including major tech companies, are supporting the program by providing resources and expertise. The pilot is designed to be a collaborative platform, inviting contributions from the community to ensure diverse engagement and foster a trustworthy AI ecosystem.

* Democratizing AI Access: The NAIRR pilot aims to make key AI resources publicly accessible, supporting the U.S. as a leader in AI innovation. * Focus Areas: The pilot concentrates on four areas: general AI resource access, privacy-preserving AI research, interoperable AI tool uses, and educational initiatives. * Industry Collaboration: Major tech companies are contributing resources and expertise to the pilot, emphasizing the collaborative nature of the initiative. * Community Engagement: The pilot encourages community contributions to create a diverse and trustworthy AI ecosystem, aligning with broader federal efforts to advance AI technology.

OMB Memo on Increasing Small Business Participation on Multiple-Award Contracts

The Office of Management and Budget (OMB) issued a memo on January 25, 2024, aimed at increasing small business participation in multiple-award contracts (MACs). This directive encourages federal procurement agencies to apply the "rule of two," which mandates that if at least two small businesses can perform the required work at a fair price, the competition should be limited to small businesses. However, the Federal Supply Schedule is exempt from this rule. The memo has sparked a debate over its implications, including whether it represents a significant policy shift without undergoing the standard rule-making process, its impact on medium and large businesses, potential increases in procurement costs due to reduced competition, and the likelihood of increased litigation and procurement delays.

* The OMB memo, issued on January 25, 2024, aims to boost small business participation in multiple-award contracts by advocating for the "rule of two." * It specifies that if two or more small businesses can offer fair market prices, competitions should be limited to them, excluding the Federal Supply Schedule. * The memo has sparked discussions regarding its potential to change procurement dynamics, particularly affecting medium and large businesses and possibly leading to increased procurement costs due to less competition. * Concerns have been raised about the memo's bypassing of the standard rule-making process, its impact on federal contracting, and the possibility of increased litigation and procurement delays.

OMB Releases Implementation Guidance Following President Biden’s Executive Order on Artificial Intelligence

The White House Office of Management and Budget recently issued guidance to federal agencies on implementing President Biden's executive order on responsible artificial intelligence adoption. The guidelines provide a timeline for agencies to inventory their AI use cases, assess risks, and develop policies aligned with the order's principles for trustworthy and equitable AI. Agencies must submit plans detailing how they will minimize harmful bias, evaluate AI impacts on underserved communities, improve data quality, and continually monitor AI system performance. The guidance also establishes reporting requirements for agencies to update the public on their progress. While praising the administration's commitment to AI oversight, some industry observers caution against overregulation that stifles innovation. Others argue the guidelines lack enforcement mechanisms. As agencies move to transform the principles into practice, effective implementation will determine whether the order achieves its goals of ensuring AI safety, protecting civil rights, and building public trust.

* OMB released guidance for agencies to implement Biden's AI executive order. * Directs risk assessments before AI deployment to address biases, privacy, security. * Seeks to boost innovation while protecting civil rights and privacy. * Creates Central Hub to coordinate AI regulation across government. * Implementation requires resources, expertise and sustained leadership.

OMB releases ‘broad’ accessibility guidance for government tech

OMB has released new guidance aimed at improving the accessibility of government technology, marking the first update to Section 508 of the Rehabilitation Act since 2013. The guidance addresses the concerning fact that nearly half of federal websites are not fully accessible, and only 23% of top PDF downloads from major agencies conform to 508 standards. The new guidance aims to instigate a culture change towards digital accessibility, emphasizing that it's a collective responsibility and an integral part of government modernization. Agencies are now required to establish a Section 508 program with a dedicated program manager and develop policies and procedures to ensure accessibility. This includes setting up digital accessibility statements on websites, providing feedback mechanisms for reporting issues, and conducting comprehensive accessibility testing before deployment. GSA is tasked with exploring a standardized accessibility conformance reporting process for vendors and establishing a government-wide service for accessibility-related products and services. The CIO Council will consider a government-wide program for assistive technology devices and consultation services. The Technology Modernization Fund may finance potential accessibility projects, aligning with the fund's customer experience allocation.

