The votes are in for the 2025 FedScoop.

See the winners!

Top border protection acquisition official hopes retirement will bring ‘fresh’ ideas

U.S. Customs and Border Protection’s Chief Acquisition Officer Mark Borkowski, who’s set to retire at the end of June, is hopeful that his departure will help pave the way for “fresh thoughts.” 

Borkowski, in a Friday interview with FedScoop, said he believes change in leadership is important for bringing about new ideas and felt it was the right time to leave after the volatility of the pandemic has settled.

“I’ve been here too long, so it’s time to go,” Borkowski said.

His decision caps a roughly 17-year career at CBP and more than 40 years in government service. He will officially depart the office on June 30. CBP didn’t immediately have details on a successor.

Among the fresh ideas that Borkowski said people are looking into at CBP is a digital process for acquisition management and system engineering. He also pointed to an initial phase of a “futures lab” that aims to help people think like futurists to identify signals and trends and project what consequences those could have, particularly when comes to evolving threats that could affect CBP.

“​​That’s pretty advanced, modern, open-minded thinking that I’d like to think I could do, but I’m not so sure I’d be any good at it,” Borkowski said.

Prior to his roles at the U.S. Department of Homeland Security, Borkowski served more than 23 years in the U.S. Air Force, retiring in 2004 as a colonel, and worked for NASA as the program executive for the Lunar Robotic Exploration Program, according to his biography on CBP’s website.

Speaking with FedScoop, Borkowski said that when he started at CBP in 2006, the agency was growing and realized that it couldn’t pull an agent out of the field to work on administrative functions. He said leadership brought him in to help fill that role as executive director of mission support, and he became the first person in the senior executive service at U.S. Border Patrol that wasn’t uniform.

He went on to lead the Secure Border Initiative at the agency and later became the assistant commissioner of the Office of Technology Innovation and Acquisition. In June 2016, he became the leader of the Office of Acquisition, a newly established office. 

Borkowski said he returned to acquisition somewhat reluctantly when leadership at CBP approached him about the opportunity. He said he was enjoying working on border security at the time but eventually agreed to take on an acquisition role.

“The effect of that was that the leadership of Customs and Border Protection started to recognize that when you are doing what we call Big ‘A’ acquisition of complex programs, there’s actually a whole set of skills and competencies that are built by training and experience,” Borkowski said.

Among the things Borkowski said he’s proud of are the “world-class” people at CBP and having strengthened core competencies like system engineering. He also said he’s proud of a course he helped develop to train people in program management at CBP. That course is currently being instructed by the Federal Aviation Administration Academy.

“I’m really enjoying watching a lot of the rest of the organization say, woah, this program management thing is really important, and it helps us do our jobs better and we need to do more of it,” he said.

GSA to install Jeff Lau as acting chief human capital officer

The General Services Administration is set to name Jeff Lau as acting chief human capital officer, according to an agency spokesperson.

He will take over the role from Traci DiMartini, who leaves the agency on June 16 to become human capital officer at the Internal Revenue Service.

Lau is currently the Regional Commissioner of the Federal Acquisition Service for GSA’s Northeast and Caribbean Region and is responsible for oversight to four FAS portfolios representing over 120 employees and about $2 billion in revenue.

“We can confirm Traci DiMartini is leaving GSA effective June 16. Jeff Lau will serve as the Acting Chief Human Capital Officer while the search for a new, permanent CHCO is underway,” a GSA spokesperson told FedScoop.

Lau previously held various advisory and management positions in the National Administrative Services and Office Supply Center and  began his career with the GSA in 2004 as a Contract Specialist under the Outstanding Scholars Program. He has a bachelor’s degree in finance from St. John’s University.

In her new role at the Internal Revenue Service, DiMartini will be tasked with helping to create and implement Commissioner Danny Werfel’s long-term hiring plan to grow the agency’s workforce.

