Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) and Sen. John Cornyn (R-Texas) are introducing the “Strengthening the Federal Records Act of 2024” today.

The bill would tighten disclosure requirements for “non-official messaging accounts” used to carry out government business, while also strengthening the ability of the National Archives and Records Administration to hold agencies accountable for complying with record-keeping rules.

“Federal agencies must maintain adequate records so that the American public can hold officials accountable, access critical benefits and services, and have a clear picture of how the government is spending taxpayer dollars,” Peters said in a statement. “We must also update the law to keep pace with rapidly changing technology and ensure that we are not sacrificing transparency as we embrace new forms of communication.”

The bill would prohibit federal employees from using “non-official” messaging applications to carry out government business unless the messages are backed up or otherwise saved in an official account.

Beyond texting, government officials have also increasingly turned to platforms like WhatsApp and Signal in recent years. Those “ephemeral” messaging applications allow users to permanently delete messages after a set amount of time.

“American taxpayers deserve a full accounting of federal records, including across all forms of digital communication,” Cornyn said. “This legislation would help make sure technological advancements do not hamstring the government’s ability to provide greater accountability and transparency for federal records.”

The proposed FRA reforms do not address record-keeping at the White House. Those practices are governed by a separate statute, the Presidential Records Act.

But the legislation comes after numerous federal record-keeping controversies at the agency-level in recent years. For instance, the Secret Service lost key text messages from the day of the Jan. 6 Capitol riot, reportedly due to an IT system update.

The Department of Homeland Security inspector general, who had been investigating the missing Secret Service texts, more recently admitted to lawmakers he routinely deletes texts off his government-issued phone.

And during a hearing held by the homeland security committee earlier this month, Republicans pointed to a National Institutes of Health official who had told colleagues he used his personal email account to avoid having his records pulled under a Freedom of Information Act request.

“Records are the currency of democracy,” Anne Weismann, a former Justice Department official and law professor at George Washington University, said during the hearing. “They are the way we hold government actors accountable. And we have seen too many examples, whether it’s at NIH, whether it’s at DHS, whether it’s the Secret Service, where federal employees are either willfully or unwittingly avoiding or contravening their record keeping responsibilities. And as a result, the historical record of what they’re doing and why they’re doing it, is incomplete.”

Certification requirements

Under the legislation, federal employees would also have to certify their compliance record-keeping requirements before leaving an agency. Weismann pointed to reports that senior officials in the Trump administration may have deleted crucial messages regarding Jan. 6 before leaving government.

“If they had been required to certify upon leaving government that they had complied with their record keeping responsibilities, that might not have happened, or there would have been some ability to hold them accountable for what they did,” Weismann said during a hearing held by the homeland security committee earlier this month.

The legislation would expand a NARA program that automatically captures the email messages of senior agency officials.

The “Capstone” program would be expanded to automatically capture other forms of electronic messages, including through the “culling” of transitory messages and personal messages “as appropriate,” per the legislation.

Justice Department referral

Peters’ and Cornyn’s bill would also require NARA to refer repeated violations of the FRA to the Justice Department, including cases where employees unlawfully remove or destroy records.

Weismann had told lawmakers that NARA has been reticent to refer violations of records laws to DOJ, especially in cases where records were allegedly destroyed. She said that’s despite the fact that the Archives admits it doesn’t have the resources or authorities to investigate and punish record-keeping violations on its own.

“[NARA] is not well equipped, they don’t have the investigative resources, for example, that the Department of Justice has, which is precisely why we think it’s so critical that the obligation to make that referral be made clear,” Weismann said.

The bill comes as federal agencies and NARA manage an increasing amount of electronic records. NARA will stop accepting permanent paper records from agencies starting this summer.

Numerous advisory committees and advocacy groups have warned that agencies have largely been unprepared to handle the growing influx of digital data over the past two decades, impacting everything from classified information sharing to FOIA processing.

The Peters-Cornyn legislation would also set up an “Advisory Committee on Records Automation” at NARA. The committee would be responsible for encouraging and recommending ways that agencies can take advantage of automation to ingest and manage their electronic records.

The bill has garnered the support of multiple advocacy groups, according to statements provided by the Homeland Security Committee. They include the Citizens for Responsibility and Ethics in Washington (CREW), Americans for Prosperity, Protect Democracy, Government Information Watch, and the Association of Research Libraries.

“Government records are ultimately the property of the American people and agencies are responsible for maintaining the emails, texts, and documents they create,” Debra Perlin, policy director for CREW, said in a statement. “The Strengthening Oversight of Federal Records Act would update and bolster our federal recordkeeping laws to account for changes in technology, and make it easier for organizations like ours to ensure that records are created and preserved during any administration.”

The post Senate bill aims to bring federal records law into the age of ‘WhatsApp’ first appeared on Federal News Network.

Software bills of materials. The code ingredients in software. They’ve become the object of study as a way to discover cybersecurity vulnerabilities. Agency tech staffs find getting them is one thing. Making sense of them is something else. To help, the Cybersecurity and Infrastructure Security Agency recently held an online event it called the SBOM-a-Rama. Joining the Federal Drive with Tom Temin with what you might want to know, CISA cyber innovation fellow and chief security advisor at Endor Labs, Chris Hughes.

Interview Transcript:  

Tom Temin So when it comes to s bombs, this is something I think it’s fair to say. People can gather them, but they don’t know what to make of them when they get them. Is that kind of the condition of life now?

Chris Hughes Yeah, that’s what many organizations and the industry would tell you. You know, it’s kind of state of things. We initially saw a of push to get the SBOM as an artifact, you know, simply because we lack transparency and incidents like Log4J and SolarWinds, you had folks scrambling to get transparency around software they consume it from the open-source ecosystem. So now everyone has pushed to get these artifacts. But now it’s kind of a game of, you know, what do you actually do with it? How do we ingest it, enrich it, analyze it, make sense of it, and drive value.

Tom Temin And define that? Most of the SBOM suppliers, that is, the people that are asked for them by the government or by other large organizations use the standard formatting. There’s a couple of different standards for SBOMs such that they are easily digested. Is that pretty much conformance there?

Chris Hughes Yeah. That’s correct. The two leading industry standardized formats are what’s known as CycloneDX from the OWASP organization and then also PDX from the Linux Foundation. And the industry has rallied around those two primary formats. There are, you know, another 1 or 2 that have been discussed and use at some point, but those are the two that the industry has set around at this point. And most organizations are using tools that either produce them in one or both formats. And are these readable? I mean, is there an SBOM that you can if you have SPDX reader or a Cyclone reader on your machine, what does it look like? Is there anything visible to the human eye?

Chris Hughes Yes, thankfully it’s going to break down, you know, in a piece of software. What are the components that are in that within that piece of software from an open-source perspective? And even first party code might help you understand, you know, what are the nested ingredients that make up this piece of software? And then also, you know, you can get information such as what are the vulnerabilities associated with those components. So, you can still get a handle on what they call the software supply chain of understanding. You know, what software we consume, what vulnerabilities are associated with it. You know, where do we have risk and concerns and help position you to actually do something about that.

Tom Temin So these formatting standards then are designed to reveal the source of the code, not just the name of whatever block of code is part of it.

Chris Hughes That’s correct. You know, essentially what we’ve rallied around so far is the organization known as NTIA, where a lot of the SBOM momentum started within government several years ago, defined what they called the NTIA minimum elements for an SBOM. And they’ll give you various information such as the supplier, the component name, you know, source, and so on. And people can start to use that to understand, you know, the pedigree provenance of these components. You know, where they came from, what their names are, who supplied them, etc., in addition to, you know, vulnerability information as well.

Tom Temin Well, then you would need to link that to some other source to know whether the components that you’ve identified or what you want or not. That is to say, the SBOM will not tell you about the vulnerabilities in it.

Chris Hughes Yeah, well, it can you can start to identify vulnerabilities in those components. You know, looking at something like in this National Vulnerability Days database. But you did make a comment about whether you want the components or not. And that’s kind of the complexity of the issue here is if you’re consuming software from a secondary or third party, you know, supplier of a product, for example, and they shouldn’t they provide SBOM of fore said product. It’s going to have components in there that you essentially have no say whether you, you want them or not. They’re basically integrated into the product. It now just gives you transparency and visibility of what’s underneath the hood of that product, in terms of how much of the product is composed of open-source software, you know, what vulnerabilities those components have, and so on. It does put you in a position, though, that you weren’t previously, and where now you can have a conversation with the supplier to understand, you know, where are they on track to, you know, remediate vulnerabilities or mitigate risk in the product or even, you know, potentially replace a component if it’s outdated, it has number of vulnerabilities associated with it and so on.

Tom Temin We’re speaking with Chris Hughes. He’s chief security advisor at Endor Labs and a cyber innovation fellow at the Cybersecurity and Infrastructure Security Agency. And it sounds like SBOM analysis, if you will, and SBOM, you know, deriving information from it, is kind of a specialty field all in itself.

Chris Hughes Yes. Its definitely grown into that. If you look at the, you know, kind of startup ecosystem where some of the venture capital has been going, you attend, you know, some of the biggest industry events like RSA and Blackhat. You’ll notice there’s several firms that have kind of standardized themselves in a niche around SBOM analysis, you know, storing SBOMs, you know, ingesting them from other sources, helping you produce, you know, visibility and reporting around the components and aggregate those SBOMs, you know, to give you kind of a holistic, you know, kind of enterprise risk management perspective around those SBOMs and associated vulnerabilities with them and the suppliers you got them from and things of that nature.

Tom Temin And these well, it was called the winter s bomb arama. So, I guess that means there’s a spring and a fall SBOM a-rama from CISA. What happens with those things? They’re online, right?

Chris Hughes Yeah they are. So, this is essentially an opportunity to bring together stakeholders from both government and the private sector on the industry side. And you have representation from, you know, the organizations I talked about, like the Nix Foundation and OWASP and others who are leading the formats and work around SBOM formats. But you also have folks from different ISACs and community groups who are using SBOMs for various purposes, whether it’s in the financial community or the medical device community or private sector organizations, as well as representatives within government and Department of Defense who all have an interest essentially in software transparency, software supply chain security, and using SBOMs as a piece of that to mitigate risks. They all come together, talk about the progress they’re making, you know, challenges that remain tertiary, issues around things like software identification, you know, that relate to the concept of, you know, software supply chain as from and it kind of brings the industry together, both in the public and private sector side, to collaborate around that topic.

Tom Temin There must be a Reddit group for SBOMs somewhere down there.

Chris Hughes Oh, almost certainly there’s some. There are several Reddit subreddit type groups out there, other folks that are tackling this challenge. You’ll find a lot of conversation among industry groups, conferences, industry events. And yeah, it’s a very hot topic for sure.