* **New OMB Guidance on Tech Accessibility:** OMB has issued new guidance to improve the accessibility of federal technology, the first update since 2013. * **Current Accessibility Status:** Nearly half of federal websites are not fully accessible, and a small percentage of top PDF downloads meet 508 standards. * **Establishment of Section 508 Program:** Agencies are required to set up a Section 508 program with a program manager and develop related resources, policies, and procedures. * **Website Accessibility Statements and Feedback Mechanisms:** Agencies must implement digital accessibility statements on their websites and establish mechanisms for the public to report accessibility issues. * **Comprehensive Accessibility Testing and Monitoring:** Agencies should conduct thorough accessibility testing before deployment and continuously monitor accessibility.

OMB Strengthening Federal Marketplace, Cyber Partnerships

The Office of Management and Budget (OMB) is enhancing partnerships in the federal marketplace to bolster cybersecurity. Speaking at the Second Annual ITVMO Summit Jason Miller, OMB’s Deputy Director for Management, emphasized the increase in new businesses and entrants in government contracts. This initiative is part of a broader strategy to modernize and secure federal infrastructure, leveraging partnerships with entities like Microsoft to improve logging capabilities and threat detection.

* OMB aims to strengthen cybersecurity partnerships within the federal marketplace. * New businesses and contractors are increasingly involved in federal contracts. * Expanded logging capabilities are being rolled out to improve threat detection. * The initiative supports the National Cybersecurity Strategy by enhancing security measures.

OPM announces survey to analyze AI in government jobs

The Office of Personnel Management (OPM) is advancing its efforts to integrate artificial intelligence (AI) within the federal workforce by launching a survey targeting federal employees engaged in AI-related tasks. This initiative is part of a broader strategy mandated by the 2020 AI in Government Act and President Biden's 2023 executive order, which aim to identify essential skills for federal AI roles and ensure AI's safe and secure use across agencies. Following the identification of 43 general and 14 technical competencies necessary for AI work, OPM seeks to validate these competencies through the AI job analysis survey. The survey will involve employees from various departments, including the Office of Science and Technology Policy and chief information and data officers. The outcome will contribute to developing an AI competency model, potentially leading to the revision or creation of job series to include AI skills, and help forecast AI job needs in the federal government. This model aims to enhance the recruitment, development, and promotion of AI talent, aligning with agencies' missions and strategic goals.

* OPM is surveying federal employees involved in AI to validate required competencies. * The initiative supports mandates from the 2020 AI in Government Act and a 2023 executive order. * Results will inform the development of an AI competency model and potentially revise job series. * The effort aims to enhance the federal workforce's AI capabilities, aligning with agency missions.

OPM leads governmentwide data scientist hiring effort to build up AI expertise

The Biden administration is spearheading a government-wide initiative to bolster AI expertise within the federal workforce, led by the Office of Personnel Management (OPM). OPM has initiated a large-scale hiring action to recruit data scientists across multiple federal agencies. This pooled hiring approach allows candidates to apply once and be considered for several GS-14 data scientist positions, streamlining the recruitment process. The initiative aligns with President Joe Biden's executive order to accelerate AI usage in government operations. OPM's direct-hire authority for AI-related job classifications further facilitates this effort. The White House emphasizes the importance of leveraging AI responsibly to enhance government services, policy-making, and research and development, ensuring the U.S. remains at the forefront of AI innovation.

* OPM leads a government-wide hiring effort to recruit data scientists, enhancing AI expertise in the federal workforce. * The initiative involves a pooled hiring action, allowing candidates to apply once for multiple positions across agencies. * The effort is part of the Biden administration's strategy to accelerate AI usage in government, as outlined in an executive order. * OPM's direct-hire authority streamlines the recruitment process, aiming to attract top talent in AI and related fields.