Commenting on DiMartini’s appointment, Werfel said: “This is a historic time at the IRS, and Traci brings a strong background in human resource management across government that will be a great addition to our leadership team.”

He added: “With transformation work underway at the IRS, her experience in Future of Work initiatives and other projects positions her to help the IRS develop, build and retain a workforce that can help taxpayers and the nation. The IRS team is excited to welcome her to this critical position.”

DiMartini led the HR office tasked with overseeing the IRS’s 12,000 employees and helped lead efforts to strengthen remote and hybrid work schedules for employees during and after the pandemic, as well as helped develop more training opportunities for managers.

DiMartini previously served as CHCO at both the Peace Corps and the Equal Employment Opportunity Commission (EEOC), as well as the Agriculture Department’s director for human resources enterprise management systems and the Office of Personnel Management’s career deputy director for the CHCO Council, according to her LinkedIn.

Details of DiMartini’s departure were first reported by Federal News Network.

White House fleshes out plan for agencies to collect software vendor attestation forms

Federal agencies will have additional time to collect attestation forms from software vendors and will not be required to collect documentation for open-source software they use, according to new guidance from the White House.

In a memo issued Friday, first obtained by FedScoop, the Office of Management and Budget clarified details about how agencies will be required to collect cybersecurity attestations from software providers whose services they use.

According to the new guidance:

The memo comes as the Biden administration works to strengthen the cybersecurity of commercial technology products used in government, and after it last year announced that agencies would have to collect letters from software vendors confirming their products adhere to NIST standards.

Today’s memo extends the amount of time U.S. federal agencies have to collect letters of attestation for critical software until three months after an attestation common form is approved by the Office of Management and Budget. For non-critical software, this timeline is six months after the attestation form is approved.

The guidance clarifies that a finalized version of the common form, which is being drafted by the Cybersecurity and Infrastructure Agency, has yet to be approved by the Office of Management and Budget. A draft version of the form was published in late April, which industry vendors have until June 26 to comment on. A senior official told FedScoop that OMB would “work fast” to approve the final version of the form once the industry comment period closes.

In addition, the memo clarifies that government agencies will not be required to collect letters of attestation for open-source software – even when software is proprietary but made publicly available by a company.

The missive said: “A significant number of core software applications, such as web browsers, to which Federal agencies must have access are offered for use to members of the public at no cost. Users of this software have no opportunity to negotiate with the producer, and therefore it will not be feasible for agencies to obtain attestations from the producers of such software.”

Open-source software is excluded from the attestation requirements because users of this software have no opportunity to negotiate with the producer, and it therefore would not be feasible for agencies to obtain attestations from the producers of such software.

A senior official speaking with FedScoop said this provision could be especially beneficial for smaller federal agencies where the need to use standalone, open-source tools such as a PDF reader is acute.

Despite the exclusion of open-source software, government agencies are still required to assess the risk of utilizing such software and take appropriate steps to mitigate risks, according to the memo.

Furthermore, the new memo designates agency chief information officers as the officials responsible for deciding whether software developed by federal contractors should be considered “agency-developed.”

The “agency-developed” designation matters because such software, even when developed under a federal contract, is out of the scope of attestation collection requirements.

According to the memo: “If there are questions regarding whether software developed by Federal contractors should be considered agency-developed, agency CIOs are required to make that determination on behalf of the agency.”

“If there are questions regarding whether software developed by Federal contractors should be considered agency-developed, agency CIOs are required to make that determination on behalf of the agency.”

Office of Management and budget

Furthermore, the new memo clarifies that software manufacturers unable to immediately attest to one or more practices identified in the attestation form will be able to provide agencies with a Plan of Action and Milestones (POA&M) document.

This will allow government departments to continue working with software producers who do not yet meet minimum requirements identified in the common form but plan to do so.

“[T]he producer of a given software application must identify the practices to which they cannot attest, document practices they have in place to mitigate associated risks, and submit a POA&M to an agency,” OMB said in the document.

