FedScoop » News http://fedscoop.com Federal technology news and events Mon, 20 Oct 2014 13:18:32 +0000 en-US hourly 1 Sonny Bhagowalia named Treasury CIO http://fedscoop.com/sonny-bhagowalia-treasury-cio/ http://fedscoop.com/sonny-bhagowalia-treasury-cio/#comments Mon, 20 Oct 2014 00:48:54 +0000 http://fedscoop.com/?p=64421 Sanjeev "Sonny" Bhagowalia, the former CIO of the State of Hawaii, returns to Washington to take over Treasury's $3.5 billion IT portfolio.

The post Sonny Bhagowalia named Treasury CIO appeared first on FedScoop.

]]>
Sonny Bhagowalia

Sonny Bhagowalia will take over as Treasury CIO after spending three years in Hawaii. (Credit: FedScoop)

Sanjeev “Sonny” Bhagowalia has been named chief information officer of the Treasury Department, FedScoop has learned.

According to Bhagowalia’s LinkedIn page, he will serve as both CIO and deputy assistant secretary of information systems. His first day is Monday.

Bhagowalia, who has held a variety of federal IT positions in the past, comes from Hawaii, where he served as the state’s first CIO, as well as chief adviser on technology and cybersecurity to Gov. Neil Abercrombie. His work in Hawaii landed him a StateScoop GoldenGov award earlier this year.

The Treasury position became vacant after Robyn East retired in June. East had served asTreasury CIO since March 2011. Deputy CIO Mike Parker had been filling in on an interim basis.

Prior to his role in Hawaii, Bhagowalia held a number of federal positions, including deputy associate administrator in GSA’s Office of Citizen Services and Innovative Technologies, CIO of the Interior Department and Bureau of Indian Affairs, and a program management executive at the FBI. Prior to joining the federal government, he spent 14 years at Boeing as chief engineer of business development and systems integration.

As Treasury CIO, Bhagowalia will be in charge of a $3.5 billion IT/IRM portfolio and will be responsible for the department’s IT strategy, managing its IT investments and leading new technology initiatives.

“Over the past three years, Sonny has helped Hawaii leapfrog from the back of the pack in technology and cybersecurity to the front of the line and we are now one of best in the country,” Abercrombie said in a prepared statement.  “Under Sonny’s leadership, our government transformation program has garnered an unprecedented 25 national awards, including last week’s announcement of his 2014 Enterprise Architecture (EA) Hall of Fame Award for Individual Leadership in EA Practice, Promotion and Professionalization.”

The governor expressed confidence that Hawaii has “the right plans” thanks to Bhagowalia’s leadership.

The post Sonny Bhagowalia named Treasury CIO appeared first on FedScoop.

]]>
http://fedscoop.com/sonny-bhagowalia-treasury-cio/feed/ 0
White House unveils executive order to strengthen financial security http://fedscoop.com/white-house-unveils-executive-order-strengthen-financial-security/ http://fedscoop.com/white-house-unveils-executive-order-strengthen-financial-security/#comments Fri, 17 Oct 2014 21:08:30 +0000 http://fedscoop.com/?p=64391 In the wake of major credit card breaches at Target, Home Depot and J.P. Morgan over the past year, a new executive order from President Barack Obama will require consumer-facing federal agencies to upgrade their point of sale terminals to a more safe, encrypted technology by the start of 2015.

The post White House unveils executive order to strengthen financial security appeared first on FedScoop.

]]>
The White House is ordering consumer-facing agencies to upgrade their point-of-sale systems.

The White House is ordering consumer-facing agencies to upgrade their point-of-sale systems. (Credit: Amanda Lucidon/White House)

In the wake of major credit card breaches at Target Corp., Home Depot Inc. and JPMorgan Chase & Co.  over the past year, President Barack Obama signed a new executive order Friday requiring consumer-facing federal agencies to upgrade their point-of-sale terminals and enhance security for federal payment cards by the start of 2015.

The order now requires federal agencies that issue credit, debit or other payment cards to use chip-and-PIN-technology-enabled cards. These cards have encrypted microchips embedded in them, rather than a single magnetic strip. The cards will also require a consumer to enter a personal identification number when making a purchase.

“Last year, millions of Americans became victims of identity theft, millions were victims of this kind of fraud,” Obama said at an event announcing the executive order at the Consumer Financial Protection Bureau. “The idea that somebody halfway around the world could run up thousands of dollars in your name just because they stole your number or because you swiped your card at the wrong place at the wrong time — that’s infuriating.”

According to the White House, the U.S. Postal Service has already transitioned its systems in retail facilities across the country. On the list of systems to be transitioned soon are U.S. passport offices, national parks, and Veterans Affairs retail and food stores.

“The goal is not just to ensure the security of doing retail business with the government, but also, through this increased demand, to help drive the market towards stiffer adoption of stronger security standards,” a fact sheet said.

Although Obama’s executive order has no direct effect on the nonagency consumer world, several major companies have agreed to upgrade their systems in a sign of support for the president’s action. Even companies like Target and Home Depot, who were victims of personal financial information breaches, have already transitioned their point-of-sale terminals to support chip-and-PIN cards. Home Depot also completed a payment security project that provides better encryption in its terminal systems.

