Eric Hysen, CIO and chief AI officer for DHS, said Tuesday at the CrowdStrike Gov Threat Summit that “transparency and responsible use [of AI] is critical to get right,” especially for applications in law enforcement and national security settings where the “permission structure in the public eye, in the public mind” faces a much higher bar.

But that also creates a conundrum for those DHS elements that are more discreet in their operations and the information they share publicly, Hysen acknowledged.

“What’s required to build and maintain trust with the public in our use of AI, in many cases, runs counter to how law enforcement and security agencies generally tend to operate,” he said. “And so I think we have a big cultural challenge in reorienting how we think about privacy, civil rights, transparency as not something that we do but that we tack on” to technology as an afterthought, but instead “something that has to be upfront and throughout every stage of our workplace.”

While President Joe Biden’s AI executive order gave DHS many roles in leading the development of safety and security in the nation’s use of AI applications, internally, Hysen said, the department is focused on “everything from using AI for cybersecurity to keeping fentanyl and other drugs out of the country or assisting our law enforcement officers and investigators in investigating crimes and making sure that we’re doing all of that responsibly, safely and securely.”

Hysen’s comments came a day after DHS on Monday published its first AI roadmap, spelling out the agency’s current use of the technology and its plans for the future. Responsible use of AI is a key part of the roadmap, pointing to policies DHS issued in 2023 promoting transparency and responsibility in the department’s AI adoption and adding that “[a]s new laws and government-wide policies are developed and there are new advances in the field, we will continue to update our internal policies and procedures.”

“There are real risks to using AI in mission spaces that we are involved in. And it’s incumbent on us to take those concerns incredibly seriously and not put out or use new technologies unless we are confident that we are doing everything we can, even more than what would be required by law or regulation, to ensure that it is responsible,” Hysen said, adding that his office worked with DHS’s Privacy Office, the Office for Civil Rights and Civil Liberties and the Office of the General Counsel to develop those 2023 policies.

To support the responsible development and adoption of AI, Hysen said DHS is in the midst of hiring 50 AI technologists to stand up a new DHS AI Corp, which the department announced last month.

“We are still hiring if anyone is interested,” Hysen said, “and we are moving aggressively expand our skill sets there.”

The post AI transparency creates ‘big cultural challenge’ for parts of DHS, AI chief says appeared first on FedScoop.

“Now is the time for tech experts to make a real difference for our country and join the federal government,” the agency’s Chief Information Officer Eric Hysen said in a news release announcing the sprint Tuesday.

The AI Corps is modeled after the U.S. Digital Service and housed within DHS’s Office of the CIO. Its experts will support the use of the technology across the agency, the release said, such as “efforts to counter fentanyl, combat child sexual exploitation and abuse, deliver immigration services, secure travel, fortify our critical infrastructure, and enhance our cybersecurity.”

The announcement comes as federal agencies across the government have been working to implement the budding technology and develop their own guardrails for things like generative AI. President Joe Biden’s AI executive order also put an emphasis on the technology, including efforts to hire AI talent in the federal government.

The Office of Personnel Management, for example, announced flexible hiring authorities for AI-related positions late last year in an effort to promote hiring across the government. In its release, DHS said it’s using those authorities to “streamline and expedite the federal hiring process to ensure qualified candidates receive offers as quickly as possible.”

“As artificial intelligence becomes more powerful and more accessible than ever before, government needs the support and expertise of our country’s foremost AI experts to help ensure our continued ability to harness this technology responsibly, safeguard against its malicious use, and advance our critical homeland security mission,” DHS Secretary Alejandro Mayorkas said in the release.

The post DHS seeks 50 artificial intelligence experts for new AI Corps appeared first on FedScoop.

DHS is rolling out a set of policies around specific AI technologies — a process that started in September with the publication of guidance on the use of facial recognition and face capture technologies and continues now with a policy governing how the department will use commercial generative AI models.

The memo is signed and dated Oct. 24 but was uploaded to the department’s website Thursday. DHS also recently issued a privacy impact statement on commercial generative AI tools conditionally approved for use within the department, including ChatGPT, Bing Chat, Claude 2 and DALL-E2.

During an interview on FedScoop’s Daily Scoop Podcast, CIO Eric Hysen said DHS developed the new policy using the White House’s AI executive order and the corresponding Office of Management and Budget draft memo on how federal agencies should implement the order “to make sure that we have a comprehensive governance approach to specific types of AI technology that are in use across the department.”

