The votes are in for the 2025 FedScoop.

See the winners!

Navy conducting major exercise in Pacific with unmanned systems

The Navy is conducting a major exercise in the Pacific that integrates unmanned and crewed systems, using artificial intelligence to pilot vehicles above, at and below sea level.

The Pacific is conducting the Fleet Unmanned Integrated Battle Problem 21 (IBP21) exercise in San Diego. It is the first of its kind and comes after some initial cross-ocean, autonomous vessel testing, but not in concert with crewed ships like in IBP21.

The Navy is touting the exercise as a major step toward proving new “unmatched” capabilities and marking a transition to a hybrid force structure.

“We are not yet where we want to be,” said Rear Adm. Lorin Selby, chief of naval research. “But we are getting closer. As our potential adversaries go all-in on unmanned platforms, we must and will maintain a dominant force that can meet and defeat any challenge.”

The Navy has some support in Congress for its transition to a networked force of crewed and unmanned systems, but some remain skeptical. The department released its unmanned “Campaign Framework” in March to mixed reviews, with retired naval officer Rep. Elaine Luria, D-Va., saying it lacked needed detail.

“I am not alone as a member of Congress who really doesn’t understand where the Navy is going with this,” she said in a March hearing.

The Navy has pushed forward despite the initial criticism, adding that it will continue to test and develop the technology and strategies behind using more unmanned systems in the fleet.

“Our goal is to operationally integrate and continuously improve the types of intelligent and autonomous technologies that Pacific Fleet is testing right now,” said Jason Stack, Office of Naval Research’s technical director and autonomy lead. “We will do this ethically and responsibly by always ensuring our Sailors and Marines can exercise the appropriate levels of human judgement over our machines. This will be our enduring competitive advantage.”

The Navy said the test event includes medium displacement unmanned surface vehicles (MDUSV) and long-endurance unmanned aeural systems (UAS). The platforms can be used for surveillance, anti-submarine warfare and other missions, according to the Navy.

One of the MDUSV’s used is the “Sea Hunter,” which made a self-piloted journey from San Diego to Hawaii and back in 2019. Other systems, including aerial ones, will be included in the network of systems, the Navy said.

All of the military’s testing of autonomous systems is rooted in its new operational construct, Joint All Domain Command and Control (JADC2). It’s a way of approaching warfare where instead of siloed commands with decisions being made at individual service levels, the forces of the military are combined through an Internet of Things capability. Leaders hope the technology will allow communications and the command and control of forces to integrate and use real-time data.

CDM program manager Kevin Cox to depart

Continuous Diagnostics and Mitigation (CDM) Program Manager Kevin Cox is leaving to become deputy chief information officer at the Department of Justice.

The Cybersecurity and Infrastructure Security Agency, which houses the CDM program, doesn’t have an announcement on Cox’s final day or replacement yet, according to a spokesperson.

Cox has been instrumental in steering the CDM program, as it helps civilian agencies adopt tools feeding cybersecurity risk data to agency and federal dashboards for maximum visibility across the enterprise.

“Kevin has done a tremendous job advancing the CDM program over the last four years,” said Eric Goldstein, executive assistant director for cybersecurity at CISA. “We are thankful for his service to CISA and continued service to the federal government.”

The move to DOJ is a return for Cox, who previously served as the department’s deputy chief information security officer.

MeriTalk first reported Cox’s pending departure from CISA.

Senators urge ‘flexibility’ administering Technology Modernization Fund

A group of Democratic senators is the latest to urge the administrators of the Technology Modernization Fund to increase staffing levels, adjust project selection criteria and reconsider repayment terms for agencies.

In a letter sent to the Office of Management and Budget, General Services Administration, and TMF Board, the lawmakers encourage the organizations to use the “flexibility” of the Modernizing Government Technology Act to quickly replace outdated systems and improve cybersecurity.

Congress appropriated $1 billion to the TMF in the American Rescue Plan Act passed in March, but the tech industry soon raised concerns the project approval process would need to be streamlined to meet the demands of the COVID-19 pandemic.