OPM outlines incentives to attract, retain federal AI workforce

The Office of Personnel Management (OPM) has issued guidance to federal agencies detailing pay and benefits flexibilities for AI positions to attract and retain a skilled workforce for emerging technologies. This follows President Joe Biden's executive order emphasizing federal AI hiring and the authorization of direct-hire authority for AI positions by OPM in December. The guidance includes recruitment and retention incentives, student loan repayment, higher annual leave accrual rates for certain positions, and the possibility of higher pay, alternative work schedules, and remote work. Agencies are encouraged to use these flexibilities to fill difficult positions, with OPM ready to assist in enhancing compensation tools.

* OPM's guidance offers recruitment, relocation, and retention incentives, including up to 25% of basic pay. * Direct-hire authority for AI positions to streamline recruitment and address the technology's rapid development. * Flexibilities such as student loan repayment and higher annual leave accrual rates for certain AI positions. * Encouragement for agencies to use these incentives to attract and retain AI talent, with OPM's support for enhanced compensation tools.

Presidential Innovation Fellows launches first cohort focused exclusively on Artificial Intelligence

The GSA has launched its first Presidential Innovation Fellows (PIF) cohort exclusively focused on Artificial Intelligence (AI). This cohort, comprised of 11 experts, will work at eight federal agencies to advance AI initiatives, supporting the Executive Order on AI. Their projects will include enhancing justice access, improving the electric grid, and streamlining clean energy infrastructure. This initiative aims to recruit top AI talent into government roles to drive innovation and modernization.

* First PIF cohort focused exclusively on AI. * Projects include justice access and electric grid enhancement. * Supports the Executive Order on AI. * Part of a broader effort to increase tech talent in government.

Protecting Government IT Systems is Critical to Federal Software Supply Chain

The U.S. House Committee on Oversight and Accountability recently discussed the critical need for protecting government IT systems to ensure the security of the federal software supply chain. Subcommittee Chairwoman Nancy Mace highlighted the vulnerabilities of government IT systems to cyber-attacks, including those from foreign adversaries. The release underscores the importance of secure software in federal systems, citing examples of significant breaches and emphasizing the necessity of software supply chain transparency. Measures like software bills of materials (SBOMs) are suggested to identify vulnerabilities and origins of software components.

* Importance of IT system protection in federal software supply chain. * Risks of cyber-attacks from foreign nations and other malicious actors. * Examples of major breaches highlighting system vulnerabilities. * Need for transparency in software supply chains. * Proposal of SBOMs for better vulnerability and origin tracking.

Regulators should consider 3 factors for AI safety, former national cyber director says

Former National Cyber Director Chris Inglis recommended a comprehensive approach to regulating artificial intelligence (AI), focusing on three main areas during a National Artificial Intelligence Advisory Committee meeting. He stressed the importance of understanding the purpose behind AI tools, ensuring there is a skilled workforce to manage them, and prioritizing human-centered design in AI development. Inglis's advice aims to ensure AI technologies are used responsibly and effectively, aligning with broader goals for ethical AI governance.

* A holistic approach to AI regulation is advocated, focusing on technology, people, and doctrine. * The purpose behind AI tools must be clear, with a technically capable workforce to implement these tools. * Human-centered design is crucial in AI development, ensuring human operators are considered and prepared. * These recommendations align with the Biden administration's goals for responsible and human-centered AI governance.

SBA Administrator Guzman Announces 2024 National Small Business Week Award Winners

SBA Administrator Isabel Casillas Guzman announced the winners of the 2024 National Small Business Week (NSBW) Awards, recognizing business owners, lending partners, and advocates from all 50 states, DC, Guam, and Puerto Rico. These awardees are celebrated for their contributions to the economy and their communities, especially in disaster recovery. The NSBW, scheduled for April 28-May 4, 2024, will include ceremonies in Washington, D.C., and a roadshow tour across several states. This initiative highlights the Biden-Harris Administration's commitment to supporting small businesses through significant investments in infrastructure, broadband, and clean energy, aiming to foster an environment where more Americans can pursue business ownership.

