Previously, members of the cybersecurity community including regulated entities, academics and nonprofits had until Sept. 15 to submit their comments. They now have until Oct. 31.

The White House earlier this month issued a request for information as it seeks views on how to harmonize and streamline new proposed cybersecurity regulations across all sectors of the U.S. economy.

In particular, the White House wants to understand how updated requirements for the critical infrastructure sector could be harmonized with requirements for other industries.

In an updated note in the Federal Register, ONCD said it “seeks input from stakeholders to understand existing challenges with regulatory overlap, and explore a framework for reciprocity in regulator acceptance of other regulators’ recognition of compliance with baseline requirements.”

“‘Harmonization’ as used in this RFI refers to a common set of updated baseline regulatory requirements that would apply across sectors. Sector regulators could go beyond the harmonized baseline to address cybersecurity risks specific to their sectors,” it added.

In March, the Biden administration issued a new national cybersecurity strategy, which included measures to impose minimum security standards for critical infrastructure and to shift the responsibility for maintaining the security of computer systems away from consumers and small businesses onto larger software makers. 

That document represented a shift from the White House’s more recent approach to cybersecurity, veering from its long-standing emphasis on information sharing and collaboration toward a more strictly regulated approach.

The post ONCD extends deadline for comments on new sector cybersecurity requirements appeared first on FedScoop.

In a press release, the agency said it had awarded 22 separate grants as part of the new investment to institutions researching subjects including physics, computer sciences, materials research, engineering and chemistry.

The investment is part of NSF’s Expanding Capacity in Quantum Information Science and Engineering (ExpandQISE) Program, which was launched after the National Quantum Initiative Act was passed in 2018.

That law was passed by lawmakers with the intention of supporting the emerging field and working to ensure that the U.S. continues to serve as a global leader in science and engineering. ExpandQISE is focused on working to grow research capacity at institutions across the U.S. that have yet to be heavily engaged in quantum research and education.

The latest support involves new collaborations between emerging research institutions and existing research centers such as NSF Quantum Leap Challenge Institutes, Department of Energy National Research Centers, NSF Quantum Foundries, and leading QISE research institutions.

Commenting on the research investment, NSF Assistant Director for Mathematical and Physical Sciences Sean L. Jones said: “If we want America to be the first to explore and understand the quantum-scale frontiers of science, then we must support the excellence that exists at institutions all over our country.”

NSF Assistant Director for STEM Education James L. Moore III added: “Agency-wide, NSF is laser focused on making strategic investments that enhance access and preparation in quantum and the interest and participation among diverse groups in all settings, regions and jurisdictions across the country. Through these investments in quantum education, the agency is creating opportunities everywhere.”

Details of the new funding come after the Department of Energy last month allocated $11.7 million in research funding for six quantum computing research projects.

Those research initiatives are focused on exploring the limitations of the noisy, intermediate-scale quantum processors that are currently available.

The post National Science Foundation invests $38 million in quantum research  appeared first on FedScoop.

Salvagnini took up the role on June 4, following the retirement of preceding CDO Ron Thompson last year.

He joins NASA after spending more than 20 years working in technology leadership roles within the intelligence community. Most recently, he was director of the architecture integration group and chief enterprise architect within the Office of the Director of National Intelligence.

Prior to that, Salvagnini was technical director within the chief information office and chief data officer at the Defense Intelligence Agency, according to his NASA bio.

Commenting on the appointment on LinkedIn, Salvagnini said: “As I look to the future, I am energized by the NASA mission, ‘NASA explores the unknown in air and space, innovates for the benefit of humanity, and inspires the world through discovery’ and the strategic themes: discover, explore, innovate, and advance that enable that mission. I am also excited to grow my network and partner with CDOs and data professionals across government, private sector, academic, and research institutions.” 

In recent years, NASA has worked to increase automated data sharing with government and commercial contractors, including for the Artemis human exploration mission.

Within federal agencies, the chief data officer is responsible for data governance and lifecycle data management, as well as working to make sure agencies meet the requirements of the Federal Data Strategy and Open Government Data Act.

A NASA spokesperson confirmed Salvagnini’s appointment.

The post NASA appoints David Salvagnini as chief data officer appeared first on FedScoop.

As part of the inquiry, the agency will study the equity of certain remote identity-proofing technologies that the American public may use when accessing federal benefits. GSA plans to release a report with the results from the study in a peer-reviewed publication in 2024.

The study comes after major concerns over equity were one of several concerns raised by a May watchdog report highlighting failures in the development of GSA’s Login.gov facial recognition platform. According to that report, the concerns were a key reason for delaying the system rollout to certain government customers.    