“It is widely acknowledged that our federal government needs to make significant and urgent investments in replacing outdated and insecure legacy IT systems,” reads the letter, sent by Sens. Mark Warner, Va., Chris Van Hollen, Md., and Gary Peters, Mich. “Over the past year of the pandemic however, in which we’ve seen more than 565,000 deaths in the U.S. and devastating degrees of economic hardship, added demands have at times overwhelmed our government’s ability to continue providing effective customer service and critical benefits to Americans.”

The Pandemic Response Accountability Committee reported IT infrastructure is a “top challenge” in February, given the government’s increased reliance on telework and the subsequent broadening of agencies’ cyberattack surfaces. Services like the processing of pandemic relief applications have suffered as a result.

TMF Board cyber, financial management and acquisition experts can “rapidly” evaluate TMF project proposals by bolstering their ranks and prioritizing the most critical, cost-saving ones, according to the letter.

The reimbursement requirement of agencies may also need to be reduced or discarded in the short term.

“We encourage you to take steps to ensure that agencies are able to rapidly and effectively respond to pressing needs, including by significantly adjusting or removing reimbursement requirements for portions of the funding,” reads the letter. “We continue to believe that repayment of funds to the TMF helps ensure its long-term viability, but the magnitude of the current challenges presents an urgent need.”

The lawmakers stressed the need for “clear and transparent guidance” from OMB, GSA and the TMF Board on selection criteria and repayment for the benefit of agencies and Congress.

The TMF Board has awarded more than $125 million to 11 modernization projects to date addressing program operability and cybersecurity.

DOD zero-trust strategy coming this year, CIO says

The Department of Defense plans to release a zero-trust architecture strategy 2021, acting CIO John Sherman announced Thursday, adding to a growing list of new zero-trust-related documents to come this year from the DOD.

While few details were shared about the nature of the strategy, Sherman stressed that reaching a zero-trust framework to improve the cybersecurity of DOD networks is pivotal. A strategy could set in motion changes to how the department establishes its security posture by organizing networks around the zero-trust principles of segmenting a network and limiting users’ access to only the data they need.

“I think we are at one of these inflection points here,” Sherman said during the Billington  CyberSecurity Defense Summit. “Our current approaches are not going to take us into the future here.”

Zero trust is a security architecture that treats every user like an outsider — giving them literally zero trust and limiting their access to roam about a network to minimize damage from an inevitable breach of a system’s perimeter. DOD officials have also teased a reference architecture guide being produced by the Defense Information Systems Agency and the National Security Agency.

The recent SolarWinds breach, where Russian hackers infiltrated networks through the software supply chain, has given government IT officials new motivation to shift to a zero-trust framework. It’s unclear if zero trust would have stopped the Russians’ hack of several government networks and thousands of private companies, but within a zero-trust model, they would not be able to move laterally to access data or be able to hide for long (or so security specialists hope).

While DOD already has some “defense in depth” measures in place, Sherman was emphatic that fully implementing the technical, cultural and strategic changes are security imperatives.

“We have robust security…we have a lot of the pieces here,” he said.

Sherman added that by the time DOD fully implements zero trust, it may already have a new moniker. But it’s the guiding principles of segmenting a network and limiting movement internally that are critical. The strategy, which should be finalized this year, is likely to address technical and practical issues involved in zero trust based on how much Sherman emphasized the change in user and administrator culture for zero trust to work.

“This is not about technology, it’s about strategy,” he said.

New DISA director to publish ‘action plan’ in coming months

With only 50 days on the job, Lt. Gen. Robert Skinner, director of the Defense Information Systems Agency, plans to issue a new action plan on how he will continue digital modernization across the military.

The action plan will sketch out the areas Skinner intends to have DISA focus on over the next few years with partners across the Department of Defense, he said at the Digital Transformation Summit produced by FedScoop Thursday. He is working to publish the plan and strategy in the next “30-45 days.”

“We are doing a lot of sync sessions with mission partners, with industry, with individuals within the organization and across the department to make sure we can get this right,” Skinner said.