To enact better financial security measures across the board, Obama also called on Congress to take action on data breach legislation.

“And even though I’m taking action today without Congress, Congress needs to do its part as well,” Obama said. “Today, data breaches are handled by dozens of separate state laws. It’s time to have one clear national standard that brings certainty to businesses and keeps consumers safe.”

The fact sheet accompanying the executive order highlighted the need for cybersecurity legislation.

“[The administration is] calling on Congress to pass meaningful cybersecurity legislation that will help the Government better protect federal networks and legislation that appropriately balances the needs for greater information sharing and strong protection for privacy and civil liberties,” the fact sheet said.

The executive order tasks the Treasury secretary to ensure that all payment-processing terminals acquired by agencies after Jan. 1, 2015, have the enhanced security features installed. The Treasury secretary will also be charged with developing a plan for agencies to install software that will support the new security measures.

Also by Jan. 1, the Treasury will ensure that prepaid cards for federal benefits will have the enhanced security features, and it will develop and roll out a plan to replace old cards.

The order also requires the General Services Administration to ensure that credit, debit and other payment cards provided through any GSA contracts have the enhanced security features by Jan. 1.

Agencies outside of GSA and Treasury are required to submit a plan to replace or enhance cards to the White House’s Office of Management and Budget.

The executive order also improves information sharing between agencies, as well as sharing between the public and private sector. By February 15, 2015, the Attorney General and the Homeland Security Secretary will issue guidance to agencies to require law enforcement agencies to submit information about compromised financial credentials to the National Cyber-Forensics and Training Alliance’s Internet Fraud System.

The Commerce and Justice departments, in conjunction with the Social Security Administration will look for any publicly available agency resources for victims of identity theft and provide that information to the Federal Trade Commission by March 15, 2015.

OMB and GSA will also partner with the FTC in order to improve and enhance the identitytheft.gov website. The White House declined to comment on whether the partnership with the FTC will include OMB’s U.S. Digital Service and GSA’s 18F.

By January 15, 2015, the National Security staff, the White House’s Office of Science and Technology Policy and OMB will present the president with a plan to ensure that agencies make personal data accessible to citizens through digital applications or the Web. This accessible information must be done consistent with the National Strategy for Trusted Identities in Cyberspace, an initiative out of the National Institute of Standards and Technology. According to the executive order, the elements of that plan must be put in place within 18 months.

The post White House unveils executive order to strengthen financial security appeared first on FedScoop.

]]>
http://fedscoop.com/white-house-unveils-executive-order-strengthen-financial-security/feed/ 0
Obama’s pick for Ebola czar comes under fire http://fedscoop.com/obamas-new-ebola-czar-ron-klain/ http://fedscoop.com/obamas-new-ebola-czar-ron-klain/#comments Fri, 17 Oct 2014 20:18:51 +0000 http://fedscoop.com/?p=64353 Obama's appointment of Klain to help coordinate the government's response to Ebola in the U.S. comes as new potential cases are being investigated and the public is increasingly concerned by what appears to be a lumbering federal and state response to a highly contagious and deadly disease. But the country knows little about Klain, and, it is fair to say, the public health community knows even less.

The post Obama’s pick for Ebola czar comes under fire appeared first on FedScoop.

]]>
Ron Klain (left) on his last day in the White House with President Barack Obama and Vice President Joe Biden. (Credit: Steve Case via TwitPic)

Ron Klain (left) on his last day in the White House with President Barack Obama and Vice President Joe Biden. (Credit: Steve Case via TwitPic)

When a major crisis occurs in government, presidents tend to appoint a high-profile expert with enough street credibility in management and innovation and enough force of personality to effectively quarterback a whole of government response. Notable examples include Bill Clinton’s appointment of Richard Clarke as the nation’s cybersecurity czar; George W. Bush’s appointment of Tom Ridge to help create the Department of Homeland Security; and Barack Obama’s reliance on Jeffrey Zients and Mikey Dickerson to lead the rescue effort for Healthcare.gov.

But Obama’s appointment Friday of Ebola czar Ron Klain, a career lawyer and political loyalist with limited federal project management skills and no experience managing a public health crisis, invokes images of the Bush-era response to Hurricane Katrina led by former Federal Emergency Management Agency Director Michael Brown, another career lawyer whose only significant management experience up until Katrina devastated the Gulf Coast was as a commissioner for the International Arabian Horse Association.

Almost immediately, Klain’s lack of experience came under intense scrutiny by several lawmakers, including the chairman of the House Homeland Security Committee, and a t least one prominent homeland security expert.

Rep. Michael McCaul, R-Texas, chairman of the House Committee on Homeland Security, called on the president to rethink his choice of Klain, characterizing the appointment as political.