“Our strategy has been that because AI is such a broad technology — or set of technologies — we are issuing specific guidance on different types of AI technology,” Hysen said.

Within the new guidance, Hysen writes he has “determined that DHS must enable and encourage DHS personnel to responsibly use commercial products to harness the benefits of Gen AI and ensure we continuously adapt to the future of work.”

The memo lays out how the department will “develop and maintain a list of conditionally approved commercial Gen AI tools for use on open-source information only” — such as those included in the recent privacy assessment — and security requirements and standards that personnel must follow when using commercial generative AI models.

“Immediate appropriate applications of commercial Gen AI tools to DHS business could include generating first drafts of documents that a human would subsequently review, conducting and synthesizing research on open-source information, and developing briefing materials or preparing for meetings and events. I have personally found these tools valuable in these use cases already, and encourage employees to learn, identify, and share other valuable uses with each other,” the memo reads.

At the same time, DHS has also been “experimenting” with building out its own large language models in-house and with the support of industry, he said.

“What we’re really looking to do there is learn,” Hysen told FedScoop. “I want a portfolio of AI projects that use models from different companies that let us understand what the benefits of different types are, that use some closed proprietary models, that use some open-source models, that test out different ways of deploying these models, some that might be shared commercial cloud instances, some that we might deploy on our cloud infrastructure, some that we might deploy in-house on our own hardware. We’re really in a learning mode here and are looking to try many different things technically, which is, as I’ve talked with other CIOs across government and across the private sector, I think, really the mode everyone is in.”

“We want to be maximizing our ability to learn how we can leverage these technologies in support of our mission,” he said.

DHS also issued broader guidance in September governing how DHS components should acquire and use AI and machine learning technologies.

Around that same time, Secretary Alejandro Mayorkas named Hysen — who’s been CIO of the department since 2021 — as DHS’s first chief AI officer. And back in April, Mayorkas launched a DHS Artificial Intelligence Task Force, which — co-chaired by Hysen — is responsible for producing the policies.

As such, Hysen and DHS have been developing a vision for the adoption and responsible use of AI that precedes the White House order and draft OMB guidance, which will require federal agencies to have chief AI officers within 60 days, once the directive is finalized. FedScoop has been tracking those CAIOs as they’re named.

“This is not something that just started when we added this title,” Hysen said. “This is work that has been going on for many years — many of our agencies and offices have been using AI and data science and machine learning in their operations for many years now. But … with the explosion of interest in generative AI and other topics over the last year, we’ve seen a need to really focus our approach across the department.”

The release of the executive order didn’t necessarily change any of that either because DHS has been working closely with the White House and anticipated its requirements.

“As you can imagine, with any document as comprehensive as the president’s executive order, it had been in the works for quite a while and many parts of the department had been working closely with the White House and the interagency for some time on several aspects of it. So we were anticipating some of the requirements there,” he said.

Hysen said that Mayorkas has been a driving force behind the department’s leaning into AI adoption, instead of hesitating as some federal agencies have.

“Very early he was using ChatGPT and other tools, right after they were released, in his personal life, and asking me and others how we could be leveraging the benefits of those technologies to better empower our workforce and give them what they need to get their job done,” Hysen said.

“Every day, we interact with more members of the public on a daily basis than any other federal agency. And the workload that our employees have is only growing,” he said. “And so when it comes to our use of AI within the department, the secretary saw very early that this could be a tool that could act as a force multiplier for us that could allow our agents and officers on the frontlines to spend less time doing routine paperwork, and more time actually focused on their security missions that would ultimately enhance our homeland security.”

The post DHS releases commercial generative AI guidance and is experimenting with building its own models appeared first on FedScoop.

“Something that we need all of you in industry to help us with to fix is [the] pretty sorry state of compatibility and interoperability among cloud productivity suites. It is an increasing problem for us,” DHS Chief Information Officer Eric Hysen said during a panel discussion at the ACT-IAC Imagine Nation ELC23 event in Pennsylvania.

The issue is something Hysen said the federal CIO Council is discussing and he expects it “to be a pretty significant topic over the next year.” 