It added: “If the agency finds the documentation satisfactory, it may continue using the software, but must concurrently seek an extension of the deadline for attestation from OMB. Extension requests submitted to OMB must include a copy of the software producer’s POA&M.”

Further instructions on the format and process that software manufacturers must follow for extension and waiver requests will be issued on the federal collaboration website MAX.gov. 

OMB will also begin collecting metrics on the number of products in use at each agency that do not meet minimum secure software requirements within one year.

U.S. Principal Deputy CTO Alexander Macgillivray departs

Principal Deputy U.S. Chief Technology Officer Alexander Macgillivray on Thursday announced that he has stepped down from the role.

Macgillivray, who led the White House’s push on the need for algorithmic transparency, joined the Biden administration in December 2021 after previously serving as deputy federal chief technology officer during the Obama administration.

Following his departure, Deirdre Mulligan takes the role of U.S. deputy chief technology officer, according to a person familiar with the matter.

Mulligan is a professor in the School of Information at the University of California, Berkeley, and is on leave from the institution while serving in the White House. In February she was installed as U.S. deputy chief technology officer for policy, and has also worked as principal adviser to the National AI Initiative Office.

Macgillivray, who led the White House’s push on the need for algorithmic transparency, joined the Biden administration in December 2021 after previously serving as deputy federal chief technology during the Obama administration. 

Before working in government, he held private sector roles as deputy general counsel at Google and general counsel at Twitter. It’s unclear where Macgillivray will work after leaving the White House.

“I am thankful for the support of WHOSTP Director Arati Prabhakar and am excited to see all the great work to come from the phenomenal Tech Division,” Macgillivray wrote on Twitter on Thursday afternoon.

“It was a huge privilege to get to work here again as part of the Biden Administration. I am extremely grateful and more than a little sad that my time is up,” he added.

Macgillivray during a speech on tech policy at the State of the Net Conference in March of this year highlighted three key goals of the Biden administration, which included improving federal privacy protections for Americans’ personal information and closing digital infrastructure gaps.

The OSTP, which Macgillivray is leaving, was established by Congress in 1976 and has a wide mandate to advise the president on the effects of science and technology on domestic and international affairs.

Details of Deirdre Mulligan’s new appointment were first reported by Axios Pro.

Watchdog finds IT security issues at VA medical center in Minnesota

A Department of Veterans Affairs medical center in Minnesota has multiple information technology deficiencies, including outdated operating systems, missing security patches, and non-operational video surveillance, the agency’s inspector general said.

In a Thursday report, the VA’s Office of Inspector General revealed that the St. Cloud VA Medical Center didn’t meet federal information security guidelines in three of the four areas it investigated: configuration management, contingency planning, and access controls. The only category without deficiencies was security management controls.

The VA has struggled to implement the information security standards in the Federal Information Security Modernization Act of 2014 (FISMA), according to the report. The inspector general found the VA “continues to face significant challenges meeting the law’s requirements” in a fiscal year 2021 audit

The inspector general made eight recommendations to the information and technology chief information officer and two to the medical center director in the Thursday report, including implementing more effective processes for vulnerability management, inventory of network devices, and preventing use of prohibited software.

While the inspection was specific to the St. Cloud center, the report noted “other facilities across VA could benefit from reviewing this information and considering these recommendations.”

Among the issues found in the review were deficiencies in the medical center’s vulnerability management, which the report said “prior FISMA audits have repeatedly found.” 

Those issues included operating systems that weren’t supported by the vendor anymore and missing security patches in applications. While the Office of Information Technology (OIT) routinely scans for vulnerabilities, it didn’t detect all of the issues the inspection team found when it used the same tools for vulnerability scanning, the report said.

Security patches hadn’t been applied in several devices with “critical and high-risk vulnerabilities,” the report said. “Without these controls, VA may be placing critical systems at unnecessary risk of unauthorized access, alteration, or destruction.”