In a note on LinkedIn announcing the study, Commissioner of the Federal Acquisition Service at GSA Sonny Hashmi said: “This is an important study and initiative to test and validate facial recognition and matching algorithms and technology to identify barriers across demographic lines.” 

“The results will not only inform government strategy moving forward, but will also lower barriers for more Americans when they interact with their government digitally,” he added.

In recent years, government watchdogs and independent nonprofits have long raised concerns about the potential for facial recognition technology used by federal agencies to encode racial bias. In 2019, the GAO called on law enforcement agencies to further study the impact of facial recognition technology on equity.

A study by the National Institute of Standards and Technology, which was published in late 2019, found that facial recognition systems falsely identified African-American and Asian faces 10 times to 100 times more than Caucasian faces. According to that study, among a database of photos used by law enforcement agencies in the U.S., the highest error rates came in identifying Native Americans.

GSA is seeking prospective study participants, and anyone who takes part in the study will receive a $25 gift card. 

The post GSA undertaking study to examine racial bias in facial recognition tech appeared first on FedScoop.

Designing, piloting and assessing the “results of new approaches” to the technology is one of several areas that will receive federal research dollars, according to the document. The plan also outlines the need to build tools for regulating AI as another area of focus.

“AI is one of the most powerful technologies of our time …[t]he federal government plays multiple essential roles, including mitigating AI risks and using AI technology to better deliver on the wide range of government missions, advance solutions to the Nation’s challenges that other sectors will not address on their own, and tackle large societal challenges,” it says.

The details were included in the administration’s research and development plan for fiscal year 2025, which provides agencies with guidance on core White House priorities as they develop funding proposals as part of the congressional appropriations process. 

In addition, the plan sets out a range of further key research and development spending priorities, which include leading the world in security and stability, improving health outcomes, reducing barriers and inequities and supporting U.S. economic growth.

The document, which was signed by OMB Director Shalanda Young and Office of Science and Technology Policy Director Arati Prabhakar, said: “To make its vital contribution to our future, federal R&D must sustain America’s leadership position in science and technology. It must take aim at and achieve bold, barely feasible goals. Federal R&D must translate into new products and services, new industries and jobs, new policies and regulations, and new standards and practices. And it must bring the power of innovation to important national missions that have not traditionally benefitted from R&D.”

The White House sets its core research and development priorities ahead of federal agencies’ annual budget submissions to OMB. Departments must then ensure that these R&D spending priorities are reflected in their submissions.

The post Using AI to improve government functions among top Biden administration R&D priorities for fiscal 2025 appeared first on FedScoop.

OPM established the program following consultation with the White House. It allows executive and judicial branch employees and agency leave bank programs to donate unused leave to employees who need it.

Leave banks are voluntary systems set up on an agency-by-agency basis, and are governed by title five of the United States Code, which allow government workers to contribute unused leave to other staff who need it. In 2017, OPM set up emergency leave transfer programs for government workers in response to hurricanes Harvey, Irma and Maria, which caused widespread damage in the Florida panhandle and along the U.S. Gulf Coast.

“Agencies with employees adversely affected by the 2023 Hawaii Fires are in the best position to determine whether, and how much, donated annual leave is needed by their employees and which of their employees have been adversely affected by the emergency within the meaning of OPM regulations,” an OPM spokesperson said. “They are also in the best position to quickly facilitate the transfer of donated annual leave within their agencies.”

Deadly wildfires swept through the island of Maui last week, destroying much of the historic town of Lahaina. As of Wednesday afternoon at 4 p.m. EST, the death toll from the blaze had risen to 106, according to the Associated Press.

At least 2,000 businesses on the Hawaiian island remain without electricity, and in many places, the fire has contaminated the water supply.

President Joe Biden and First Lady Jill Biden are next week scheduled to travel to Maui meet survivors.

The post Emergency leave transfer program authorized for federal workers hit by Maui wildfires appeared first on FedScoop.

In a wide-ranging audit of the U.S. Department of Agriculture division, the National Academy of Public Administration found a host of major concerns including unintegrated IT systems, lack of staff technical knowledge and the continued use of a COBOL-based mainframe system.

The National Finance Center provides human resources and payroll services to over 170 federal employers across all three branches of the government. NAPA’s audit warned that failure to modernize NFC’s IT systems and address further system issues poses an existential threat.

“NFC’s IT systems, including its mainframe, are in need of modernization. NFC’s antiquated IT systems and inefficient manual processes have degraded customer service, impeded efficiency, demoralized the workforce; increased the potential for errors, and created a rising risk of a service impairment, disruption, or possible cyber event,” NAPA authors wrote in the report.

