The series, “Accelerating the Mission with AI and Security,” produced by Scoop News Group for FedScoop and underwritten by Google for Government, invited leaders to share where they hope to see the most significant return on investment for AI implementation in the coming year.

Artificial intelligence to meet core mission needs

Workforce augmentation was a highly discussed use case for AI implementation in the series.

FEMA’s Office of the Chief Financial Officer is one agency that has been strategically working on a generative AI tool to improve mission efficiency.

Christopher Kraft, Assistant Administrator, Financial Systems for FEMA’s OCFO shared that his office is developing a proprietary generative AI tool – owned and operated by FEMA and DHS – to generate draft responses to budget requests that his team can review for accuracy.

The Department of Labor CISO Paul Blahusch discussed how his agency is leaning into AI with a dedicated AI office inside the Office of the CIO to help develop and implement tools and techniques to streamline workflows, which can translate into cost avoidance and improved programs. He referred to three AI implementation areas his agency is focusing on, including cybersecurity, back-office support, and assisting constituents in accessing services more quickly.

For agencies like the U.S. Patent and Trademark Office, using AI as an augmented assistant has been developing even further over the past three years, according to CISO Jamie Holcombe, providing each examiner with an augmented intelligence system next to them.

“So, during its searches, it can bring up not just one thing but a myriad of things that pertain to the uniqueness of that patent application or trademark registration. So, you really have to think that the examiners don’t want one thing, they want a plethora of things to say, ‘yes,’ it is unique and novel, or ‘no, it’s not,’” Holcombe explains. “AI and generative AI has helped in that regard because each examiner has a customized version that just applies to them.”

Many leaders see generative AI as a way to improve standard workflow procedures. Department of Commerce CIO Andre Mendes, said that for tasks that are incredibly onerous, his department is looking at how AI can be used to break through some of the clutter.

“In HR processes, for example, position descriptions are not really that exciting, but at the end of the day, consume an enormous amount of people and time and resources, and where we can, I think, leverage AI to dramatically improve and optimize those environments,” he explained.

Improved security for federal data

Agencies like U.S. Citizen and Immigration Services (USCIS) are far along in their cloud migration strategies, which means that data security strategies must now shift to account for an explosion of digital resources.

“All the immigration data that has to be cataloged and identified and tagged is a monstrous task. And frankly, there is no easy button to push when you’re talking about the volume and scale of data that we have, and the amount of change that it goes through on even a daily basis,” shared USCIS CISO Shane Barney.

“We have, from a cybersecurity perspective, in my plans I am building, what we’re referring to as a security integration platform, which is an open source-based platform, and it has a whole AI/machine learning piece built into it based on open-source principles and practices, as well as some software platforms that will be integrated into the security program. And more on the threat hunting side of things where we’re looking for those abnormal changes in the environment that could indicate a breach.”

His agency leadership is waiting on further White House guidance on AI implementation but is working on foundational principles that can help the organization move forward with implementation plans quickly, referring to an open cybersecurity schema framework USCIS has been working on.

“I see it as the future. It’s the way we have to handle it; the future of cybersecurity is data,” said Barney.

This sentiment was echoed by other leaders who want to improve how they manage, store and analyze data to strengthen their agency’s security posture. Centers for Medicare and Medicaid Services (CMS) CISO Robert Wood said that his agency is building a security data lake to minimize data silos.

According to Wood, generative AI models could play a more significant role in empowering the government workforce to ask plain language questions to get actionable insights from data if properly structured and react more quickly to security threats and vulnerabilities.

Other participants who shared their insights in this series included:

• David Shive, CIO, U.S. General Services Administration
• Guy Cavallo, CIO, Office of Personnel Management
• Dr. Kelly Fletcher, CIO, Bureau of Information Resource Management, Department of State
• Josh Lehman, Director, Office of Business and Customer Assurance, U.S. Food and Drug Administration
• Russell Marsh, Director, Cybersecurity Operations, National Nuclear Security Administration

This video series was produced by Scoop News Group, for FedScoop, and sponsored in part by Google for Government.

The post Federal leaders on accelerating the mission with AI and security appeared first on FedScoop.

Mendes will take on a new role as CIO for Tarrant County, Texas, starting in January, according to the post. His move comes after roughly four years as Commerce’s CIO and previous leadership roles at the International Trade Administration and the U.S. Agency for Global Media.

“Well friends. I am retiring from the Fed!” Mendes wrote in his post. “Over 14+ years, far exceeding expectations and bets when I joined, I have had a ball.”

Before taking on the top information technology role for Commerce in August 2019, Mendes was CIO for the agency’s International Trade Administration for nearly two years. There, Mendes said, he became “the first Portuguese to head a US Agency, [and the] highest ever ranked career Latino at Commerce.” He attributed the agency’s success to the “extraordinary cadre of individuals” with whom he worked.

Mendes also spent more than eight years in various leadership roles at the U.S. Agency for Global Media, formerly the U.S. Broadcasting Board of Governors (BBG), before joining Commerce. Those roles included CIO, chief technology officer, chief operations officer, and acting chief executive officer and chief financial officer, according to his LinkedIn.