“While the president’s pick may have the ear of the White House and experience from the campaign trail, I am concerned he doesn’t have significant relationships in the medical community that are imperative during this current biological emergency,” McCaul said in a statement. “Prior administrations had permanent leaders on a range of bio-threats, including Ebola, with strong medical credentials. Specifically, both the Bush and Clinton administrations had a Special Assistant to the President for Biodefense Policy to focus all federal efforts on the range of biological threats we face, including disease outbreaks like Ebola. I urge the president to rethink his political choice, and re-establish this permanent position as I have previously recommended.”

“Ebola is not a political issue, it is an operational issue that requires incident command expertise and crisis management decision making skills,” said Don L. Rondeau, the president of the Washington, D.C., chapter of the International Association of Counterterrorism and Security Professionals. “The administration’s Ebola containment effort is missing the right mix of operational experience. They have plenty of smart doctors and lawyers. They are making very basic operational mistakes,” Rondeau said. “They may be making sound medical and political decisions but the operational missteps are so glaring that they are impacting their credibility. The lack of credibility in their efforts is causing panic.”

Ron Klain. (Credit: Revolution LLC)

Ron Klain. (Credit: Revolution LLC)

Obama’s appointment of Klain to help coordinate the government’s response to Ebola in the U.S. comes as new potential cases are being investigated and the public is increasingly concerned by what appears to be a lumbering federal and state response to a highly contagious and deadly disease. But the country knows little about Klain, and, it is fair to say, the public health community knows even less.

Aside from a recent stint as the chief of staff to Vice President Joe Biden, Klain is perhaps best known for his role as general counsel of the Gore Recount Committee in the aftermath of the contested 2000 presidential election. Federal Election Commission records show that Klain and his wife, Monica Medina, have donated more than $30,000 to various Democratic candidates, including Obama.

But to take on his new role as Obama’s point person on the federal response to Ebola, Klain is taking a leave of absence as general counsel of Revolution LLC, a venture capital firm founded by former AOL CEO Steve Case. Revolution also happens to be one of the primary backers of FedBid Inc., the Vienna, Virginia-based reverse auction firm at the center of a major investigation by the Department of Veterans Affairs into procurement fraud involving a former senior official at the Veterans Health Administration.

House Energy and Commerce Committee Chairman Rep. Fred Upton, R-Mich., criticized Obama for making a political appointment at a time when Americans are genuinely concerned about their safety. “What has been missing from this administration’s response to Ebola is not a new figurehead; what we need is a strategy to get ahead of this, and restore the public’s faith that they are safe,” Upton said in a statement.

“This appointment is both shocking and frankly tone deaf to what the American people are concerned about,” said Rep. Tim Murphy, R-Pa. “Installing yet another political appointee who has no medical background or infectious disease control experience will do little to reassure Americans who are increasingly losing confidence with the Administration’s Ebola strategy. Not one of the medical experts who testified at our hearing yesterday said what is needed to stop the spread of the Ebola virus is a czar, spokesman, or campaign operative with no relevant experience telling them what to do.”

FedScoop reached out to the American Hospital Association and the American Nurses Association for comment but did not receive a response by press time.

In a blog post on the White House website, Tanya Somanader, deputy director of digital content for the Office of Digital Strategy, praised Klain for his managerial experience. “As former Chief of Staff to two Vice Presidents, Klain comes to the job with extensive experience in overseeing complex governmental operations and has good working relationships with leading Members of Congress as well as senior Administration officials,” Somanader wrote. “Klain’s talent and managerial skill will be crucial in providing the resources and expertise we need to rapidly, cohesively, and effectively respond to Ebola at home and abroad.”

The post Obama’s pick for Ebola czar comes under fire appeared first on FedScoop.

]]>
http://fedscoop.com/obamas-new-ebola-czar-ron-klain/feed/ 0
Tech groups laud Lee’s nomination to lead patent office http://fedscoop.com/tech-groups-laud-lees-nomination-to-lead-patent-office/ http://fedscoop.com/tech-groups-laud-lees-nomination-to-lead-patent-office/#comments Fri, 17 Oct 2014 18:40:27 +0000 http://fedscoop.com/?p=64349 In a move applauded by members of the tech industry, President Barack Obama has selected former Google Inc. exec Michelle Lee to lead the U.S. Patent and Trademark Office.

The post Tech groups laud Lee’s nomination to lead patent office appeared first on FedScoop.

]]>
Michelle Lee (Credit: USPTO)

Michelle Lee (Credit: USPTO)

In a move applauded by members of the tech industry, President Barack Obama has selected former Google Inc. executive Michelle Lee to lead the U.S. Patent and Trademark Office.

The role has been vacant since David Kappos left the post in February 2013, though Lee has effectively led the agency since she was appointed deputy director in January. Lee’s nomination still must clear the Senate.

At Google, Lee was the deputy general council and head of patents and patent strategy from 2003 to 2012. She departed Google to work as the director of the Silicon Valley Office for USPTO from 2012 to 2013. Earlier in her career, Lee was a partner at Fenwick & West LLP, where she specialized in advising several high-tech clients, according to the patent office’s website.

She received her bachelor’s and her master’s degrees in electrical engineering and computer science from Massachusetts Institute of Technology and graduated from Stanford Law School.