Tom Temin Are any major software publishers reluctant to issue SBOMs because the customer could find out that the vendor didn’t supply really any of its own coding, but simply assembled a bunch of stuff out there in open source, and maybe put a nice front page on it for the welcome page. Otherwise, you know, where’s the value add? Yeah, there’s plenty of folks, you know, and obviously they won’t necessarily say that openly, but there’s plenty of folks who say that the industry pushback, or at least you know what industry pushback there is around SBOMs, and transparency is due to facts such as that. They’re concerns that, you know, organizations are simply concerned that people are going to realize that they largely have compiled a bunch of open source and put, you know, a little bow on top of it, maybe a custom proprietary code at some point, but largely it’s open source components. And also additionally, they may have concerns around, you know, pulling the curtain back and saying, hey, we have a whole bunch of outdated, poorly maintained and vulnerable components in this product, and we simply don’t want to provide that level of transparency. You know, they don’t say it like that, but there is a lot of suspicion that, you know, pushback around transparency isn’t because of intellectual property concerns or, you know, things like that, but it’s actually, you know, pulling back the curtain and showing that, you know, you did not create this or it’s poorly maintained and poorly secured.

Tom Temin Yes. If you’re old enough, you remember the great scandal of the Oldsmobiles with the Chevy engines in them. It was a big deal back, I guess. Must have been in the 1980s. All right. So, at the most recent SBOMs a-rama, anything earthshaking come out. Any new learning that the industry should be aware of?

Chris Hughes Yeah, I think the biggest takeaway was what we started the conversation with, you know, previous events like this. It was a lot of education around what this problem is or why you even need to have it, or why this is important. And now the conversation has significantly matured where everyone understands why, why we should have it, what it is, the purpose it serves, and people are looking at innovative ways to use it in broader, you know, things like cybersecurity, supply chain risk management or vulnerability management in enterprise risk management, integrating it into those programs, as well as activities like procurement and acquisition, even mergers and acquisitions as well. You know, and we’re seeing a lot of innovation and progress within certain communities like the financial sector or the medical device community. We had representation from the Department of Defense. They’re using it for various purposes, from the resilience perspective, as well as like authorizations of systems that go into production and so on, as there’s a lot more maturity around not just what it is, but how to actually use it to provide value and drive more secure outcomes.

Tom Temin And by the way, he’s at SBOM a-rama with an A or SBOM o Rama.

Chris Hughes I believe it has an A. Yeah, I hope I’m right, but I’m almost certain, hasn’t it?

The post Agencies still seek software bills of material, not bills of goods first appeared on Federal News Network.

The White House on Monday convened the first meeting of the Council on Supply Chain Resilience, announcing nearly 30 new actions, including plans to use the Defense Production Act to invest in the domestic manufacturing of essential medicines and efforts to advance cross-governmental supply chain data-sharing capabilities.

The Supply Chain Resilience Center at DHS will initially focus on risks stemming from “threats and vulnerabilities inside U.S. ports,” the White House said.

Organizationally, the center will sit under DHS’s Office of Strategy, Policy and Plans, reporting to Under Secretary for Policy Robert Silvers and Christa Brzozowski, the acting assistant secretary for foreign investment and trade policy.

In a release, DHS says the center will identify supply chain vulnerabilities and develop solutions to mitigate those threats.

“This includes evaluating the risks to ports posed by adversarial nation state threats, overreliance on untrustworthy equipment subject to nation-state control, data extraction, insider risk, and unvetted virtual and physical access,” DHS says. “The SCRC will closely collaborate with port authorities and operators, shipping, transportation, logistics, and other industry stakeholders, and the U.S. Department of Transportation to conduct its analysis.”

In the coming weeks, DHS says Homeland Security Secretary Alejandro Mayorkas will hold a roundtable with representatives from ports and cargo industries, as well as importers and exporters, to get feedback on the new center’s work.

The center will be staffed by personnel from DHS headquarters, the Federal Emergency Management Agency, the Coast Guard, Customs and Border Protection, Immigration and Customs Enforcement, and the Cybersecurity and Infrastructure Security Agency. Those personnel will have “intimate supply chain knowledge and expertise” and “be in regular contact with industry and other stakeholders,” DHS says in its release.

The idea for the center comes from the Homeland Security Advisory Council. In March, the council’s Supply Chain Security Subcommittee delivered a final report to Mayorkas detailing the idea for the center, among other recommendations.

Such a center, the subcommittee reports, could “aggregate and disseminate information across the department, as well as the broader U.S. government and private sector, about critical supply chain vulnerabilities and disruptions that can have a disproportionate negative effect on the U.S. economy, the livelihood of American citizens, or protection and continuity of U.S. critical infrastructure.”

The subcommittee’s report points to recent supply chain challenges as examples of where the center could fill gaps. For instance, the report suggests the center could have helped find solutions to the shipping container backlog at the Ports of Los Angeles and Long Beach that became emblematic of post-COVID-19 supply chain challenges.

And when the country faced shortages of supplies like computer chips and baby formula, the council’s report says the center could have worked to “prioritize rapid but safe processing of such imports already in queue to be unloaded into the United States.”

In its release, DHS says the new resilience center will work with other federal agencies, industry partners and foreign governments to run “at least” two tabletop exercises in 2024 aimed at testing the “resilience of critical cross-border supply chains.”

“Future analysis and recommendations will include reservation systems, logistics management platforms, and data production,” DHS says in its release. “This work will complement other ongoing agency efforts to address port security vulnerabilities, including our shared interest in reducing cyber-related risks from different sources, including untrusted or unauthorized access.”

DHS also plans to work closely with the Commerce Department to strengthen the semiconductor supply chain and continue to implement the CHIPS and Science Act.

Under the actions announced by the White House this week, Commerce plans to set up its own Supply Chain Center, which will bring together “industry expertise and data analytics to develop innovative supply chain risk assessment tools, and is coordinating deep-dive analyses on select critical supply chains to drive targeted actions to increase resilience.”

Commerce’s new center will specifically work with the Energy Department on a “deep-dive analysis on clean energy supply,” while also working with the Department of Health and Human Services to review “industry and import data that can help address foreign dependency vulnerabilities and points of failure for critical drugs.”

The post New DHS supply chain center aims to head off future crises first appeared on Federal News Network.

With a workforce that spans over 11 bureaus including the Bureau of Land Management, Bureau of Indian Affairs, wildlife conservation and all 350 positions that exist in the federal workforce, the Interior Department is increasingly reliant on the data that it collects about its employees.

“About a year ago, all the human capital leaders across the bureaus came together and decided that one of our common priorities was going to be human capital data analytics,” Robyn Rees, division director for the Strategic Human Capital Initiatives in the Interior Department Office of the Secretary, said.

According to Rees, the focus on human capital data analysis is born out of an effort to strategically align and support priorities of the department. Interior’s diverse mission to protect and manage federal lands and natural resources doesn’t get done without its people. And now, the President’s Management Agenda calls for agencies to track their data to more quickly access and act on workforce needs.

“I think I would say broadly, human capital data is really central to making much of our decisions because we have 70,000 employees across 2400 operating locations. And understanding that workforce composition, the types of jobs they do, where they’re located geographically; what we’re seeing in terms of bringing people in, keeping them, keeping them happy, watching people leave. I mean, it informs so much of what we do in order to meet the mission of the public.” Rees said on Federal Monthly Insights – Leveraging data and automation to drive HR transformation. “We really have been working aggressively to get access to the data we have. Whatever quality it is, show it, let’s make it better, right? And then provide whatever sets of analyses and visualizations that could be one of a number of things.”

DoI’s goal is to use the available data for three main touchpoints. The first is reducing the burden to the bureaus for manual data calls that come up through the department and other agencies. Second, to enable those bureaus to benchmark against their peers and to access best practices from one agency or department to another. And third, to position the department to more effectively be able to advance collective efforts.

“Oftentimes, we’ll see federal government benchmarking small agencies versus small agencies, large agencies versus large agencies within the department,” Rees said.

One challenge faced by Interior is unlocking the human capital data, and the fact that there is no one system for the data that is being collected. Rees, who comes from an IT background, said that while the agency wants its customers to be able to interact with one system, that ability is born out of interactions between multiple systems.

“Part of unlocking human capital data is understanding that the data is in various systems, and being able to access it and bring light to that data is one part of it,” Rees said. “So where in the absence of an integration of a system, for example, there are other technical ways we can join that data and do something with it.”

The Office of Human Capital has already established itself as an organization that can develop enterprisewide visualization.

“We can crowdsource the feedback for those visualizations . . . through subject matter experts in the same virtual space with the data folks building and deploying visualizations,” Rees said.

Those visualizations are already assisting the department with new hires, retention, separations, exit data and capabilities around the Federal Employee Viewpoint survey. The next steps are workforce planning, succession planning, career pathways and career ladders. The information collected can help them see how an employee moves between jobs and departments at the enterprise level, and how certain skillsets can uncover newly realized career opportunities.

“You must have the language and the ability to interact with the subject matter experts in order to truly unlock what that means in terms of strategizing and using evidence to triangulate a decision space,” Rees told the Federal Drive with Tom Temin.

Interior makes use of many different types of employees to do the work of analyzing its data. They are calling on their data scientists, analytics people, their IT experts, and different subject matter experts for each phase of the work.

“I think our journey is to make sure that more people can access that data, that they then build a baseline understanding of the business, that they can build muscle and analytical thinking because now they’ll look and they’re asking more questions and ultimately we want to get them to a place where their decisions are based on evidence to the greatest extent possible,” Rees said. “And that’s the journey that we’re on, the journey that we’ll continue being on. I know as leaders of the department, we care a lot about evidence-based decision making, and it truly is a collective effort. It has to have IT folks, business folks, data folks, leaders at the table in order to keep that journey strong and moving forward. “

The post At Interior, human capital data drives people and mission first appeared on Federal News Network.

The Environmental Protection Agency, like many other organizations, has huge amounts of data about its workforce at its disposal. But it’s not just using that data to understand the present – the agency’s also using it to plan “EPA 2.0”.

Helena Wooden-Aguilar, EPA’s deputy assistant administrator, for workforce solutions, said analyzing data can help organizations make better data-driven decisions, improve employee engagement, and determine the future of a workforce.

“We have an office called the Office of Human Resources Strategy (OHRS), and a big part of that job is to take a look at the agency as a whole. What are the core jobs that we need to do to meet the mission of EPA, protect human health and the environment?  Those are the conversations we have at the leadership level.”

Wooden-Aguilar emphasized the importance of HR analytics as “keeping their finger on the pulse” for not just their mission support, but also analyzing data and translating it so that employees at EPA can make decisions on workforce issues, including identifying people who are interested in joining EPA.

“We use data to help us better understand our customers right within the organization and how well we are performing. It’s a dual purpose. It’s making sure we meet our customer’s needs and how are we doing,” Wooden-Aguilar said on Federal Monthly Insights — Leveraging data and automation to drive HR transformation. “It gives us a right direction to move forward. We’re always planning for the future. We like to keep our finger on the pulse of not just our current employees, but those that are interested in the Environmental Protection Agency. So it gives us an opportunity to take a look at what are the different attributes that new employee would be interested in.”

OHRS also uses data analytics to determine the jobs of the future and how EPA fits into that. Wooden-Aquilar said they’re always trying to figure out where there are opportunities to fill skill gaps needed in EPA.