* NSBW 2024 Award Winners announced, recognizing small business contributors across the U.S. and territories. * Administrator Guzman to embark on a roadshow tour from April 30-May 3, 2024, visiting states to honor small businesses and discuss SBA initiatives. * The event underscores the Biden-Harris Administration's efforts to support small businesses with investments in infrastructure and clean energy.

Securing the backbone of our nation: critical infrastructure

Securing U.S. critical infrastructure against cyber threats is a pressing concern. The federal government aims to update outdated technology with modern security practices through public-private collaboration. Key initiatives include the National Security Memorandum and the updated National Cybersecurity Strategy Implementation Plan, which set minimum cybersecurity standards. Implementing zero trust architectures is essential for protecting industrial control systems. Enhanced information sharing and modernization efforts are vital to achieving resilient infrastructure.

* Federal efforts to secure outdated infrastructure technology. * Public-private collaboration emphasized. * National Security Memorandum and Cybersecurity Strategy set standards. * Zero trust architectures crucial for industrial control systems. * Importance of enhanced information sharing and modernization.

Selected Emerging Technologies Highlight the Need for Legislative Analysis and Enhanced Coordination

The Government Accountability Office (GAO) report highlights the challenges and opportunities faced by federal agencies in regulating emerging technologies like drones, AI-enabled medical devices, and others. The Department of Transportation (DOT), Federal Communications Commission (FCC), and Food and Drug Administration (FDA) reported using various practices to address these challenges. However, the FDA indicated the need for updated authorities to better regulate AI-enabled medical devices. The report emphasizes the importance of interagency collaboration and knowledge-building efforts, noting that foreign regulators have more extensive outreach, especially with industry and academia. The GAO made three recommendations to improve ongoing efforts, including documenting potential legislative changes, providing public information on collaborative efforts, and publicizing industry-facing initiatives.

* Regulatory Challenges: Federal agencies face challenges in regulating rapidly evolving technologies and require varied approaches, including strategic foresight tools and interagency collaboration. * FDA's Need for Updated Authorities: The FDA seeks specific legislative changes to better oversee AI/ML-enabled medical devices, highlighting the need for clear communication with Congress. * Interagency Collaboration and Outreach: Agencies like the DOT and FAA are recommended to enhance public communication about their efforts and establish clearer channels for industry engagement. * GAO Recommendations: The GAO suggests actionable steps for the FDA, DOT, and FAA to improve regulation and oversight of emerging technologies, ensuring public interests are protected while fostering innovation.

Senate Bill to Streamline Federal Procurement Process for Agencies, Contractors

The Senate has introduced bipartisan legislation, known as the Federal Improvement in Technology Procurement Act, aimed at streamlining the federal procurement process for government agencies and contractors. Spearheaded by Senators Gary Peters (D-Mich.) and Ted Cruz (R-Texas), the bill seeks to update procurement rules by eliminating outdated requirements, simplifying the bidding process, and expanding the use of advanced procurement methods. This initiative is designed to ensure that the most innovative businesses, including new and small ones, can compete for federal contracts, thereby keeping the federal government at the forefront of technology and innovation.

* The legislation is bipartisan, introduced by Senators Gary Peters and Ted Cruz. * It aims to streamline the federal procurement process by updating rules and removing obsolete requirements. * The bill focuses on simplifying the bidding process for contractors and expanding the use of advanced procurement methods. * It seeks to enable more businesses, especially new and small ones, to compete for federal contracts, promoting innovation and efficiency.

Software license purchases need better agency tracking, GAO says

The Government Accountability Office (GAO) report highlights inefficiencies in federal agencies' management of software licenses, leading to missed cost-saving opportunities and duplicative purchases. Despite an annual expenditure exceeding $100 billion on IT products, agencies lack consistent tracking of software licenses, particularly for the five most widely used ones. The GAO's study, focusing on 24 Chief Financial Officers Act agencies, found that 10 vendors, led by Microsoft, Adobe, and Salesforce, dominate the market. However, the precise usage of products under these licenses remains unclear due to inconsistent and incomplete data. The GAO recommends improved inventory tracking and price comparison efforts to prevent redundant purchases and leverage cost-saving opportunities. While most agencies concurred with the recommendations, the Department of Housing and Urban Development did not explicitly agree or disagree. The report underscores the need for better data and management practices to optimize federal software license procurement.

