Zscaler makes a key hire of a former federal technology leader to expand its global reach and influence.

These are two of the most recent federal executives on the move.

Eric Hysen, the DHS chief information officer, announced on Monday that Hemant Baidwan will be the new CISO, taking over for Ken Bible, who retired on March 29.

“Hemant has been instrumental in enhancing the department’s cybersecurity posture,” Hysen wrote in an email obtained by Federal News Network. “His background spans both the public and private sectors, where he has excelled in IT development, agile application deployments and strategic expansion globally.”

Meanwhile, Zscaler is hiring Brian Conrad, the former acting director of the cloud security program known as FedRAMP, Federal News Network has learned.

Conrad, who left the General Services Administration on March 22, will be the new director of field compliance authorizing authority liaison.

“We want Brian to own all the relationships with all the FedRAMP-type of agencies or organizations across the globe,” said Stephen Kovac, the chief compliance officer and head of global government affairs at Zscaler. “Many countries have similar organizations like FedRAMP, which act as an authorizing agency. Many are going down the path of secure by design as well, which we think will be huge internationally, so you’ve got programs that are maturing and may not be where FedRAMP is today, but all are trying to mature their processes. Brian has worked with all these folks over the years, but has been more of a friendly coach to many of these agencies. By him joining, this will allow us to build out global practice and build those relationships.”

Kovac said companies ranging from Japan to Singapore to Spain to India to United Kingdom are maturing their cloud security oversight organizations.

He said Conrad can bring a technical acumen to the conversation that will benefit Zscaler as well as the organizations themselves.

“From the earliest days of the FedRAMP program, Zscaler has been an innovator, working to ensure the federal government can deliver modern digital government services, securely,” Conrad said in a release. “Implementing a zero trust cybersecurity framework is mission-critical for every organization, and we must stay focused on separating the signal from the noise. I’m excited to join a team that aligns with my vision of building a secure global digital ecosystem.”

Conrad’s decision to join Zscaler comes after he spent the last five-plus years working for GSA. He was the acting FedRAMP director for the last three years.

GSA is hiring a new FedRAMP director and held information sessions about the position on Monday and today.

Before joining GSA and FedRAMP, Conrad was an officer in the Marines Corps where he worked the Marines Systems Command, the Marines Corps College of Distance Education and several other commands. After retiring from the Marines Corps, Conrad worked at Booz Allen Hamilton before coming back to federal service.

Similar to Conrad, Baidwan joined the government after spending the early part of his career in industry.

Baidwan has been the deputy CISO at DHS since 2021 and has worked in the CIO’s office since 2015 in an assortment of cyber roles.

He also worked at the Immigration and Customs Enforcement directorate as the governance and risk management section chief.

With Baidwan taking on the new role, Hysen said Antonio Scimemi will be the acting CISO. Scimemi has overseen the CISO cybersecurity assessments division and led the effort to develop the agency’s unified cyber maturity model.

He also was the deputy CISO and acting director of IT operations at ICE.

The post DHS hires new CISO; Former cloud security lead lands new job first appeared on Federal News Network.

Up until about a year and a half ago, the 16,000 employees who make up the Office of the Secretary of Defense were the biggest technology user base in the Defense Department that didn’t much resemble an IT enterprise. Collectively, the organization is bigger than the Space Force and many large DoD agencies, but from an IT perspective, the nearly two dozen entities that comprise OSD were largely left to their own devices — figuratively and literally.

But an enormous amount has changed since October 2022, when DoD created a new CIO position to unify 17 OSD staff assistant offices and four agencies into a coherent IT management structure. Most recently — just this month — everyone involved signed a memorandum of agreement to make clear all assigned roles and responsibilities.

“Over the past 10 to 15 years of IT efficiency and consolidation drills, there was a lot of movement of money and resources, but nothing was written down,” Danielle Metz, OSD CIO said during Federal News Network’s DoD Cloud Exchange 2024.

“Since we weren’t really united and no one viewed themselves as part of a collective, everyone had different expectations, different thoughts. And because we didn’t have a memorandum of agreement that articulated the common services that were going to be delivered by the service provider — and the price points and metrics associated with that — there wasn’t an understanding of whether what was being delivered was considered good, what was considered not so good and how to correct that. All of that needed to be sorted through. And so just getting that baseline is what we’ve endeavored on in the past 18 months.”

The service provider is the Defense Information Systems Agency, which has been delivering IT services to tenants inside the Pentagon and the National Capital Region through its joint service provider since 2015, when DoD ordered an earlier consolidation of its IT service providers.

Buying, managing IT services at an enterprise level

But until recently, each OSD organization has been on its own when it comes to ordering and implementing those services, depending on their needs, and figuring out for themselves how to use them.

“We’re now acting as an enterprise instead of individual fiefdoms, and that it works two ways,” Metz said. “One is that we have collective buying power, but we also are able to advocate for the resources that we all need and not just the piece parts by those who were able to navigate the Planning, Programming, Budgeting and Execution process on their own, which is what was happening. There were a lot of organizations that were struggling, and the whole point of a CIO is to democratize access so that we don’t have winners and losers.”

In its initial stages, beyond creating usage, spending and user experience baselines, Metz’s new office — part of the Pentagon’s Directorate of Administration and Management — has had some early wins in deploying common services to the parts of the DoD “fourth estate” that fall within the new OSD enterprise portfolio.

For unclassified email and collaboration services, all 21 of the organizations have now moved to DoD 365, the Pentagon’s cloud-based implementation of Microsoft 365. As of this month, all but one of those organizations has also migrated to their secret-level systems to the new classified version of DoD 365, eliminating the need for a hodgepodge of aging information sharing tools at Impact Level 6.

Migrating those systems to a single cloud environment also helps mitigate the network fragmentation DoD organizations have been creating for the last several decades.

“It doesn’t make those fragmentation issues irrelevant, but it helps us prioritize the fact that we do need to do some network simplification, both on our unclassified and classified networks. That’s what DISA has been leading with what they call DoDNet,” Metz said. “We’re working with DISA to accelerate their plans to have that in the Pentagon, so that you don’t have like a Pentagon local area network that’s kind of sandwiched in between all these other various networks, whether it’s classified or unclassified. We really do need to streamline and simplify the network because we have a lot of network outages. We have performance issues.”

Moving toward a single budget for OSD IT

Another major objective: figuring out how to create a unified IT budget for nearly two dozen organizations with widely varying missions, expertise and needs.

Metz said the most sensible way to provide for each organization would be to create a single working capital fund for the entire enterprise’s IT expenditures, rather than forcing each of them to plan their technology budgets via DoD’s arduous and rigid PPBE process.

“In that model, you’re using your crystal ball to assess what is the technology that we need to be able to implement, and then you have to get a lot of details to be able to come up with a funding profile over five years — but you’re doing it two years out, and you’re going to be wrong. And even if you have it programmed, if you’re operating under a continuing resolution, you don’t have access to those dollars. It really slows your ability to drive the important changes that need to take place. In a working capital fund or fee-for-service model, you’re able to make those capital investments and technology insertions a lot more gracefully instead of having to do big bang approaches — which we know in technology never ever works.”

Discover more articles and videos now on Federal News Network’s DoD Cloud Exchange event page.

The post DoD Cloud Exchange 2024: OSD’s Danielle Metz on moving from ‘fiefdoms’ to coherent IT enterprise first appeared on Federal News Network.

From the Education Department to the Homeland Security Department to the Air Force to the Defense Information Systems Agency (DISA), federal leaders are retiring or heading to new opportunities in the private sector.

Starting with the Education Department, Luis Lopez, the chief information officer since December 2022, is leaving on March 22 for a job with INOVA Healthcare.

An Education Department spokesman confirmed Lopez is leaving for the private sector.

“We are preparing for a smooth transition by posting the position before he departs,” the spokesman said.

It’s unclear who will be acting CIO when Lopez leaves. Education already put out the job announcement to hire a new CIO. Applications are due by March 14 so only a two-week opening.

Federal News Network has learned Lopez will be vice president of IT operations for Inova Health Care Services.

Lopez has worked in federal service since 2008 and been with Education since 2017.

In his short time as CIO, Lopez said in a recent interview that he set up a customer advisory council last summer to help explain to non-IT executives why the 2014 law matters to them and it’s more than just a technology priority. He also led the effort to consolidate and standardize the number of video teleconferencing and collaboration tools used by Education Department employees.

Along with his work at Education, Lopez also worked at the Defense Health Agency and the Walter Reed National Medical Center.

Joining Lopez in heading to the private sector are two other technology leaders.

Federal News Network has confirmed Drew Malloy, the technical director for DISA’s Cyber Development Directorate, and Robert Wood, the chief information security officer at the Centers for Medicare and Medicaid Services, also are leaving for new positions outside of government.

