Weekly Roundup: January 29-February 2, 2024

New cloud category sinks FITARA scores, but that’s not necessarily a bad thing. Federal agency scores plummeted on the 17th Federal IT Acquisition Reform Act (FITARA) scorecard. The reason for the drop in grades: Continued struggles to implement best practices for moving workloads and services to the cloud. But oversight leaders say the decrease in grades is not only expected, but not indicative of the progress agencies have made over the last decade. The scorecard, released today by Rep. Gerry Connolly (D-Va.), co-author of FITARA, showed double the amount of “C” grades with 10 “Cs” and three “Ds” for the first time since July 2022.

CISA Mandates Feds Shut Down Two Vulnerable Software Products. Federal agencies have until the end of the day to shut down two widely used software products due to major cybersecurity vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive mandating federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure VPN products on their networks. This directive supersedes a Jan. 19 emergency directive from CISA, which told agencies to remediate the vulnerabilities in those Ivanti products.

DoD CIO developing guidance for securing AI systems, data. The Defense Department is laying the foundation for securing artificial intelligence systems and data within the department. David McKeown, DoD’s chief information security officer, said his team developed a Risk Management Framework control overlay focused on what to look for in an AI environment and how to properly secure the training data, the inputs, the outputs and the models themselves. Unlike other RMF overlays, which provide detailed instructions on compliance, this overlay is less “prescriptive,” and the goal is to have security guidance for the whole overarching AI environment.

GAO Official: ‘AI is Here,’ New Governance Structures Loom Large. Federal agencies are already integrating artificial intelligence (AI) to support a range of government missions, but one Government Accountability Office (GAO) official said that the federal government is facing difficult decisions as it looks to implement new governance structures. Kevin Walsh, the director of information technology and cybersecurity at GAO, pointed to his agency’s recent report on the state of AI in the federal government. Looking at just the civilian agencies alone, the December report identified 1,200 current and planned AI use cases. The takeaway from the report, Walsh said, is that “AI is here.”

USPS plans to cut $5B in costs, grow revenue to avoid running out of cash in coming years. Postmaster General Louis DeJoy is telling the White House and Congress that implementing these plans is necessary to keep USPS from running out of cash in the coming years. DeJoy, in told President Biden and congressional leaders that USPS is “utilizing all of the self-help tools that are available to us,” and trying to get back on track with its “break-even” goal, after years of billion-dollar net losses.

Zero Trust Strategy Turns Two: Industry Likes Quick Start, Eyes More Progress. The Office of Management and Budget’s (OMB) Federal Zero Trust Strategy turned two years old on Jan. 26, and officials from several private sector firms that are helping Federal agencies put zero trust security in place are giving solid marks for progress thus far, and emphasizing the need for further gains as the threat environment grows more complex.

NIH looks for new EHR to replace its 20-year-old legacy system. The National Institutes of Health (NIH) is planning to replace its decades-old legacy Electronic Health Record, and looking at how a new EHR could help accelerate its use of artificial intelligence tools. Jon McKeeby, the chief information officer at the NIH Clinical Center, said the agency is looking to secure funding — about $150-200 million — in the next six months and the acquisition process for a new EHR.  

THIS WEEK @ THE CENTER 

NEW BLOGS. Along with releasing our new book, Transforming the Business of Government: Insights on Resiliency, Innovation, and Performance, we began a blog series that excerpts the 15 chapters that compose this book. This week we posted Chapter 12 - Future of Payment Integrity within the U.S. Federal Government and Chapter 13 - Leveraging Inspectors General to Make Evidence-Based Decisions.Here are the other blogs and chapters posted thus far: Introduction, Chapter One - Emergency Preparedness and Response , Chapter Two - Cybersecurity, Chapter Three - Supply Chain, Chapter Four - Sustainability, Chapter Five - Workforce , Chapter Six - Eight Areas for Government Action - Insights on Resiliency, Chapter Seven - AI Literacy: A Prerequisite for the Future of AI and Automation in Government, Chapter Eight -- Design Principles for Responsible Use of AI to Enhance Customer Experience Using Public Procurement, Chapter Nine - Quantum Technology Challenge: What Role for the Government?, Chapter Ten - Using Linked Administrative Data to Advance Evidence-Based Policymaking, Chapter Eleven - Toward More Useful Federal Oversight. 

• What does “accountability” mean for government experts? Prof. Don Kettl offers an overview of his latest book, Experts in Government: The Deep State from Caligula to Trump and Beyond. Kettl gives an exhaustive study on experts in government since ancient times into a 68-page book. Some important lessons come out of the 2000-year history of the “deep state.”
• The role of technology in public participation in the regulatory process. Guest blogger Sarah Hay writes that AI could help individuals shape their public comments into a format most useful to agencies.
• Discussing Applications of Generative AI to Rule Development and Evaluation. Guest blogger Mark Febrizio recounts the discussion facilitated by Dr. David Bray, Distinguished Fellow and Loomis Council Co-Chair at the Stimson Center, and Andy Fois, Chair of the Administrative Conference of the United States (ACUS) on generative AI at a co-hosted event Building on Regulatory Foundations and Bridging to the Future, commemorating the 30th anniversary of Executive Order 12866 and 20th anniversary of Circular A-4.

ICYMI – EXPERTS IN GOVERNMENT: A Conversation with Prof. Don Kettl. This week Michael Keegan welcomed Prof. Don Kettl for a timely and very insightful discussion on how to balance the age-old battles between expertise and accountability in government, the role of experts in government, and why the challenges of bureaucratic capacity and control become far greater in the twenty-first century.