The Federal Secure Cloud Advisory Committee will tap Lawrence Hale as the new committee chair effective May 15. Hale, who serves as deputy assistant commissioner within the Office of Information Technology Category Management for GSA’s Federal Acquisition Service, will act as a liaison for the group and as its designated federal officer, as well as serving as a spokesperson for committee work products. 

“The inaugural committee has provided great value and insight over the past year to help ensure secure adoption of cloud computing products and services across agencies,” GSA Administrator Robin Carnahan said in a press release. “We are grateful to all our committee members for bringing their wealth of cloud expertise to help the committee continue equipping agencies with what they need to address ever-evolving threats in order to securely deliver for the American people.”

Two vacant FSCAC seats will be filled by Josh Krueger, chief information security officer for Project Hosts, and Kayla Underkoffler, lead security technologist at HackerOne. Carlton Harris, senior vice president of End to End Solutions, will also join the committee, serving a full three-year term.

Michael Vacirca, a senior engineering manager at Google who has served one year on the council, was reappointed to a full term.

The committee’s inaugural appointments were made last year, with Ann Lewis, director of GSA’s Technology Transformation Services, serving as chair.

The post GSA appoints new members to FedRAMP advisory committee appeared first on FedScoop.

Jamie Holcombe, chief information officer in the patent office, said that when it comes to adoption of emerging technologies like AI, leadership within the federal government needs to change the culture and incentive structure of the workforce.

“Culture, culture, culture. I don’t care about the tech. We can solve it. We prove that you can. But it’s the culture, if they’re willing to receive [new tech]. Unless there’s a burning platform, a lot of people will say, ‘I’ll [have] somebody else do it, I’ll figure it out later,’” Holcombe said during the Google Public Sector Forum hosted by Scoop News Group in Washington, D.C.

“Especially with government bureaucracy, we have so many people that are just incentivized to sit there and punch their card, turn the paper or, you know, sign this and put it over here, I did my job,” he added. “We need to change and challenge the status quo, we need to get a sense of urgency and incentive for our government workers.”

The USPTO in 2021 sent its top engineers to Google to be certified in TensorFlow and develop neural network feedback loops for patent examiners to rate algorithms, as well as to apply machine learning and AI to patent classification, search and quality.

Holcombe was highly critical of the federal government’s approach to innovation and long-term modernization during the Google forum.

“Our budgeting process is stupid. Our procurement is stupid. Everything we do in the government is pretty stupid, when you compare it to the commercial world, right?” Holcombe said. “There’s so many lessons that no one is willing to take. Who in their right mind would run a commercial enterprise or operation using a budget that was conceived three years ago?”

He also highlighted key differences between how the federal government and the private sector operate when it comes to emerging technologies like AI.

“If we ran our government like we ran Silicon Valley, we’d be much more efficient,” Holcombe said. “Can you imagine the Silicon Valley guy saying, ‘Wait a second, I have to fill all my compliance things before I prove my product works in the marketplace? What are you freaking kidding me?’” 

Google Public Sector Managing Director Aaron Weis pushed back on Holcombe regarding government compliance.

“We do compliance for the government, so we actually have to get all our Google products accredited,” Weis said. “So we’re gonna fill out all the government’s compliance forms, but we might use AI to do it now.”

The post USPTO CIO says AI adoption is held back by government culture and bureaucracy appeared first on FedScoop.

The US has fallen behind other nations in Asia and Australia when it comes to drone research and testing which has resulted in greater human risk for flying in dangerous conditions, Dr. Catherine Cahill, Director of the Alaska Center for Unmanned Aircraft Systems Integration (ACUASI) at the University of Alaska Fairbanks (UAF) told FedScoop.

In particular, Cahill noted that a delay in granting permissions to test the technology has stymied progress. After a decade-long effort, her research division at the University of Alaska was last month given special FAA waiver permits to determine the reliability of all drones under 300 pounds that commercial companies and research organizations seek to use in trial flights. 