“At the BBG, we transformed a once great organization that had become ossified. By the time we left, the BBG had the widest distribution portfolio of any western media, Shortwave to Twitter. Audience rose from 165M to 278M in 6 years. We were 90% cloud based by 2014,” Mendes wrote. 

Mendes’s last day is Dec. 31, according to his post. His new role in Tarrant County — where he said he’s commuted from weekly for the past two-and-a-half years — begins Jan. 2.

The Department of Commerce didn’t immediately respond to a request for comment.

Mendes has won several FedScoop 50 awards and was a recipient of the Golden Gov: Federal Executive of the Year award in 2023.

The post Commerce CIO Mendes announces retirement from federal government appeared first on FedScoop.

As part of that process, the HHS’s Office of Chief Information Officer is looking for potential contractors that could identify capabilities and gaps related to zero trust in each operating division, develop and maintain a zero trust scorecard, and establish a zero-trust roadmap, among other things, according to the request for information posted to federal contracting website SAM.gov.

The information security office within the OCIO is currently conducting market research on the establishment and maintenance of a program management office support for zero trust, according to the solicitation, and is looking to get information from interested parties by Dec. 6.

“While a few [operating divisions] within HHS have Zero Trust Maturity (ZTM) plans in place, HHS is just beginning to align resources to a department wide Zero Trust Strategy,” according to the solicitation.

HHS didn’t respond to a request for comment.

The solicitation comes as agencies work to achieve the Biden administration’s standards to improve cybersecurity through governmentwide zero-trust security architecture by the end of fiscal year 2024. 

While the Biden administration issued a strategy for achieving those goals, efforts can vary by agency. For example, the Department of Commerce’s CIO Andre Mendes told FedScoop in July that the agency elected to have a department-wide rather than letting bureaus chart their own course. 

Although the department already has many of the skills and technologies required by Biden’s zero-trust architecture strategy, the solicitation said that “putting all the components together requires HHS to significantly upgrade governance and Information Technology (IT) management, and more deeply integrate teams and technologies.”

At least one agency is already establishing a zero-trust program management office. The Department of Education is getting funding under the General Services Administration’s Technology Modernization Fund to establish an “enterprise-wide program management office dedicated to zero trust,” according to the TMF website. 

The Department of Education awarded a contract to ShorePoint Inc. to provide program management office support.

The post HHS exploring program management office support for departmentwide zero trust implementation appeared first on FedScoop.

Speaking at FedScoop’s annual FedTalks event, Mendes proposed that the U.S. should have “federal, state and local government portals that allow you to navigate through the thing in your app, on your mobile phone, and get access to every system that you need to.”

“And that is possible — built around the persona, the citizen and not the government, toward 100%, navigable self-service,” he added.

Mendes pointed to Estonia as an example of a nation that is already doing this. And to get to that point, he said, the U.S. must “shed all of our legacy modus operandi,” calling the way that many federal agencies create IT strategies independent of the commercial market and overly customize commercial software “an amazing waste of money and time.”

“We cannot continue doing the same thing that we’ve been doing and expect to get to a radically different place as fast as we need to by doing so,” Mendes said. “It is impossible, we must shed the way that we do all business.”

Mendes noted also how most of the information hosted on agency websites is extremely old.

“Information is often outdated, inaccurate and late,” Mendes said. “I mean, you can go into a website for a government agency and you will find an unbelievable amount of obsolete information. I don’t care which agency it is.”

To drive this transformation, Mendes said government agencies should rely only on technology that commercial organizations have developed with minimal to no customization rather than building their own. 

“Almost every online presence must be replaced,” Mendes said. “You’re talking about literally millions upon millions of web pages that must go. So this is an enormous task.”

In his keynote, Mendes gave recommendations on what current CIOs should do to encourage and support the move towards more modernized, commercial digital services. 

“Aggressively extract commodity, you cannot afford to be running systems in your shop,” Mendes said, among other suggestions. “You cannot, you should not be doing this…. You should be designing and modernizing applications, aggressively consolidate applications and operations.”

Since the commercial sector has moved toward apps on mobile devices that go through near-constant updates, Mendes said that CIOs must embrace that change and be bold in reflecting it. 

“Rededicate your career to momentous change,” Mendes said. “Just go out there and knock it out of the park.”

The post “An amazing waste of money and time.” Commerce CIO calls for digital services reformulation appeared first on FedScoop.

Speaking Wednesday at the Swish Data GIST summit, André Mendes said his department had achieved major operational efficiencies by moving the separate connections across to the National Oceanic and Atmospheric Administration’s N-Wave network.

N-Wave is a scalable and secure network built using 10GB per second Wave Division Multiplexed fiber-optic links and is used to provide the agency with the capacity to carry out multiple functions including weather forecasting and research.

“At the Commerce building, with all the bureaus located in there when I came on board, we had 13 different internet connections, with different vendors,” Mendes said. “We migrated all of them to one of our providers – NOAA – which runs N-Wave, which is a fantastic network system because of their massive requirements from a supercomputing, data collection and satellite standpoint, and they took over the entire business.”