DISA has several major initiatives on the horizon that are generating interest from industry. It’s preparing to finalize the $11.7 billion Defense Enclaves Services contract to help consolidate military support agency enterprise IT networks, developing tools for identity management and assisting a departmentwide push to improve cybersecurity.

“One of the biggest things we are working on is identity management,” he said.

DISA recently announced its first use case for a new identity management tool that is slated to eventually be used across the department.

Senate bill looks to boost AI talent in government

Students would receive scholarships to study artificial intelligence in exchange for federal service, should a Senate bill introduced Wednesday become law.

To be eligible undergraduate and graduate students studying AI or a related field would need to agree to work for the federal or a state, local or tribal government after completing their degree for a period equal to the length of the scholarship.

The AI Scholarship-for-Service Act comes as agencies struggle to enlist AI talent, despite the U.S. attempting to become a global leader in the space — ahead of top competitors like China.

“As advancements in artificial intelligence continue, the federal government must be prepared to promote ethical applications based on American values to counter competitors like the Chinese government, which prioritizes investments in this revolutionary technology,” said Sen. Gary Peters, D-Mich., one of the bill’s cosponsors. “Incentivizing professionals who are studying this emerging field to serve in the public sector will help our country remain competitive in the long term, strengthen our national security and ensure this technology is used ethically for the benefit of all Americans.”

The National Science Foundation would be expected to designate qualified institutions of higher education (IHE) for participation in the program.

Internship opportunities would also be made available, but employment preference would be given to students willing to work at executive agencies.

Recipients who fail to serve at least three years in the public sector would be made to repay the scholarship.

Peters, who cosponsored the bill with Sen. John Thune, R-S.D., previously introduced the bill in 2020, but it was never assigned to a committee.

The University of Michigan, Dakota State University, Carnegie-Mellon University, the Internet Association and BSA | The Software Alliance have all endorsed the legislation.

DOD grapples with the future of its cyber workforce

Over recent years, the Department of Defense has put a number of program and policy initiatives in place to make it easier to recruit and hire cybersecurity personnel to support the military’s increasingly digital mission. And yet, the department continues to struggle, like others across government, to make meaningful progress in narrowing its cyber skills gap, top IT officials testified this week.

“I am concerned about the pace” at which DOD is hiring and training cyber personnel, Lt. Gen. Dennis Crall, CIO of the Joint Staff, said during a hearing before the Senate Armed Services Subcommittee on Personnel on Wednesday. “I think the divide between the need is growing compared to what we’re able to fulfill. I’m not sure we’re closing the gap, and time is ticking for us to do so.”

Veronica Hinton, acting deputy assistant secretary for defense for civilian personnel policy, described the DOD as “one of the three largest markets” for cybersecurity talent in the U.S., competing in the ruthless battle with big tech companies and others in the private sector for top personnel out of college. To improve the department’s chances in this battle, Congress has approved hiring and pay flexibilities like the Cyber Excepted Service not afforded to other agencies, while the DOD itself has worked to streamline its recruitment and better work with industry and universities.

While those initiatives in earnest are meant to work toward narrowing the skills gap, Crall said it might not be enough to keep up.

“The digital nature of the fight that we expect, especially at pace and speed, is going to demand a workforce and talent level that we have not seen before,” he said. “The human-machine interface brings a demand that is going to have to be found, cultivated, educated and implemented to get that level of experience as we learn and work our way through this new capability set.”

Continuing, Crall said, “I’m not absolutely certain” the military will be able to get “the right talent delivered at the right time.”

Admitting his take as “more sobering” than his colleagues’, Crall pointed to DOD’s limited understanding of cyber professionals as the glaring issue. “I don’t think we know our target audience as well as we need to. We need to find out what really motivates individuals to want to serve in the capacity that we’re offering.”

He also said the department must do a better job at evaluating the programs and policies set in place to bring on cyber talent. “While they’re interesting to approach and employ, they may not all deliver in the way that we expect.”