Lee isn’t the first Google official to make the leap to the federal government. Just last month Obama selected Megan Smith, vice president of Google’s innovation platform, Google X, as the next federal chief technology officer.

Lee’s nomination comes as many tech companies have cried foul over so-called patent trolls, or companies whose primary purpose is to use patents to sue other companies for infringement. Recent congressional efforts to block such suits have stalled.

The Coalition for Patent Fairness, a group that counts giants like Google and BlackBerry Ltd. among its membership, released a statement in support of Lee.

“Michelle Lee will be an outstanding leader for the USPTO,” Matt Tanielian, the coalition’s executive director, said. “Michelle Lee has led the PTO on an interim basis through a important time and already implemented significant changes to improve patent quality and the post-grant review process. The President could not have made a better choice and we urge the Senate to quickly confirm this nomination.”

Jon Potter, president of the Application Developers Alliance, said in a release that Lee is “enormously qualified and has a strong understanding of the balance needed to protect ideas and put an end to the abusive tactics by patent trolls that are draining the economy and closing doors of [small] businesses.”

Elizabeth Hyman, executive vice president of public advocacy at TechAmerica, the public sector and public policy department of trade group CompTIA, also welcomed the news in an email.

“Michelle brings a rich background in technology that will surely aid her as she continues the important work of implementing the America Invents Act and builds out the much anticipated USPTO satellite offices to help the agency better connect with innovators in those regions,” she said.

Software and Information Industry Association Vice President of Public Policy Mark MacCarthy also issued a statement, commending the decision to fill the vacant spot.

“Lee is a well-regarded IP professional who will bring intelligence and needed leadership to this important role,” he said. “We look forward to her successful confirmation by the Senate and to working closely with her in her new position.”

Sen. Patrick Leahy, D-Vt., chairman of the Senate Judiciary Committee, also congratulated Lee in a statement yesterday.

“During her tenure as Deputy Director, Ms. Lee has worked to reduce the backlog in patent applications, improve examination processes, and implement the post-grant review programs created by the 2011 Leahy-Smith America Invents Act to improve patent quality,” he said. “I have found Ms. Lee to be thoughtful and respectful of the diverse perspectives across the patent community, and a valuable resource to the Senate Judiciary Committee.”

The post Tech groups laud Lee’s nomination to lead patent office appeared first on FedScoop.

]]>
http://fedscoop.com/tech-groups-laud-lees-nomination-to-lead-patent-office/feed/ 0
Audit finds Commerce Department cloud contracts fail to meet FedRAMP requirements http://fedscoop.com/commerce-department-fedramp-audit/ http://fedscoop.com/commerce-department-fedramp-audit/#comments Fri, 17 Oct 2014 18:16:49 +0000 http://fedscoop.com/?p=64364 An independent audit of the Commerce Department's cloud computing contracts found services that did not comply with FedRAMP along with other security-related deficiencies.

The post Audit finds Commerce Department cloud contracts fail to meet FedRAMP requirements appeared first on FedScoop.

]]>
Cloud computing

The report found four of the six contracts did not contain a clause under the Commerce Acquisition Regulation that would allow Commerce’s OIG access to the contractor for purposes of a review. (Credit: iStockphoto.com)

An independent audit of the Commerce Department’s cloud computing contracts found services that did not comply with Federal Risk and Authorization Management Program (FedRAMP) along with other security-related deficiencies.

The Council of Inspectors General on Integrity and Efficiency (CIGIE), an independent entity consisting of all executive branch inspectors general, was appointed in November 2013 to evaluate cloud service contracts from 20 departments and agencies, including six from three different bureaus within the Commerce Department.

The report found four of the six contracts did not contain a clause under the Commerce Acquisition Regulation (CAR) that would allow Commerce’s OIG access to the contractor for purposes of a review. One contract also did not include a Federal Acquisition Regulation (FAR) clause that would give agency personnel access to infrastructure or materials needed to guard against security threats.

The report also found that only two of the cloud contracts met FedRAMP security authorization requirements, even though all had been cleared for use by the respective bureaus. The two that did meet FedRAMP deadlines — all cloud services were supposed to meet requirements by June 5 — each have provisional authority to operate.

The six cloud services used in the audit were Census Bureau’s contract with Akamai Technologies and GovDelivery, National Institute of Standards and Technology’s contracts with Microsoft Corp. and ServiceNow, and National Oceanic and Atmospheric Administration’s contracts with Google Inc. and Fiberlink, which is owned by International Business Machines Corp. These six contracts add up to more than $27 million in government spending.

Screen Shot 2014-10-17 at 12.35.15 PM

Screen Shot 2014-10-17 at 12.35.24 PM

Two tables show the findings of the CIGIE report on various CSP contracts within the Department of Commerce. (Credit: OIG of the Commerce Department)

The Census Bureau’s agreement with GovDelivery and NIST’s agreement with Microsoft were the only contracts highlighted in the report to include both CAR and FAR clauses. Census Bureau’s Akamai service and NIST’s Microsoft service are the only cloud service providers that meet FedRAMP requirements.

The report recommends that Commerce’s chief financial officer and assistant secretary for administration ensure that all future and existing contracts include the relevant clauses and any cloud services in use that do not meet FedRAMP requirements be continuously monitored for security risks.