Malloy, who has been with DISA for 14 years and served in government since 2003, will join a small systems integrator.

Malloy has led DISA’s cyber directorate since 2020 where he oversaw the agency’s portfolio of cybersecurity capabilities, including identity and access management, the Joint Regional Security Stacks, cybersecurity situational awareness and zero trust.

He wrote on LinkedIn that he also “developed the modernization strategy for our network and security architecture in accordance with zero trust principles resulting in Project Thunderdome for the DoD enterprise.”

It’s unclear when Malloy’s last day will be or who will replace him even on an acting basis.

In addition to running the cyber directorate, Malloy ran DISA’s services development directorate and was the chief engineer for the Cyber Situational Awareness and Analytics Division.

He also worked at Naval Research Laboratory before coming to DISA.

CMS CISO Wood taking new role

As for Wood, who has been CMS CISO since November 2020, he will join a new venture with Sidekick Security, while also continuing to invest in and grow the non-profit Soft Side of Cyber.

Federal News Network has learned that CMS deputy CISO Keith Busby will be stepping up to lead the program until a permanent CISO is hired.

During his time at CMS, Wood focused on improving the culture at CMS around cybersecurity, building a security data lake to break down silos and advancing the technology strategy through cyber enablement.

Before joining CMS in 2020, Wood spent most of his career in the private sector working in cybersecurity positions with Cigital, Simon Data and N95.

Retirements at DHS, Air Force

Two other federal technology leaders decided it was time to call it a career.

Ken Bible, the Department of Homeland Security’s chief information security officer, and Eileen Vidrine, the Air Force’s chief data and artificial intelligence officer, have submitted their retirement papers.

Bible said his last day will be March 29 and has no firm plans for his post-federal life.

“I am looking forward to taking some time to enjoy my home in Charleston, S.C. and perhaps engage in helping in both the education arena as well as helping at the state and regional policy levels in the future,” Bible said in an email to Federal News Network.

He has been DHS CISO since January 2021 and worked in government for almost 39 years. Bible, who received a 2023 Presidential Rank Award,  started his career in 1985 at the former Charleston Naval Shipyard, where he rose to be a nuclear qualified engineering supervisor for three engineering branches.

During his time at DHS, Bible launched a pathfinder last summer to begin evaluating existing contractors with cyber hygiene clauses in their contracts and focused on addressing broader supply chain risks through a strategy.

Before coming to DHS, Bible served under the headquarters Marine Corps Deputy Commandant for Information as the assistant director for the information command, control, communications and computers division (IC4). He also served as the Marine Corps’ deputy CIO and CISO. Additionally, he worked at the Space and Naval Warfare Systems Command (SPAWAR) for almost two decades.

Vidrine is retiring on March 31 after 38 years of federal service.

She has been the Air Force chief data officer since 2018 and CDO/CAIO since January 2023 when she returned to the service after a one-year detail serving as the senior strategic advisor for data to the Federal Chief Information Officer in the Office of Management and Budget.

Last March, Vidrine told Federal News Network that her new title reflects the central role data has in getting AI projects off the ground.

Vidrine said AI readiness for the department comes down to establishing a baseline set of data and AI skills for airmen and guardians, as well as making sure they have access to the digital infrastructure and tools needed to advance breakthroughs in AI research.

Vidrine began her government career in 1986 as an enlisted member of the Army where she received her commission in 1987 through the U.S. Army Officer Candidate School Program as an Army transportation officer.

From 2006 to 2012, Vidrine served in various positions of leadership at the Office of the Director of National Intelligence culminating as the chief of staff for the Assistant Director of National Intelligence for Human Capital.

Army PEO-EIS leader moving to new agency

Finally, one federal executive who isn’t leaving federal service, but is on the move to a new role.

Rob Schadey, the acting deputy program executive officer for the Army’s PEO-Enterprise Information Systems (PEO-EIS), is joining the Defense Counterintelligence and Service Agency (DCSA) to be the program manager of the National Background Investigation Services.

Federal News Network has learned Schadey’s last day will be in March and it’s unclear who will take over for him even in an acting role.

Before stepping into the acting deputy PEO-EIS role in January, Schadey served as the assistant program executive officer and as the director of the business mission area, both at PEO-EIS.

As the program manager for NBIS, Schadey will have to continue to modernize the systems that help federal employees obtain security clearances.

OMB recently approved the Personnel Vetting Questionnaire (PVQ) in November, according to the third quarterly update on the “Trusted Workforce 2.0” initiative from the Performance Accountability Council. The questionnaire consolidates the SF-86, “Questionnaire for National Security,” along with several other vetting questionnaires used for federal jobs, including public trust and non-sensitive positions.

DCSA is now working on plans to integrate the PVQ into the new “eApp” web portal for background investigation applications as part of its NBIS.

The post Education, DHS among agencies seeking new IT leaders first appeared on Federal News Network.

Since September, the Office of Management and Budget has been working in policy overdrive. Six draft or final memos came from OMB’s Office of the Federal Chief Information Officer.

On Sept. 23, OMB issued the long-awaited digital services memo to implement the 21^st Century IDEA Act.

About a month later, OMB offered draft updates to the cloud security initiative called Federal Risk Authorization and Management Program (FedRAMP) for the first time since 2011.

A week after that, the draft guidance for implementing the executive order on artificial intelligence detailed a host of new requirements for agencies.

Then there is the annual Federal Information Security Management Act (FISMA) guidance that dropped in early December with a specific focus on operational technology and internet of things devices.

And finally, OMB offered an early Christmas present in the form of the new requirements to ensure agencies are meeting the accessibility standards under Section 508.

Hopefully, the OMB staff took a breadth and some time off after that sprint.

Two months into calendar year 2024, OMB is revving back up to finalize many of these policies.

Federal News Network checked in with Federal CIO Clare Martorana to see what stood out to her in 2023 and what her priorities are for 2024. The following email conversation is edited only for style and clarity.

FNN: 2023 was a busy year for the Office of the Federal CIO. What are some of your office’s efforts that may not have received as much attention or notice, but will have a big impact on federal IT sector in the years to come?

 Martorana: Above all else, our north star is delivering for the American people. We need to ensure that Americans’ experience with government matches the quality and experience of the private sector — and I think we have made great progress on this.

One of the things I’m most proud of is the work we’ve done in partnership with other federal offices — that’s how we can make a big lasting impact on federal IT, which benefits how Americans interact with government. For example, the Executive Order on Improving the Nation’s Cybersecurity was released early in the administration and it called for a transformation of federal cybersecurity, based on universal adoption of strong authentication, encryption and zero trust principles across the government. As a result of the efforts of my office, our partners at the Office of National Cyber Director and the Cybersecurity and Infrastructure Security Agency (CISA), we are seeing significant cultural and technological change across the federal enterprise to strengthen our cybersecurity posture.

We also partnered with CISA on CyberStat, a holistic program which strengthens agency defenses by addressing individual agency challenges, reducing the potential for successful attacks, and bringing risks to the attention of executive leadership when necessary, all while maximizing limited OMB and CISA resources. With over 6,000 attendees across 16 engagements in 2023, we provided agencies with the information and tools necessary to achieve specific security outcomes in a more consistent manner.

My office also works closely with the General Services Administration’s Technology Modernization Fund (TMF) Program Management Office (PMO). The TMF works in complement with the appropriations process, allowing agencies to quickly access capital to tackle the IT modernization needed to keep up with the fast pace of changing technology. In fiscal 2023, the TMF invested more than $177 million in 18 projects that improve how the federal government provides services to the American people, increasing public trust and making it easier to get the services they need.

Over the past year, we worked closely with GSA Technology Transformation Service (TTS) to ensure an integrated approach to tackling our biggest IT challenges. We continue to meet with GSA leadership on a weekly basis and our teams are engaging daily to support the implementation of our policies, such as helping develop and provide agencies access to tools that will help them deliver a digital-first experience to the public.

Lastly, I want to highlight the strong connection my staff has established with our budget colleagues to ensure funding and resources are aligned so that agencies can best secure their infrastructure and be on the road to digital transformation.

FNN: Of the policies/guidance your office did issue in 2023, which ones do you think will have the biggest impact in 2024 and why?

Martorana: Building off the customer experience executive order and the President’s Management Agenda Customer Experience Priority Area, in September, we released digital experience guidance to help agencies move faster to deliver the simple, seamless, and secure experience that the American people deserve. Some 430 federal agencies and sub-agencies provide information and services to more than 400 million individuals, families, businesses, organizations and local governments each year.

Digital is increasingly becoming the primary way that the public interacts with government and accesses the information and services they depend on. In order to provide the best possible customer experience — we must fix the digital experience.

Right now, everyone is talking about artificial intelligence and the power and potential that it yields. Our pending FedRAMP guidance will significantly scale the size and scope of the FedRAMP marketplace.