Acting DOD CIO John Sherman acknowledged too that there is “still work to be done” and that “we need a more holistic north star” to guide the department’s cyber mission, saying his office will prioritize developing a new cybersecurity strategy to update the previous version from 2018.

“We’ve put many of the key foundational mechanisms in place and have actively leveraged the tools at our disposal,” Sherman said. “But we must build on the progress by updating our overarching strategy to ensure our workforce is prepared to implement zero trust and the other latest approaches to defending our enterprise.”

Sherman really emphasized zero trust as an emerging concept that will widen the aperture for the types of skills the DOD will need to consider for cybersecurity moving forward. “For this and other evolving cyber strategies, we can expect to draw an even wider range of skill sets in areas like data and artificial intelligence,” he said.

Likewise, Crall said it’s hard enough to plan for the cyber needs of the department today — thinking ahead, say five years, is even harder as the U.S. military moves closer to its sensor-driven, connected warfare operating concept of Joint All-Domain Command and Control (JADC2).

“We have not onboarded the very capabilities we need to employ: machine learning, autonomy, artificial intelligence, a real cloud-based environment, pushing that processing to the tactical edge and a reformed network,” Crall said. “So the speed with which that’s going to require us to operate is going to have a level of human-machine interface we’ve never had before. And it’s hard for me to believe that the force we’re looking at today is necessarily rightly aligned to that new mission set. We’re going to have to lead-turn this and keep a careful eye on what those skill sets are necessary to bring this on board.”

Effective application rationalization eludes agencies

Not enough agencies are rationalizing applications effectively before migrating them to the cloud.

App rationalization involves agencies deciding which apps to keep, replace, retire or consolidate — but too often their chief information officers (CIOs) lack the data they need to make those choices, said Thomas Santucci, the director of the Data Center & Cloud Optimization Initiative project management office (PMO) within the General Services Administration.

While the federal Cloud Smart strategy mandated app rationalization, not enough agencies have a good handle on their inventory — where their application programming interfaces are and what data is being transferred.

“Right now there are too many enterprise architects using Excel spreadsheets, collecting moment-in-time instances of all of their data collections,” Santucci said during a Digital Government Institute event Wednesday. “Application rationalization takes a little bit more holistic approach in incorporating it into the acquisition process.”

The Federal Information Technology Acquisition Reform Act (FITARA) encourages agencies to have their CIOs approve major IT investments, but that process occurs too late and with too little data for them to make informed decisions, he added.

Agencies should collect that data in real-time. Instead, many financial management systems only deal at the investment level — like one small agency that had three investments, five security boundaries and 150 applications in one bundle, Santucci said.

App rationalization done right evaluates the total cost of ownership. And labor, not licensing, costs are paramount.

“If we start looking at the labor costs, we may save more money than we’ve done in the billions of dollars that we’ve saved closing data centers,” Santucci said.

The good news is the Cloud and Infrastructure Community of Practice (CoP) that Santucci co-chairs has grown by 2.5-times what it was 18 months prior to about 2,000 members. The CoP has 25 trainings planned, an IPv6 summit in the works and continues to share use cases.

Meanwhile, the CIO Council had Santucci’s PMO, which resides within GSA’s Office of Government-wide Policy, release a playbook on app rationalization for agencies. “We continue to concentrate on data center consolidation first and foremost,” Santucci said. “We urge agencies to close data centers, especially inefficient ones.”

Army finalizing new plan for ‘unified network’

The Army’s plan for how it will redesign its global network is slated to be finished in the coming months, the top uniformed officer overseeing the Army’s IT said Tuesday.

The service will create a “unified network” that links its enterprise IT architecture with tactical networks used by warfighters in the field, a change from the current segmented system, said Lt. Gen. John Morrison, deputy chief of staff and G-6. Creating a unified network is critical to achieving the Army’s goal of using data from the field to create a multi-domain operational system where soldiers on land can work seamlessly with fellow service members in the domains of sea, air, space and cyberspace, Morrison said.