The review also found that the medical center failed to keep an accurate inventory of its information systems and discovered 19 “special-purpose systems” running Windows XP, which the report said “has not been supported in over eight years and is prohibited by OIT.”

The medical center’s data center also didn’t have an operational video surveillance system when the inspection team visited the facility, which it said “minimizes incident response capabilities of the security force in the event of compromised security controls.”

In a response included in the report, the assistant secretary for information and technology and chief information officer agreed with most of the recommendations and said he submitted action plans.

The CIO didn’t agree with the inspector general’s recommendation for a more effective inventory of network devices, arguing devices the inspection team found that weren’t accounted for in inventories were improperly identified.

OPM director urges agencies to permit telework as wildfire smoke blankets D.C.

The head of the Office of Personnel Management has written to agencies across the federal government instructing them to take “all available” steps to protect the health of employees from wildfire smoke, including by permitting telework.

In a memo sent Thursday, OPM Director Kiran Ahuja said federal agencies, where possible, should allow staff — especially those considered high-risk — to work from home.

“As much of the country experiences dangerous air quality conditions from the ongoing Canadian wildfires, the U.S. Office of Personnel Management (OPM) is reminding Federal agencies to be proactive in protecting the health and wellbeing of our Federal workforce,” Ahuja wrote.

She added: “OPM would also like to remind agencies of the various workplace flexibilities that may be used to reduce health risks associated with dangerous air quality levels.  Agencies are encouraged to permit employees, particularly those with high-risk medical conditions, to telework from home on a day when air quality conditions are dangerous.”

The OPM chief sent the missive to all government chief human capital officers, as thick smoke from Canadian wildfires blanketed Washington D.C., along with other major cities in the northeast, Ohio Valley and Mid-Atlantic regions of the U.S. According to the Washington Post, air quality is likely to be severely reduced in these areas for at least the next 24 to 48 hours. 

In her missive, the director noted that agencies can deploy other measures to help protect the health of their staff, including by allowing those with flexible work schedules to adjust arrival and departure times to avoid peak commuting hours and to request the use of annual leave or earned compensatory time off.

While telework is not an option for certain government employees, including those working on national security issues or handling certain sensitive data, some agencies have retained a degree of flexibility for staff following the COVID-19 pandemic.

In January, the National Archives and Records Administration reached an agreement with the American Federation of Government Employees union, as part of which all permanent positions at the agency will now be eligible for telework.

At the end of November, the National Science Foundation signed a four-year collective bargaining agreement with the AFGE that included expanded telework and remote work for employees.

Advocates of the increased use of telework at government agencies say that it can be especially beneficial for recruiting staff in areas such as cybersecurity and IT because departments can seek potential candidates from across a wider geographic area.

However, telework has also proved politically contentious, with some lawmakers arguing that fewer employees in the office has resulted in the reduced availability of government services.

Agencies, military among customers hit by scheme involving counterfeit Cisco equipment

A Florida resident’s multi-year scheme selling counterfeit and fraudulent Cisco networking equipment that yielded over $100 million in revenue impacted government agencies and the military, the Justice Department said Tuesday.

The counterfeit devices had “numerous performance, functionality, and safety problems” and their failures caused “significant damage to their users’ networks and operations – in some cases, costing users tens of thousands of dollars,” the DOJ said.

The disclosure that the military and government were among the customers of equipment was included in the DOJ’s announcement that Onur Aksoy, 39, pleaded guilty to the operation in the District of New Jersey on Monday.

The DOJ didn’t immediately provide more information about the purchases by the government agencies and military. The release didn’t include details about which agencies purchased the fraudulent equipment.

Aksoy, who is a dual citizen in the US and Turkey, was the CEO of at least 19 companies based in New Jersey and Florida, 15 Amazon storefronts, and 10 eBay storefronts that sold the counterfeit goods, the DOJ said. Those companies and storefronts were known collectively as the “Pro Network Entities.” 