The Office of Personnel Management (OPM) is the primary data source for those efforts.

“We currently use a federal wide data source, then there’s another data set that we collect at EPA where we survey. We survey our new employees to try to collect some data on what are the things that are important to them,” Wooden-Aguilar told the Federal Drive with Tom Temin. “We also use dashboards to actually take data that’s voluntarily given to us and visualize it. That’s an important piece because as I’ve been in the government for about 20 years and I realized that people want to see not just raw data, they want to see it in a very beautiful way, in a very digestible way.”

Wooden-Aguilar said OHRS considers itself a bridge between data crunching and data analytic translators. While data is collected in the agency, OHRS plays a role in analyzing the data and translating it for a better understanding in the workforce. For example, tracking employees who left EPA but analyzing why they decided to leave and what roles they were in.

EPA recently established the Office of Environmental Justice as the diversity, equity, inclusion, and accessibility topic is being pushed through several agencies.

“We have created an office of Inclusive excellence, their focus is really, diversity, equity, inclusion, accessibility, but more so it’s at the policy level, what is the agency doing and how are we thinking about that work,” Wooden-Aguilar said.

EPA is also in the middle of competition for talent with other agencies in the private sector, nonprofit organizations, and government.

“I’m happy to say that EPA is in the top ten of employers in the federal government.  So we continue to really take seriously how we’re showing up in the workforce. We are out there recruiting constantly trying to ensure that we are showing up in the right way. We are definitely in competition with a number of departments and agencies. But I like to say to young people when I speak to them, a yes to the federal government is a yes to EPA, regardless of where you go and what you do,” Wooden-Aguilar said.

The post EPA keeping its finger on the workforce’s pulse with HR analytics first appeared on Federal News Network.

The Department of Homeland Security is pledging to promote greater transparency and data-driven analysis through the Office of Homeland Security Statistics as part of a bid to centralize statistical activities across all its major missions.

The new organization announced on Thursday will replace and expand on DHS’s Office of Immigration Statistics. While immigration-related data will continue to be a major focus of OHSS, the office will also publish reports on areas ranging from law enforcement use-of-force incidents to cyber attacks on federal networks.

“In establishing this new office, we’ll begin releasing data more quickly, with greater granularity and covering a broader scope of DHS activities,” Marc Rosenblum, executive director of OHSS said, during an inauguration event at DHS headquarters on Thursday. “Simply growing the reporting and data governance that accompanies that will be a big undertaking.”

Robert Silvers, under secretary of homeland security for strategy, policy and plans, said the creation of OHSS is part of “maturing” DHS and going from “ad hoc, to institutionalized and systematic” in its processes.

“We are creating independence and integrity in our data, which is only a good thing for the American people and those who are vested in the responsibility to make very consequential decisions and everything from counterterrorism, cybersecurity, trade and travel facilitation, immigration, and much much more,” Silvers said.

The new office will help bring DHS in line with the Foundations for Evidence-Based Policymaking Act of 2018, known as the Evidence Act. It requires agencies to make their data accessible and to support their policymaking through statistical evidence.

But DHS’s new office will have to rely on data generated by the department’s many frontline organizations across more than a dozen component agencies and offices. Karin Orvis, chief statistician of the United States, told DHS leaders their participation and coordination to the new office will be “critical” to its success and effectiveness.

“This will be by participating in the development and the implementation of department wide data quality and confidentiality standards and policies, by providing your program data to this new office and working with them to help them understand and unlock the value of that data for evidence building by enabling and supporting them to fulfill their responsibilities of a statistical agency or unit as laid out in the Evidence Act,” Orvis said.

Rosenblum said OHSS plans to work with DHS’s chief data officer on enterprise data standards. They’ll define how operational data will be stored in IT systems, as well as how to translate that information into statistical data. The standards will help trace DHS statistics back to their source, ensuring OHSS reports are accurate, independent and trustworthy, he said.

The office will manage a DHS statistical system of record that will churn out public reports. In the coming weeks, OHSS will publish the first of a new monthly immigration report.

“This is a big step forward for an office that until recently published data annually, a few years late, so we’re really upping our game,” Rosenblum said.

Even as it expands on the former Office of Immigration Statistics, immigration-related data will continue to be a major focus for OHS. Twenty-three out of the 25 data sets the new office has received so far are related to immigration. And the new Migration Analysis Center will be central to collecting data and producing reports on immigration enforcement and migration trends.

But in the coming weeks, OHSS plans to release reports on two non-immigration areas. The first will focus on counterfeit and pirated goods seized by Customs and Border Protection and Immigration and Customs Enforcement.

The second report will provide data on all use-of-force incidents recorded by DHS law enforcement agencies in fiscal 2022. DHS employs approximately 80,000 law enforcement officers across its various components. Officials say releasing the use-of-force data will help boost transparency and accountability.

By the end of next year, OHSS will also release reports on disaster deployments, airport security operations, maritime response operations, and federal cybersecurity incidents.

“This is just the start of our expansion,” Tom Woermer, branch chief for homeland security response data, said during Thursday’s event. “In the coming years, we will both expand to new domains, such as infrastructure protection, and add additional reports within each of these domains. In addition, as we work across the department to improve data quality and validate historical standards, we will improve these reports to include additional data and statistical analysis when possible.”

The new office’s aim is to become a recognized federal statistical unit under the Evidence Act. Those organizations are recognized by the White House Office of Management and Budget as demonstrating the highest commitments to generating publicly available data and statistics with integrity, objectivity and accuracy.

And Rosenblum said meeting those tenets will bring benefits to DHS leaders as well.

“Everything we do to fulfill the fundamental principles for federal statistical agencies that are outlined in the Evidence Act will further support this mission and further increase the rigor and the consistency of publicly available DHS data,” he said. “We depend on and really have such a strong partnership with the operational components. We’ve really grown that working relationship, and it’s a huge part of what we do, and that we continue to play such a key role in supporting leadership decision making.”

The post DHS vows greater transparency, evidence building under new statistics office first appeared on Federal News Network.

In a memo to federal records management offices today, U.S. Chief Records Officer Laurence Brewer writes that the Electronic Record Archive (ERA) 2.0 system will be available to agencies for records scheduling starting on Sept. 18.

“Since June, ERA 2.0 has been available for agencies to submit transfer requests,” Brewer writes. “Now, the system will have full functionality for records scheduling. The majority of previous ERA data, including records schedules and transfer requests, has been migrated into the system. All previously existing user roles have also been migrated.”

Brewer also points agencies to new training materials as well as an “agency checklist for ERA 2.0 launch” and other preparatory resources.

ERA 2.0 has been nearly a decade in the making. The modernization project replaces the government’s legacy electronic records system with better user functionality, a more modular design, and cloud-based tools. The system is comprised of a processing environment, a digital repository, and sets of forms that allow agencies to schedule federal records and transfer permanent records to NARA.

The functioning of the ERA 2.0 system is crucial as agencies struggle to manage a vast and growing set of digital records. Agencies are attempting to move away from managing paper records ahead of a June 30, 2024, digitization deadline. 

NARA began allowing agency users to test out ERA 2.0 use in mid-April, with transfer requests beginning over the summer.

David Lake, program manager for ERA, said NARA is preparing for activity in the system to begin ramping up.

“We’ve worked on some tweaks to performance of the system recently, and anecdotally, we’re seeing that that’s improved the user experience” Lake said at the Aug. 15 meeting of the Bimonthly Records and Information Discussion Group (BRIDG). “That said we know there are a number of issues that we’re still working related to the system, whether universal issues for all users or certain situations with certain agencies, that we continue to work.”

Sam McClure, electronic records program director, said NARA is working to address data migration issues and other challenges that have prevented some record forms from being transferred to the new ERA 2.0 system so far.

“We are working with our development vendor on correction activities,” McClure said. “There are a variety of errors that prevented the correct data migration. We’ll have a variety of solutions to address those errors. That work to start correcting the errors and migrating the forms in and get them to their correct status with the correct information, we’ll be starting very soon.”

“By the time of our next BRDG update, we’ll have a very different story to tell,” McClure added.

Social media records management

Meanwhile, NARA is also wrapping up a records management assessment involving 10 agencies and their practices around managing social media records. During the BRIDG meeting, Brewer said a report on the social media assessment will be issued sometime in September.

“It covers a lot of things which I know agencies are struggling with and looking for best practices and recommendations,” Brewer said.

Brewer didn’t mention whether NARA was considering updates or addendums to its 2013 guidance on managing social media records. The decade-old policy directs agencies to ensure they have capabilities in place to identify and retrieve anything that constitutes a federal record on social media platforms.

“Agencies should be aware that a social media provider could discontinue their service or delete information from an agency’s account,” the guidance states. “Additionally, agencies may stop using a social media platform at any time. In either situation, the agency is not relieved of its records management and possible capture obligations.”

The post National Archives prepares to ramp up work in new federal records system first appeared on Federal News Network.

Housing and Urban Development (HUD) is one of something like 30 agencies that have a hand in disaster recovery. In trying to avoid duplicating benefits to disaster victims, in 2017 HUD started work on a data portal. A place where grantees would load information on benefits the had already received, so HUD could see it. HUD’s Office of Inspector General (OIG) has found the data portal is only partially completed. The OIG also found questions about whether the portal is a high enough priority for HUD’s technology staff. To all of this out, Federal Drive with Tom Temin spoke in studio with HUD Inspector General Rae Oliver Davis.

Interview Transcript: 

Tom Temin And I was trying to study the wiring of all of this disaster recovery data reporting, and I had trouble tracing it. So maybe just give us a little bit of the context of where this data portal that HUD is building fits into this whole picture.

Rae Oliver Davis Sure. I’ll do my best with that because it is complex, I think you’re right to point that out. Well, first and foremost you and I have talked about, several times, I think, the vast mission of HUD. And I don’t know, maybe before this report, some people didn’t even recognize that had played a part in disaster recovery, but they do. You pointed out the 30 agencies, somewhat, 30 federal agencies that contribute to this, of course, FEMA being the biggest the largest, SBA people probably recognize they have a role as well. And then HUD comes down the line with what we call unmet need and now also mitigation. So how can we mitigate against disasters in the future? In terms of this tool in reporting, this is a data warehouse that grantees theoretically already have access to, because they’re already using it to report their data into HUD. So HUD keeps track of them that way.

Tom Temin The grantees are not necessarily the disaster victims, but housing authorities/

Rae Oliver Davis Correct. OK, that’s a that’s a very good thing to point out. First of all, the way HUD administers this funding is it’s given to HUD through a supplemental appropriation from Congress, and then it’s passed to grantees. It’s a block grant, which means that the grantee is typically a municipality, a state, that type of entity. And then it’s decentralized, because to carry out the disaster recovery relief, they have to further give money to other sub grantees, recipients and even individuals, those being the beneficiaries, as you’ve said. Yes, certainly.

Tom Temin Right. So then the purpose of this data portal then is to help everyone make sure that people get what they have coming under the law, but not double benefits or duplicative benefits.