Cahill said: “The delay in giving us [testing] permissions was a major roadblock in the commercial use of drones and its development. It was a tremendous gap, something we should have had permission for years ago.”

Commercial drone companies have also vocalized that the US has slipped behind other countries when it comes to drone and unmanned aircraft system authority and permissions.

Speaking alongside Cahill at a House Transportation and Infrastructure committee hearing Thursday, Adam Woodworth, CEO of Wing, Google’s drone delivery-focused subsidiary, said the United States risks missing out on opportunities for innovation in the sector. The executive cited Australia as a jurisdiction where more permissive testing rules have helped to spur innovation.

He said: “In very broad strokes it comes down to being predictable and pragmatic, there are aviation performance based standards and outcomes based rulemaking… Australia and their aviation regulator was one of the first to adopt those standards and rulemaking and that presented a framework where we could go and do commercial delivery packages for compensation.”

However, the US had the first ideas and innovations with drone rules and policies that are now being executed in Australia, according to Woodworth.

“Interestingly enough, the idea for this came from the United States. So the idea around performance based rulemaking, the ideas around this sort of standards creation is an idea created in the US it’s just that the US has now fallen behind in implementation of it. That’s why we fly mostly in Australia today,” said Woodworth, whose company is expected to be capable of handling tens of millions of deliveries for millions of consumers by mid-2024.

Speaking with this publication, Cahill also said that a changing regulatory landscape, the increased pace of innovation and national security concerns were among key drivers of investment by defense industrial base companies. Last month, Booz Allen Hamilton’s venture capital arm announced an investment in drone detection company Hidden Level, which uses advanced radio frequency sensing technology to detect unmanned aerial systems.

“The technology is improving, the war in Ukraine, among other places, is showing us what we need to have because drones are being used so effectively over there. So if we want to protect our National Airspace System, how do we do this,” said Cahill.

“There’s a need for private investment and they’re beginning to see that especially on the military and security side, and the money’s gonna go where they think there’s opportunity. So between the military push and the civilian pushes, there’s a lot of focus right now on how do we protect critical infrastructure, national security, and our population from different challenges,” Cahill added.

Cahill, who is also a professor at the University of Alaska, said her drone center is one of the seven FAA-designated drone system test sites in the US who have been vying for a waiver from the regulator to operate beyond visual line of sight flights under the BEYOND program. 

The testing sites have been forced to prove in particular that commercial drones were not going to endanger the National Airspace System and airport safety.

Cahill highlighted that public funding of commercial drone testing sites and clear regulatory approval processes remain major roadblocks in the advancement and development of key drone technologies. 

“Money for public operators is a big part of it. A lot of these Beyond programs that we’re working with the FAA are not funded. It’s us funding and putting our own skin in the game right now to help further the use cases that are going to be of value to our population and to the National Airspace and to the US in general,” Cahill said. 

“Also having clear regulatory direction or how we get from point A to point B that doesn’t require us doing a certification that is equivalent to doing it for a Boeing 737. Those types of things are very important for us,” she added.

The post Experts say US rules for testing commercial drone technology aren’t permissive enough appeared first on FedScoop.

In a statement, the department said it intends to beef up its cybersecurity technological capabilities and to more aggressively pursue those who put U.S. government information or assets at risk.

“The Department will bring to justice those who commit cyberattacks, whether they are lone actors, elements of transnational organized crime groups, or acting on behalf of nation states or terrorist groups. In parallel, the Department will work to disrupt and dismantle the online infrastructure that facilitates cyberattacks and to seize the criminal proceeds of such crimes,” the DOJ said.

It added: “To accomplish these goals, the Department will enhance its own technological and investigative capabilities.”

The Justice Department aims to improve its ransomware attack response by September 2023 by promising to significantly increase the percentage of reported ransomware incidents from which investigative actions are conducted within 72 hours and by increasing the number of ransomware matters in which seizures or forfeitures are occurring by 10%.