The scheme operated by importing “tens of thousands of low-quality, modified computer networking devices” from China and Hong Kong that were made to appear new with counterfeit Cisco labels, documentation, packaging, and software, the DOJ said. 

“The Chinese counterfeiters often added pirated Cisco software and unauthorized, low-quality, or unreliable components – including components to circumvent technological measures added by Cisco to the software to check for software license compliance and to authenticate the hardware,” the DOJ said.

The department estimated the total retail value of those devices was in the hundreds of millions of dollars. 

Cisco asked Aksoy to cease and desist trafficking the equipment in seven letters sent to him between 2014 and 2019, the DOJ said. Askoy’s attorney responded twice with forged documents. 

Askoy pleaded guilty to mail fraud and “conspiring with others to traffic in counterfeit goods, to commit mail fraud, and to commit wire fraud.” 

His sentencing is scheduled for Nov. 6 where he’ll face four to six-and-a-half years in prison, under a plea agreement conditionally accepted by the court Monday, the DOJ said. He will also forfeit $15 million in gains from the scheme and pay back victims in full under that agreement. 

A Cisco spokesperson said: “We are committed to protecting our valued customers and legitimate authorized Cisco channel partners and maintaining the integrity and quality of Cisco products and services. We thank our colleagues in U.S. law enforcement for their investigative actions, the successful indictment, and the work that led to today’s outcome.”

They added: “The Cisco Brand Protection team also appreciates the strong collaboration with Amazon’s CCU for jointly making the criminal referral that brought this individual to justice.”

Director of Amazon’s Counterfeit Crimes Unit Kebharu Smith said: “This guilty plea sends a strong message to bad actors that selling counterfeits has severe consequences.”

He added: “We are grateful for the collaboration with Cisco and the work of the U.S. Department of Justice to bring this counterfeiter to justice.”

Editor’s note, 6/8/23: This story was updated to include comment from Amazon.

Bill to create bipartisan commission on regulating AI expected later this month

Congressman Ted Lieu, D-Calif., said Wednesday that later this month he will introduce bipartisan legislation that would create an artificial intelligence blue-ribbon bipartisan commission or a jury of experts to make policy and legal recommendations on how best to regulate AI.

“I’m working on bipartisan legislation to create a blue-ribbon bipartisan commission to make recommendations as to what kinds of AI we might want to regulate and how we might want to go about doing that because then that report of recommendations will be public and transparent,” Lieu told FedScoop on the sidelines of the AWS Public Summit in Washington.

Lieu, who is a member of the Artificial Intelligence Caucus and one of three members of Congress with a computer science degree, has taken an increasingly prominent role in AI policymaking and leadership in Congress. 

“The bill would allow the Senate and the House and both parties plus the President to appoint members. It would be equally bipartisan, and it sets certain requirements. So you’ve got to appoint both private and public sector people and so on and that will be introduced sometime later this month,” Lieu added.

The bill is being co-led by Republican Rep. Ken Buck, R-Colo., who with Lieu in April introduced the bipartisan Block Nuclear Launch by Autonomous Artificial Intelligence Act, legislation aimed at safeguarding the nuclear command and control process from any future change in policy in order to prevent AI from making nuclear launch decisions.

The Artificial Intelligence Caucus was created in 2017 to help educate members and their staff on the technological, economic and social impacts of advances in the technology.

Earlier this year, Lieu introduced the first measure in Congress that was written entirely by the popular online AI tool ChatGPT with a nonbinding resolution on how to comprehensively regulate AI in Congress.

Lieu’s congressional office is also one of the first not to have restrictions on the use of ChatGPT within its internal functions for any and all purposes, the California congressman said. 

He highlighted that federal agencies need to be given the power and resources to better tackle the risks and concerns associated with AI, which he hopes a new blue-ribbon commission could help with.

“So I think we need to get more regulators in our federal agencies who are more cognizant and attuned to the unique risks and aspects of AI,” Lieu said. 