Rae Oliver Davis Sure, we call it duplication of benefits. We’re looking to see if an individual or an entity has gotten money beyond what their need is, a windfall, so to speak. And the grantees are tasked with that. That’s set out in statute, it’s set out in their grant agreements with the department. So on top of grantees, safeguarding resources, making sure they have infrastructure, looking at the eligibility of beneficiaries, they also have to make sure that they are guarding the funds in a way that they go to the intended person. And one entity or one individual doesn’t get more than they’re supposed to get. Yes, that’s right.

Tom Temin All right. So what is HUD supposed to be doing here? What’s the project you actually looked at?

Rae Oliver Davis So this is a plan to automate the transfer of data from FEMA, which is the largest entity that participates in disaster recovery. And they usually go first, and get that data to the grantees. Get the most current data, get the most real time data to ensure this is not an overly burdensome process. You look at the position of grantees, and this is a time of crisis. We’re also dealing with a remarkable amount of money. I mean, between 2015 and 2021, HUD got $47 billion between 2015 and 2021, and now here we are, 2023, we’re looking at $100 billion that goes to HUD alone.

Tom Temin Right. And all you have to do is look at what’s happening in Hawaii to get some sense of how this process works and how expensive it can be.

Rae Oliver Davis It is. And thinking about where people are in the moment when this funding is getting out. Think about what they’re dealing with. We saw that, and frankly, the pandemic with the CARES Act funding, grantees got a tremendous amount of money all of a sudden that maybe they didn’t have the capacity to oversee. But yes, there’s a lot going on. It’s a critical time for beneficiaries and grantees. At the same time, they’re trying to do the best they can to build their infrastructure and safeguard the funds against improper payments, fraud and any kind of improper duplication of benefits. Yes.

Tom Temin All right. So this was started in 2017, and Congress directed HUD to build this automated portal and to keep it a priority. What is the status of it, actually?

Rae Oliver Davis Well, as you point out, it was conceptualized in 2017 and tested. I am waiting for my most recent update on this. We did anticipate that there might be completion in June of this year, but that’s come and gone. The big thing that we’re waiting on is for HUD to award the contract. When they first started down this path with this plan, they were planning on leveraging an existing contract vehicle that they had with GSA. They learned that contract vehicle was going to terminate, it was going to lapse before the completion of the project. So now they’ve had to award a brand new contract. So that’s really what we’re waiting for here.

Tom Temin We’re speaking with Rae Oliver Davis. She’s inspector general of Housing and Urban Development. Well, if the project was started in 2017, what did they do between now and then if there’s no contract?

Rae Oliver Davis That’s a good question. So a number of things are at play there. First, we had some staff turnover, both at HUD, people who were focused on this project. We had staff turnover at the contract level. The contract itself, this idea of leveraging the existing contract and now looking for a new one, that’s something that we see. We talk a lot about how procurement and contract management is really a top management challenge for HUD. It’s something we hear from the principals. It’s something we reflect every year in our reports. The stakeholders need to get aligned, whether that’s the office of CIO or CPD on the prioritization of this project. I think that’s happened. We see improvement in those areas within HUD. In terms of CIO, CFO, what we call kind of our support components with the program areas and prioritization. They have dashboards now where they track projects. So they’re making headway there. But I do think that was a play here. We had also, frankly, a misunderstanding about congressional approval. I mean, HUD is set up in a way where like every organization, Congress holds the purse strings. HUD has to go to Congress for authority, for approval once they have a plan in place. And there was a slight misunderstanding in the beginning. They thought that this was something they had to run past Congress. As it turns out, HUD does have about 10% flexibility in its funding to play with. And I’m sure they’d like more. I’m sure Congress likes having the oversight that they do. Anyway, it was with below the threshold, so they didn’t have to have the congressional approval, but they did hold things up for a little bit. But I think we’re back on track.

Tom Temin Well, is HUD’s plan still current? Because between 2017 and now, this whole notion of cloud computing has really blown up in the federal government. Maybe the portal should be a cloud facility instead of a server that HUD is operating.

Rae Oliver Davis I think they’d be a good question for the CIO of HUD. And if you don’t ask it, Tom, maybe I should, maybe I should ask that question. I don’t know. We’ll see. We’re going to be monitoring this.

Tom Temin We can get each other in trouble.

Rae Oliver Davis Yeah, but we’ll be monitoring this to see how effective it is, and whether it makes sense from a technology standpoint as well.

Tom Temin And your recommendations in the meantime.

Rae Oliver Davis So the first recommendation we made was more data. Look, this tool is only going to be as effective as the data in it. And HUD wants the grantees to have current data. Right now, the plan is set up with only one program at FEMA. Now it’s the largest program, so it’s bound to be helpful. To HUD’s point, adding data to this tool is going to take time. I mean, I think they said probably two to three years, even for one additional data set. And that’s because we’re dealing with other federal components, legality. We’ll have to have legal review from multiple agencies. We’re dealing with funding to complete a project like that. So that’s something that is somewhat out of their control, but we’d like to see continuous progress.

Tom Temin SBA comes to mind for example.

Rae Oliver Davis Sure. Yeah. There’s certainly the question of whether or not additional data beyond FEMA is appropriate. We’ve talked to grantees. I think most of the grantees would say this is certainly a good idea. If they can have a data warehouse where they can go for one stop shopping, that’d be fantastic. So we’d love to see it come to that. But we have to recognize that some of this is simply out of HUD’s control. The other recommendation we made was that they complete their own documentation. They have a project planning policy in-house, HUD does. And IT projects have to go through that policy to ensure that they are looking for risk, things like the contract that we’re talking about, they’re spotting issues like that along the way. And frankly, it’s my understanding that the documents that we’re waiting on are going to require an award of the contract first. So that is really the key next step.

Tom Temin Yeah. What do they say? Nothing happens till somebody buys something. So it’ll happen. And HUD generally agreed with your recommendations?

Rae Oliver Davis Yes. They’re making progress. We’re waiting to hear their actual response on how they’re going to accomplish these things. But they appreciated the review, I believe. And I think they certainly agreed with that and are making progress in that direction.

Tom Temin Yeah, you can only imagine what effectiveness and efficiency would be in place if this project in this system was in place given the disasters in the last 12 months.

Rae Oliver Davis Oh, absolutely. And in terms of ultimately why this is important, controls on the front end are the best thing. If you’re in the standing in the shoes of a beneficiary, you might down the line be asked to pay back money. Talk about a financial drain, talk about an emotional hit after you’ve been through a disaster. It’s much better to prevent these things on the front end. And I think that’s what this tool will do.

The post HUD is way behind on a crucial data sharing, anti-fraud portal first appeared on Federal News Network.

The Federal Drive has been bringing its audience stories of State Department employees who received this year’s Data for Diplomacy Awards. One awardee was honored for changing the approach of the State Department’s delegation to the United Nations in Geneva — specifically the Human Rights Council. Federal Drive with Tom Temin spoke with Jesse Lynch, the Human Rights Officer for U.S. Mission to the U.N. Delegation to the Human Rights Council.

Interview Transcript:

Tom Temin Well, tell us exactly what this delegation does, how it relates to the Human Rights Council. And it sounds like a complicated apparatus here.

Jesse Lynch So I’m here in Geneva. I work for the U.S. mission in the United Nations and other international organizations in Geneva, which really serves a crucial role in advancing american values and interests on the international stage. The U.S. Mission, its goal is really to promote human rights address more broadly, global health initiatives to respond to humanitarian crises and foster international cooperation, among many other things. The mission has a dedicated team of diplomats, subject matter experts and support staff, really with the top of the line expertise on all of these issues, all working together to uphold the commitments of multilateral diplomacy. Now, I work on the delegation of the Human Rights Council, and our specific roles and mission is to really shine a spotlight on countries, the worst human rights records, but also to help improve human rights situations around the world. So we support those fighting injustice and tyranny. We champion the values of freedom and equality. And it’s really through close collaboration with other partners and other diplomatic missions and civil society and non-governmental organizations that we really are able to advocate for human rights principles and defend the rights of all throughout the world.

Tom Temin And how does this work day to day? I mean, do you go from the State Department location in Geneva to a place that is operated by the U.N. and sit down and argue with people from Cuba? Or what happens day-to-day there?

Jesse Lynch A big part of our job is being outside of our office. We are meeting on a day-to-day basis with other delegations. So other countries, representatives here in Geneva, we’re meeting with civil society hearing their concerns. A part of that is sitting down in the halls of the United Nations and negotiating on resolutions, on texts that ultimately we hope will improve the situation of human rights for people around the world. And a part of that is having conversations not only with countries that are closely like minded with us, but countries that we don’t see eye to eye on a lot of issues. But doing that here in the halls of the United Nations, a lot of the barriers in the walls are taken down and they allow for that type of direct communication and dialog to help us find consensus and ways forward on some issues that are quite difficult.

Tom Temin Let’s get to the data aspects of this, because it sounds like a lot of human relations, a lot of work with making sure that what you say aligns with administration or State Department policy. And that’s political type of work or human relations type of work. How does data come into all of this? And tell us more about the data project that you did.

Jesse Lynch Absolutely. You might be wondering what is data for that? There’s so much data and information and the history of the United Nations and how countries operate in this space. And one of the things that we were curious about, a couple of years ago, is how can we look to the history of how countries vote? How can we look at the history of how countries approach certain issues and take that in and analyze it in a way to help us predict how countries will vote on a resolution that’s going to come up next year on issue related to freedom of expression, for example. How do we expect a country will form partnerships and coalitions that may try to counter our initiatives and things that we’re trying to see take place in the Human Rights Council?

Jesse Lynch We looked at what was the best way to kind of pull this together. So we ended up looking at U.N. databases, databases from [Non Governmental Organizations (NGOs)] that are online. And I identified a team of virtual interns that the State Department allows us to pull from, and some of those being students in the field of data science. And we were able to call nearly 6.3 million data points on how countries operate on nearly every human rights issue, every single country in the world. And we put it into a database and then really started to dig in and do some fund analysis to see if we can come up some predictions. And what that allowed us to do is once we got all that data inside of a dataset, is to develop a platform to help give us live and changing analysis that allows us to predict voting patterns and behaviors of states, ultimately allow us to better form lobbying strategies when we’re trying to pursue a certain resolution on that issue and to build partners and coalitions to help us achieve what we’re looking to achieve.

Tom Temin We’re speaking with Jesse Lynch. He’s human rights officer for the U.S. Mission to the U.N. Delegation, to the Human Rights Council. So that’s pretty interesting because the implication is that much as you think you might know a nation or its delegation or its point of view, it’s a little more subtle than that, and you can’t know for sure without some analytical tools how it might vote. That is to say you can’t assume anything about what another nation is going to do or say or think about a particular topic.

Jesse Lynch Absolutely. And it’s not just our delegation that’s interested in this. Even when we’re with or likeminded with our partners, we’re always questioning ourselves. And what would this country do if we were to present a resolution or a discussion on a topic that could be perceived as controversial? And no one seemed to have the data around to be able to back that up. So we were quite proud to pull together a very powerful tool that allows us to harness the data in a way to make data informed decisions.