* Federal agencies are not efficiently tracking software licenses, leading to missed cost-saving opportunities and redundant purchases in IT and cyber-related investments. * The GAO report reveals that 10 vendors, predominantly Microsoft, Adobe, and Salesforce, account for the majority of the most widely used software licenses among 24 Chief Financial Officers Act agencies. * Agencies lack detailed data on the usage of individual products within software licenses, resulting in uncertainties about the actual number of licenses needed. * The GAO recommends better inventory tracking and price comparison to prevent duplicative purchases and maximize cost savings, though not all agencies explicitly agreed with these recommendations.

Technology Modernization Fund seeking proposals for Artificial Intelligence projects

The Technology Modernization Fund (TMF) has announced a call for project proposals focusing on the implementation of Artificial Intelligence (AI) within federal agencies, in alignment with President Biden's Executive Order on the safe, secure, and trustworthy development and use of AI in the federal government. This initiative aims to support AI implementation across agencies to improve operational efficiency, enhance coordination between programs, and modernize legacy systems. Proposals seeking up to $6 million in funding and with project timelines not exceeding 1.5 years will benefit from an expedited review process. The goal is to enable rapid deployment of AI technologies to automate processes, deliver assistive technology, improve customer experience, and reduce administrative burdens.

* The TMF is seeking AI project proposals from federal agencies to align with President Biden’s Executive Order. * Projects with budgets up to $6 million and timelines within 1.5 years will receive expedited reviews. * The initiative emphasizes the responsible exploration of AI to enhance government service delivery. * Proposals must include plans for user testing, risk mitigation, evaluation metrics, and senior executive support. * The TMF aims to transform government technology use, ensuring equitable, secure, and user-centric delivery.

The AI leadership imperative: Preparing federal agencies for AI’s impact

A new report titled Leading Agency Innovation in the Age of AI, stresses the urgent need for federal government leaders to educate executives about artificial intelligence (AI) to leverage its potential effectively. Produced by Scoop News Group and underwritten by Microsoft, the report highlights the Partnership for Public Service's AI Federal Leadership Program, which trains senior executives on AI's capabilities and implementation. The program has trained over 500 executives from 40 federal agencies and 30 states, providing them with AI project roadmaps. The report underscores the importance of shared learning, access to AI experts, and problem-focused AI application.

* AI Federal Leadership Program: A six-month course by the Partnership for Public Service that educates senior executives on AI capabilities and culminates in developing AI project roadmaps. * Shared Learning: Participants benefit from sharing AI application lessons and aspirations, fostering cross-agency collaboration and learning. * Access to AI Experts: The program provides executives with access to AI technical experts, enhancing their understanding and strategic planning for AI implementation. * Problem-Focused Approach: Emphasizes identifying mission-critical challenges before selecting AI use cases to ensure effective application.

The CAIO’s role in driving AI success across the federal government

Chief AI Officers (CAIOs) are pivotal in implementing AI across U.S. federal agencies, motivated by recent governance guidelines and the necessity to match the private sector's pace. Their responsibilities include defining clear AI strategies, balancing risk with innovation, optimizing budgets and procurement for AI projects, and creatively sourcing AI talent. These efforts aim to enhance public services and maintain U.S. leadership in technology, amidst the challenges of managing rapid technological changes and operational risks within government frameworks.

* CAIOs drive AI adoption and strategy in federal agencies. * They balance innovation with the operational risks inherent in government functions. * Budget management and procurement adaptation are crucial for timely AI integration. * Talent acquisition strategies are vital to build AI expertise within the government. * Examples from the Defense Department and Homeland Security illustrate both opportunities and challenges in AI implementation.