Another piece of guidance issued in 2023 that is having an immediate, positive impact in 2024 is our Digital Accessibility guidance, which is based on the idea that all Americans should have equal access to government. Sixty-one million adults in the United States have a disability, an estimated 15 million or more people have a temporary disability, and an estimated 40 million people are caregivers who provide support to a person with a disability. There is nothing more heartbreaking than someone being unable to use accessible technology to complete what should be a basic task. That’s why our Digital Accessibility guidance is so important; it helps build and sustain an accessible Federal technology environment that delivers for everyone.

FNN: What are your top 3 priorities for 2024 and why?

Martorana: Strengthening Office of the Federal CIO’s foundation to enable our staff to grow and thrive. They are working on the front lines across the Federal ecosystem to drive progress and positively impact the way services are delivered to the public each and every day. And while there is a lot of external attention on our policies, there is often little discussion on the people behind the policy. As I look at 2024, I’m so excited by our team and what we will be able to achieve together.

Supporting agencies in operationalizing the policies we issued over the past few years. Every agency is at a different place on their journey — our job is to ensure they have the executive support, shared services and tech talent needed to deliver results.

Ensuring continuity so agencies and tech teams across government can continue making progress in modernizing technology. We’ve delivered and we’ve built a strong foundation of tech policies that will span from year to year and across administrations. The American people deserve good government every day. Technology is critical to delivering a government that meets today’s expectations — and we must continue moving forward.

FNN: There is a lot of excitement around artificial intelligence in the public sector, how is your office trying to balance the excitement with all the challenges that come with AI?

Martorana: AI presents tremendous opportunities to improve public services, such as making it easier to access benefits, preventing drug shortages, or fighting wildfires. While we harness AI’s power for good, we also need to protect people from its potential risks. My goal as the Federal CIO is ensure the federal government is a leader in both using AI and managing its risks. That’s why we’re issuing extensive guidance to federal agencies on their use and governance of AI, which will be finalized this spring.

In the meantime, the AI EO directed agencies to name a chief AI official (CAIO), a senior agency representative responsible for driving consistent implementation of AI practices across their agency. I recently convened and [led] the first meeting of the CAIO Council, a new executive council that will coordinate the development and management of AI across agencies. We know that innovation relies on great minds coming together to rethink what is possible. Ensuring that the U.S. is a world leader in AI will require all of us — across government, academia, civil society, and industry — to be successful.

FNN: There is a lot of excitement over the special salary rate for IT/cyber workers, but agencies are struggling to implement and fund it. How is your office, with your partners in OMB, addressing this opportunity to use the SSR to help agencies recruit and retain the best talent?

Martorana: Now more than ever, we need technologists at the table to collaborate with our nation’s leaders and provide expertise on how best to launch products and services that are secure by design, digital by default, and accessible to people of all abilities. There are many entry points to federal government and we are continually trying to reduce barriers.

Late last year, we launched a new page on CIO.gov to serve as a “front door” into government for technologists at all levels. When you navigate to CIO.gov, you will see a banner with a call to action to join us.

If you are thinking about a career in civil service, I encourage you to check it out and consider putting your tech superpowers to work for your families, friends and neighbors.

FNN: What is your message to non-technology federal IT leaders, such as those in the finance or acquisition or mission areas?

 Martorana: Technology today is deeply integrated into nearly every facet of our federal operations and services. It presents both opportunities and threats that we cannot afford to overlook. All leaders — regardless of background — need to make technology a core priority. We can deliver a government that rivals our favorite consumer brands.

What it takes is a C-Suite — leaders beyond CIOs, CISOs, and chief data officers (CDOs) — it will take chief human capital officers (CHCOs), chief acquisition officers (CAOs), CFOs, general counsels and public affairs teams to align their efforts to support an agency’s technology journey map to modernize how they deliver products and services. They’ll reduce administrative burden for their workforce, improve employee engagement and inspire others to join us in the effort.

FNN: What is your message to federal IT vendors?

 Martorana: Read our final guidance to understand the federal government’s requirements and our draft guidance to understand where we are heading.

Know where agencies are on their IT modernization journeys and sell them the appropriate tools, technology and solutions — meet them where they are.

Let’s collaborate: we get the best ideas when we share lessons, challenges, and opportunities for delivering faster.

The post Federal CIO Martorana’s top 3 priorities for 2024 first appeared on Federal News Network.

Lily Zeleke, who became the deputy DoD chief information officer for information enterprise in 2022, “took over new responsibilities” in the DoD CIO’s office on Thursday, Cmdr. Tim Gordon, a Pentagon spokesman told Federal News Network via email. He did not specify what those new responsibilities are.

Bill Dunlap, who had served under Zeleke as the information enterprise office’s principal director, is now the acting deputy CIO for information enterprise, Gorman said. Dunlap previously served as CIO at the Defense Advanced Research Projects Agency.

Zeleke herself held that same acting title for most of 2022 before formally taking the deputy CIO role last December. During that time, she oversaw the relatively trouble-free awards of the Defense Department’s first ever enterprise-wide cloud computing contracts, the Joint Warfighting Cloud Capability to Amazon, Microsoft, Google and Oracle.

The reasons for her departure from the deputy CIO position remain unclear. Zeleke did not immediately respond to questions sent via LinkedIn on Friday.

The post Zeleke departs deputy DoD CIO role, reasons unclear first appeared on Federal News Network.

It wasn’t that Rep. Gerry Connolly (D-Va.), co-author of the 2014 law and ranking member of the Oversight and Accountability Subcommittee on Cybersecurity, IT and Government Innovation, didn’t let others speak, though he is prone to enjoy the microphone like most lawmakers.

It was that he was the only legislator at the FITARA 17 roundtable last Thursday.

Subcommittee Chairwoman Nancy Mace (R-S.C.), for a second time since September, didn’t agree to hold a formal hearing so Connolly was left to host a roundtable that had no Republican participation.

“First, I want to mention how disappointed I am that our Republican majority has turned its back on the FITARA scorecard,” Connolly said in his opening statement. “The scorecard has been a bipartisan oversight project for more than eight years with Republican champions like [Reps.] Mark Meadows (R-N.C.), Will Hurd (R-Texas) and Darrell Issa (R-Calif.). It has helped save nearly $30 billion, closed 4,000 unnecessary data centers, expanded the use of working capital funds as flexible vehicles for IT modernization funding, almost doubled the percentage of federal IT projects using incremental development to deliver functionality and empowered agency Chief Information Officers (CIOs) with greater budget and procurement authority and a more direct reporting relationship to agency leadership. The scorecard sits at the heart of this subcommittee’s mandate to oversight federal IT.”

There now has been no formal FITARA hearing since December 2022, the 15^th iteration of the scorecard.

A House Committee on Oversight and Accountability spokesperson pushed back on Connolly’s notion that the majority has “turned its back on FITARA.”

“FITARA is a law concerning federal IT management and acquisition. Ms. Mace’s subcommittee has held a dozen hearings in the past year concerning not only federal information technology management and acquisition, but also pressing issues surrounding artificial intelligence, and cybersecurity. These hearings have been a critical vehicle for substantive oversight and the development of significant legislation,” the spokesperson said in an email to Federal News Network.

Mace held 12 hearings in 2023 looking at federal technology and cyber issues, with artificial intelligence receiving the most attention. She did hold hearing on legacy federal IT, the problems with Login.Gov and the continued struggles with the Defense Travel System program — all of which fall under the FITARA umbrella of oversight of federal IT projects.

Exactly why Mace will not hold a FITARA hearing is unclear. Maybe it’s not a “sexy” enough topic, like AI or ransomware, for her? Maybe it’s something different.

Either way, not holding a traditional hearing on FITARA is a missed opportunity for lawmakers, for agencies and for the overall goal of improving how agencies manage, spend and account for the nearly $100 billion spent on federal IT.

But getting away from the big “P” politics playing out between Mace and Connolly, the roundtable provided some important and new updates to federal IT oversight and progress.

Here are my three takeaways from FITARA 17:

EIS under review

The Government Accountability Office is dusting off the cobwebs from its “why did this transition take so long?” probing tool. GAO will begin looking this spring at the continued delays agencies are having in moving to General Services Administration’s Enterprise Infrastructure Solutions (EIS) contract.

“We’ll be able to really dig in deep and ascertain progress and the reasons why agencies are not able to make this transition on time,” said Carol Harris, GAO’s director of cybersecurity and IT, in an interview with Federal News Network after the Feb. 1 roundtable. “We’ll also dig into the missed cost savings as a result as well because that’s a huge component of this. But when you take a look at the progress that’s been made, certainly over the past two years, agencies have done their best and but still we still have, I believe, 14 agencies that did not meet the deadline.”