“We need different instances of the same company software to be able to talk to each other a hell of a lot better than they do today, and we need the ability for more seamless collaboration across different companies’ offerings,” Hysen said.

Those issues, he said, impact collaboration at DHS. 

The department, which has roughly 260,000 employees, includes several civilian agencies and a military service, the U.S. Coast Guard. That means that while the Coast Guard operates on .mil, all the other agencies operate on .gov, he said.

“I can’t easily collaborate with my own colleagues in DHS due to the really sad state of collaboration ability on commercial cloud products,” Hysen said.

Fixing those problems will be important for public safety not just at a federal level, but at a state and local level, too, he said.

“One of DHS’s missions is information sharing with our state, local, tribal and territorial partners,” Hysen said. Those partners, he said, need to be able to collaborate and share information across jurisdictions and different levels of government.  

“The lack of easy tooling to support that is putting people at risk, and it can be harder for our government agencies at all levels to keep people safe,” he added.

The post Industry help needed to fix ‘sorry state’ of cloud tool interoperability, DHS official says appeared first on FedScoop.

In a release, DHS Secretary Alejandro Mayorkas announced the directives — one to guide the acquisition and use of AI and machine learning, and another to govern facial recognition applications — and named department CIO Eric Hysen as chief of AI.

The new policies were developed by DHS’s Artificial Intelligence Task Force (AITF), which was created in April 2023.

The news comes after the Government Accountability Office released a report earlier this month outlining the DHS’s lack of policies and training for law enforcement personnel on facial recognition technology. 

“Artificial intelligence is a powerful tool we must harness effectively and responsibly,” said DHS Secretary Alejandro Mayorkas said in a statement. “Our Department must continue to keep pace with this rapidly evolving technology, and do so in a way that is transparent and respectful of the privacy, civil rights, and civil liberties of everyone we serve.”

The release explains that DHS already uses AI in several ways, “including combatting fentanyl trafficking, strengthening supply chain security, countering child sexual exploitation, and protecting critical infrastructure. These new policies establish key principles for the responsible use of AI and specify how DHS will ensure that its use of face recognition and face capture technologies is subject to extensive testing and oversight.”

As DHS’s appointed chief of AI, Eric Hysen will work to promote innovation and safety in the department’s uses of AI and advise Mayorkas and other DHS leadership.

 “Artificial intelligence provides the department with new ways to carry out our mission to secure the homeland,” Hysen said in a statement. “The policies we are announcing today will ensure that the Department’s use of AI is free from discrimination and in full compliance with the law, ensuring that we retain the public’s trust.”

During the past two years of the Biden administration, multiple prominent civil rights groups have harshly criticized DHS’s approach to facial recognition, particularly its contracts with controversial tech company, Clearview AI, which continues to work with the agency.

“DHS claims this technology is for our public safety, but we know the use of AI technology by DHS, including ICE, increases the tools at their disposal to surveil and criminalize immigrants at a new level,” Paromita Shah, executive director of Just Futures Law, a legal nonprofit focused on immigrants and criminal justice issues, said in a statement on the new policies. 

“We remain skeptical that DHS will be able to follow basic civil rights standards and transparency measures, given their troubling record with existing technologies. The infiltration of AI into the law enforcement sector will ultimately impact immigrant communities,” Shah added. 

The post DHS names Eric Hysen chief AI officer, announces new policies for AI acquisition and facial recognition  appeared first on FedScoop.

The new office will report to DHS’s Office of the CIO and be led by Dana Chisnell, who’s been serving as executive director of customer experience at the department for the past year. She also served two separate tours of service with the U.S. Digital Service.

“The Department of Homeland Security interacts with more Americans, on a daily basis, than any other federal agency,” DHS Secretary Alejandro Mayorkas said in a statement. “We understand that for government to effectively serve the public, our services, resources, and support must be easily and readily accessible. DHS is committed to meeting that mandate, and our new Customer Experience Office will help ensure an effective, efficient, and customer-first approach to all our work on behalf of the American people.”

Following the Biden administration’s 2021 customer experience executive order, CIO Eric Hysen has made improving service delivery a top priority for his office.

“DHS is committed to improving how we interact with over one billion people each year, to improve service delivery and strengthen our critical security missions,” Hysen said. “This new office will prioritize customer-focused service delivery and serve as a model within the Department to implement President Biden’s customer experience vision.”