Tom Temin Sure. And there are things that are relatively non-controversial, even in the U.N. Delegation to the Human Rights Council, for example, the situation in Sudan. Not too many people disagree that that’s not good. But then there are a lot of issues where, like, say, the Commission on inquiry for Israel that goes on and on and on and on, there’s a lot of controversy over that one and its justification and so forth. So you’ve got a range of things from, yeah, we all agree on this pretty much to, wait a minute. We’re butting heads on this all over the place. Fair to say?

Jesse Lynch Yeah. The tool allows us to make decisions based on the data. So we are always asking ourselves, what does the data say? And certainly that may not always align with the policy options that are on the table, but it’s one additional and new type of input that our policymakers have when they’re making those key decisions that could have broad cross-cutting implications.

Tom Temin Well, would the data cause a change in the vote on a particular issue, or would it simply maybe inform the way the United States talks about it or frames it to other nations.

Jesse Lynch The data wouldn’t necessarily change the vote, but like the latter point, yes, it could change the way that we approach talking about issues with partners. An example, last summer there was a resolution that dealt with discrimination against women and girls, and there were some countries who were seeking to roll back protections against women and girls. And the data allowed us to really predict which countries in that against column would likely be the biggest opponents. And we were able to then roll out targeting lobbying strategies to try to lessen the impact of that counter-offensive.

Tom Temin Interesting. And just to get back to the process here, you wanted to pull all of this data together and you used interns that were stateside? There’s a lot of interns at the State Department and under different channels.

Jesse Lynch Absolutely. This is a special program within the federal government, the Virtual Student Federal Service Internship Program. So they are college students, American college students from around the country that commit to working 10 to 15 hours a week. And I had a team of six interns. Half of them were focused on political science and half on data science. And so I brought them together to help us come up with innovative ways to interpret the data and to pull the data together in a way that was understandable.

Tom Temin And what sort of program or application or algorithm did all of this analysis for you?

Jesse Lynch The State Department. So this is an online platform that the State Department allows us to use. I will say that the Center for Data Analytics in Washington and the promotion that they have for fostering innovation was really a driving force behind this, and some of the tools that they flagged for us. They’re tools that are easily accessible to the Microsoft Office platform. So nothing not creating a new system, but using the systems that we have in order to allow us to accomplish this.

Tom Temin And just tell us about yourself a little bit, how you came to the job you have now a human rights officer. I don’t know where that ranks in the hierarchy of State Department from diplomat to whatever. Where does that all fall? And how did you get to where you are?

Jesse Lynch So I am a Foreign Service officer, so a diplomat based here in Geneva. I’ve been up for a couple of years. My previous assignments included Tel Aviv, Israel. I’ve served in Cambodia and Phnom Penh covering internal political issues and also sort human rights issues. I’ve served in Kuwait doing consular work. And prior to the Foreign Service, I was a civil service in the State Department focusing on a number of issues, mainly the Middle East. My educational background from university, focusing almost right after 9/11, was on Middle East studies and studying languages and studying Arabic. And I received a couple of government fellowships that took me to the Middle East where I master the Arabic language. And it has opened up many opportunities throughout the region to support our efforts.

The post How the State Department uses data to improve work with the U.N. first appeared on Federal News Network.

The Federal Drive with Tom Temin recently brought you an interview with one of this year’s Data for Diplomacy awardees from the State Department. The award cited the Bureau of Conflict and Stabilization Operations for its work in a program called the Conflict Observatory. Team lead Susan Wolfinbarger joins Federal Drive with Tom Temin once again for an update on a new observation post in the deeply troubled Sudan.

Interview Transcript:

Susan Wolfinbarger Sure, the conflict observatory program is a way that we are harnessing remote data feeds and technologies to monitor crisis situations around the world. We’re taking advantage of things like commercial satellite imagery and other open source information that’s available globally and can help us understand events on the ground.

Tom Temin So what are some of the types of feeds that might be helpful in Sudan right now?

Susan Wolfinbarger We’re taking advantage of a lot of new data feeds in Sudan. For example, we’re using a lot of high resolution satellite imagery to monitor events on the ground. We’re also using thermal imagery, because a lot of conflict events also produce heat signatures. And so thermal detections can actually give us a lot of ideas about where we should be looking. For example, with the burning events that have been in the news in Darfur. It helps us quickly triage large areas and figure out where we should be looking.

Tom Temin And this civil war has produced refugees and large numbers of people on movement. Are you able to have feeds, drone pictures or some means of tracking what’s going on on that front?

Susan Wolfinbarger We’re also using data source called human mobility data, and that really helps us understand some of those more fine grained movements of population. So this is using location data from cell phones, and it’s helping us to understand the population shifts that are happening on the ground, which can be really helpful for responding and assisting in humanitarian operations, because we have much more detailed information about where people have left and where they have gone to.

Tom Temin Right. So just a side question. In some nations they can maybe block those signals or turn off the cell towers in this kind of thing. So is that been the case in the Sudan Observatory? Or has it been pretty much an even data flow?

Susan Wolfinbarger There are Internet outages and things that are happening on the ground across Sudan that does impact the timeliness of the data in some cases. But what happens with this feed is that even when a device does not currently have Internet access, it stores the information and then is able to transmit it once it regains a signal. So sometimes there is a delay on that information, but we’re still getting it significantly more quickly than we could in any other mechanism.

Tom Temin And are there unstructured sources of data that also feed into the observatory, for example, news accounts, which are text or human observation that is reporting in to people at the State Department or maybe coming through military reports?

Susan Wolfinbarger Yes, absolutely. A big component of the work in Sudan is using open source investigation techniques. So these are really developed methods for monitoring all of the information that is posted on the Internet, because there’s so much that’s shared on social media, on chat platforms. Even statements by officials are part of what is collected. And so as they come across photos and videos that are found online, you can actually geo locate those using these techniques where you identify key aspects of that photo or video and tie it to known locations and satellite imagery. So that helps them get views of what’s going on the ground that you wouldn’t be able to get from just a satellite image alone.

Tom Temin And what about the technology aspects of it? I mean, you are a technical person or a diplomatic person or you bridge those two things, because it sounds like there has to be some really good technical underpinnings from the IT staff to be able to enable these observatories.

Susan Wolfinbarger I’m actually a geographer by training and my specialization is in remote sensing. So doing the type of analysis that the teams are doing as part of the conflict observatory. But I do work at the State Department, and so I’m figuring out how we can really leverage all of these analytic techniques, all these data feeds, and bringing them in to support the goals of the State Department and our work in the diplomatic realm.

Tom Temin We’re speaking with Susan Wolfinbarger. She’s a team lead in the Bureau of Conflict and Stabilization Operations at the State Department. And I can understand why you got an award for Data for Diplomacy and all of this effort. These feeds come in, then what happens? How are they integrated? How are they turned into products? You can’t put them in a pouch and seal it with wax.

Susan Wolfinbarger So we have a analytic platform that we’re using for the conflict observatory. And this platform is where we ingest all of the data feeds. And then all the teams that are part of the Conflict Observatory, including the Yale Humanitarian Research Lab, Planetscape AI and Esri, are then doing their research and documentation activities on that platform, and that’s a really secure FISMA high system. It’s a very secure way of doing all of the analysis and being able to decide what information is shared publicly and what isn’t. Because as you can imagine, doing this type of an analysis of a war zone creates some sensitive information.

Tom Temin And earlier we spoke about the work of the observatory in Ukraine did learnings there somehow inform the set up of the observatory, the newest one in Sudan?

Susan Wolfinbarger Absolutely. All of the data feeds that we’re using in the platform itself are available to be used anywhere in the world. And so when we started discussing a Sudan conflict observatory, it was really easy, relatively speaking, to add that component to the work, because we have experienced analysts, we have all of the global data feeds that we needed and we just need to bring them together and point them at Sudan.

Tom Temin And other components of the government do data gathering and geo location work. There’s the National Geospatial Intelligence Agency, which has the really big view. But then there might be military assets, even though we’re not involved as much in the Sudan militarily, but maybe observing what’s going on. Is there a chance to get feeds from other sources outside of the State Department and vice versa? Can your feeds maybe help the military if they request that feed.

Susan Wolfinbarger All the information that the teams are using to create their documentation is completely unclassified and open source or commercial information, and they’re making that publicly available so that anyone can access it on their website.

Tom Temin All right. Sounds like the answer is no in that in that case. And who are the consumers of this within the State Department? And who do you sense might be using this open source data, maybe outside the State Department, academics, perhaps, or whomever?

Susan Wolfinbarger One of the biggest focus areas of this program is support to humanitarian operations. And so the teams are partnering directly with groups that are planning aid deliveries and other actions on the ground in Sudan. So there’s real time geographic data that they’re analyzing and producing analysis of is really critical in being able to provide a real time awareness of what’s happening on the ground as people are thinking about operating and making movements across Sudan.

Tom Temin So it might inform someone like, say, a contractor for USAID that could be operating there, knowing where it’s safe to go or where they can’t go or otherwise being able to adjust their plans. Would that be a use case?

Susan Wolfinbarger I think one of the best use cases is thinking about humanitarian convoys. So when you are trying to plan a movement from maybe Port Sudan to another location, being able to understand where there are checkpoints or where roads might be destroyed or a bridge might be out is really critical information. And so this information that’s being shared out and created by the team can really help in any groups that are working on that type of operations on the ground.

Tom Temin And a final question, how permanent are these observatories, these data collection sets that are then analyzed and and combined and so forth? Do you shut them off at some point? Or what’s the long term plan for each of the observatories? You’ve got a couple of them up and running now.

Susan Wolfinbarger Yeah, I think that the different observatories have different time periods associated with them. For example, in Ukraine, where we’re doing war crimes documentation, the justice and accountability processes that those are trying to assist can last for 10 or 15 years. And so we have to think about storing that information and making it accessible for a much longer time period than what we might in a more rapidly evolving, humanitarian focused type of operation that we’re supporting in Sudan. So it’s really about the end goal of the program and what we’re trying to achieve.

Tom Temin And I imagine a long base of observation, maybe after the conclusion of a conflict or the recession of it, let’s say, that itself could be a good analytical tool to compare what was going on in the heat of it versus what was going on in the tail of it.

Susan Wolfinbarger Absolutely. It’s always really helpful as we’re trying to understand what was happening in a conflict to have that type of information. It’s so unusual to have a way to create it. And so this documentation that we’re doing with the different conflict observatory programs is creating new information that people would not otherwise have access to. And that’s going to really inform a lot of our research and understanding in the longer term.

Tom Temin And do you have a dashboard in Foggy Bottom that you sit and kind of stare at all day?

Susan Wolfinbarger We have a lot of dashboards and they are really fun to interact with.

The post The State Department launches a special program to monitor the violence in Sudan first appeared on Federal News Network.

The Office of Management and Budget issued detailed guidance and timelines Wednesday telling agencies how to implement the Access to Congressionally Mandated Reports Act, which Congress passed in December. Starting on Oct.16, anytime an agency is drafting a legally-required report to Congress, they’ll also need to prepare to send it to the Government Publishing Office to be hosted in a new publicly-accessible web portal GPO is building.