Accenture, Alight and Thrift Savings Plan board hit with lawsuit over botched transition to new system

A class action lawsuit filed Thursday alleges that federal employees and uniformed service members suffered substantial financial hardship due to a botched transition to a new system for a savings and investment plan for federal government employees that the plaintiffs say has serious flaws.

Seven plaintiffs who are participants of or eligible for benefits from the Thrift Savings Plan (TSP) – a Federal Government-sponsored retirement savings and investment plan similar to 401(k) plans – joined together to file a class-action lawsuit against Accenture Federal Services (AFS), Alight Solutions and the five members of the Federal Retirement Thrift Investment Board in the U.S. District Court for the District of Columbia.

“AFS and Alight completely botched the migration of TSP’s services due to an array of technological and staffing shortfalls that have virtually brought the services offered by TSP to participants to a screeching halt,” the plaintiffs state in the class actions suit.

“Defendants’ failure to ensure the timely payment of Hardship Withdrawals, Non- Hardship Active Withdrawals, Out of Service Withdrawals, Death Benefits, and TSP Loan proceeds is not a one-off situation but instead is caused by systemic flaws in TSP’s system,” the lawsuit states.

The lawsuit alleges that the TSP program’s delay and failure to disburse funds within the program to beneficiaries has forced military personnel, veterans, and federal employees who use TSP to be forced to procure high interest consumer loans as alternatives so they are able to pay their bills and avoid home foreclosures, repossessions, and other hardships.

TSP serves as a tax-deferred retirement savings plan for approximately 6.5 million members of the uniformed services and other federal employees, similar to 401K plans offered to private-sector employees and manages more than $838 billion in assets. 

The plaintiffs are seeking relief from the defendants to immediately disburse proceeds for all approved TSP loans and withdrawals as well as appropriate damages for plaintiffs and class members’ losses.

The suit also requests a declaration that defendants are financially responsible for all notice and relief and requires that the defendants pay both pre- and post-judgment interest on any amounts awarded as well as attorneys’ fees as permitted by law.

The plaintiffs are demanding a trial by jury on all issues.

Commerce names five new leaders for CHIPS research and development office

The Department of Commerce has appointed five new technologists to boost research and development within one of the agency’s CHIPS Act-focused offices.

The agency has named Lora Weiss as director, Eric Lin as deputy director, Neil Alderoty as executive officer, Richard-Duane Chambers as associate director for integration and policy and Marla Dowell as director of the CHIPS research and development metrology program within Commerce’s CHIPS Research and Development Office.

The CHIPS Research and Development Office is one of two offices at the Department of Commerce created by the passage of the CHIPS and Science Act of 2022. It is responsible for programs focused on making American semiconductor manufacturers globally competitive and works alongside the CHIPS Program Office, which is responsible for semiconductor incentives.

Weiss joins the Department of Commerce office from Pennsylvania State University, where she is senior vice president for research and oversees the research of 12 academic colleges, seven interdisciplinary research institutes and the university’s Applied Research Lab.

Lin was previously interim director of the CHIPS Research and Development Office, and before that was director of the NIST Material Measurement Laboratory.

Alderoty has worked at NIST for more than 30 years, most recently as executive administrator of the Commerce subagency’s Material Measurement Laboratory.

Chambers joins the CHIPS R&D Office from the Senate Committee on Commerce, Science and Transportation, where he served as a senior professional staff member.

Dowell takes up her new appointment after most recently serving as director of the NIST Communications Technology Laboratory.

Commenting on the appointments, NIST Director Laurie Locascio said: “To make the CHIPS R&D programs into bustling centers of innovation, we need the country’s best people to execute our vision. These are the experts who will propel CHIPS for America and the nation’s semiconductor sector forward.”

Commerce Secretary Gina Raimondo added: “These leaders bring exactly the depth and breadth of organizational, programmatic and technical leadership experience that CHIPS needs to stand up new, transformational R&D programs.” 

Locascio announced the appointments during remarks made to the Industrial Advisory Committee on June 6.