GSA gave the departments of Justice and Homeland Security until May 2026, while 80 other agencies have until May to complete their transitions.

Of the four agencies that participated in the roundtable, the Office of Personnel Management, the Nuclear Regulatory Commission and the U.S. Agency for International Development all completed transition. The Department of Housing and Urban Development reached the 80% mark as of December, according to GSA’s EIS transition progress dashboard.

As a reminder, the transition from FTS 2001 to Networx took 33 months longer than planned and cost the government an estimated $395 million, according to an analysis by GAO in 2014.

It’s clear this Networx to EIS transition may not meet the 33 month record, but the cost will exceed $395 million.

Cloud grades vs. cloud progress

The string of “Fs” filling the cloud computing category showing a lack of progress is striking when you first look at the FITARA scorecard. Of the 24 agencies, 16 received the lowest grades and six others received “Ds.”

As GAO’s Harris and Connolly said during the roundtable, the grades are supposed to be low given it’s a new category.

“[We are] introducing a new category and a new grade, therefore, we were expecting that we started at a lower base. The object here is to move up. So whatever we started with, we will be measuring it,” Connolly said. “We need to put that into perspective that it’s not like every federal agency just regressed in the last few months because they took large holiday breaks. It’s because we are introducing metrics that really matter. We’re starting at an uneven point with a lot of federal agencies.”

The cloud category is measuring agency progress against several of the areas the Office of Management and Budget outlined in its 2018 federal cloud computing strategy.

These include:

• Whether agencies are ensuring that the CIOs are overseeing modernization, Agencies have cloud service level agreements (SLAs) attached to all of their cloud deployments,
• Agencies have standardized SLAs

Harris said GAO is currently reviewing how agencies are meeting these requirements and used the results of that work to give agencies initial grades.

“What we’re seeing is uneven progress across the agencies. None of the agencies have fully implemented the five categories with the exception of the Defense Department,” she said. “That’s something that we need to see improved progress in. When I cited the 47% average [for SLA compliance]. That’s what we’re not seeing across the agencies in the implementation of this area.”

At the same time, what the FITARA scorecard isn’t measuring, which may be equally important, is the actual use of cloud services.

Take the Office of Personnel Management for example. Guy Cavallo, the agency’s CIO, said over the last two years, OPM has deployed over 35 new cloud-based applications that were previously on-premise. OPM also migrated over 100 business applications to the cloud that previously ran in data centers.

“Our goal is to have the majority of OPMs applications operating in the cloud by the end of this year,” Cavallo said.” Now, one of the benefits of utilizing cloud computing is the implementation of enhanced cybersecurity capabilities, such as data encryption, real-time security updates and patching, centralized monitoring and robust access controls. Today, all of those are improving the security of OPM’s applications, data and cybersecurity. We’ve had a number of successes there by leveraging machine learning and artificial intelligence to enhance our cybersecurity capabilities, allowing us to have real-time situational awareness, which allows us to quickly respond to and defend against threats. We also implemented data driven cloud-based dashboards to provide better visibility into our cyber status.”

Cavallo said OPM is far from done in moving to the cloud. But it’s clear that OPM’s “F” grade doesn’t entire reflect the real goal of moving data and applications out of data centers.

The same can be said for USAID, which received a “D”, and the Department of Housing and Urban Development and NRC, both of which received “F” grades.

NRC’s Feibus said the agency is transitioning legacy technology to the cloud.

“We’re developing solutions that focus more on current and future technologies, including artificial intelligence, machine learning and process automation to keep the agency innovative,” he said. “The NRC has also worked with the General Services Administration on a financial operations pilot. It is implementing the recommendations and best practices we learned to further enhance management of our cloud services. We have been able to locate additional workflows to the cloud to provide an additional layer of resilience to our technology operations.”

USAID’s Gray said by moving to the cloud, the agency has reduced the number of data centers from 87 to 2.

“Even technology refresh is something that historically would take weeks or months to do major upgrades. In my prior agency [Education], we were able to upgrade an entire data center over a weekend, that would never happen. There would’ve be a disruption, but that did not happen because of the cloud,” Gray said.

It’s clear that agencies need to improve how they oversee and manage cloud services, but let’s not confuse that area with the real impact of cloud services on IT modernization efforts.

Working capital fund compromise

If the Technology Modernization Fund (TMF) was the icing on top of the Modernizing Government Technology (MGT) Act cake, then the IT working capital fund (IT-WCF) is the cake itself.

Everyone can “ooh and aahh” over the icing, but when you dig into the MGT Act, authorizing IT working capital funds is what holds the act together and gives agencies hope that IT modernization is an achievable goal.

For the previous 16 iterations of the scorecard, Connolly and GAO graded agencies on whether they were meeting the spirt and intent of the MGT Act by implementing a specific IT working capital fund. Agencies received some partial credit for already having another fund that provides money for technology modernization.

For the 17^th iteration, one of the major changes is giving agencies credit for having any working capital fund that supports IT modernization.

After nearly a five years, Connolly realized that it’s not the agencies who didn’t want the IT working capital fund, it’s the appropriators who were less than excited to approve them. Sen. Maggie Hassan (D-N.H.) had planned to try to fix the MGT Act with a technical amendment in 2021, but that bill never moved.

Only a handful of agencies, including OPM and the Small Business Administration, have received approval from Congress to set these up. Others like the departments of Treasury, Labor and USAID have requested Congress give them the green light, but had no luck so far.

HUD is the latest agency to try to run the appropriator’s IT-WCF gauntlet.

Sairah Ijaz, HUD’s deputy CIO, said not having access to a working capital fund has impeded their ability to modernize technology as quickly as they would’ve liked.

“We do see some hope of that coming into the fiscal 2024. We’re hopeful that is something that we will be able to leverage in order to be able to quickly address some of the issues that are part of our long underlying strategies,” Ijaz said.

Like several other agencies, HUD does have a working capital fund out of its CFO office, but it doesn’t specifically support technology modernization.

“We are working to be able to begin the use of that working capital fund, and that’s part of the conversations we’ve been having with all of our counterparts about looking toward that in future appropriations. Currently, our appropriations do not allow for the use of a working capital fund,” Ijaz said. “It has hindered our ability to be able to be flexible, and be able to work toward modernizing our platforms. We’ve had to look towards other areas in order to be able to support our ability to fund some cyber needs. We’ve gone to the TMF and received some funding there to be able to manage that. Then we looked at reallocating some other costs in order to be able to support our cyber needs because that is most important at the moment.”

The post 3 takeaways from the FITARA 17 scorecard roundtable first appeared on Federal News Network.

Eric Hysen, the DHS CIO, said in an email to staff, obtained by Federal News Network, that Rear Adm. Christopher Bartz will be the next deputy CIO.

Bartz currently is the Coast Guard’s assistant commandant for command, control, communications, computers and IT and CIO.

“He has an extensive cybersecurity background, previously serving as the director of training and exercises at U.S. Cyber Command and USCG chief information security officer,” Hysen wrote in the email. “I have seen Chris’s technical and leadership acumen firsthand, and can’t wait to see him bring his skills and experiences to continue driving transformational change in OCIO and across the entire department.”

Bartz will start at headquarters on Feb. 5, giving him about a month to work with Cappello on the transition.

Cappello, who has served as deputy CIO since 2019, joined DHS in 2003 where she worked in a variety of senior leadership roles. She was the deputy CIO at Immigration and Customs Enforcement for two-plus years before joining DHS headquarters. She also served as executive director at the Customs and Border Protection for five years.

“It has been an honor to work alongside her for the past three years, and I could not be more grateful for her 33 years of service to our country across the Marine Corps, legacy U.S. Customs Service, CBP, ICE, and DHS headquarters,” Hysen wrote. “Beth is leaving a lasting impact on our department and our country, as recognized by her 2023 Presidential Rank Award.”

During her tenure as deputy CIO, Cappello helped lead an assortment of initiatives including the agency’s move to zero trust and ensuring the security of networks and systems when employees worked from home during the pandemic.

She also worked on the agency’s Enterprise Cloud Infrastructure Provider Suite (ECLIPS) program to establish a vehicle to more easily buy infrastructure-as-a-service (IaaS).

During his tenure as CIO, Bartz helped lead the Coast Guard’s effort to modernize its financial management system and build out its software development services through its C5I Service center.

As for Bartz, he comes to headquarters after spending his career in the Coast Guard. Along with being the assistant commandant for C4&IT and CIO, he also was the commanding officer of the Coast Guard’s Operation’s System Center, where he led software development efforts for 55 enterprise software applications and oversaw the service’s enterprise data center.  He also served as the chief of C4&IT capabilities where he managed IT requirements for afloat, aviation and shore-based assets.

Bartz earned a Bachelor of Science in marine engineering and naval architecture from the Coast Guard Academy in 1990 and a Master of Science in aerospace engineering from the University of Alabama in 2002. He also holds a certificate in enterprise architecture from the National Defense University.