There are some very large exceptions, however. Under the law, and the new OMB guidance, agencies won’t have to publicly reveal any report that’s destined for the House or Senate appropriations, armed services or intelligence committees. Nothing in the OMB guidance or the law would prevent agencies from adding those reports to the portal voluntarily, however.

Intelligence community agencies are also completely exempt from the law, as are any agency’s reports on IT security and “law enforcement sensitive” matters. And agencies will still have some discretion to keep reports out of the GPO portal, particularly if they contain sensitive personal information.

“Generally, agencies shall not construe the Act as requiring them to disclose information, records, or reports that are exempt from public disclosure under [the Privacy Act],” OMB director Shalanda Young and GPO director Hugh Halpern wrote in Wednesday’s memo. “Agencies are responsible for reviewing their congressionally mandated reports prior to submission for publication to the GPO submission portal for the purposes of identifying and redacting information or records. There is no affirmative duty on GPO to review reports for these purposes prior to publication.”

The new guidance tells all federal agencies they’ll need to appoint a specific point of content to ensure their reports are being uploaded to GPO. They’ll need to register for accounts on GPO’s new reports portal starting Oct. 1. Under the law, reports will need to be submitted to the portal 30 days after they’re sent to Congress — but no more than 60 days after they’re sent to Congress.

The OMB directive also emphasizes accessibility and discoverability: each document will have to use open data standards, have searchable text, and specific metadata describing the report and the specific law that requires it. GPO said it would reject any documents that come in a proprietary format, are platform dependent or aren’t searchable.

Congress passed the Access to Congressionally Mandated Reports Act (ACMRA) as part of the 2023 defense authorization bill — a significant victory for government transparency groups, who had been urging the legislation’s passage for more than a decade.

Advocates have argued that creating a centralized database of all legally-mandated reports would not only improve public understanding of agency activities, but also make the reports more accessible to members of Congress themselves.

“Additionally, for the first time we will have a comprehensive list of all executive branch reports the law requires be submitted to Congress,” a coalition of 29 good government groups wrote in a 2021 letter to then-House Speaker Nancy Pelosi urging the law’s passage. “This will let us know what reports are due and tell us whether an agency has complied with its obligation to submit reports in a timely fashion.”

As of now, it’s impossible to say how many reports to Congress are required by federal law, let alone whether agencies are complying with those reporting requirements, or if anyone on Capitol Hill is reading them.

That’s partly because the legal provisions that mandate the reports are scattered throughout various sections of federal statute and appropriations law, making them difficult for even Congressional staff to count.

The Clerk of the House maintains a partial list. And the Congressional Research Service attempted to count the total as part of a 2020 study that conducted a comprehensive search of public laws. CRS discovered 3,359 reporting requirements in the 115^th Congress alone, but noted that even that figure is almost certainly a significant undercount.

“Reports to Congress might arise from several sources. These include statutory reporting requirements; House, Senate, and conference committee report language; and interactions between Members of Congress and agency officials,” according to the 2020 report. “The diversity of sources of reporting requirements means that any accounting of requirements based on a single source (such as public laws) will necessarily be incomplete.”

A separate 2022 study by the Congressional Budget Office found that ACMRA and the new public portal would cost very little to implement, mainly because — at least in theory — all of the reports that will be housed in the portal are already being prepared for Congress. CBO estimated the total cost of implementation, governmentwide, would be $400,000 per year.

The post Agencies to start implementing transparency law for Congressional reports in October first appeared on Federal News Network.

It’s fair to say, federal agencies will never buy commercial cloud computing services from Chinese vendors. But China aims to take the lead in cloud computing worldwide. To examine that competitive challenge to the United States,  Federal Drive with Tom Temin  spoke with Jim Lewis, senior vice president for the Strategic Technologies Program at the Center for Strategic and International Studies.

Interview Transcript: 

Tom Temin It looks like you’ve migrated from writing cybersecurity suggested policy for the White House to looking at cloud computing, which kind of is related, I guess. Tell us your thoughts about cloud.

Jim Lewis Cloud is definitely part of the larger network security picture, and we had Rob Joyce speaking a week or so ago where he said cloud is the future of computing. So if you look at the national strategy, an emphasis on cloud security, an emphasis on the move to the cloud is a big part of it. So I don’t see a difference between cloud and cyber security, one is the same as the other.

Tom Temin All right. And so, again, U.S. companies only buy from U.S. vendors and there is generally a requirement for U.S. soil located cloud services. But that doesn’t really address the issue of widespread Chinese adoption by commercial entities here in the United States and the establishment of that Chinese infrastructure worldwide to go along with Amazon, Google and the rest of them. Fair to say?

Jim Lewis Two things are going on. The first is that if you talk to Chinese vendors, including Huawei,  they expect to regain global dominance, and they think that cloud and 6G are their paths forward. So cloud plays a big part in China’s plans for dominating global networks. The second part isn’t global network, so American vendors, American companies operating in America don’t face the risk of using Chinese technology. And let’s be clear, there’s a definite risk of espionage. It’s more than a risk, it’s a certainty. But they’re going to have to connect to countries elsewhere, and they’re going to have to connect to networks in other places. And that’s where the risk comes in. China pretty much dominates Africa now. They’re making big strides in Latin America, and the cloud market is part of that. So this is a continuation of the contest we saw over 5G a few years ago and the centrality of Huawei in supplying other people. It creates risk for the United States.

Tom Temin It’s fair to say, then, that in those countries that are still developing in the same way that they skipped the wired pots type of telephone systems, in the seventies, eighties, nineties going directly to wireless cellular in the same way they’re skipping the data center model and going straight to cloud.

Jim Lewis Cloud is going to be increasingly important for so many services. 5G networks depend on cloud. Artificial intelligence, robotics depend on cloud. Logistics will increasingly rely on cloud. Now, what flavor of cloud is, of course, one of the competitive features. Is it an American company? Is it in-house? Is it on prem? What we are seeing a shift, a migration in how people use computing technology to the cloud. And that makes it a strategic issue for the United States. If you are comfortable with having China dominate the global information infrastructure, OK, but I don’t think most people are.

Tom Temin Sure. There’s an old saying about roads. How many roads are in the United States? And the answer is one, because you can drive on any road from any other road, just if you traverse the right turns. Same thing is true of networks, really. In some sense, there is only one network worldwide increasingly more integrated. Does that mean that enclaves of U.S. only or protected types of cloud areas really are safe?

Jim Lewis Yeah, they’re probably, a protected cloud in the United States probably is safe. But the question is, no country is an island. And so if you want to do international business, you’re going to go on to foreign networks. You’re going to have to access or provide access to foreign clouds. And that creates the opportunity for mischief. So if you want to extend your statement, there really is one network and it’s global. And we’re having a dispute now over who is technology, who standards, whose norms will dominate that global network, ours or China’s?

Tom Temin We’re speaking with Jim Lewis, senior vice president for the Strategic Technologies Program at the Center for Strategic and International Studies. And if you’re, say, a vendor that has international sales and also sales to the federal government under some of the supply chain security initiatives, software supply chain security initiative. That would seem to be a problem if, say, on your commercial side, you’re totally fine with using a Chinese technology based or even a China based cloud provider. But then, [Cybersecurity Maturity Model Certification (CMMC)] program, for example, that’s going to mitigate against your ability to serve the federal government. I would think.

Jim Lewis To their credit, the previous administration had a clean network initiative that included clean cloud, and that was a recognition of the the interconnections between American companies, foreign companies. And the problems that having a big Chinese presence in the cloud could create. So this isn’t new, this is probably five or six years old that people have been thinking about it. Right now, the U.S. has a huge market share lead in many regions, not all, but many. And the Chinese hope to displace that. Some of their motive is commercial, clearly. But some of it is also a security motive. If you control the cloud, you have more influence, you have greater access to information. It just creates more risk. And so that’s what the previous administration was trying to address. This administration is continuing with that. One dilemma we have, and you’ve seen this in other places as well, is China’s willing to subsidize, China’s willing to engage in predatory trade practices. So I’ve had foreign officials tell me, the Chinese will show up, they will underbid Western companies by a significant margin, 20%, 30%. And that’s hard to turn down. So there’s an intention to make the world wired by China. And that’s what we’re having to push back against.

Tom Temin Is one of the questions then whether Amazon, Google, Oracle, all of these companies that our cloud commercial providers invest in their own infrastructure using Chinese gear?

Jim Lewis So far the use of Chinese equipment in the cloud isn’t a big problem, because for one thing, all the big leading U.S. cloud providers know the risks, and so they’re going to seek to avoid that. That’s been true for years. So the issue is not so much American cloud service providers, but more the people on the other end. The companies in Latin America, the companies in South East Asia, the companies in the Middle East, that’s where Chinese tech providers have a lead, clear lead over Western companies. And that’s where the risk is.

Tom Temin So what is the specific risk then? If the commercial usage is Chinese based over there in Asia, for example, in Africa and say, in the European Union and the United States, North America. It’s not, and I don’t know what South America is doing. What is the actual risk then to the United States?

Jim Lewis The risk is first espionage, because you’ve got American companies accessing foreign networks that are based on Chinese technology that could be compromised. The second risk is influence. If it’s the company that’s building the highways for you or building the railroads they are going to be more influential than the bystanders. The third is standards, which is that if you buy Chinese  cloud technology, the Chinese very often want you to buy related technology. So you end up with not just cloud, but with everything that appends to it being Chinese. And the fear is they’ll use it for market advantage the way they’ve done in other areas.

Tom Temin So there’s an economic danger here, as well as a national security threat.

Jim Lewis Yeah, One of the problems we’re having in this discussion is economics and national security are blending in a way they weren’t. I saw a paper recently that said that the U.S. is central concern was national security. That’s true. But the definition of national security is very different than it was 20 years ago. It includes economics, it includes technology, it includes things that don’t fit under the rubric of defense. So we’re being challenged in ways we’re not accustomed to.

Tom Temin Right. I think it was President Obama that pointed out, somewhat wryly, that, yes, it’s the economy that pays for everything else, including defense.

Jim Lewis And that’s where we are struggling, because the foundation of national security is the economy, and economic strength and the ability to create new technologies, the ability to afford new technologies. And we’ve seen countries fall behind when they’ve made the wrong investment decisions. That will affect spectrum allocation, that will affect global standards, that will affect the purchase of cloud services. Everyone knows about TikTok. And so we can we can skip another TikTok commercial, but TikTok is just the tip of the iceberg when it comes to Chinese software being used in American products. We have an interconnected economies. The Chinese have the same problem, I guess that’s a comfort. Our economies are interconnected, we’ve spent 40 years building closer and closer connections. And so when you lift the hood up, a lot of IT has some piece of China in it and that raises concerns.

Tom Temin So what should the United States do? Is there any policy recommendation that can strengthen the cloud position here?