In an agency response, Commerce CFO Ellen Herbst and Chief Information Officer Steven Cooper concurred with the report’s findings and plan to submit a corrective action plan to address the identified risks.

The post Audit finds Commerce Department cloud contracts fail to meet FedRAMP requirements appeared first on FedScoop.

]]>
http://fedscoop.com/commerce-department-fedramp-audit/feed/ 0
Recovery CIO Shawn Kingsberry leaving government http://fedscoop.com/recovery-cio-shawn-kingsberry-leaving-government/ http://fedscoop.com/recovery-cio-shawn-kingsberry-leaving-government/#comments Fri, 17 Oct 2014 16:43:39 +0000 http://fedscoop.com/?p=64348 Shawn Kingsberry, chief information officer for the Recovery Accountability and Transparency Board, is leaving government for the private sector.

The post Recovery CIO Shawn Kingsberry leaving government appeared first on FedScoop.

]]>
Screen Shot 2014-10-17 at 11.58.39 AM

Shawn Kingsberry is leaving his role as CIO of the Recovery Accountability and Transparency Board for a position with Virginia-based IT firm TASC. (Credit: FedScoop)

Shawn Kingsberry, chief information officer for the Recovery Accountability and Transparency Board, is leaving government for the private sector.

After spending 22 years in government — the last five with RATB since it launched — Kingsberry confirmed in an email to FedScoop that he will join Arlington, Virginia-based TASC Inc. as the director of cloud services. His last day at RATB is Friday.

“Working for the federal government has been an awesome experience,” Kingsberry wrote to FedScoop in an email. “I’ve had the opportunity to work with some of the greatest minds in the business of Information Technology spanning federal and Industry. I’ve worked with Congress to radio technicians on the ground protecting the land and our country.”

With RATB, Kingsberry led the board’s swift effort to host Recovery.gov on Amazon Web Services’ cloud in just 22 days. Recovery.gov provides transparency on the spending of the $787 billion allotted to stimulus efforts in the American Recovery and Reinvestment Act of 2009 to minimize fraud and waste. Kingsberry and RATB’s IT efforts were made all the more difficult in that only $84 million of that budget went to the board’s efforts building, launching and maintaining the website.

Kingsberry will continue his cloud leadership in his new role at TASC, helping “federal government with ‘Big Data’ challenges which includes ‘fraud analytics’ as well as migration.”

“Over the past five years working for the Recovery Board, my perspective has expanded in many ways,” he said. “I now understand there is an opportunity to help the Federal Government lean forward and take full advantage of 21st century computing. TASC provided me the opportunity to accomplish this goal.”

In his new role, Kingsberry will be part of a new business line lead by Mark Forman. “We will translate the perceived challenges in cloud computing which is truly 21st century computing in a language that people can better understand,” Kingsberry said. “Business drives technology. Technology enables business to meet its goals and objectives. When we describe cloud it will encompass on premise, and as service.”

Forman, who worked with TASC for a few years in the late 1980s, rejoined the company in April as vice president for IT services and cloud initiatives. Between his roles with the Arlington firm, Forman served in federal positions across the IT industry and federal government, including a two-year stint as administrator of the Office of E-Government and Information Technology — position thought to be the precursor to the role of federal CIO — until August 2003.

Kingsberry will officially join TASC Nov. 3, he said. “I’m very excited to continue my professional journey.”

RATB officials were unsure of Kingsberry’s replacement. Veda Woods is RATB’s deputy CIO and chief information security officer.

Below, Kingsberry, named a FedScoop Cloud Innovation Hero, describes the best practices he applied during his time as RATB CIO.

The post Recovery CIO Shawn Kingsberry leaving government appeared first on FedScoop.

]]>
http://fedscoop.com/recovery-cio-shawn-kingsberry-leaving-government/feed/ 0
Presidential Management Fellows program gets high marks in survey, though agencies lag http://fedscoop.com/survey-highlights-opportunities-to-improve-presidential-management-fellows-program/ http://fedscoop.com/survey-highlights-opportunities-to-improve-presidential-management-fellows-program/#comments Thu, 16 Oct 2014 22:03:52 +0000 http://fedscoop.com/?p=64319 Presidential Management Fellows reported a high rate of satisfaction with the overall program — but they were less happy with their agency, according to a new survey released today by the Partnership for Public Service.

The post Presidential Management Fellows program gets high marks in survey, though agencies lag appeared first on FedScoop.

]]>
Presidential Management Fellows reported a high rate of satisfaction with the overall program — but they were less happy with their agencies, according to a new survey released today by the Partnership for Public Service.

(Credit: iStockphoto.com)

About 80 percent of fellows said they were satisfied with their overall experience. (Credit: iStockphoto.com)

Of the fellows surveyed, 80 percent said they were satisfied with their overall experience, but about two-thirds said they were satisfied with their agencies. A quarter also reported having a less positive impression of working for the federal government than when they started.