The post DHS names new deputy CIO after current one to retire in March first appeared on Federal News Network.

• The White House is looking for a new chief information officer, but it's not the position you think it is. The Executive Office of the President is hiring a new technology executive. This CIO serves as the principal adviser and consultant to the Office of Management and Budget director and senior leadership team on all of the agency's IT programs, strategies and operations. Applications for this Senior Executive Service position are due by February 2.
  (White House EOP looking for a new CIO - USAjobs.gov)
• The Federal Aviation Administration is bringing its employees back to the office more often later this month. The FAA revised its return to office plans after getting some pushback from its unions. The agency said employees with telework agreements should report to their official worksites for an average of four days each two-week pay period. That policy starts Jan. 28. The FAA is giving managers some discretion on the exact in-office requirements for their employees. Last year, the agency planned on sending its workforce back to the office for at least six days each pay period.
  (FAA rethinks its return-to-office policy, sets lower in-person goal than previously expected - Federal News Network)
• Union leaders are bringing a pay incentive issue to the attention of the Justice Department. Retention bonuses for roughly 500 correctional officers at the Federal Bureau of Prisons are gone as of the new year. But the American Federation of Government Employees and the AFL-CIO are urging the reinstatement of the 25% pay incentives. Union leaders are now calling on the Justice Department to address the issue. In a letter to the DoJ attorney general, the unions warn that removing the incentives, which have been in place since 2021, will cause staffing to decline significantly at the Thomson federal prison in Illinois. A third of officers at Thomson have already indicated plans to leave their jobs if the bonuses are not reinstated.
  (Letter urging the Department of Justice to reinstate retention pay bonus for nearly 500 federal officers - American Federation of Government Employees)
• A former GSA executive didn't take long to find a new job. Sonny Hashmi, who left on December 29 as the commissioner of the Federal Acquisition Service at the General Services Administration, landed in the private sector. He is the head of public sector for Unqork, a software development platform provider. Most of the company's work has been with the private sector, but last year it started working with the Department of Health and Human Services to digitize payroll processing for one office. Hashmi comes to Unqork after spending three years leading FAS. He previously worked in industry at Box, Xerox and IBM.
  (Former GSA exec Hashmi lands new private sector role - Unquork)
• Agencies are struggling to meet digital accessibility standards. More than three-quarters of agencies responding to a governmentwide Section 508 assessment are struggling to meet technology accessibility requirements. The results of the 2023 assessment, released by the General Services Administration, indicate that fewer than 30% of the most popular federal websites and internal sites fully conform to Section 508. GSA recommended Congress consider updating Section 508 to better define agency roles and responsibilities, and more proactively enforce compliance with digital accessibility requirements.
  (Fiscal 2023 governmentwide Section 508 assessment - GSA)
• Investors in the Thrift Savings Plan saw promising returns to close out 2023. December was the second month in a row that all TSP funds posted positive returns. The S fund in particular went up more than 10% last month, and had a total return of over 23% for the year. The C fund, based on the S&P 500 index, had a final return of more than 26% for the year — the highest return of any TSP fund for 2023.
  (TSP returns offer strong finish in December - Federal News Network)
• The Marine Corps wants more cyber experience in its formations, so it is standing up a new masters program to make that happen. It is open only to senior enlisted Marines, who already have degrees or other certifications in computer science and related fields. The members selected for the program will be sent to the Naval Postgraduate School, where they will get 18 months of education on applied cyber operations. Applications are due by Feb. 23.
  (Marine Corps announces Masters of Applied Cyber Operations program - U.S. Marine Corps)
• A longtime IRS watchdog has died. Since 2004, J. Russell George served as the Treasury Inspector General for Tax Administration. During his tenure, TIGTA helped recover, protect or identify cost savings worth up to $325 billion. George stands out as one of the longest-serving inspectors general in the federal government. He oversaw IRS operations and served on boards that monitored emergency COVID-19 spending, as well as stimulus spending during the 2008 financial crisis.
  (Acting Inspector General Heather M. Hill announces passing of the Honorable J. Russell George, long-serving inspector general for tax administration - TIGTA)
• Starting as soon as mid-year, small businesses will be able to claim past performances of their affiliates when bidding on Defense Department contracts. The Defense secretary has until July 1 to amend the Defense Federal Acquisition Supplement and require agencies to consider the affiliate's past performance. Starting this year, small businesses will be able to submit their affiliates’ projects to satisfy performance requirements. Currently, procuring agencies are permitted, but not required to evaluate an affiliates’ track record when considering working with small businesses.
  (NDAA requires DoD to evaluate track record of small businesses’ affiliates - Congress.gov)
• Researchers are calling for a more comprehensive approach to cyber and supply chain risk management. An Air Force-commissioned report found that cybersecurity and supply chain risk management are often at odds with each other and just adding those together can increase cyber-related risks. Researchers said there are trade-offs, and understanding those trade-offs will help the Defense Department to better secure its defense industrial products supply. The report also found that private sector efforts to manage cybersecurity may not be sufficient to meet national security needs.
  (Cyber and supply chain risk management require comprehensive approach - Federal News Network)
• A major software industry group is recommending the Cybersecurity and Infrastructure Security Agency make some big changes to its secure software development form. BSA The Software Alliance said CISA should remove the requirement for chief executives to sign off on the form. The group also urged CISA to clarify that the form should not be needed for software that is developed at the direction of a federal agency. CISA released a new draft of the attestation form in December. Once it is finalized, agencies will use the form to hold software companies accountable to meeting secure development standards.
  (BSA responds to CISA’s secure software self-attestation - BSA The Software Alliance )

The post White House seeks new tech exec first appeared on Federal News Network.

• A key technology and cyber official is heading to the General Services Administration from the Office of Management and Budget. Eric Mill, who spent the last almost three years as a senior adviser to the federal chief information officer, will become the executive director for cloud strategy in GSA's Technology Transformation Service. In his new role, Mill will lead the agency’s cloud security strategy and help lead the implementation of governmentwide technology initiatives. This is Mill's second stint at GSA. Previously, he spent almost five years as a senior adviser at 18F and with TTS and as the deputy director of Login.gov.
  (Mill heads to GSA from OMB - GSA)
• The IT shop at the Department of Veterans Affairs is getting employees to stick around longer. The VA hired about a thousand new IT and cybersecurity employees last year. It also reduced its attrition for its tech workforce by nearly 10%. The VA can pay these employees more than most federal agencies can, because of a Special Salary Rate it implemented last summer. But it is also letting employees shift to a four-day workweek. Nathan Tierney is VA’s deputy chief information officer and its chief people officer. He said the department’s "people-first strategy" is paying off. “If we can improve that employee experience, it ultimately leads to better support for the veterans with whom we serve,” Tierney said.
  (VA’s IT shop boosts retention through higher pay, more flexible schedules - Federal News Network)
• After bringing in about 5,000 new recruits, IRS leaders are looking ahead to still thousands of more hires. The agency's human resources office plans to pull out all the stops to make it happen, using direct-hire authority options, hosting and attending recruitment fairs, updating IRS’ social media and communications strategies and much more. It is all part of the IRS' plans to use roughly $60 billion in funding, in part to revamp the agency's workforce. “This incredible workforce that has been with us for many years during very lean times, they need help. I want to tell them: Reinforcements are coming," said Traci DiMartini, the IRS' human capital officer.
  (IRS using ‘every tool available’ to ramp up agency recruitment, retention - Federal News Network)
• The Department of Homeland Security is pushing to meet some big customer experience goals. DHS cut the amount of time the public spends filling out official forms and other paperwork by 20 million hours last year, and it is aiming to cut another 10 million hours in fiscal 2024. Dana Chisnell is executive director for customer experience at DHS. “One of the conditions was that each of the forms that came through that initiative must be usability tested,” Chisnell said during a Dec. 19 webinar hosted by the Human Centered Design Center of Excellence. Usability testing refers to formal methods for observing how real users attempt to complete tasks using a form or website. DHS is requiring all of its public information collection requests to go through usability testing before being approved.
  (DHS sees ‘usability testing’ as central to big burden reduction goals - Federal News Network)
• After months of uncertainty, the military's Joint Staff has a Senate-confirmed chief information officer. As part of numerous confirmations in the Senate recently, David Isaacson was promoted to the rank of lieutenant general and appointed to serve as the Joint Staff CIO. Isaacson previously served as the Joint Staff's director of manpower and personnel. He will replace Lt. Gen. Mary O'Brien, who retired six months ago, and was a leading figure in the Defense Department’s Joint All-Domain Command and Control (JADC2) initiative. Isaacson also served as the chief of staff of the United States Cyber Command and the Army's director of architecture, operations, networks and space.
  (LTG David Isaacson will lead Joint Staff J6 - Congress.gov)
• The Transportation Security Administration plans to build on several technology initiatives in 2024. TSA's annual high-impact service provider plan shows the agency will expand its mobile drivers license pilot program from seven to nine states this year. And TSA will also double the number of airports that use facial recognition for Precheck, from five to 10 locations. The agency also plans to roll out a new round-the-clock virtual assistant to help answer customer inquiries.
  (TSA HISP plan for 2024 - Performance.Gov )
• The Defense Department is looking for a digital platform that will provide a secure and easy way to manage contract files. The Chief Digital and Artificial Intelligence Office wants to find a system that is user-friendly, can be seamlessly integrated with DoD’s existing systems and can be accessed from anywhere at any time. The platform should be able to track contract workflow progress, changes made to contract files and ensure confidentiality of contract documents. The open call may result in project contract awards fulfilled through other transactions for prototype projects. Responses to the open call are due by January 15.
  (CDAO seeks platform for contract files management - Tradewinds)
• Former Postal Service employees still have to heed the agency’s ethics rules. USPS is reminding retirees and former employees they cannot use confidential or non-public USPS information at a new job outside the agency. In some cases, former employees in new, non-postal positions are prohibited from meeting with USPS on certain matters or for a certain period of time. Some former USPS executives have to wait a year before they can communicate with USPS on behalf of a new employer.
  (A word before you go - USPS)
• The Office of Management and Budget is looking to highlight the work of some individual federal employees across government. Feds can nominate their colleagues who they think have made an impact at their agency. Those selected will be featured on Performance.gov. The call for nominations aligns with the first strategy of the President's Management Agenda: strengthening and empowering the federal workforce. Those interested in nominating a fed must fill out a short online survey.
  (Nominate federal employees for OMB social features - Performance.gov)