He added: “We no longer have negotiations, we no longer have lawyers meeting to look at this, we no longer have these ATOs, because they ATO’d the entire system and it’s done. Those are all things that you can do in terms of accelerating [the process].”

Mendes noted also that having one network service provider resulted in the additional benefit of having all telemetry in one location.

“This is remarkable in terms of what it brings to the table from an efficiency and transparency standpoint,” he said.

The post Commerce has reaped benefits from network consolidation, says CIO Andre Mendes appeared first on FedScoop.

The strategy is intended to improve educational opportunities for people working in all areas of cybersecurity and to bolster cooperation with industry.

It comes amid continued concerns over the deficit of cybersecurity talent across both the private and public sector. Speaking last month at FedTalks, hosted by FedScoop, Commerce Department CIO André Mendes said the lack of cybersecurity expertise has forced agencies to poach staff from one another.

CyberSeek, a recruiting website for cybersecurity jobs in the U.S., funded by the Commerce Department, has estimated in recent weeks that there are currently 714,548 open cybersecurity jobs nationwide, which includes positions in both the public and private sector. 

Commenting on the new strategy, the ONCD spokesperson added: “It is a priority for the Biden-Harris administration to improve the nation’s cyber workforce and elevate cyber education and awareness.”

“Accordingly, the Office of the National Cyber Director will be developing a national cyber workforce and education strategy in the coming months, following up from the successful White House Cyber Workforce and Education Summit in July,” he said.

As it formulates the strategy, ONCD will take input from the private sector, academia, nonprofits and other relevant parties.

The post Office of the National Cyber Director to develop nationwide cyber workforce strategy ‘in the coming months’ appeared first on FedScoop.

“We’re basically hiring people from one federal agency to another. We’re stealing people from each other, that’s what it’s come down to,” Mendes told FedScoop.

“It’s a very, very tough situation with cybersecurity hiring. It’s extremely difficult getting the right people with the right skills right now,” said Mendes who spoke at the FedTalks tech conference on Wednesday, hosted by FedScoop.

The hiring challenges are likely due to a tight labor market and a severe shortage of skilled cyber engineers and analysts.

According to cybersecurity recruitment website CyberSeek, which is funded by the Commerce Department, there are currently 714,548 open cybersecurity jobs nationwide, which includes positions in the public and private sector. 

In the public sector or the government, the website estimates there are almost 39,000 vacant cyber jobs and 69,322 cybersecurity experts currently employed.

There has been a huge surge in cybersecurity job openings in the past year, following a series of massive attacks in the the last two years on the computer systems of the federal government, the Colonial Pipeline, and the meat producer JBS that have brought mainstream awareness to the need for increased cybersecurity within the government and the private sector.

Alongside difficulties hiring cybersecurity experts, Mendes also said the federal government has struggled with holding its tech vendors and contractors accountable for cybersecurity flaws and issues.

“All federal agencies have to hold their vendors accountable in terms of susceptibilities. So that when you sell a product to the federal government, you have to give some assurances that the product performs as indicated, and does not unduly expose you to cybersecurity attacks because of flaws that are inherent in its scope,” Mendes said.

The President’s National Security Telecommunications Advisory Committee (NSTAC) on Tuesday put forward proposals that would require all executive civilian branch agencies to monitor operational technology systems in real-time.

Mendes said the presidential proposals would help improve cybersecurity but would receive strong pushback from the tech industry and IT vendors.

“The administration has just started with the process and there will be an enormous amount of lobbying against it by vendors trying to minimize its effect. Vendors will do their best to minimize their exposure to change because they don’t want to have the accountability, they haven’t had accountability in the past, so why should they have it now? But the reality is that in the current environment, we can’t afford not to have accountability,” Mendes said.

Shortly after becoming the Commerce Department CIO in 2020, Mendes said that he would like to see greater accountability within the federal government regarding agency IT budgets due to “black hole” spending related to regulatory frameworks or modernization.

Mendes said he has worked in the past few years to use his almost $4.0 billion a year budget in a more efficient manner with less spending on IT tools and resources.

“We can show definite cost avoidance to a large degree by virtue of more collaboration within the agency in the past couple of years,” Mendes said.

“We’re leveraging those dollars elsewhere, where they’re more driven towards the mission of the Commerce bureaus and official business and less towards IT infrastructure,” he added.

Commerce spends approximately 30% of its budget on IT driven by heavy users like the National Oceanic and Atmospheric Administration, National Institute of Standards and Technology, U.S. Patent and Trademark Office, and Census Bureau. 

Mendes, however, drove the International Trade Administration, where he served previously as CIO, to spend only 10% of its budget on IT because of its cloud-first environments and abstraction layers. 

This allowed the agency to automate more processes and freed up employees for work more tied to mission areas like tariffs.

The post Cybersecurity skills shortage has led to a talent war between agencies says Commerce CIO appeared first on FedScoop.