Despite cyberattacks being a common problem in the past decade, it is only the series of massive attacks last year on the computer systems of the federal government, the Colonial Pipeline, and the meat producer JBS that have brought mainstream awareness to the need for increased cybersecurity within the government and the private sector.

The DOJ will also enhance cybersecurity and fight cybercrime through four key strategies: deterring, disrupting, and prosecuting cyber threats; strengthening intergovernmental, international, and private-sector partnerships to fight cybercrime; safeguarding Justice Department data and information; and enhancing cyber resilience within the private sector and other government agencies.

“The Department will also use available authorities, including the False Claims Act, to hold accountable anyone who puts U.S. government information or assets at risk by knowingly providing deficient cybersecurity products or services, misrepresenting their cybersecurity practices or protocols, or violating obligations to monitor and report cybersecurity incidents and breaches,” the strategic plan said.

The post Justice Department identifies disrupting ransomware and cyberattacks as key objective in new strategic plan appeared first on FedScoop.

The center says it’s particularly interested in the topics of autonomous cyberdefense; user activity monitoring and attribution; social media and dark web analysis; DevOps techniques; network mapping; and data engineering. The Pentagon is currently accepting applications to attend the meeting and plans to host it in the Northern Virginia area in late summer or early fall of 2019, according to a notice.

The JAIC is the Pentagon’s hub for AI initiatives, and it has worked to get private industry involved in developing military applications.

The meeting’s notice also lists more detailed areas of need that the JAIC is interested in hearing pitches on, including vulnerability identifying, autonomous patching, self-generating code and retrospective and prospective analysis.

The meeting will be hosted by the DOD’s Rapid Reaction Technology Office on behalf of the JAIC’s Cyberspace National Mission Initiative.

Selected companies that present technology matching the DOD’s needs could be selected for pilot projects or experimentation, the notice said.

The post DOD’s artificial intelligence center wants pitches from industry this fall appeared first on FedScoop.

Wilcox will take over as vice president of strategic initiatives at By Light Professional IT Services, according to a release from the government systems engineering contractor.

Wilcox spent nine years in the senior executive service at SOCOM. He developed IT strategy and was responsible for supporting a global network that services 80,000 special operations personnel at the command. Before that, Wilcox spent almost 28 years in the U.S. Army.

“John is renowned as one of the very best signal leaders of his generation,” said Mike Hatcher, By Light’s chief revenue officer. “His long and distinguished career in both the conventional and Special Forces community will be a tremendous asset to the company as we conceive, build, and deploy new capabilities and services for the world’s most demanding customer missions.”

Wilcox was stationed in Hawaii and the Middle East during his time in the Army. In his role at By Light, he will develop new capabilities for the company’s war-fighting customers.

The post USSOCOM CIO moves to private sector appeared first on FedScoop.

Michael Kratsios, U.S. deputy CTO and the current de facto head of the Office of Science and Technology Policy, said that while the administration is pushing for agencies to make AI a priority in their research and development spending, it also wants to partner that with the private sector and academia to help outpace competitors like China on development.

“I’m always going to bet on the American innovation ecosystem,” he said Tuesday at the U.S. Chamber of Commerce’s AI Summit. “What has made the United States an engine or the home for the greatest technological innovation over the last 100 years? My answer to that is our R&D ecosystem. What is our ecosystem? It’s one part federal funding, one part private sector and one part academia.”

To help drive that ecosystem, the Trump administration is pushing for agencies to spend more R&D dollars to help drive basic research breakthroughs in AI, a technology that could have a near-limitless impact.

“The federal government spends about $150-plus billion a year on R&D and it’s critical that we prioritize AI as a research area,” he said. “So actually getting agencies to be allocating dollars towards a specific research area is a little trickier than you would imagine. The best to do that is you have to send very strong signaling from the White House to agencies that they should be thinking or prioritizing AI.”