The post Key tech, cyber official leaves OMB for GSA first appeared on Federal News Network.

That dichotomy of approaches to promoting and celebrating federal efforts played out with exacting precision on Federal News Network’s longest running show – Ask the CIO.

The most popular shows for 2023 featured technology leaders and/or agencies who rarely are on the speaking circuit. And given the fact that the topics themselves aren’t surprising given the rut of cloud, cybersecurity and customer experience that dominated the discussions over the last year, it’s the people and agencies that drove the show.

So as I enter my 16^th year hosting the show, the evolution of the show continues to include more non-traditional IT guests, such as acquisition and financial management executives.

Here are the top 10 for 2023:

USCIS has entered the next phase of its IT modernization journey

This was a surprising top show. It came from a panel I moderated at an ATARC event that not only included the U.S. Citizenship and Immigration Service, but also leaders from the Justice Department’s U.S. National Central Bureau of INTERPOL and U.S. Trustees Program and the Agriculture Department. Three of the four agencies that don’t get out in public too often, which I’m sure is part of the reason why this show garnered more than 46,000 views.

CMS taking a three step approach to using more SaaS: Discover, manage, secure

This interview is a perfect example of a perfect technology storm. An agency, in this case the Centers for Medicaid and Medicare Services (CMS), that the community doesn’t hear a lot from and a hot topic that nearly every CIO now talks about. In this case, CMS, which isn’t necessarily known for moving fast on IT modernization, opened up about its plans for using and managing software-as-a-service (SaaS).

New top-secret cloud strategy underpins State Dept bureau’s modernization efforts

This show combined two hot topics: cloud and top secret technology modernization. While the federal community hears about cloud services ad nauseam, the use of these technologies in the secret world is not often discussed. One of the highlights from Jimmy Hall, Jr., State Department’s Bureau of Intelligence and Research CIO, focused on his office’s new top secret cloud strategy. Like most intelligence community agencies, we know they have top secret cloud instances and strategies to guide them, but getting someone to talk about it is a glimpse behind the curtain.

DoD’s JWCC memo is a scene setter for the future of cloud

Over the last five years, you couldn’t talk about cloud without talking about the Defense Department’s effort to create an enterprisewide cloud contract. The roll out of the Joint Warfighting Cloud Computing contract (JWCC) continues to draw great interest across the government and industry. The Aug. 10 memo from DoD CIO John Sherman detailing that implementation plan and expectations of the military services piqued the interest of the federal technology community around JWCC over the past year.

Congress, Biden administration continue push to reduce security clearance timeline

Anything that deals with security clearances and the time it takes to process them receives great interest in the federal community beyond just the technology crowd. The last four administrations have made reducing time and complexity a major initiative, so it’s not surprising my panel discussion hosted by the Intelligence and National Security Alliance (INSA) made the top five programs of the year. The latest data from the Trusted Workforce 2.0 initiative under the President’s Management Agenda shows it takes 71 days on average for a secret clearance, down from 78 days in the previous quarter, and 164 days for a top secret clearance, up from 128 days the previous quarter.

How Farmers.gov really launched USDA’s next generation of cloud services

This is the first of two shows featuring the Agriculture Department. What’s interesting about this one is Casey Cook, the cloud architecture branch chief for USDA, is far from a “usual suspect” speaker, but was more than willing to provide a success story. The use of application programming interfaces (APIs) is another growing piece to the cloud journey and more and more agencies are trying to figure out how to use these small pieces of code to make tools and data integrate more easily.

 USDA leaning harder into software-as-a-service to satisfy mission needs

My interview with Gary Washington, USDA’s CIO, breaks the trend of less heard from agencies and speakers. What made this show break into the top 10 likely was the topic of SaaS. Washington and USDA have been a leader in cloud since the early 2010s so there’s always a lot of interest across the government and community about where the agency is going next.

As Iyer exits, Army CIO’s office holds more influence, authority than ever

Raj Iyer was one of three military service CIOs to leave in 2023. Joining Aaron Weiss from the Navy and Lauren Knausenberger at the Air Force, Iyer’s departure from the Army was not only the first of the trifecta, but also was the first to highlight just how much change came to the services over the last few years.

Air Force applying the ‘Tom Brady effect’ to hiring cyber workers

This interview was more than a year in the making. It was not because Lt. Col. Andrew Wonpat wasn’t willing or interested, it just was a matter of finding the right time for it to happen. Once we did, it turned out not only to be one of the top 10 interviews of the year, but one that I’ve received probably more emails and feedback on than any other. The interest in the story wasn’t surprising given solving the cyber workforce challenges comes up at nearly every conference, in nearly every interview and remains an administration priority.

DHS’ move to agile development to buoy customer experience too

No. 10 on the countdown sums up the year on Ask the CIO in many ways. Large agency (DHS), a CIO who doesn’t speak publicly too often (Eric Hysen) and a hot topic (DevSecOps/CX) all came together in this interview. What stood out to me in these interviews, the second half of the show where I talked to Dana Chisnell, the executive director for customer experience at DHS, about the concrete steps the agency is taking to institutionalize customer experience across all parts and using technology and data to help that effort.

The post People, agencies, not topics drove the CIO discussions in 2023 first appeared on Federal News Network.

Despite the Department of Veterans Affairs being the only agency to implement the additional pay for IT employees in the 2210 series, the Office of Management and Budget is leaving the door ajar for broader implementation in fiscal 2024.

Multiple sources tell Federal News Network that OMB recently told agency chief information officers that there isn’t enough money in department budgets to implement the new salary rate for all workers.

Instead, OMB told agencies to target specific job classifications like cyber or data scientists, certain grade levels, or areas where they have the biggest retention or recruitment challenges, sources say.

At the same time, OMB told agencies in the annual budget “passback” that the administration would be providing no new money for these salary increases. This means agencies will have to fund the pay increases within their current, or future 2024, budgets.

An email to OMB seeking comment on the SSR implementation plan was not returned.

The Department of Veterans Affairs and several other Cabinet-level agencies, including the Cybersecurity and Infrastructure Security Agency, and the departments of State, Energy, and Health and Human Services, submitted the SSR proposal to the Office of Personnel Management last fall.

If adopted by all agencies, VA expects the SSR will significantly increase the pay for about 100,000 federal employees governmentwide.

Proposed 2210 SSR pay tables obtained by Federal News Network, however, show the SSR would result in a more than 20% increase in pay for many early and mid-career federal IT workers receiving locality pay for the Washington, D.C. metro area.

A GS-5, Step 1 employee receiving locality pay for the Washington, D.C. metro area, for example, would see their salary increase from $42,870 to $54,360 — a more than 26% increase.

A GS-15, Step 1 employee in the D.C. area, however, would go from a $155,700 salary to $161,000 annually — about a 3.4% increase.

Despite OPM’s approval of the special salary rate and broad agreement that it’s needed, implementation has been limited to only VA.

Ann Dunkin, the Energy Department CIO, said on Wednesday at the ATARC CIO Summit that taking advantage of the SSR was going to be difficult.