“We are finalizing what we are calling the Army Network Plan,” he said during AFCEA’s TechNet Augusta virtual event Tuesday. Morrison is the Army’s top uniformed IT official, a role that was created last summer after the service split the traditional CIO role. He set the unification of the Army’s network as his office’s top guiding pillar.

Creating a network that will encompass enterprise and tactical workloads will require significant assistance from commercial industry, Morrison said. Once the plan is done, the Army intends to engage industry to help it build new network architecture.

In the “summer and fall we will have the architecture discussion,” he said.

One of the major challenges the Army faces in achieving the unified network is balancing access, speed and security. The whole point of unifying the network is to allow data to transfer more smoothly between systems and machines and not require humans in the loop to make connections that could easily be automated. But with more places for data to go, and presumably more endpoints using that data, opportunities ripen for hackers.

Morrison has previously said he wants to beef up the security of both the network itself and the tech operating on it with periodic reviews. He has not specified what new systems he wants to put in place but said the Army’s current security posture for its network is not up to the task.

“This is one of those effective drills that I think will allow us to apply our resources in a more efficient manner but brings a level of security to the network that, quite frankly, I don’t think we have right now,” he said.

The U.S. government needs access to commercial technologies to drive innovation

The U.S. government has been a world leader in technology innovation, making the government work better on behalf of our citizens, and funding many of the breakthroughs in commercial technology that underpin our daily lives. However, as a growing share of technology investment is coming from the private sector, the federal government is failing to adopt the best technology available.

This is costing taxpayers dearly when the government tries to build technology products from scratch when the same thing exists off of the shelf, and the lengthy government procurement process means that those charged with keeping this country safe and delivering essential services are using obsolete tools to do so.

That is why we are launching a new organization that will advocate on behalf of the nation’s most innovative technology companies and startups who are looking to do business with the federal government.

The Alliance for Commercial Technology in Government will advocate for its members in Washington, D.C., to ensure that the United States leverages commercial technologies to accelerate progress and enhance the lives of all Americans.

Many of the best, most innovative technologies are developed in the private sector with private capital. But with the time-consuming and costly nature of entering the federal market and with rules requiring consideration of existing off-the-shelf products being routinely ignored; our own government acquisition system is a barrier to progress and innovation. Based on the timelines and scale of many government acquisition programs, a small technology startup has no chance of entering the government marketplace on its own.

These barriers lead to the best available technology in the private sector only being purchased by the private sector and available to our adversaries, while the U.S. government is left with outdated and expensive products specifically designed only for government use, often incompatible with the technology products that tech-savvy employees would use every day outside of government.

I saw this personally as a government employee at the Pentagon in tasks as simple as collaborating with colleagues on documents. Our solutions were limited to emailing Microsoft Word documents with a naming convention for version control and typing messages on BlackBerries. We were using outdated technology to make policies such as the Third Offset Strategy, which was intended to give the U.S. military a long-term strategic advantage over our adversaries based on the adoption of cutting-edge technology. Fortunately, those policies generated some success. New organizations such as the Defense Innovation Unit were born out of that effort, an organization tasked with breaking down acquisition barriers to cutting-edge technology. We will work to amplify the successes the government has achieved and make easy access to government contracts the norm and not the exception.

The Alliance aims to help everyone by solving these challenges and transforming the federal government into an accessible marketplace for all technology companies, especially small companies and startups.

The Alliance has four main policy priorities it intends to tackle:

Significant progress on these four priorities would revolutionize the entire federal marketplace to be more accessible to startups and the entire commercial technology ecosystem, which will lead to much-needed modernization of our government’s technology infrastructure.

America was built on startups and small businesses; it is time the federal government creates a more accessible marketplace for commercial technology. Advocating for policies that can improve our government services and maintain our nation’s competitive advantage is long overdue. The Alliance will be the new voice to help Washington bring the best technology to the government.

David Vorland is the Executive Director of The Alliance for Commercial Technology in Government, a non-profit advocacy organization. Previously, he worked in the Office of the Secretary of Defense from 2009 to 2017.