The report added: “NFC’s future is at risk without prompt action. Should NFC fail, the consequences would be felt immediately by the hundreds of thousands of federal employees working for organizations like the Department of Homeland Security, Department of Justice, and NFC’s other approximately 170 clients.”

NFC was established 50 years ago, initially to serve the needs of agencies and organizations within USDA. The agency has never missed a payroll despite facing significant challenges outside of its control, including significant damage to its New Orleans headquarters during Hurricane Katrina, the COVID-19 pandemic and multiple other government shutdowns.

The post Legacy IT systems jeopardizing future of USDA’s National Finance Center, report says appeared first on FedScoop.

An updated version of NIST’s Cybersecurity Framework 2.0 incorporates recently submitted industry feedback and expands the document’s scope to provide guidance for organizations of all sizes, instead of focusing primarily on guidance for critical infrastructure.

The cybersecurity framework — along with NIST’s Risk Management Framework — is used by federal agencies to plan for and mitigate cybersecurity risks. The latest draft comes as the Biden administration ramps up its focus on addressing cyber-supply chain risk, including through the use of attestation forms and software bills of material.

In addition to expanding its scope, the latest draft has added a sixth function — govern — in addition to the document’s five existing functions: identify, protect, detect, respond and recover. It also provides additional specific guidance on how small firms should best implement the framework.

In January, NIST teased forthcoming updates to the framework and published a concept paper intended to spur feedback from industry.

The Commerce Department bureau will hold a workshop in the fall to discuss the draft and accept public comment until Nov. 4, although it does not intend to issue another draft version of the framework.

Commenting on the updated document, the framework’s lead developer Cherilyn Pascoe said: “With this update, we are trying to reflect current usage of the Cybersecurity Framework, and to anticipate future usage as well.”

“The CSF was developed for critical infrastructure like the banking and energy industries, but it has proved useful everywhere from schools and small businesses to local and foreign governments. We want to make sure that it is a tool that’s useful to all sectors, not just those designated as critical,” she added.

The post NIST publishes expanded draft of key cybersecurity framework appeared first on FedScoop.

Ragsdale moves into the role Aug. 14 from technology company Two Six Technologies, where most recently he was vice president for Department of Defense strategy.

Prior to working at Two Six Technologies, he held senior cybersecurity and cyber operations roles at the Department of Defense, including as acting director of defense research and engineering for modernization, where he was responsible for driving DOD-wide innovation.

In the new post, he will focus on leading work to strengthen the cyber workforce across the United States, including through measures announced as part of the White House’s National Cyber and Workforce Strategy, which was announced on July 31.

That document called for collaboration across government, industry and civil society groups to work together to increase the number of cybersecurity workers and urged an overhaul of the U.S. immigration system. The strategy also petitioned Congress to introduce new legislative measures to ensure foreign-born cyber workers that have been trained in America are able to stay in the country.

Commenting on Ragsdale’s appointment, former ONCD Director Chris Inglis said: “Dan is a national treasure whose innumerable contributions to the cybersecurity profession over the course of three decades have inspired my work and thousands of others fortunate to have been mentored by him. His skills, experience, and leadership abilities will be an invaluable resource for the ONCD mission, in particular for the Technology and Ecosystem Line of Effort.”

According to the Department of Commerce-backed cybersecurity labor market tracking website CyberSeek, there are currently more than 663,000 cybersecurity jobs open across the country. 

The post ONCD names Daniel Ragsdale as cyber workforce and education leader appeared first on FedScoop.

In a report published Monday, the watchdog said it believes the IRS could continue to implement this recommendation without the need for additional statutory authority.

The watchdog disagreed with a prior assessment by agency officials, reiterated in February, that establishing security requirements for the IT systems of paid preparers and others who file returns electronically would require additional statutory authority, and that it would be inefficient.

It said: “To fully implement this recommendation, IRS needs to develop a structure to coordinate across seven different offices working on information security-related activities, such as updating existing standards, monitoring authorized e-file provider program compliance, and tracking security incident reports. Without this structure, it is unclear how IRS can respond to changing security threats and ensure threats are mitigated.”

The audit is the latest in a line of watchdog recommendations for improving cybersecurity at the agency. In February, the GAO called on the IRS to improve its IT modernization processes, with a particular focus on measuring progress with moving systems to the cloud more closely.

This came after the Treasury Inspector General for Tax Administration in September called on the agency to improve the scope of its insider threat monitoring capabilities. In a report, that watchdog said the IRS CIO should work to ensure the agency’s insider threat team has access to all necessary information to carry out its work.

The post IRS must improve oversight of third-party cybersecurity, watchdog says appeared first on FedScoop.