The four-step migration roadmap that smooths the path to classified cloud

Outlines a four-step roadmap for organizations to smoothly transition to a classified cloud environment. The first step involves understanding data and security requirements. The second step focuses on selecting the right cloud service provider. The third step is about planning and executing the migration, ensuring minimal disruption. The final step emphasizes the importance of continuous monitoring and adaptation to maintain security and compliance. This roadmap is designed to assist federal agencies in effectively leveraging cloud technology while adhering to stringent security standards.

* Four-step roadmap creates structured path to classified cloud. * Requires classifying data and applications to inform migration priorities. * Executing with security best practices as well as ongoing verification. * Following structured process unlocks full benefits of classified cloud.

The secret sauce to winning more government contracts

Artificial Intelligence (AI) is reshaping the dynamic business landscape, drawing attention from tech giants, governmental bodies, and the business community for its potential to boost productivity and necessitate regulatory oversight. In the government contracting (GovCon) sector, AI is emerging as a pivotal force, enabling companies to gain a competitive edge through enhanced efficiency and effectiveness. This sector, responsible for a significant portion of federal spending, is leading the tech transformation, with more than 60% of business owners believing in AI's potential to increase productivity. The adoption of AI in GovCon emphasizes the need for transparency and trust, especially when handling sensitive information, to maintain accountability and regulatory compliance. As AI technology evolves, it promises to revolutionize procurement processes, democratize opportunities for businesses of all sizes, and require government contractors to adapt swiftly to remain competitive.

* The GovCon sector is at the forefront of AI adoption, aiming to enhance efficiency and secure more business. * Transparency and trust are critical in the adoption of AI within GovCon, given the handling of sensitive information. * AI promises to revolutionize procurement processes, offering competitive advantages to early adopters. * Government contractors are encouraged to leverage AI for innovation, efficiency, and enhanced market competitiveness.

The US intelligence community is embracing generative AI

The U.S. intelligence community is increasingly adopting generative AI to enhance its capabilities. This technology aids in data analysis, operational efficiency, and decision-making while ensuring responsible use to maintain public trust. The focus is on leveraging AI for tasks such as research, queries, and coding to improve overall operations. However, there are challenges, including ensuring data quality, addressing potential risks like bias and misinformation, and training the workforce.

* Adoption of generative AI for data analysis and operational efficiency. * Emphasis on responsible AI use to maintain public trust. * Challenges include data quality and mitigating risks of bias and misinformation. * Need for workforce training and upskilling. * Importance of a robust data strategy for AI success.

US signs on to international principles for 6G

The White House, along with governments from Australia, Canada, the Czech Republic, Finland, France, Japan, the Republic of Korea, Sweden, and the United Kingdom, issued a joint statement on new shared principles for 6G spectrum research and development. These principles are aimed at securing global telecommunications infrastructure, with a focus on national security, privacy, international standards, interoperability, affordability, and sustainable global connectivity. The initiative is seen as crucial for developing and deploying secure 6G technologies, leveraging advancements in AI, software-defined networking, and virtualization. The principles are intended to guide future policy and foster international cooperation in the development of 6G technology.

* International Cooperation: A unified approach among multiple nations to secure future telecommunications. * Focus on Security and Privacy: Emphasis on protecting national security and individual communications. * Inclusive and Sustainable Connectivity: A commitment to affordable and sustainable global connectivity through 6G. * Advancement in Technology: Leveraging AI and other emergent technologies for enhanced security and interoperability.