In August 2022 at FedScoop’s FedTalks, Hysen announced an initiative to ramp up the hiring of customer experiences specialists across DHS. And now with the new CX office opened, DHS is continuing to recruit such personnel.

The White House’s 2024 budget proposal requested more than $500 million to support customer experience initiatives, including standing up CX offices at large departments that deliver important services to the American public. DHS was listed as one of those agencies in the request.

The post DHS stands up permanent customer experience office appeared first on FedScoop.

As Congress on Wednesday got close to suspending the United States’ debt ceiling and limit spending, including rescinding some funds appropriated for federal government IT spending, the Government Accountability Office (GAO) says more money will likely be needed for the IT modernization in the near future despite the ongoing battles to restrict spending.

“This probably is not what you want to hear given the current fiscal environment, however, [IT] modernization may not be a cost saving endeavor. What we do get are newer systems that are more efficient, better functionality and stronger security,” said Kevin Walsh, Director of Information Technology and Cybersecurity at the GAO during a Senate Homeland Security Committee hearing on ‘Modernizing DHS’s Mission-Critical Legacy IT Systems.’

Some prominent Democrats in Congress and Biden administration cabinet secretaries have voiced serious concerns about threats to IT modernization within the federal government due to restrictions or caps in federal agency budgets that Republicans in Congress have pushed for.

DHS was criticized during the hearing by Senator Maggie Hasan, D-N.H., for not providing Congress an agency- wide IT modernization plan despite Hasan asking for one in 2020 and 2022, which DHS chief information officer Eric Hysen said was not needed because the DHS IT budget provides the plan and priorities of the agency. 

Furthermore, Hysen said that DHS will update its IT strategic plan and submit that to Congress before the end of the fiscal year in order to provide further clarity on its IT modernizations plans and justifications for its budget. 

The post DHS likely needs more funding for IT modernization, says watchdog official appeared first on FedScoop.

The hiring initiative will be an agency-wide effort to fill roles that are critical across all of DHS’s teams and bureaus, Hysen said at the FedTalks tech conference Wednesday, hosted by FedScoop.

“We’ll be launching department wide for two different skill sets, both product management, as well as customer experience and design will have open applications that will allow anyone to apply once for positions all across the department,” Hysen told FedScoop during an interview.

“Overall, we’ve seen that we really need a significant increase in customer experience and design skill sets across our federal workforce. This is something that started out as an OMB effort to do a government wide hiring push at the GS-13 team level last year that we’ve started to hire off of and we’re now expanding at the GS-14 and 15 level,” he added.

Hysen also said the DHS is pivoting away from the Defense Department’s Cybersecurity Maturity Model Certification, or CMMC rulemaking approach when it comes to implementing vendor cyber due diligence assessments and software assurance processes.   

“We don’t want to reinvent the wheel, we don’t want to make things more confusing for industry but we ultimately learned that CMMC was not the exact right model for us,” said Hysen. 

“So we’re exploring and looking at some different alternatives. Now, we’re not on the cusp of rolling out anything anytime soon but we’re continuing to work with industry on this,” he added.

DHS announced last April that it is developing a supply chain risk management program in the wake of the SolarWinds cyberattack and the ensuing Zero Trust initiative. 

The agency was initially looking to pilot the DOD’s CMMC approach within DHS’s vendor base, Hysen said during FedScoop’s IT Modernization Summit last year.

The department wants to implement vendor due diligence assessments and software assurance processes to understand the provenance of commercial off-the-shelf products before they’re purchased and used.

Hysen said the decision to move away from CMMC model was informed by DHS sampling its vendors earlier this year with a self-assessment questionnaire to evaluate their overall cyber-hygiene risk.

“One of the things we have learned is that we have a different type of vendor base. So we rely heavily on small innovative non-traditional businesses across all parts of the department,” said Hysen.

“And we need to make sure that we have a model that is not overly burdensome on them, that doesn’t lock us down or prevent us from working with those small and innovative businesses that are critical to our success,” he added.

The post DHS announces major customer experience hiring initiative appeared first on FedScoop.

A representative sample of vendors with Homeland Security Acquisition Regulation (HSAR) Class Deviation 15-01 in one or more of their contracts will receive the questionnaire “in the coming days,” Hysen writes, in a notice posted to SAM.gov Wednesday. HSAR Class Deviation 15-01 increases contractor IT system security requirements and responsibilities responding to sensitive information incidents, in contracts and solicitations with a high risk of unauthorized access or disclosure of that information.