Jim Lewis A lot of this comes back to rebuilding capacities we had in the Cold War. And that doesn’t mean doing exactly what we did in the Cold War. But when you look at foreign assistance, one reason people in other countries by Chinese technology is that it’s a lower price, it’s subsidized. It comes with a lot of benefits, education, workforce, capital, infrastructure. And we have to compete. But we have so many rules in place when it comes to foreign assistance, that very often it’s difficult for us to compete with the Chinese. The Chinese don’t come in and ask questions about social issues or political issues. The Chinese don’t care about bribery. Not to say maybe that we shouldn’t care about bribery, but we’re going to have to. We’re used to a world where we were dominant and we didn’t really have to compete, and so we could afford to impose rules that were peripheral below question of security and economic growth. And we have to reconsider that.

Tom Temin I think one recent, maybe it was an African official who was quoted as saying, with the Chinese we get an airport, with the Americans we get a lecture.

Jim Lewis And that wraps it up, folks. I’ve talked to African officials. And what I told them basically is, look, your key concern, and this is true for most of the developing world. Your key concern is economic growth. And so from a national interest perspective, you have to put that as a higher priority than American security. That sounds terrible. But coming in and telling people, do something because it’s good for the United States, strangely enough, doesn’t have as much selling power as someone showing up and saying, I’m going to give you an airport. And I’m not going to look the other way as some of the money for that airport is diverted to Switzerland. So we have not yet fully recognized that we’re in a contest. Cloud is part of that. The Chinese will get better. They’ll get a bigger market share. And that’s not in our interest to see that happen.

 

The post Cloud computing is the next line in the competition with China first appeared on Federal News Network.

Researchers have long known that blasting off into space can have adverse impacts on the brain, from the g-forces associated with liftoff and landing, to t he radiation, microgravity, and isolation of space travel. To help mitigate those effects, NASA in coordination with the BrainHQ app, conducted a study to see if exercises on the app could help ward off any brain fog caused by space travel. I got the chance to discuss the research with BrainHQ’s senior research scientist Dr. Mouna Attarha.

Interview transcript:

Mouna Attarha So NASA, perhaps not surprisingly at all, is really ahead of the curve. Much of the work to date on brain training has been devoted to older adults or folks diagnosed with a specific condition. For example, people with mild cognitive impairment or schizophrenia or ADHD. But it’s only recently that certain organizations, such as the military and pro sports teams, that elite performers are using BrainHQ to get a competitive edge. So the way this all unfolded a couple of years ago is that a researcher from NASA named Dr. Carol Mullinax was leading an effort to see if BrainHQ could improve cognitive performance in an astronaut-like population. So I got her note, I was absolutely thrilled to join her and her team on this exciting study. Astronauts are, of course, very healthy individuals with very healthy brains, that’s probably no surprise. But it’s known that space travel adversely affects our brains and bodies. So they need simple tools to counter what is essentially, a major environmental assault on the brain and body.

Mouna Attarha So in this initial study, they recruited employees at the Johnson Space Center in the same age range as astronauts selected for the Artemis Mission, with advanced degrees in similar disciplines. You can think pilots or those with master’s or doctorate degrees. And they evaluated their cognition using something called the NASA Cognition Test Battery, which was designed for astronauts and assesses things like their brain speed, their memory, their attention, learning, their decision making. And then they gave them 18 hours of BrainHQ over six weeks. And once folks finished their training, they got the NASA Cognition Battery again, to see if their performance changed. And what they found was a huge improvement on the training exercises. That’s what we would expect, people improved on what they trained on. Although, I will say that, this group of people showed a pretty striking increase. But what was really exciting to us was that they also got better on the NASA cognition battery, which shows that they’re training generalized. So the next step here is to test the training in a large study where some folks get BrainHQ and others get active control of the set of computer games. You can think of these like crossword puzzles, Sudoku and word search and other games that people really like to play. And then the ultimate question is, whether this is something that can counter the effects of space travel for the future Artemis crew.

Eric White So I’m going to ask you to speculate and look down the line here. It could be something where astronauts are out or in their spacecraft during a mission. And every day they have to do a set of something similar, if not, the actual BrainHQ app or do something similar where they’re kind of doing the brain teasers and stuff like that that you mentioned, just to keep their mind sharp while they’re up there.

Mouna Attarha That’s exactly right. They would have a tablet or any sort of Internet connected device. They would spend maybe,  20 minutes a day or four sessions of 30 minutes a week. And they would do that in an ongoing way to help their brain stay resilient and sharp against some of these assaults that happen when we’re out in space.

Eric White Yeah. And working with NASA, what did they tell you about the effects that astronauts describe, whether it’s brain fog, a term that we’re all used to now. But also, they’ve shown clinically that there is an aging process that is sped up from the kind of travel and endurance that they have to take on. What did they tell you about that?

Mouna Attarha Exactly. Well, so we know that our brains change based on our environment. The brain has billions of neurons. These are, of course, cells that transmit information. And the bodies of these cells form what’s called gray matter. And the tails of those cells form what’s called white matter. And we know that the volumes of both, your gray matter and your white matter, get altered due to the gravitational forces from being up in space. So important brain tissue is being affected by space exploration, which of course, isn’t good. We also know that social engagement and novelty and stimulation is very important for brain health. But traveling to Mars can take a while,  up to ten months or so.

Eric White And there’s only a few people to talk to.

Mouna Attarha Exactly. It’s the same set of people. So that’s a very, very long time to be socially isolated without the normal cognitive stimulation a person normally gets from being on Earth. On earth, we can explore new hiking trail, we can go out with friends, we can pick up a new hobby as we please. And what’s striking as you alluded to, is that we see these kinds of changes in aging populations as well. They show changes in brain tissue and being socially isolated accelerates brain aging as well. So NASA is very rightfully thinking about these core set of issues and looking to identify tools that astronauts can use to strengthen their brain, in really an ongoing way so that they can stay in peak performance.

Eric White You mentioned some similarities to the work you all did do with the Defense Department. In speaking to a couple of astronauts, they have described,  a lot of them are either former or ex-military, that the process of being up in space where you have a heightened alertness all the time is very similar to being out in a dangerous area here on Earth. And that can kind of lead to sort of same similar symptoms as PTSD. Can you tell me about any similarities that you see between those two? Obviously, very different job paths. But is there something there that in your work with the Defense Department in working with soldiers who are experiencing brain trauma and things of that nature?

Mouna Attarha Yeah. So successful space travel, as well as successful military missions, they require extraordinarily high levels of cognitive performance. In space, it’s just their crew and their brains out they’re out on the field. It’s them and their comrades. So in both cases, the stakes are very high. And these are just those sorts of environments where very small errors can actually cause pretty critical issues. So we do use this training to build cognitive resilience and reserves to kind of counter that ongoing state of stressors that these folks typically find themselves in.

Eric White So why don’t you tell me about the BrainHQ itself, and what it does and some of the other work that you all do in similar aspects with other industries? I know you talked a little bit about it, but can you expand on that?

Mouna Attarha Yeah, that’s a really great question. Our understanding of the brain has changed pretty significantly over the past few decades. The prevailing view historically was that the brain was hard wired. There was nothing you could do to improve your brain health beyond those critical periods and very, very early childhood. And as you aged, it was only natural for all parts of the system the wiring, the plumbing to degrade and just stop working. But what we know now, is that the adult brain is highly plastic. It can adapt, it can reorganize itself, it can drive structural, functional chemical changes throughout your life based on what you learn and what you experience. So after spending several decades improving the brains of animals, like rats or mice or monkeys throughout their lives, our co-founder, Dr. Michael Merzenich, he’s a world renowned neuroscientist from [University of California, San Francisco (UCSF)]. He took those 30 years of findings in neuroscience and decided, hey, isn’t it time to improve the brains of humans? So we built BrainHQ, we tested it in human studies to confirm to work. The program is simply an online training app. It’s available on Web, iOS and Android, so that’s easy to access anywhere with an internet connection. And the way it works is that we work to improve the speed and accuracy of what you see and what you hear. And we know now, from more than 200 published studies from using the program, that this training changes your brain to improve your cognition and how you function in your daily life.

Eric White So coming up through school, I was always told the old adage of the brain is the organ that we know the least about in humans. Is that’s still true to this day?

Mouna Attarha Absolutely. I think that cardiologists are doing the best with their organ, and I think there is still quite a lot more we need to learn about the brain.

 

The post This is your brain … in space first appeared on Federal News Network.

The only thing larger than the paperwork it sometimes takes to win a federal contract, is the amount of complaints you hear from folks both inside and outside the government contracting community. With around $665 billion in goods and services purchased annually from outside contractors, you might expect some issues with transparency, equity and fairness to pop up. So what can be done to address those issues? A new report from the Brookings Institution looks for solutions to those problems. The Federal Drive with Tom Temin  talked about the report with Brookings Senior Fellow Darrell West.

Interview transcript:

Darrell West The federal government has grown enormously in size, and so the reliance on external contractors has grown as well. About 10% of the federal budget goes to outside contractors. That’s more than $665 billion every year. So it’s a huge amount of money. And so the way in which the government awards these moneys is very important for the overall economy. The types of firms that get these types of contracts matters a lot. And of course, we know there have been tremendous complaints about federal procurement and acquisitions policy for years. This is not a new topic. A small businesses complained that all the money is going to large corporations. Women and minority owned businesses claim they’re not getting their fair share. People say there’s too much paperwork. There’s a lack of transparency in terms of how the process operates. So we wanted to look at this whole topic, and just talk about what are the problems with federal acquisitions of policy and what can we do better.

Eric White A significant undertaking. You lay out a few possible reforms that could help address some of those complaints in the national procurement policies. Obviously, won’t make it go through every single one of them. But can you lay out the list that you came up with you and your team did?

Darrell West We came up with a number of ideas that we thought would improve the process. I think, one of the most novel ones is when we were looking at the data, like there’s information available on which states are getting the federal money, and so we just did a quick breakdown on that. And it’s more than 60% of the external contracts go to about a dozen different states, and they are primarily states on the East Coast and the West Coast. There are a few southern states as well, just because of military contracts and their number of military bases in the south. But by and large, the typical complaint about the federal government ignoring the heartland actually is true when it comes to federal grants. When you look at the vast part of America, three quarters of the states basically in the interior, in the Midwest and the Rocky Mountain states and elsewhere, they’re not getting that much federal money. So obviously, I think that’s something we need to work on. In our report, we highlighted the problem of needing to broaden the geographic diversity of these grants to make sure that the money is more evenly spread out around the country. We know that people in the heartland feel like they’re being left behind already. That’s a big source of political problems, kind of fuels populist rage at the federal government. And so this is one concrete thing the government can do in the acquisitions area. It’s money they control, they can just do a better job of reaching out to companies that are not on the East Coast and not on the West Coast and just trying to involve a broader range of companies.

Eric White Yeah, it’s tough, though, because technology companies don’t typically base their operations in the heartland, itself. So, maybe the private sector spreading things out a little bit could help as well, or is it on them, too?

