FCW Insider: June 27
Some of the biggest civilian agencies including the Department of Homeland Security have failed to act on internal cybersecurity audits dating back multiple years, a Senate report found. Derek B. Johnson digs through a Senate report documenting a decade of federal cybersecurity failure.
An appropriations bill passed in the House June 26 includes multiple provisions to prevent a merger between the Office of Personnel Management and the General Services Administration. One amendment added to the bill blocks any reduction in force at OPM arising from a budget gap at the human resources agency. Administration officials told Congress last week that 150 furloughs could be in the offing. Adam Mazmanian has more.
Hot on the heels of the release of the finalized "Cloud Smart" strategy, the Office of Management and Budget put out a new plan for closing data centers. Federal CIO Suzette Kent told a House panel on June 26 that the new policy "focuses on enabling aggressive closure and ensuring efficient operations." Mark Rockwell has the story.
The transformative $50 billion governmentwide telecommunications contract Enterprise Infrastructure Solutions gives agencies the chance to escape the "like-for-like" trap. In a new FCW commentary, Tony Bardo, assistant vice president for government solutions at Hughes Network Systems, offers five things agencies should think about going into their EIS planning.
*** The June 2019 FITARA grades are out. The eighth iteration of the scorecard that grades compliance with the Federal IT Acquisition Reform Act – or FITARA 8.0 in more tech-friendly jargon – saw no As but no failing grades either. Overall, scores were flat or slightly down for most agencies.
NASA saw the biggest drop – from a B+ to a D-, in part of the basis of a management change that was seen as a diminution of CIO authority. There weren't any similarly dramatic improvements in overall scores. In his opening remarks, at June 26 hearing on FITARA compliance, Rep. Gerry Connolly (D-Va.), chairman of the Government Operations Subcommittee of the House Committee on Oversight and Reform, said that USAID and the Department of Labor would each have received A+ FITARA scores if they'd changed their org chart to have their CIOs report directly to the agency chief or top deputy.
The scorecard also revealed that 22 out of 24 covered agencies have a permanent CIO – creating a semblance of order in an administration that has acting officials many top leadership positions including Secretary of Defense and Secretary of Homeland Security.
*** Also at the FITARA hearing, Connolly revealed that he had tried to introduce an amendment to the Financial Services and General Government appropriations bill to add $15 million to the Technology Modernization Fund -- a revolving pot of IT money authorized by the Modernizing Government Technology Act. The amendment was killed in Rules Committee, Connolly said.
Subcommittee Ranking Member Mark Meadows (R-N.C.) noted that the $35 million funding addition approved for MGT is "sadly a rounding error when it comes to addressing this problem." He said he hoped to "get that up to a number that is actually meaningful."
*** In a new publication aimed at federal technology managers, the National Institute of Standards and Technology offers some ideas on managing cybersecurity and privacy risks in the vast internet-of-things ecosystem. NIST lays out three high-level goals -- protecting devices, data and individuals' privacy throughout the device lifecycle -- and outlines the potential challenges agencies may face along with mitigation strategies. Get more on this document from GCN.
Posted on Jun 27, 2019 at 2:25 AM