“OMB said ‘we are not sure you need the special salary rate and you can’t afford it anyways, so we are not implementing it,’” Dunkin said. “We don’t have a lot of levers in terms of money. So we have to find other ways to attract talent, retain talent and build training opportunities to help us attract and retain folks.”

Dunkin added without the lever of money it becomes critically important to train the people who work in your office now.

“You can train them and worry they will leave, or you can not train them, and they will stay, and that will be worse. So you need to train those folks and give them opportunities, and if you don’t, there is no one’s fault but your own,” she said.

Venice Goodwine, the Air Force CIO, said the Defense Department’s decision not to implement the SSR authority has more to do with creating new inequities across the technology workforce than fixing them.

“It was tied to just 2210s. Under my umbrella for cyberspace and IT, I have 31 specialties so if I only use that special salary rate, I am disenfranchising 30 other people who are possibly eligible for that special rate,” Goodwine said at the AFCEA Air Force IT day yesterday. “By the time you reach the grade of GS-14 or GS-15, you are no longer a 2210, you are 343, 340 or a 301 so I’m also excluding you from that special salary rate. That is one reason why we didn’t do that.”

Goodwine added instead the Air Force is using the Cyber Excepted Service to address the pay disparity between the public and private sectors.

In September, like every fall, agencies submitted to OPM requests for special salary rate.

But with government funding levels still highly uncertain for fiscal 2024, former Federal Salary Council Chairman Ron Sanders said the vast majority of agencies cannot plan ahead and many may hesitate to consider new SSRs for certain positions.

The post OMB tells agencies to target the use of special salary rate first appeared on Federal News Network.

The Social Security Administration is reorganizing how it manages and oversees technology. The agency is renaming the Office of Systems to the Office of the CIO as part of its effort to push for more innovation and modernization.

In an email to staff, which Federal News Network obtained, Kilolo Kijakazi, acting commissioner of Social Security, said the restructuring is a recognition about how technology has evolved over the last decade. She said the reorganization aims to align IT strategy and initiatives with business goals while driving innovation.

Current CIO Sean Brune, who has been in his role since October 2020, will move to a new position as the assistant deputy commissioner of operations, SSA’s largest component.

“We now need his expertise in operations to assist in addressing our service delivery challenges, particularly considering the budget constraints the agency may be facing in fiscal 2024,” Kijakazi said in her email.

Meanwhile, Patrick Newbold, the current deputy CIO and deputy director of digital transformation, will become the acting CIO until January, when he leaves to “pursue other career interests.”

Kijakazi said she will provide more details about the reorganization “shortly.” SSA also will soon post the job announcement for a permanent CIO.

An email to SSA’s press office seeking additional comment was not returned.

A former SSA executive familiar with the agency’s technology organization said the restructuring and renaming is a necessary rebranding effort to bring the agency more in-line with how industry manages and oversees IT.

“At SSA, the culture values the ‘deputy commissioner’ title like that for operations, budget, finance management, for the Office of Hearing Operations. If you’re a deputy commission in the SSA organization, it can be considered the culmination in an accomplished career. Without the deputy commissioner title, one cultural challenge will be for SSA executives and staff to know that the CIO title is equivalent to the deputy commissioner title,” said the former executive, who requested anonymity because they didn’t get permission from their current company to talk to the press. “Furthermore the next level down are assistant deputy commissioners, which needs to change to deputy CIO. Continuing the narrative, the next level from assistant deputy commissioner is associate commissioner and deputy associate commissioner and those can be associate CIO titles instead. The naming convention needs to ladder down through the organization to make this stick. To be culturally relevant, messaging and education has to occur as well from the commissioner’s office on down. It is all good as a rebranding effort. It can attract more people from the outside and hopefully bring more credibility to the IT Senior Executive Service roles.”

New SSA commissioner coming soon

The decision to reorganize the CIO’s office comes at an interesting time. The Senate is close to confirming Martin O’Malley to be the new SSA commissioner. The agency has been without a permanent one since July 2021 when President Joe Biden dismissed Andrew Saul.

Additionally, SSA seemingly has been making progress in modernizing legacy systems. It updated its IT strategic plan in early 2023 with a specific focus on customer experience and data centricity.

In an interview at the ACT-IAC ELC conference in November, Newbold said over the last few years the main focus has been on meeting business needs by modernizing business systems.

“The way we are approaching digital modernization is looking at what problems do we need to solve and improve. Then we are aligning our goals and our investments around doing that,” Newbold said. “For example, one of our priorities is multi-factor authentication. The executive order that came out as a mandate, but we necessarily didn’t resource for that. Fortunately, we were able to leverage the Technology Modernization Fund, and as a result, around 315 of our systems are on a good path to getting MFA-compliant.”

SSA won a $23.3 million award from the TMF Board in February.

Newbold said the TMF award is one way SSA is retiring technical debt. He said to accomplish goals like better system and data integration and changing the agency’s culture for service delivery is coming from the move to DevSecOps approach to software development.

“We recently, earlier this year, rolled out our enterprise scheduling solution, which is a scheduling capability for the public to be able to go online and make their own appointments if they needed to replace a card, for instance. That service that was not in place, until now,” he said. “In just about a year, we were able to roll it out to a subset of our regions, got really good feedback and made some changes. We iterated it, and now we rolled it out to all 50 states and that service is available for the public.”

Newbold said another example came out earlier this year too in the Boston region. SSA launched a new tool that lets citizens upload documents directly into their system after receiving an email link from a SSA employee.

“We rolled it out to the Boston region only because we wanted to test it out, get some feedback and we are in the process of making those adjustments. Then, we’ll roll out a little broader,” he said. “I think with that approach you get some concrete feedback. We’re going to be customer focused and centric, get that feedback, make iterations and roll it out.”

Newbold said he expects SSA over the next year to continue to improve this capability as it’s rolled out more broadly.

The post As SSA IT modernization hits its stride, leadership launches a reorg of the CIO’s office first appeared on Federal News Network.

Karl Mathias, the lead technology executive at HHS since March 2022, is leaving to take a new role at NASA.

In an email to staff, obtained by Federal News Network, Mathias said his last day at HHS will be Dec. 1.

“It has been my honor to serve as your leader for the past 20 months. In that time, we have made great strides: We’ve established a strategic direction for our cybersecurity posture within HHS, strengthened our cybersecurity partnership with the nation’s healthcare providers, created a strong strategy for how we manage our data, enhanced our operational posture by reducing average wait times on the service desk to less than 60 seconds, dropped our aged ticket queue by nearly 92%, fielded systems that ensured the safety of unaccompanied minors at the southern border, and carefully evaluated acquisition packages worth billions of dollars to ensure proper use of information technology,” Mathias wrote. “These are only a tiny snapshot of the many accomplishments we’ve achieved since my arrival. I stand in awe of your dedication and professionalism.”

Mathias didn’t specifically say what his new role will be at NASA, just one that “brings me close to a mission I love and allows me to get back into the engineering realm.”

He has a PhD in computer science and software engineering from Auburn University and once served as the deputy head of the electrical engineering department at the Air Force Institute of Technology.

HHS deputy CIO Jennifer Wendel will serve as acting CIO until a permanent one is hired. Additionally, La Monte Yarborough, the HHS chief information security officer, will serve as acting deputy CIO.

Wendel came to HHS in January from the FBI, where she was the acting FBI deputy CIO for three years and worked at the bureau for 17 years.

Mathias’ departure marks more turnover in the HHS CIO office. He was the eight permanent or acting CIO in seven years.

Whomever the next CIO is inherits one of the largest federal IT budgets at more than $8.5 billion in fiscal 2023. But the person also will have to deal with one of most disparate organizations across government.

HHS received a “B” on the September version of the Federal IT Acquisition Reform Act (FITARA) scorecard, the sixth straight.

Before coming to HHS, Mathias served as the Marshals Service’s CIO since 2015. In that role, he created a disciplined process to bring more applications and systems into the cloud. He has invested time and energy into creating an IT investment governance process as well as ensuring there is room for innovation and new technology.

The post HHS CIO Mathias moving to engineering role at NASA first appeared on Federal News Network.

 With the pace of technological innovation rapidly accelerating and a growing landscape of data and AI applications, government CIOs must learn how to leverage innovations in both the public and private sectors, decide which of their technology investments should be kept and which need replacement, and determine how to ensure their teams are set up for success. 

 Like their counterparts in other industries, government CIOs must prioritize several key considerations when it comes to data and AI initiatives. Both can have a profound impact on government operations, citizen services and policymaking. But as data volumes grow, a recent study reported that trust in data quality is slipping. At the same time, there is a growing need to invest in new data warehousing technologies to improve data processing capabilities at scale. 