Watchdog finds ‘sufficient’ cyber threat sharing at agencies, but barriers remain

The Intelligence Community Inspector General's biennial update on cybersecurity information sharing indicates progress in the last two years, but also identifies persistent challenges. The report evaluates the implementation of the Cybersecurity Information Sharing Act of 2015, involving input from various departments and the Office of the Director of National Intelligence (ODNI). While policies, procedures, and guidelines for sharing cyber threat indicators are deemed sufficient, issues such as reluctance to share outside the federal collection, over-classification of information, and resource constraints hinder effective information sharing. Departments like Commerce prefer to share only within the federal collection, and private companies hesitate due to potential legal and competitive concerns. Over-classification and the effort required to declassify information delay its use, and transferring information from classified to unclassified systems poses difficulties. Additionally, resource constraints affect the review of incoming information, and concerns about the quality of cyber information and the functionality of tools like CISA's Automated Indicator Sharing capability further complicate the sharing process.

* **Progress in Cyber Threat Information Sharing:** The report acknowledges improvements in cyber threat information sharing within the government over the last two years. * **Challenges in Sharing Outside Federal Collection:** Some departments, like Commerce, are reluctant to share outside the federal collection, and private companies are hesitant due to legal and competitive concerns. * **Over-Classification and Declassification Issues:** Concerns about over-classification hinder information sharing, and the process of declassifying information is seen as a significant delay. * **Resource Constraints:** Agencies face challenges due to a lack of personnel to review incoming information, affecting the effectiveness of information sharing.

What are the Biggest Challenges to Federal Cybersecurity? (High Risk Update)

The GAO identifies four primary challenges in federal cybersecurity: the National Cybersecurity Strategy needs stronger performance measures; federal agencies face difficulties in securing systems due to ineffective controls and unaddressed vulnerabilities; critical infrastructure sectors are vulnerable to attacks with ongoing federal protection shortcomings; and efforts to protect personal privacy are insufficient, lacking comprehensive laws. These issues highlight the urgent need for improved measures to defend against increasing cyber threats.

* National Cybersecurity Strategy needs stronger performance measures. * Agencies struggle with securing federal systems. * Critical infrastructure remains vulnerable to attacks. * Personal privacy protection efforts are insufficient.

White House announces nearly $100 million in pledges to boost emerging tech workforce

The White House has announced nearly $100 million in pledges aimed at bolstering the emerging tech workforce. This initiative, part of the Biden-Harris Administration’s broader Investing in America agenda, seeks to create a diverse and skilled pipeline of workers for advanced manufacturing jobs, including clean energy, biotechnology, and semiconductors. The funds will support various programs and collaborations between federal agencies, employers, unions, and educational institutions to ensure Americans are well-prepared for high-demand occupations in these fields.

* Advanced Manufacturing Sprint: An initiative to build a skilled workforce in advanced manufacturing, launched with the support of significant federal investments. * NSF Funding: Nearly $100 million announced for research, workforce development, and experiential learning, particularly in the semiconductor industry. * Apprenticeship Programs: New and expanded apprenticeship programs for industrial manufacturing, robotics, and bio-fabrication technicians. * Workforce Hubs: Established in five cities to expand pathways into advanced manufacturing jobs, with collaborations between various stakeholders. * Equity and Job Quality: Focus on incorporating equity, job quality, and worker empowerment in advanced manufacturing and workforce development programs across federal initiatives.

White House moves to ease education requirements for federal cyber contracting jobs

National Cyber Director Harry Coker is actively working to broaden the pool of cybersecurity professionals within the federal government by advocating for reduced educational requirements for certain contracting roles. This initiative, in collaboration with OMB, is part of a broader effort by the Biden administration to address the significant shortage in the cybersecurity workforce and to promote diversity in the field. By eliminating the four-year degree requirement, the administration aims to make cybersecurity roles more accessible and inclusive, especially for women and people of color who have been historically underrepresented. Coker emphasized the importance of inclusivity in defending digital systems, a critical component of modern infrastructure. To this end, his office plans to implement hiring sprints and recruitment events, particularly targeting locations that have been overlooked by federal recruitment efforts. The urgency of these efforts is underscored by Coker's estimate of at least half a million vacant cybersecurity positions in the industry, a gap that poses a risk at a time when digital systems are increasingly under threat. The Biden administration views this push not only as a security imperative but also as a means to drive economic development and ensure equitable participation in the benefits of the digital revolution.