Kratsios said the fiscal 2019 budget, as well as the Office of Management and Budget’s memo of the fiscal R&D priorities, laid out the administration’s game plan on spotlighting AI. Now agencies are starting to develop their investments, including the June debut of the Summit supercomputer at Oak Ridge National Laboratory in Tennessee.

That innovation also has to be matured through a cyclical cooperation with the private sector, the deputy CTO said. So the White House is also looking at streamlining the federal regulations in areas that could present barriers to emerging technology innovation, such as the Federal Aviation Administration’s rules on drone use.

But while the private sector can drive breakthroughs on the application side of R&D, Kratsios added that the federal government has to be the leader in promoting basic research into the core concepts behind AI technology by leveraging its national labs and providing research funding to the nation’s colleges and universities.

“Our greatest inventions don’t happen because the president or an agency, by edict, decide that we shall do this. It is a collaborative, creative, free and open environment for scientific discovery,” he said. “You kind of see this zig-zag of progress through technology. It’s done through the creative, innovative spirit of America, rather than this top-down, heavy-handed industrial approach. For us, that’s what we are kind of doubling down on.”

In May, Kratsios and the White House hosted a meeting with industry and academic stakeholders to discuss the future and promise of artificial intelligence.

The post White House continues push for public-private collaboration on AI appeared first on FedScoop.

Karinda Washington and Russell Deyo, from DHS, at the Exemplar launch. Photo by INSA.

A handful of personnel from the Department of Homeland Security working in cybersecurity, engineering and other scientific and technical fields will get free training from the private sector under a new pilot program unveiled Monday.

“The opportunity to share ideas, share knowledge, helps us all achieve great success,” DHS Undersecretary for Management Russell Deyo said at the launch of Exemplar, the new DHS pilot program that will place 10 mid- and senior-level officials from its Science and Technology, and National Protection and Programs Directorates in training slots.

“We require and depend on joint partnerships” like Exemplar, he told the launch event, put together by the Intelligence and National Security Alliance — a trade association and thought leadership institute for intelligence and homeland security contractors.

INSA President Chuck Alsup called Exemplar “the type of initiative that is a win, win, win — for government, for industry and for the country.”

Deyo said Exemplar grew out of an existing initiative, under which executives from private sector companies got to spend time working at DHS. “There was a request for a reverse Loaned Executive Program,” he said, adding that the program had been stood up “extraordinarily quickly” in just one year.

The program officer for the Exemplar, Karinda Washington, found the necessary legal authorities in a 1958 law, the Government Employees Training Act, “by using Google,” Deyo joked.

Washington herself explained that companies would have to apply to host the a trainee for six months. The applicant companies will be vetted to ensure they are suitable, and then the opportunities will be posted for relevant DHS staff. There will be two tracks — one managerial, for senior staff, and one operational for junior personnel.

The kind of exchange represented by the program is “not just for homeland security but for our government workforce” as a whole, added DHS Undersecretary for Science and Technology Reginald Brothers.

Once trained, staff have to return to work for DHS for at least three times the length of the assignment afterward, Washington said. According to an announcement on the department’s website, the selectees will be “exceptional employees expected to assume increased science and technology and cybersecurity responsibilities in the future.”

The six areas in which opportunities are being sought are cybersecurity; engineering; multi-hazard mitigation and infrastructure investment; physical and cybersecurity integration; research and development; and scientific research.

“We mean to have folks out on the program within three months,” Washington said.

The urgency was driven in part by the need to get the pilot approved into a program of record before the senior officials at the department all leave during the transition.

“We’re trying to get the pilot finished in time before our administration changes over,” she said.

Contact the reporter on this story via email Shaun.Waterman@FedScoop.com, or follow him on Twitter @WatermanReports. Subscribe to the Daily Scoop to get all the federal IT news you need in your inbox every morning at fdscp.com/sign-me-on.

The post DHS cyber warriors will train with private sector appeared first on FedScoop.