 To stay ahead in the ever-changing landscape of big data (and beyond), government CIOs must get three critical things right:  

1. Data integrity and security

Maintaining data integrity and protecting sensitive citizen and government data are paramount. Government CIOs must ensure that robust cybersecurity measures are in place to safeguard data from breaches, cyberattacks and unauthorized access, all while ingesting and ensuring the trustworthiness of data from a growing number of sources and locations. 

 It is also important to establish clear data governance policies and practices for managing data access, sharing and retention. When considering the technology underlying these practices, organizations should opt for scalable data platforms that can reduce the need for data movement and replication.  

2. Ethical use of AI and bias mitigation

Another key area for government CIOs to tackle is leveraging data and AI fairly to prevent discrimination against certain groups or individuals. As technology advances rapidly, there are ethical implications of AI algorithms and data intelligence that must be prioritized over innovation at all costs. Ensuring transparency while implementing bias mitigation techniques and conducting regular audits of AI systems are critical to ensuring public trust in the system. 

 All of this must be supported by effective data preparation, integration, transformation, and analytics capabilities. Government CIOs should also build diverse AI development teams to help mitigate ethical concerns.   

3. Data interoperability and workforce development

One final challenge government CIOs must get right to succeed with data and AI is data interoperability and workforce development. It’s no secret that government agencies must operate in compartments at times, but as data volumes grow, building data repositories and workflows that can leverage data from a variety of sources will become a critical component in driving the accuracy and effectiveness of AI solutions. 

 Hand in hand with data interoperability is workforce development. Developing and implementing interoperable systems and AI solutions requires the right balance of tools, time and talent. This may mean greenlighting new public-private partnerships to leverage bleeding-edge technologies for the benefit of citizens. 

 In addition to these three challenges, government CIOs must hold themselves and their teams accountable for AI-driven decision-making processes, especially when they affect public policy and the lives of citizens. Public officials cannot hide behind the algorithms they have created. 

 As the saying goes, “with great power comes great responsibility,” and the growing power of AI is no different. Because government decisions often have far-reaching consequences, government CIOs should prioritize transparency and establish clear accountability frameworks for the development and review of AI systems. They must also define roles and responsibilities for handling data, developing new algorithms, and making data-driven decisions. 

 By addressing these challenges proactively and communicating regularly with the public, government CIOs can build trust and foster collaboration between the public sector and citizens. One thing is clear: The potential to leverage hyperscale data and AI to improve government services and positively impact the lives of citizens has never been greater. Establishing the right processes now will help ensure data and AI are used for good — today, and as the technology landscape continues to evolve. 

 Tony Ibáñez is a public sector solutions architect at Ocient. 

The post Three data and AI challenges government CIOs must get right first appeared on Federal News Network.

• Agencies asked and the CIO Council delivered a new guide for managing cloud services. A new Cloud Operations Best Practices and Resource Guide aims to answer some of the toughest remaining questions for how best to move to cloud services. The CIO Council's Enterprise Operations committee and General Services Administration’s IT Modernization Division's new resource guide highlight the best practices and advice from 82 experts, from 31 agencies, for purchasing, managing and migrating cloud applications. The guide is broken into four main, standalone sections: Leadership, business management, security and platform engineering. It also includes five appendices providing templates to everything from assessing cloud readiness to managing supply chain and change management challenges.
  (Cloud Operations Best Practices and Resource Guide - CIO.gov)
• The Federal Reserve is not shying away from exploring the use of generative artificial intelligence. The Fed is looking at different use cases under a generative AI incubator. The central bank works with a lot of data and some areas, like its payment systems and its regulatory and supervision work, could make use of AI assistance. That is according to the Federal Reserve’s chief innovation officer Sunayna Tuteja. “This construct really enables us to interrogate this technology and apply this technology with a bias for action,” she said during a Microsoft event last week. Tuteja said generative AI will not replace humans at the Fed, but instead augment their work as a partner.
  (Federal Reserve looks to harness ‘generative AI incubator’ - Federal News Network)
• The Veterans Heath Administration is training up the next generation of its human resources workforce. VHA more than doubled its hiring goals for fiscal 2023, but the agency is now focused on “hiring the hirers.” VHA, through its HR-STAR program, is taking new graduates and putting them through a year of training before starting the job. The HR-STAR program saw its first cohort graduate from training last month. David Perry is VHA’s chief officer for workforce management and consulting. He said it takes a new hire about three years to understand everything about the job. “Just because you spent a year in intensive training doesn't mean that you're a subject matter expert,” Perry said.
  (VA’s historic hiring surge leads to all-time record for veteran care and benefits - Federal News Network)
• The General Services Administration's small business governmentwide IT services contract, known as Polaris, is facing yet another protest. And GSA's handling of mentor-protégé and joint ventures is, once again, at issue. Akima Data Management filed a complaint with the Government Accountability Office on October 31. Akima is challenging the latest amendment, the ninth, around letting mentor-protégé joint ventures submit revised experience examples as part of their self-scoring proposal. Akima claims that change is unfair and improper. GAO has until February 8 to decide the protest.
  (GSA's Polaris solicitation faces new protest - GAO.gov)
• TSP returns continued to fall in October. For the third month in a row, most Thrift Savings Plan funds posted negative returns. It is not all bad news, however. The government securities investment G fund was up 0.4%, marking the only positive returns last month. The C fund marked the highest year-to-date returns at 10.67%. The small cap stock index S fund once again posted the worst return of the month. All Lifecycle funds are in the red for the third consecutive month, but, for the year, remain in the black.
  (TSP returns continue to fall in October - Federal News Network)
• A federal watchdog has found multiple cases where users were able to download risky mobile applications on devices managed by Immigration and Customs Enforcement (ICE). The Department of Homeland Security inspector general issued a management alert on the issue just last week. The redacted report found some of the applications included those banned due to spying and national security concerns. The IG blamed the issues on ICE’s outdated and overly permissive personal use policy. ICE said it has taken immediate action to block any risky applications.
  (ICE management and oversight of mobile applications - DHS OIG)
• The Navy plans to focus on three strategic priorities: strengthening maritime dominance, building a culture of warfighting excellence and enhancing strategic partnerships. Navy Secretary Carlos Del Toro announced the latest strategic guidance last week. He said they are meant to help modernize the Navy and secure its readiness. Among other areas, the strategic guidance focuses on the industrial base, uncrewed technology, education and diplomacy.
  (Navy unveils new strategic priorities - U.S. Navy)
• Thirteen federal employees received recognition for their work in an assortment of fields, including applied science and engineering, leadership and management, and social science. The George Washington University Trachtenberg School of Public Policy and Public Administration and the National Academy of Public Administration (NAPA) awarded the 74th annual Arthur S. Flemming Awards on November 1. Nominated by their agencies, the Flemming awards are presented to employees with 3-15 years of federal service. The federal employees receiving recognition included Edwin Chan at National Institute of Standards and Technology, Sujay Kumar at NASA's Hydrological Science Lab, and Andrew Metcalf at DoD's Air Force Research Laboratory.
  (NAPA recognizes 13 federal employees with Flemming awards - National Academy of Public Administration)
• The Office of Personnel Management wants to improve on recent successes to further reduce its retirement claims backlog. A memo from OPM Director Kiran Ahuja said OPM is increasing staff, streamlining processes and building a digital processing system. OPM is also asking agencies to institute quality control measures to reduce the number of errors in retirement applications they submit. The memo said, on average, one quarter of retirement claims contain errors that extend the processing time. OPM is also asking for a projection of retirement claims expected between December 2023 and March 2024, so it can better prepare its staff.
  (Agency Preparations for End of Year Retirement Applications - OPM Director Kiran Ahuja)
• Agency watchdog offices are taking new steps to create a better workplace for employees and a better way to serve the public. A governmentwide council of inspectors general said its members are making reports accessible to readers with a range of disabilities. They are also seeing if agencies are providing equal access to their public services and information. Agency IG offices are focused on promoting inclusiveness within the workforce and addressing instances of workplace harassment.
  (Federal Inspector General Community Issues Updated Roadmap on Advancing Diversity, Equity, Inclusion, and Accessibility - Council of the Inspectors General on Integrity and Efficiency)
• The Pentagon’s artificial intelligence arm wants to expand its reach into industry. The Chief Digital and Artificial Intelligence Office (CDAO) is hosting a procurement industry forum on November 30. It will tell vendors about its upcoming procurement plans, needs and mission to help industry work more effectively with the Defense Department. CDAO said it will share information about its procurement forecast, assisted procurements, an acquisition ecosystem primer and its needs for responsible AI, Joint All-Domain Command and Control and other initiatives. Companies interested in attending need to register by November 12.
  (Pentagon wants to let industry know what it’s looking for with AI - Defense Department Chief Digital and AI Office)

The post CIO Council delivers new guide for managing cloud services first appeared on Federal News Network.