“I think the challenge here is how to get agencies to better leverage and capitalize on the great talent that’s coming through the door so that they are much more satisfied and inclined to actually stay,” said Tim McManus, vice president of education and outreach at the Partnership for Public Service.

McManus said part of that answer lies with the supervisors. Indeed, when the fellows first started, 78.2 percent said their supervisor “was an effective people manager.” That number dropped to 49 percent at the end of their fellowship.

McManus recommended the agencies pay attention to the quality of the fellows’ supervisors and invest in developing their supervisors, if necessary.

“People are only going to stay in jobs that they’re actually satisfied in,” he said. “If those folks [in the fellowship program] are coming in, not having a good experience and going out the revolving door, it wastes a lot of time, a lot of money, a lot of effort and, most importantly, we miss a huge opportunity to get great talent in the government.”

For the study, researchers surveyed Presidential Management Fellows when they first started in 2011 and after they finished in 2014. Of the nearly 500 fellows assigned to federal agencies, researchers received responses from 274 fellows in the first round and 101 in the latter. Respondents came from a range of agencies, and 3 percent described their occupation as “information technology.”

Stephanie Grosser, a fellow from 2010 to 2012 who now is now a senior scale adviser for the U.S. Agency for International Development, said frustration among some of her colleagues was linked to their expectations entering government. Some of her cohorts went through the difficult application process for the fellowship and then expected that, once they got there, it would be easy.

“I think that if you have the expectation that ‘government is great but there are a lot of problems in it when you come in,’ you have that mindset that you’re not only here to do a specific job but help make government better,” she said. “People who came in with that mindset actually did a lot better and are still in government.”

The Presidential Management Fellows program was created in 1977 to attract outstanding graduate students to federal jobs. Run by the Office of Personnel Management, the program allows fellows to work in agencies for two years with a full-time salary and benefits. OPM did not immediately respond to a request for comment on the survey.

There have been several changes to the program, the survey noted. Even so, the report made several recommendations, including that OPM work with federal agencies to ensure the program lives up to fellows’ expectations and that it create a method for addressing problems they face.

The report also said agencies should ensure fellows’ job descriptions are clear and provide a realistic description of responsibilities. But Grosser had the opposite view: Flexibility in job descriptions, she said, can be a good thing. Grosser was hired in communications and crafted the position to focus on data technology and GIS. She was later hired by the agency she worked for.

“You need to think creatively to get things done and to do things in a new way in the bureaucracy,” she said. “When you think of government workers, you don’t necessarily think of creative, entrepreneurial types. But having job descriptions that leave room that a allow people to be entrepreneurial is a great thing.”

On the other hand, Matthew Goodrich, a fellow from 2009 to 2011 who now serves as the acting director of the Federal Risk and Authorization Management Program, said he felt the positions were already well defined when he went through the interview process.

He added that overall the fellowship was a great experience and he remains in touch with his cohorts.

“The fellowship really does open up doors and really grows people to become great managers within the federal government,” he said.

The post Presidential Management Fellows program gets high marks in survey, though agencies lag appeared first on FedScoop.

]]>
http://fedscoop.com/survey-highlights-opportunities-to-improve-presidential-management-fellows-program/feed/ 0
NSF grants merge computing and environmental sustainability http://fedscoop.com/nsf-merges-environmental-sustainability-new-grants/ http://fedscoop.com/nsf-merges-environmental-sustainability-new-grants/#comments Thu, 16 Oct 2014 20:55:17 +0000 http://fedscoop.com/?p=64305 The environment and the world of computers may be at opposite ends of the physical spectrum, but a new set of National Science Foundation grants seeks to leverage advances in computing to promote the science of sustainability.

The post NSF grants merge computing and environmental sustainability appeared first on FedScoop.

]]>
A team from Lehigh University will study and optimize the operations of future wave farms, which will produce electricity across an array of wave energy conversion devices for NSF's CyberSEESS program. (Credit: NSF/Andrew Schmidt, PublicDomainPictures.net)

A team from Lehigh University will study and optimize the operations of future wave farms for NSF’s CyberSEES program. (Credit: NSF/Andrew Schmidt, PublicDomainPictures.net)

A new set of National Science Foundation grants aims to make the physical world more sustainable by merging it with advances in information technology.

NSF awarded $12.5 million to 16 different projects through its Cyber-Innovation for Sustainability Science and Engineering (CyberSEES) program, which leverages computing advances to promote the science of sustainability. Researchers will each receive between $100,000 and $1.2 million for two-to-four-year projects developing tools, technologies and models to meet the needs of humans without destroying the environment in doing so.

While it seems environmental sustainability may have much more to gain from a program like CyberSEES, NSF said the relationship can be a symbiotic one.

“Computing plays a central role in understanding and promoting sustainability science in a range of areas from climate models to managing watersheds,” Suzi Iacono, acting assistant director for Computer and Information Science and Engineering at NSF, said in a statement. “At the same time, work on these problems can fuel advances in computing, for example, in optimization, modeling, simulation, prediction, decision-making and inference.”