In an request for information posted Thursday to the Federal Register, NIST wants to learn how organizations are sharing the framework’s best practices, what parts of the framework are utilized more than others and what sections need to be updated.

“We’re looking forward to receiving feedback on specific questions about its use and how it might be improved,” said Adam Sedgewick, NIST’s senior information technology policy adviser.

The document was crafted after a year-long process and eventually released in 2014.

Earlier this year, cybersecurity experts told FedScoop the framework point has raised the cybersecurity conversation to the boardroom level at major corporations and critical infrastructure providers. Intel Corp. tested the framework at two of its major corporate divisions and found it provided enough benefit that it planned to expand use of it throughout 2015.

Earlier this week, a new survey found that 82 percent of respondents, who worked in IT departments at federal agencies, were using portions of the framework in their own cybersecurity programs.

Feedback gathered from the RFI will be used in developing a workshop on the framework being planned for April 6 and 7, 2016, at NIST’s Gaithersburg, Maryland, campus.

Comments will be accepted until Feb. 9, 2016.

The post NIST wants more feedback on cybersecurity framework appeared first on FedScoop.

A number of companies and foreign governments have taken advantage of rules like the ones set out by the Federal Risk and Authorization Management Program or those that govern Amazon’ Web Services GovCloud — not so their products can sell to the U.S. government, but for their own purposes.

That same demand has driven steep growth in secure cloud offerings: AWS has seen a 273 percent year-over-year growth in use of GovCloud by government and private sector customers.

Amazon Web Services’ Vice President of Worldwide Public Sector Teresa Carlson told FedScoop at last week’s re:Invent conference that the standards set in FedRAMP have driven the U.K., Australia and Singapore to use the same baselines as what’s established for the U.S. government.

“There is no real cloud security model that’s been written in the U.S. outside of FedRAMP,” Carlson said. “Enterprises want a model they can snap into, and I think FedRAMP is as good as model as any.”

Jon Check, the vice president of North American public sector for CSC, said FedRAMP not only allows gives the agencies a way to drive out security complexities, it has helped with the company’s own move into Amazon’s GovCloud.

“Is it perfect? Absolutely not,” Check said. “But there is a baseline. FedRAMP controls give you a great way to document everything that you are doing. Everybody has a certain layer they want to add to it, but I think it is a baseline to build from.”

That baseline has been important for CSC, which has been dealing with a company split since May. The split has forced the public sector side of the company to move into a hybrid cloud environment, which Check said helps CSC guide agencies when setting up their own hybrid cloud instances.

“We focus on ensuring that we are ‘customer zero’ for everything we are delivering for the federal government,” Check said. “We are living the dream that we are professing.”

By operating in AWS GovCloud, CSC meets a number of government standards by default, including FIPS 140-2, the Federal Information Security Management Act and the Criminal Justice Information Systems standards.

Private satellite imagery company Planet Labs has stood up its operations in GovCloud due to the clearance needed for its satellites, which are governed by International Traffic in Arms Regulations. The San Francisco-based company is in the process of placing 150 satellites into orbit that will take 370,000 images of the Earth’s surface per day.

Troy Toman, director of Engineering for Planet Labs, said GovCloud’s ITAR clearances, along with the ability to store and process 11 terabytes of photos a day, provides an ideal solution for the startup.

“The flexibility that GovCloud gives us is being able to serve both parts of this business in a way that’s economic and efficient,” Toman said.

He told FedScoop that he attributes the rise in GovCloud to the government driving the public sector to meet requirements and doing so in a manner that meets the speed of startups.

“Many government customers helped,” Toman told FedScoop. “It wasn’t just commercial users trying to push the government to say, ‘Let us do this.’ We’d always push people to go faster, but we’ve found [the government] to be very flexible and open to making [regulatory] adjustments. I think it’s all part of the partnership that goes into various commercial entities that are moving into some of these spaces that were traditionally government only.”

The post Private companies ♥ U.S. government cloud security controls appeared first on FedScoop.