* **Reducing Educational Barriers:** Coker is collaborating with the Office of Management and Budget to remove the four-year degree requirement for some federal cybersecurity contracting positions. This effort aims to make cybersecurity jobs more accessible and increase diversity within the field. * **Promoting Diversity and Inclusivity:** The initiative focuses on opening pathways to cybersecurity careers for groups traditionally underrepresented in the field, such as women and people of color, by eliminating historical barriers to entry. * **Utilizing Community Colleges:** Institutions like the Community College of Baltimore County, recognized for excellence in cybersecurity education, are seen as crucial for providing affordable and accessible technical training to help fill the vast number of open positions. * **Addressing the Workforce Shortage:** With an estimated half a million open cybersecurity positions, the initiative recognizes the urgent need to secure digital systems against increasing threats and aims to rapidly fill these vacancies.

White House procurement office marks 50 years

The White House Office of Federal Procurement Policy (OFPP) celebrates its 50th anniversary, highlighting its achievements in improving procurement practices across federal agencies. Established in 1974, the OFPP has played a pivotal role in shaping procurement policies, ensuring transparency, and enhancing the efficiency of federal acquisitions. The office continues to focus on modernizing procurement processes, integrating technology, and fostering innovation to meet the evolving needs of the federal government.

* OFPP celebrates 50 years of service. * Established in 1974 to improve federal procurement practices. * Key role in shaping policies and ensuring transparency. * Focus on modernizing processes and integrating technology. * Continues to foster innovation in federal acquisitions.

White House to release long-awaited FedRAMP modernization guidance for agencies, cloud service providers

The White House is set to release updated FedRAMP guidance aimed at improving cloud security authorization for federal agencies. This guidance focuses on rigorous security reviews, quick mitigation of weaknesses, and automation in security assessments to streamline processes. Agencies and the GSA have specific deadlines to update policies and processes in line with the new guidance, which emphasizes continuous monitoring and the use of emerging technologies. This modernization effort aims to accelerate secure cloud adoption and enhance digital services across the government.

* FedRAMP Guidance Release: New guidance to reform cloud security authorization. * Strategic Goals: Focus on rigorous security reviews and quick mitigation. * Automation: Emphasis on automated security assessments to speed up processes. * Agency Deadlines: Specific timelines for agencies and GSA to update policies. * Modernization Objectives: Accelerate secure cloud adoption and improve digital services.

White House unveils AI governance policy focused on risks, transparency

The White House has introduced a comprehensive artificial intelligence (AI) governance policy, aligning with President Joe Biden's AI executive order. This 34-page memo, crafted by the Office of Management and Budget (OMB) Director Shalanda D. Young, aims to guide federal agencies in responsibly managing and utilizing AI technologies. It builds on a draft released for public feedback in November, emphasizing risk management, transparency, and the establishment of chief AI officers (CAIOs) within agencies. The policy underscores the federal government's commitment to leading by example in AI usage, with specific measures to safeguard Americans' rights and safety. Additionally, it announces the National AI Talent Surge to recruit AI professionals into government roles and plans for federal procurement of AI, highlighting the administration's approach to modeling responsible AI governance domestically and globally.

* The policy mandates guardrails for AI applications affecting rights or safety and expands AI use case inventories. * Agencies are required to appoint CAIOs to oversee AI technology use. * The National AI Talent Surge aims to hire at least 100 AI professionals by the summer. * The policy serves as a domestic model for global AI governance, emphasizing transparency and risk mitigation.

Zero Trust and Improving the Nation's Cybersecurity

In May 2021, the Biden Administration issued Executive Order 14028, revolutionizing U.S. federal cybersecurity with a focus on Zero Trust security. This model, based on "Never trust, always verify," mandates stringent verification for all access attempts within government networks, regardless of origin. Emphasizing a continuous, multifaceted approach, Zero Trust requires a blend of technologies and practices, marking a significant departure from traditional cybersecurity strategies towards a more secure, resilient governmental infrastructure.