And though the natural environment and the technical world are considered opposite ends of the physical spectrum, as the Nationals Research Council noted in a 2012 report funded by NSF, they have quite a bit in common. “Although sustainability covers a broad range of domain, most sustainability issues share challenges of architecture, scale, heterogeneity, interconnection, optimization, and human interaction with systems, each of which is also a problem central to [computer science] research,” the report states.

The CyberSEES program has been around for about two years, and so far, Phillip Regalia, a program officer at NSF overseeing the CyberSEES program, said it has “proved instrumental in aligning innovations in computing with the natural sciences for mutual benefit in areas that include renewable energy, smart buildings, transportation, coastal biology, carbon cycles and agriculture.”

This go-around for the awards, researchers will focus on problems like unlocking energy from water with sensors and cyber infrastructure, using data to make buildings more energy efficient and powering the grid using ocean waves, which researchers from Lehigh University in Pennsylvania said are underutilized and could supply more than a quarter of the nation’s electricity needs.

“We hope to validate the economic and environmental feasibility of wave power and drive forward the significant research and development efforts currently underway to bring the potential of wave energy conversion to fruition on the power grid,” said Shalinee Kishore, the principal investigator on the project. “Efficient and economic harvesting of the energy in ocean waves offers an electricity future with a more diverse supply portfolio, reduced greenhouse gas emissions and higher sustainability impacts.”

The government-funded projects could go on to affect the work of major federal agencies, like the Environmental Protection Agency and the Energy Department, among others.

The post NSF grants merge computing and environmental sustainability appeared first on FedScoop.

]]>
http://fedscoop.com/nsf-merges-environmental-sustainability-new-grants/feed/ 0
Comey: FBI fears ‘missing out’ on criminals due to new encryption standards http://fedscoop.com/james-comey-fbi-encryption/ http://fedscoop.com/james-comey-fbi-encryption/#comments Thu, 16 Oct 2014 19:22:05 +0000 http://fedscoop.com/?p=64306 FBI Director James Comey called for a national conversation about how far tech companies should be allowed to go in applying encryption to their devices, saying law enforcement faces growing and overlapping challenges in accessing data needed to prosecute crimes. During a speech at the Brookings Institution Thursday, Comey said the new forms of encryption being developed for mobile devices, as well as the rapid growth of the devices themselves, make it tough for the FBI to keep up with ways criminals can “go dark.” “With going dark, those of us in law enforcement and public safety have a major fear…

The post Comey: FBI fears ‘missing out’ on criminals due to new encryption standards appeared first on FedScoop.

]]>
encryption

Law enforcement should have a way to access encrypted communications systems in order to investigate crimes, FBI Director James Comey said Thursday. (Credit: iStockphoto.com)

FBI Director James Comey called for a national conversation about how far tech companies should be allowed to go in applying encryption to their devices, saying law enforcement faces growing and overlapping challenges in accessing data needed to prosecute crimes.

During a speech at the Brookings Institution Thursday, Comey said the new forms of encryption being developed for mobile devices, as well as the rapid growth of the devices themselves, make it tough for the FBI to keep up with ways criminals can “go dark.”

“With going dark, those of us in law enforcement and public safety have a major fear of missing out,” Comey said. “Missing out on predators who exploit the most vulnerable among us; missing out on violent criminals who target our communities; missing out on a terrorist cell using social media to recruit, plan and execute an attack. We have seen case after case — from homicides and car crashes to drug trafficking, domestic abuse and child exploitation — where critical evidence came from smartphones, hard drives and online communication.”

Comey has been vocal over the last few weeks about the need for law enforcement to have a way into encrypted systems after tech companies like Apple Inc. and Google Inc. announced they will build encryption into the default versions of their operating systems. Comey said it was these announcements that caused him to speak out, something he has rarely done since being named FBI director in September 2013.

“[These companies] are good folks responding to a market imperative, but holy cow, where are we going?” Comey said.

Comey tried to dispel the notion that the FBI is asking tech companies to build in a universal back door for law enforcement to access, saying the bureau wants to follow the rule of law already on the books.

“We aren’t seeking a back-door approach,” Comey said. “We want to use the front door, with clarity and transparency, and with clear guidance provided by law. We are completely comfortable with court orders and legal process — front doors that provide the evidence and information we need to investigate crime and prevent terrorist attacks.”

Harley Geiger, senior counsel for the Center for Democracy & Technology, said any security vulnerability built into devices will inherently make them less safe.

“Whether you call it a back door or a front door, if we are talking about a security vulnerability in technology products, we are talking about the same thing and it’s extremely problematic,” Geiger said. “We think it will lead to greater insecurity for tech products that can be exploited by bad actors and other governments — not necessarily just the U.S. government — and that it will have a negative effect on American industry and it may not, in the end, make people considerably safer.”

Worries over security measures were echoed by Sen. Ron Wyden, D-Ore., who tweeted during Comey’s speech that he opposes any built-in back doors.

Last week, Wyden hosted a panel where top executives from tech companies said the new encryption standards were in response to the revelations brought to light regarding the National Security Agency’s surveillance practices. Facebook General Counsel Colin Stretch said during that event he would be “fundamentally surprised if anybody takes the foot off the pedal of building encryption into their products.”