DHS began incorporating cyber-hygiene clauses, requiring contractor compliance with standards and protections, into contracts and agreements in 2015, and it wants to determine if they’re adversely affecting its small industry base — as part of its effort to assess overall compliance.

“By releasing this questionnaire to our vendors, we expect to establish a statistically viable assessment of overall cyber hygiene risk across DHS that will guide continued work towards an improved cyber posture and will aid in establishing the focus of future program development, including government-led assessments,” reads the notice.

The results will also help DHS mature its Cyber-Supply Chain Risk Management (C-SCRM) program, the posting adds.

Hysen issued the notice along with DHS Chief Procurement Officer Paul Courtney.

“Our end goal remains to have a means of ensuring a contractor has key cybersecurity and cyber hygiene practices in place as a condition for contract award,” reads the posting.

The post DHS wants to know how cyber-hygiene contract clauses are affecting vendors appeared first on FedScoop.

Hysen intends to make the department an “active user” of the TMF, which recently got a $1 billion injection under the Biden administration’s American Rescue Plan Act, he said at the Professional Services Council’s Federal Acquisition Conference.

DHS‘s four projects run the gamut, from improving the processing of immigrants at the southern border and making “the experience of going through an airport easier, more seamless, and more secure,” Hysen said, to modernizing how DHS components work with data in conjunction with the department’s new Office of the Chief Data Officer and better sharing threat information with state and local law enforcement.

Hysen said DHS is approaching the TMF now differently than it has in the past by looking to apply modernization across the department, rather than focusing only on single components. Customs and Border Protection, a DHS component, won a $15 million TMF award last July to continue modernization of its Automated Commercial System, a mainframe platform that runs on  3.9 million lines of COBOL code to track, control, and process everything imported into the U.S.

“[W]hat we’re trying to do very deliberately is not just use the TMF as an opportunity to look at our big list of unfunded modernization programs that we just need one vendor, we already have a whole plan for, but really to look at common problems and challenges across the department and set up systems and structures that will allow us to move together because we think we can get a lot more done if we modernize in common, aligned ways across DHS components and systems,” he said.

To be clear, Hysen said, he’s not advocating for DHS to build single systems “to rule them all.” Rather, he said, “we want to address these issues holistically from the experience up from the perspective of the people that are depending on DHS, whether those be immigrants, travelers, state and local law enforcement officers, and using the TMF as a way to move to move forward together across different parts of the department.”

Since the $1 billion injection into the fund, the board that leads the TMF award process has introduced a more flexible model for agencies to repay those investments. The board is also prioritizing selecting and funding projects “that cut across agencies, address immediate security gaps, and improve the public’s ability to access government services.”

Zero trust and the cyber EO

Hysen described President Biden’s recent cybersecurity executive order as “one of if not the most ambitious attempts to lay out a new framework for federal cybersecurity ever.”

That order calls for federal agencies to modernize their cybersecurity, namely through the adoption of a zero-trust architecture. Hysen said while that’s the right direction to move in, it’s important to keep in mind that “zero trust is not something we’re going to buy and turn on one day.”

“[I]t’s easy to think about this as, ‘Oh, just buy your zero trust product, turn it on on your network, and then everything will be great,'” Hysen said. “And that is in no way what we’re talking about. When we think about zero trust, we think about, in many ways, a fundamental rethinking of our security architecture, away from this outdated model of perimeter defense — that we can build a wall around our network and everything inside is safe, everything outside is unsafe — and that we have to be securing every system, every server, every endpoint and our data as it moves within our network and outside of it. And that’s going to require a lot of time; this is not going to be something that we do overnight.”

DHS has a zero-trust working group led by its CTO “that’s working across our components to look at different approaches,” Hysen said, adding that the department is working in three-to-four-month sprints to deliver new pieces of the security architecture iteratively. First up, he said, is conditional access and rights management.

“I expect [zero trust] to be something that will only become more important over time, and will be important that we really do this as a marathon…because it is such a fundamental rethinking of our security architecture,” Hysen said.

The post DHS applied for TMF funding for 4 projects, CIO Hysen says appeared first on FedScoop.