Darrell West No, you’re exactly right. It is a problem in the sense, especially in the technology area. Most of the big tech companies are either on the East Coast or the West Coast, so it’s going to be hard to diversify that. But there is this phenomenon called subcontracting. Even if a large tech company gets a $5 billion contract, they often will have subcontracts to other firms to help execute the project. And so that’s one way in which there could be a better geographic balance. When these tech companies are hiring subcontractors, they should think not just about East Coast and West Coast firms, but there’s actually quite a bit of talent in the heartland. In fact,  because of COVID and remote work, you don’t have to work in Seattle anymore to have tech expertise. So there’s a lot of tech firms located in Austin and Columbus, Ohio, and Omaha that actually could serve as subcontractors on these grants. And that would be a way to achieve better geographic variety.

Eric White We’re speaking with Darrell West, senior fellow at the Brookings Institution. And so I imagine training of government procurement officers themselves, it’s probably an area that could always use some extra training. What did you all think about that?

Darrell West This is a big problem in the federal government right now. I mean, there’s been a big retirement wave over the last few years, and that’s going to continue in the coming years. And it’s hard for the federal government to recruit, they’re not paying as much as the private sector in general. And especially in the technology area, it’s really hard for any federal agency to have the kind of expertise needed to evaluate these external contractors. If there is a request for bids, it goes out, you need technical expertise to evaluate those bids. There are a lot of agencies that want to incorporate AI in their operations. It doesn’t mean that a federal employee has to be able to code, but they need to know enough about AI that they can evaluate the bids. So one of our recommendations is the federal government needs to put much more effort into recruiting workers who have the proper expertise to actually evaluate the bids that come in. And they just need to keep training those individuals. Once those people are in the workforce, there’s just so many changes taking place in the technology area. People need to regularly upgrade their job skills so that they can keep up with the new technologies that are emerging almost every week, if not every month.

Eric White You mention AI, can the newest kind of technologies, like machine learning and things of that nature, sort of help fill in that gap where the workforce itself is unable to obtain the knowledge required to do this job?

Darrell West This is an area where the federal government actually wants to do a better job, but it’s been difficult for them to actually do it. There are all these new tools, AI, data analytics, machine learning. Kind of the latest is Generative AI, the ChatGPT phenomena, which has gotten lots of attention lately. Federal agencies need to do what the private sector has been doing for years, which is use these new tools to improve their agency operations, the way in which the agencies function, how they analyze and compile information. There’s just a wealth of data analytics tools out there, and federal agencies need to incorporate those things in the procurement process. So, for example, fraud is always a concern with a government that contracts. You can actually use AI to spot the outliers. Either bids or companies that just seem a little unusual that are not kind of operating with standard business practices. It doesn’t necessarily mean they’re guilty of anything, but when you can use AI to spot outliers, you can then subject those bids to human review to see is there actually a problem here. Is there fraud? Is there corruption? Is there incompetence or inefficiencies of one sort or another? So we do think if the federal government can start to incorporate AI, data analytics and machine learning, it would improve their ability to evaluate bids, it would improve their ability to evaluate the performance of these companies when they actually have the contracts. Are they delivering on what they say they’re going to do so? Are they being both efficient and effective in how they operate? So I think these new tools would actually make a big difference if the federal government was able to incorporate them in their operations.

Eric White And I imagine that if they were able to do that, that would also help with the complaint of the mountains of paperwork that it takes to obtain a federal contract. Is that true?

Darrell West Absolutely. Certainly there is a huge amount of paperwork, because with government contracts, people rightfully are worried about fraud, corruption or just outright inefficiency. And so there’s a lot of paperwork designed to ferret that out. But then, of course, that poses a lot of problems. It limits the types of businesses that can actually apply for these grants. If you’re a small firm with 20 or 25 employees, and you have these very detailed federal request for proposals that come out. Your company, it’s going to be hard to have the personnel actually to supply all the paperwork. But there are new tools that could be helpful, that can kind of create a more level playing field across small and large businesses. And so it’s a way to create greater equity in the process and make sure that the whole process operates more thoroughly and efficiently.

Eric White And what about other countries? It’s tough to compare systems just because, as you mentioned, the U.S. is so vast, we’re a big economy as well. But there are some forward leaning nations that have taken steps that are similar to what you’ve suggested. What did you all find?

Darrell West Many countries are struggling with exactly the same thing the U.S. government struggles with in dealing with outside contractors. We are not alone in having a heavy reliance on businesses outside of the government. So we did look at what other countries are doing, the types of reforms that they are incorporating and then what kind of results that they are getting. And the interesting thing is, if you look at the United Kingdom, Germany and other places, some of the types of reforms that they have developed is, all these countries want to improve sustainability, so they want kind of a focus on environmental factors reducing the carbon footprint of their operations. There’s a lot of kind of interest in pursuing those types of goals. So there are countries that have incorporate sustainability as a criterion on which they’re going to evaluate federal bids and give greater weight to companies that actually are promising sustainability, in terms of how they execute government contracts. And the interesting thing is, when you actually look at the results, we’re finding and these other countries have found that if you focus on sustainability as a criteria, you start to get more bids that actually emphasize that and have the ability to execute on that. The same thing is taking place in regard to innovation. Every government wants to be more innovative, more efficient and more effective in how they do things. So countries are now prioritizing innovation as a criterion on which to evaluate external bids, and rewarding companies that are truly being innovative in the products they use, how they operate, their organizational structure and so on. So when you look at other countries, they are starting to achieve good results on the criteria that are important to them, and those are criteria of sustainability and innovation that also should be of great interest to the United States.

Eric White The federal procurement system itself is one that takes its time, in general, and I’m sure that that’s true for reforms to the federal procurement system, itself. Where do we go from here, I guess, is the question. Are these changes that could be implemented at the stroke of a pen? Or would it take actually some action from maybe Congress or some laws getting written as well that would add to the timeline?

Darrell West Some of these things are recommendations that can be implemented pretty quickly. The interesting thing is we put out a report, which for people who want more details that’s available free online at Brookings.edu. We also did an event a couple of weeks ago where we had some of the top officials who handle and oversee federal procurement on. They heard our recommendations, and so we had a direct channel to them. They talked about their interest in actually doing many of the things that we talk about. And in some cases, they actually have reforms underway that actually are going to do this. The Biden administration has prioritized getting more money out to small businesses, having more contracts go to women and minority owned businesses. So they are making progress in the sense of setting goals for themselves and then trying to push towards better implementation.

The post The need for reform in federal procurement and acquisition first appeared on Federal News Network.

The influence of these digital tools is not just limited to interpersonal and inter-organizational transactions. Government functions in the modern age also depend heavily on digital tools and information technology. These tools help to optimize processes, improve access, enhance communication, and aid in better decision-making. Technology also helps to better serve the needs of the citizens faster, incurring lower costs.

Government facilities in the modern age need to have the necessary facilities to support the IT infrastructure. A resilient and robust communications infrastructure is the core component of that. It enables reliable and secure communication between various branches of the federal government, between employees, and with the citizens who require the service of the federal department. The following sections cover the steps and key considerations you need to adopt while planning and installing communication networks in a government facility.

Network requirements

To plan and build an adequate network infrastructure, you need to have a good estimate of the requirements for the network. The expectations from the network impact the network design, hardware and security protocols of the network for the government facility. Some of the parameters you need to know before you plan the network include:

• Number of endpoint devices,
• Bandwidth requirements,
• Maximum latency allowed,
• Total data usage expected,
• Types of applications, and
• Security requirements.

If you are assessing network requirements for a new government facility, you need to build the list of requirements from scratch. You need to talk with the various stakeholders that will rely on the network infrastructure to determine a good estimate of the requirements. If you need to assess the network requirements for an existing network in a facility, you can start by performing an audit of the existing network infrastructure. The audit will give you an estimate of what needs to be replaced and upgraded.

The security requirements of the government building play a huge part in the network design. The IT infrastructure of a government facility needs to host large swathes of sensitive information. This includes confidential information of various federal departments and the personal information of citizens of the country. When the communication network needs to transmit such information, the security requirements have to be met without fail. The required security level needs to be outlined before the design of the communications infrastructure.

Network design

The network design of the government facility describes the outline of the communications network, including the specifications of the hardware and software to be used. A detailed diagram of the network infrastructure is at the core of network design. It shows the layout of hardware components and the rationale for the same. The data carrying capacity, devices to be connected, the type of network connection, and a wide range of information required to select the hardware and software will be a part of network design.

The plan to secure the network of the government facility is also part of the network design. It includes firewall controls, software standards and encryption protocols to be followed. Standard operating procedures, best practices to use the network, and maintenance schedules have to be prepared at the network design stage. Keep in mind that the network design has to be compliant with the cybersecurity framework from the National Institute of Standards and Technology. Adherence to the cybersecurity framework is mandatory for government facilities and industries of national interest.

Hardware and software

The network design gives the specifications for the hardware and software required for the communication network. This is the starting point for selecting the required components. The focus should be on choosing reliable OEMs for hardware devices. The warranties, cost and expected performance of the devices have to be assessed.

In addition to hardware, you need software to maintain and operate the network infrastructure. The software would range from operating systems of the servers to intrusion detection systems for network security. Choose reliable software vendors with a good track record of maintaining and servicing clients.

Since the hardware and software have to be used for a government facility, there are additional considerations you need to make. For example, the OEMs for hardware devices should not have any connections with a hostile government. Similarly, vendors and suppliers for components should have adequate security clearances required to deal with your federal agency. Your department would know other details of compliance required while making a purchase for the government facility.

Installation

Once the selection of hardware and software is complete, the next step is to install the network according to the direction of the network design. This involves physically setting up your hardware components, such as switches and routers. You will also need to configure the drives and software to get everything running as expected.

The security measures prescribed in the network design should be in place before the communication network can go live. It is a good practice to test the network infrastructure and security before it is used to transmit sensitive government information. Use reliable network installers with adequate clearances to perform the installation and configuration.

Monitor and maintain

Monitoring and maintaining the network of your government facility is essential to preserve its performance and security. Monitoring tools are available that help in real-time monitoring and tracking of performance issues. This helps you to catch potential problems before they cause failure. Monitoring tools monitor the data speeds, latency, data consumption and other key metrics to determine the performance of the network. Intrusion detection systems can also be used along with monitoring tools to defend against external threats.

Maintaining the network devices and software is required for the long life of the network infrastructure. Maintenance of software involves installing updates and security patches right when they are dispatched. Hardware components need to have scheduled maintenance plans to clean them of dust accumulation to maintain device performance. Conducting security audits and penetration testing at regular intervals helps maintain the security of the communication network.

Security and performance

Security of data that is stored and transmitted in the digital infrastructure is the primary concern for a communication network of the government facility. Matching it with the performance requirements is a complex yet critical task. Accomplishing this requires detailed planning and execution by an experienced team. Monitoring and maintaining the network also plays a key part in maintaining the performance of the infrastructure. With a well-designed and well-maintained network, you can help ensure that your government facility is functioning at its best.

Patrick Chown is the owner and president of The Network Installers, which specializes in network cabling installation, structured cabling, voice and data, audio/visual, commercial wifi, and fiber optic installation for industrial and commercial facilities.

The post Planning and installing a network in a government facility first appeared on Federal News Network.