Comey said Thursday the FBI’s intent isn’t to stifle innovation or undermine tech companies, but that law enforcement’s growing inability to collect vital data is too great a risk for the country.

“We have to find a way to help these companies understand what we need, why we need it, and how they can help, while still protecting privacy rights and providing network security and innovation,” Comey said. “We need our private sector partners to take a step back, to pause, and to consider changing course.”

You can read Comey’s full speech on the FBI’s website. You also can watch the full speech, plus a Q&A session, in the video below.

The post Comey: FBI fears ‘missing out’ on criminals due to new encryption standards appeared first on FedScoop.

]]>
http://fedscoop.com/james-comey-fbi-encryption/feed/ 0
Despite challenges, devices can have good protection against BadUSB http://fedscoop.com/despite-challenges-devices-can-good-protection-badusb/ http://fedscoop.com/despite-challenges-devices-can-good-protection-badusb/#comments Thu, 16 Oct 2014 18:40:00 +0000 http://fedscoop.com/?p=64289 The Technocrat interviews director of product management for Ironkey Mats Nahlinder about a unique defense against the BadUSB malware.

The post Despite challenges, devices can have good protection against BadUSB appeared first on FedScoop.

]]>
Government workers are always a big target for hackers because of the information they protect. And of everything sitting inside government cubicles right now, keyboards and mice are probably the most trusted devices — or at least the most overlooked — when it comes to security. Well, you can regard those as a potential vulnerability now thanks to an emerging threat, and one with not too many defenses.

BadUSB could pose a threat to mice and keyboards. (Credit: iStockphoto.com)

BadUSB could pose a threat to mice and keyboards. (Credit: iStockphoto.com)

Called BadUSB, this threat goes back to the Black Hat convention in July when researchers announced they had discovered a way to infect the firmware of USB devices. This lets them inject malicious code into machines those devices connected with. It also allowed keystroke logging and could even reprogram the compromised device so it reports itself as something else (like a camera saying that it’s a keyboard). The worst part is that because this is done by hacking the firmware, for the most part it’s undetectable and outside the realm of virus or malware scanners.

Researchers Karsten Nohl and Jakob Lell presented their findings as a proof of concept, but they didn’t release any specifics at the time, fearing hackers would begin to exploit BadUSB before companies could work on a fix. They bought a little time, but not that much, apparently. Just last week another team of researchers cracked the secrets of BadUSB, too — only they posted the malicious code for everyone to see, and quite possibly use, on a public GitHub site. Their argument was that information should be made public and that hackers may have already discovered the BadUSB secrets. In any case, it’s in the wild now, and likely being modified and used by criminal hackers looking for a new tool.

Lots of websites have started to publish information about BadUSB, but the general consensus seems to be that there are no adequate defenses against it.

I thought that someone must have worked out a proper defense and went searching for folks. It took a while, but finally I came across the director of product management for IronKey, Mats Nahlinder. According to Nahlinder, most of IronKey’s secure drives and products are safe from BadUSB because of a unique firmware check that happens every time one of its devices is inserted into a computer.

“It’s quite simple how we do it,” Nahlinder said. “All of the software running inside the firmware on our products is digitally signed. BadUSB is insidious because it happens below the [operating system] level, which prevents malware scanners from detecting it. But we can stop it.”

Nahlinder explained how the process works. IronKey takes all the code inside one of its devices and creates a cryptographic hash, which is a non-reversible operation. The certificate for that hash value is then encrypted itself and embedded inside the non-writable hardware cryptochip. When users insert the device into a computer, they automatically use a public key to decrypt the hash value. If any changes have been made to the firmware, even one single byte of data or one number switch in the code, the stored hash will no longer match the newly created one.

“If there is no match, then the drive will refuse to start,” Nahlinder said. “The red LED light will illuminate to indicate that there is a fault, and the drive becomes inoperable.”

One place where the government can make use of this technology to protect USB devices is with the new IronKey Workspace W700 mobile workspace, which creates Windows 8.1 desktops in a secure space anywhere in the world for traveling employees.

The W700 recently earned FIPS 140-2 Level 3 Certification. Nahlinder explained that, as part of that, the device had to be able to maintain a noncorruptible firmware, which it does. If BadUSB finds its way onto one of their drives, the change in code would render the device useless. Of course that means the user is out one portable USB workstation, but their network — and more importantly their data — remains uncompromised and safe, a price most government agencies would be more than willing to pay for that level of protection and assurance.

Unfortunately, neither IronKey nor its parent company Imation make mice or keyboards. But perhaps companies that do could follow the pattern of protection put forward by IronKey in its secure drives to lock down the firmware throughout the USB landscape. BadUSB only just got into the hands of the bad guys a week ago, yet it has the potential to be a huge security risk in the very near future. Adding an encrypted firmware checking process to a mouse would likely significantly increase its price, but the cost for doing nothing in the face of BadUSB could be so much higher.

The post Despite challenges, devices can have good protection against BadUSB appeared first on FedScoop.

]]>
http://fedscoop.com/despite-challenges-devices-can-good-protection-badusb/feed/ 0